urlscan.io logo urlscan.io
SecurityTrails logo

www.ibtimes.co.uk Open in urlscan Pro
3.216.121.38  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Submission: On February 03 via api from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 88 IPs in 9 countries across 99 domains to perform 349 HTTP transactions. The main IP is 3.216.121.38, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is www.ibtimes.co.uk. The Cisco Umbrella rank of the primary domain is 400422.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 31st 2025. Valid for: a year.
This is the only time www.ibtimes.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.216.121.38 14618 (AMAZON-AES)
22 2400:52e0:1e0... 60068 (CDN77 Dat...)
10 2400:52e0:1e0... 60068 (CDN77 Dat...)
2 44.236.161.110 16509 (AMAZON-02)
3 4 104.102.33.206 16625 (AKAMAI-AS)
3 142.251.127.155 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 141.95.98.64 16276 (OVH OVH SAS)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 108.128.38.143 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.83 16276 (OVH OVH SAS)
2 46.137.23.186 16509 (AMAZON-02)
2 2603:c020:400... 31898 (ORACLE-BM...)
2 2602:803:c004... 26667 (RUBICONPR...)
2 188.166.203.175 14061 (DIGITALOC...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 3.127.118.188 16509 (AMAZON-02)
1 104.16.55.62 13335 (CLOUDFLAR...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
4 34.160.72.119 396982 (GOOGLE-CL...)
2 146.190.187.27 14061 (DIGITALOC...)
2 151.101.66.132 54113 (FASTLY)
2 142.251.140.162 15169 (GOOGLE)
8 30 142.251.141.66 15169 (GOOGLE)
2 142.250.201.161 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.37.63.179 16625 (AKAMAI-AS)
1 142.251.140.163 15169 (GOOGLE)
14 23.219.139.198 16625 (AKAMAI-AS)
1 2a04:4e42:200... 54113 (FASTLY)
1 3.122.29.220 16509 (AMAZON-02)
1 88.221.169.78 16625 (AKAMAI-AS)
4 18.202.117.248 16509 (AMAZON-02)
1 2.16.241.200 20940 (AKAMAI-AS...)
1 134.209.77.117 14061 (DIGITALOC...)
14 88.221.169.246 16625 (AKAMAI-AS)
1 99.80.128.60 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-AS...)
1 104.18.2.52 13335 (CLOUDFLAR...)
4 10 69.173.144.165 26667 (RUBICONPR...)
5 88.221.168.201 16625 (AKAMAI-AS)
13 34.1.1.166 15169 (GOOGLE)
3 51.89.9.252 16276 (OVH OVH SAS)
3 13.248.245.213 16509 (AMAZON-02)
1 2a02:2638:3::3a 44788 (ASN-CRITE...)
1 6 149.202.238.101 16276 (OVH OVH SAS)
5 6 69.173.144.139 26667 (RUBICONPR...)
2 18.153.64.118 16509 (AMAZON-02)
1 35.207.140.152 15169 (GOOGLE)
3 67.202.105.21 32748 (STEADFAST)
2 3 163.5.194.37 60558 (SECUREDSE...)
4 2620:1ec:bdf::45 8075 (MICROSOFT...)
4 10 35.244.159.8 396982 (GOOGLE-CL...)
1 7 18.202.143.113 16509 (AMAZON-02)
1 34.1.242.226 15169 (GOOGLE)
2 52.208.190.113 16509 (AMAZON-02)
8 185.64.189.116 62713 (AS-PUBMATIC)
5 5 185.184.8.90 204995 (RTB-HOUSE...)
2 2 168.119.146.39 24940 (HETZNER-A...)
1 18.244.18.85 16509 (AMAZON-02)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
4 52.223.40.198 16509 (AMAZON-02)
2 198.47.127.18 62713 (AS-PUBMATIC)
1 1 35.214.141.3 19527 (GOOGLE-2)
1 136.110.189.215 ()
1 54.74.75.213 16509 (AMAZON-02)
2 2 104.18.26.193 13335 (CLOUDFLAR...)
1 172.66.170.8 13335 (CLOUDFLAR...)
1 204.62.14.130 46636 (NATCOWEB)
1 2a02:26f0:480... 20940 (AKAMAI-AS...)
1 3 188.40.16.220 24940 (HETZNER-A...)
2 2 2620:116:800d... 16509 (AMAZON-02)
4 4 37.157.2.235 198622 (ADFORM Ad...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 172.66.41.9 13335 (CLOUDFLAR...)
1 1 35.244.154.8 396982 (GOOGLE-CL...)
1 52.95.126.160 16509 (AMAZON-02)
1 4 35.214.136.108 19527 (GOOGLE-2)
3 54.247.188.220 16509 (AMAZON-02)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 37.157.5.84 198622 (ADFORM Ad...)
1 37.252.171.53 29990 (ASN-APPNEXUS)
1 172.67.74.147 13335 (CLOUDFLAR...)
1 103.67.200.72 60558 (SECUREDSE...)
1 141.95.33.120 16276 (OVH OVH SAS)
1 103.231.98.107 ()
1 185.89.211.84 ()
1 34.36.216.150 ()
2 172.240.45.96 ()
1 192.132.33.68 ()
1 1 216.19.192.2 ()
349 88
1    3.216.121.38 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-216-121-38.compute-1.amazonaws.com
www.ibtimes.co.uk
22    2400:52e0:1e00:2::1329:1 (Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
g.ibtimes.co.uk
10    2400:52e0:1e00:2::1331:1 (Germany)

ASN60068 (CDN77 Datacamp Limited, GB)
d.ibtimes.co.uk
2    44.236.161.110 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-44-236-161-110.us-west-2.compute.amazonaws.com
stats.myibtimes.com
4    104.102.33.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-102-33-206.deploy.static.akamaitechnologies.com
micro.rubiconproject.com
secure-assets.rubiconproject.com
3    142.251.127.155 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lcfrai-in-f155.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2606:4700:10::6814:2396 (None, )

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
id.hadron.ad.gt
2    141.95.98.64 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    108.128.38.143 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-108-128-38-143.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE - Google LLC, US)
region1.analytics.google.com
1    2a00:1450:4001:c21::9b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.ch
1    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    46.137.23.186 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-46-137-23-186.eu-west-1.compute.amazonaws.com
mweb-hb.presage.io
2    2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898 - Oracle Corporation, US)
ibtmedia.technoratimedia.com
2    2602:803:c004:200::137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - Magnite, Inc., US)
prebid-server.rubiconproject.com
2    188.166.203.175 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
rt.marphezis.com
1    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT - Magnite, Inc., US)
fastlane.rubiconproject.com
1    3.127.118.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-127-118-188.eu-central-1.compute.amazonaws.com
krk2.kargo.com
1    104.16.55.62 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
s.seedtag.com
9    2606:4700::6812:1744 (None, )

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
prebid.receptivity.io
pbs.receptivity.io
4    34.160.72.119 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 119.72.160.34.bc.googleusercontent.com
pbs.optidigital.com
2    146.190.187.27 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
prebid.cootlogix.com
2    151.101.66.132 (United States)

ASN54113 (FASTLY - Fastly, Inc., US)
a.teads.tv
2    142.251.140.162 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lcfraa-bt-in-f2.1e100.net
ep1.adtrafficquality.google
30    142.251.141.66 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: tzfraa-ar-in-f2.1e100.net
pagead2.googlesyndication.com
cm.g.doubleclick.net
2    142.250.201.161 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lcfraa-bn-in-f1.1e100.net
d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com
6    2a00:1450:4001:c21::84 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ep2.adtrafficquality.google
tpc.googlesyndication.com
5    2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    23.37.63.179 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-63-179.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
1    142.251.140.163 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lcfraa-bt-in-f3.1e100.net
fonts.gstatic.com
14    23.219.139.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-219-139-198.deploy.static.akamaitechnologies.com
static.teads.tv
t2.teads.tv
t.teads.tv
1    2a04:4e42:200::644 (United States)

ASN54113 (FASTLY - Fastly, Inc., US)
sync.teads.tv
1    3.122.29.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-29-220.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
1    88.221.169.78 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a88-221-169-78.deploy.static.akamaitechnologies.com
widgets.outbrain.com
4    18.202.117.248 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-202-117-248.eu-west-1.compute.amazonaws.com
b1-dubdc1.outbrain.com
b1t-dubdc1.outbrain.com
1    2.16.241.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-241-200.deploy.static.akamaitechnologies.com
dsp.outbrainimg.com
1    134.209.77.117 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
sync.cootlogix.com
14    88.221.169.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a88-221-169-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    99.80.128.60 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-99-80-128-60.eu-west-1.compute.amazonaws.com
ms-cookie-sync.presage.io
2    2a02:26f0:3500:12::1730:17ac (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
ad-cdn.technoratimedia.com
1    104.18.2.52 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
scripts.opti-digital.com
10    69.173.144.165 (Germany)

ASN26667 (RUBICONPROJECT - Magnite, Inc., US)
token.rubiconproject.com
pixel-eu.rubiconproject.com
5    88.221.168.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a88-221-168-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
13    34.1.1.166 (Paris, France)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 166.1.1.34.bc.googleusercontent.com
visitor.omnitagjs.com
visitor.europe-west9.gcp.omnitagjs.com
3    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH OVH SAS, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2a02:2638:3::3a (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)
ssp-sync.criteo.com
6    149.202.238.101 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ip101.ip-149-202-238.eu
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
6    69.173.144.139 (Germany)

ASN26667 (RUBICONPROJECT - Magnite, Inc., US)
pixel.rubiconproject.com
2    18.153.64.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-64-118.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    35.207.140.152 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 152.140.207.35.bc.googleusercontent.com
pbs-cs.yellowblue.io
3    67.202.105.21 (United States)

ASN32748 (STEADFAST - Steadfast, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
3    163.5.194.37 (France)

ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US)
prebid.a-mo.net
4    2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
sync.connectad.io
10    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
eu-u.openx.net
7    18.202.143.113 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-202-143-113.eu-west-1.compute.amazonaws.com
ap.lijit.com
1    34.1.242.226 (Groningen, Netherlands)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 226.242.1.34.bc.googleusercontent.com
s.ad.smaato.net
2    52.208.190.113 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-190-113.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
8    185.64.189.116 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
ut.pubmatic.com
5    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS RTB Marketing and Tech Services Ltd, CY)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
2    168.119.146.39 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
1    18.244.18.85 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-18-244-18-85.fra56.r.cloudfront.net
api-ssp.spot.im
1    2606:4700:10::6814:28de (None, )

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
csync.smilewanted.com
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)
image8.pubmatic.com
1    35.214.141.3 (Groningen, Netherlands)

ASN19527 (GOOGLE-2 - Google LLC, US)
PTR: 3.141.214.35.bc.googleusercontent.com
csync.loopme.me
1    136.110.189.215 (None, )

ASN- ()
hb.trustedstack.com
1    54.74.75.213 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-74-75-213.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
2    104.18.26.193 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ssum-sec.casalemedia.com
1    172.66.170.8 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
gum.aidemsrv.com
1    204.62.14.130 (Clifton, United States)

ASN46636 (NATCOWEB - NatCoWeb Corp., US)
measureadv.com
1    2a02:26f0:480:33::212:40c5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
player.aniview.com
3    188.40.16.220 (Falkenstein, Germany)

ASN24940 (HETZNER-AS Hetzner Online GmbH, DE)
PTR: static.220.16.40.188.clients.your-server.de
ittpx.eskimi.com
2    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
cms.quantserve.com
4    37.157.2.235 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
c1.adform.net
1    2606:4700::6812:dfa (None, )

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
a.amxrtb.com
1    172.66.41.9 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
router.infolinks.com
1    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US)
PTR: 8.154.244.35.bc.googleusercontent.com
id.rlcdn.com
1    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
aax-eu.amazon-adsystem.com
4    35.214.136.108 (Groningen, Netherlands)

ASN19527 (GOOGLE-2 - Google LLC, US)
PTR: 108.136.214.35.bc.googleusercontent.com
x.bidswitch.net
3    54.247.188.220 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-247-188-220.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    208.93.169.131 (Amsterdam, Netherlands)

ASN46244 (WEBMD-IDC1-AS - WebMD, LLC, US)
bh.contextweb.com
1    37.157.5.84 (Denmark)

ASN198622 (ADFORM Adform A/S, DK)
cm.adform.net
1    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEXUS - Xandr Inc., US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    172.67.74.147 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
dsp-service.pixad.com.tr
1    103.67.200.72 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US)
PTR: 1.cpm.ams1.wowcon.net
sync.adkernel.com
1    141.95.33.120 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
1    103.231.98.107 (None, )

ASN- ()
image6.pubmatic.com
1    185.89.211.84 (None, )

ASN- ()
secure.adnxs.com
1    34.36.216.150 (None, )

ASN- ()
pixel-sync.sitescout.com
2    172.240.45.96 (None, )

ASN- ()
sync.aniview.com
1    192.132.33.68 (None, )

ASN- ()
bttrack.com
1    216.19.192.2 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
Apex Domain
Subdomains		 Transfer
40 rubiconproject.com
micro.rubiconproject.com — Cisco Umbrella Rank: 3503
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1108
fastlane.rubiconproject.com — Cisco Umbrella Rank: 668
ads.rubiconproject.com — Cisco Umbrella Rank: 3945
prebid-a.rubiconproject.com — Cisco Umbrella Rank: 3807
eus.rubiconproject.com — Cisco Umbrella Rank: 790
token.rubiconproject.com — Cisco Umbrella Rank: 637
pixel.rubiconproject.com — Cisco Umbrella Rank: 501
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1358
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2313
pixel-us-east.rubiconproject.com
202 KB
33 ibtimes.co.uk
www.ibtimes.co.uk — Cisco Umbrella Rank: 400422
g.ibtimes.co.uk — Cisco Umbrella Rank: 331701
d.ibtimes.co.uk — Cisco Umbrella Rank: 288211
676 KB
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 215
164 KB
17 teads.tv
a.teads.tv — Cisco Umbrella Rank: 2147
static.teads.tv — Cisco Umbrella Rank: 5620
t2.teads.tv — Cisco Umbrella Rank: 38920
sync.teads.tv — Cisco Umbrella Rank: 1544
t.teads.tv — Cisco Umbrella Rank: 4288
163 KB
16 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 697
ut.pubmatic.com — Cisco Umbrella Rank: 1223
image8.pubmatic.com — Cisco Umbrella Rank: 865
image6.pubmatic.com
23 KB
16 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 286
stats.g.doubleclick.net — Cisco Umbrella Rank: 214
cm.g.doubleclick.net — Cisco Umbrella Rank: 312
259 KB
13 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1826
visitor.europe-west9.gcp.omnitagjs.com — Cisco Umbrella Rank: 17389
6 KB
10 openx.net
u.openx.net — Cisco Umbrella Rank: 911
us-u.openx.net — Cisco Umbrella Rank: 642
eu-u.openx.net — Cisco Umbrella Rank: 2551
rtb.openx.net Failed
3 KB
9 receptivity.io
prebid.receptivity.io — Cisco Umbrella Rank: 21679
pbs.receptivity.io — Cisco Umbrella Rank: 19249
3 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 990
ce.lijit.com Failed
2 KB
6 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1683
ssbsync.smartadserver.com — Cisco Umbrella Rank: 938
1013 B
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 883
cm.adform.net — Cisco Umbrella Rank: 1494
2 KB
5 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 649
2 KB
5 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1594
usersync.gumgum.com — Cisco Umbrella Rank: 2143
2 KB
5 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 3093
b1-dubdc1.outbrain.com — Cisco Umbrella Rank: 226110
b1t-dubdc1.outbrain.com — Cisco Umbrella Rank: 217140
b1sync.outbrain.com Failed
1 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 518
104 KB
5 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 366
ep2.adtrafficquality.google — Cisco Umbrella Rank: 372
26 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 476
427 B
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 490
593 B
4 connectad.io
sync.connectad.io — Cisco Umbrella Rank: 4491
6 KB
4 optidigital.com
pbs.optidigital.com — Cisco Umbrella Rank: 5570
2 KB
4 technoratimedia.com
ibtmedia.technoratimedia.com
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 5854
sync.technoratimedia.com Failed
15 KB
3 eskimi.com
ittpx.eskimi.com — Cisco Umbrella Rank: 1845
7 KB
3 aniview.com
player.aniview.com — Cisco Umbrella Rank: 2037
sync.aniview.com Failed
3 KB
3 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1063
sync.a-mo.net Failed
462 B
3 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1177
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 585
418 B
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 866
5 KB
3 cootlogix.com
prebid.cootlogix.com — Cisco Umbrella Rank: 6609
sync.cootlogix.com — Cisco Umbrella Rank: 1777
720 B
3 presage.io
mweb-hb.presage.io — Cisco Umbrella Rank: 5977
ms-cookie-sync.presage.io — Cisco Umbrella Rank: 2249
416 B
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 554
2 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1173
532 B
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 693
2 KB
2 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1336
714 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 737
115 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 363 Failed
secure.adnxs.com Failed
587 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 63
4 KB
2 marphezis.com
rt.marphezis.com — Cisco Umbrella Rank: 3106
357 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3697
2 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1117
id.rlcdn.com — Cisco Umbrella Rank: 855 Failed
696 B
2 myibtimes.com
stats.myibtimes.com — Cisco Umbrella Rank: 408396
925 B
1 bttrack.com
bttrack.com
163 B
1 sitescout.com
pixel-sync.sitescout.com
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1942
134 B
1 pixad.com.tr
dsp-service.pixad.com.tr — Cisco Umbrella Rank: 4826
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 882
1 KB
1 amazon-adsystem.com
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1406 Failed
477 B
1 infolinks.com
router.infolinks.com — Cisco Umbrella Rank: 4017
344 B
1 amxrtb.com
a.amxrtb.com — Cisco Umbrella Rank: 1861
2 KB
1 measureadv.com
measureadv.com — Cisco Umbrella Rank: 1551
1 aidemsrv.com
gum.aidemsrv.com — Cisco Umbrella Rank: 2839
179 KB
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1033
547 B
1 trustedstack.com
hb.trustedstack.com
238 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 993
261 B
1 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 1676
713 B
1 spot.im
api-ssp.spot.im — Cisco Umbrella Rank: 2792
192 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 884
773 B
1 yellowblue.io
pbs-cs.yellowblue.io — Cisco Umbrella Rank: 2516
cs-server-s2s.yellowblue.io Failed
444 B
1 criteo.com
ssp-sync.criteo.com — Cisco Umbrella Rank: 952
dis.criteo.com Failed
219 B
1 opti-digital.com
scripts.opti-digital.com — Cisco Umbrella Rank: 13058
5 KB
1 outbrainimg.com
dsp.outbrainimg.com — Cisco Umbrella Rank: 7348
11 KB
1 gstatic.com
fonts.gstatic.com
39 KB
1 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1332
409 B
1 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 2098
485 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1042
327 B
1 google.ch
www.google.ch — Cisco Umbrella Rank: 27397
408 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 3042
903 B
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2006
276 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
142 KB
0 pmbmonetize.live Failed
sync.pmbmonetize.live Failed
0 dotomi.com Failed
openx2-match.dotomi.com Failed
0 blismedia.com Failed
tr.blismedia.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 sparteo.com Failed
sync.sparteo.com Failed
0 smartytouch.co Failed
bidder.smartytouch.co Failed
0 adtelligent.com Failed
sync.adtelligent.com Failed
0 gamoshi.io Failed
rtb.gamoshi.io Failed
0 adtarget.com.tr Failed
s.console.adtarget.com.tr Failed
0 socdm.com Failed
tg.socdm.com Failed
0 2mdn.net Failed
s0.2mdn.net Failed
0 admanmedia.com Failed
cs.admanmedia.com Failed
0 clickagy.com Failed
aorta.clickagy.com Failed
0 ymmobi.com Failed
gw-iad-bid.ymmobi.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 creative-serving.com Failed
ads.creative-serving.com Failed
0 temu.com Failed
www.temu.com Failed
0 connatix.com Failed
capi.connatix.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 linkedin.com Failed
px.ads.linkedin.com Failed
0 audienceexposure.com Failed
audienceexposure.com Failed
0 inmobi.com Failed
sync.inmobi.com Failed
0 yieldmo.com Failed
ads.yieldmo.com Failed
0 media.net Failed
cs.media.net Failed
0 copper6.com Failed
csync.copper6.com Failed
0 sync-service.net Failed
sync-service.net Failed
0 yahoo.com Failed
ups.analytics.yahoo.com Failed
0 1rx.io Failed
sync.1rx.io Failed
349 99
Domain Requested by
22 g.ibtimes.co.uk www.ibtimes.co.uk
18 pagead2.googlesyndication.com securepubads.g.doubleclick.net
d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com
ep2.adtrafficquality.google
www.ibtimes.co.uk
pagead2.googlesyndication.com
14 eus.rubiconproject.com micro.rubiconproject.com
eus.rubiconproject.com
visitor.omnitagjs.com
sync.connectad.io
rtb.gumgum.com
ittpx.eskimi.com
player.aniview.com
12 cm.g.doubleclick.net 8 redirects u.openx.net
rtb.gumgum.com
10 visitor.omnitagjs.com scripts.opti-digital.com
visitor.omnitagjs.com
ssbsync.smartadserver.com
ittpx.eskimi.com
10 d.ibtimes.co.uk www.ibtimes.co.uk
8 ut.pubmatic.com ads.pubmatic.com
8 token.rubiconproject.com 2 redirects eus.rubiconproject.com
8 t2.teads.tv static.teads.tv
7 ap.lijit.com 1 redirects prebid.receptivity.io
visitor.omnitagjs.com
sync.connectad.io
ittpx.eskimi.com
7 pbs.receptivity.io prebid.receptivity.io
u.openx.net
prebid.a-mo.net
s.ad.smaato.net
rtb.gumgum.com
sync.connectad.io
ap.lijit.com
6 pixel.rubiconproject.com 5 redirects sync.connectad.io
5 creativecdn.com 5 redirects
5 u.openx.net 3 redirects prebid.receptivity.io
sync.connectad.io
5 ads.pubmatic.com scripts.opti-digital.com
prebid.receptivity.io
rtb.gumgum.com
ittpx.eskimi.com
ap.lijit.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 x.bidswitch.net 1 redirects rtb.gumgum.com
u.openx.net
measureadv.com
4 c1.adform.net 4 redirects measureadv.com
4 us-u.openx.net 1 redirects u.openx.net
4 ssbsync.smartadserver.com 1 redirects visitor.omnitagjs.com
rtb.gumgum.com
ap.lijit.com
measureadv.com
4 match.adsrvr.org visitor.omnitagjs.com
u.openx.net
rtb.gumgum.com
4 sync.connectad.io prebid.receptivity.io
sync.connectad.io
u.openx.net
4 static.teads.tv a.teads.tv
static.teads.tv
4 pbs.optidigital.com micro.rubiconproject.com
scripts.opti-digital.com
visitor.omnitagjs.com
3 usersync.gumgum.com rtb.gumgum.com
3 ittpx.eskimi.com 1 redirects visitor.omnitagjs.com
ittpx.eskimi.com
3 secure-assets.rubiconproject.com 3 redirects
3 visitor.europe-west9.gcp.omnitagjs.com visitor.omnitagjs.com
measureadv.com
3 prebid.a-mo.net 2 redirects prebid.receptivity.io
3 ssc-cms.33across.com prebid.receptivity.io
visitor.omnitagjs.com
3 eb2.3lift.com scripts.opti-digital.com
prebid.receptivity.io
visitor.omnitagjs.com
3 onetag-sys.com scripts.opti-digital.com
visitor.omnitagjs.com
ittpx.eskimi.com
3 b1t-dubdc1.outbrain.com static.teads.tv
3 tpc.googlesyndication.com d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com
www.ibtimes.co.uk
3 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
3 id5-sync.com micro.rubiconproject.com
ittpx.eskimi.com
3 securepubads.g.doubleclick.net www.ibtimes.co.uk
securepubads.g.doubleclick.net
2 sync.aniview.com player.aniview.com
2 pixel-eu.rubiconproject.com 2 redirects
2 cms.quantserve.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 image8.pubmatic.com visitor.omnitagjs.com
measureadv.com
2 sync.richaudience.com 2 redirects
2 rtb.gumgum.com prebid.receptivity.io
rtb.gumgum.com
2 match.sharethrough.com prebid.receptivity.io
visitor.omnitagjs.com
2 ssbsync-global.smartadserver.com prebid.receptivity.io
2 ad-cdn.technoratimedia.com micro.rubiconproject.com
prebid.receptivity.io
2 t.teads.tv static.teads.tv
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 ep1.adtrafficquality.google securepubads.g.doubleclick.net
2 a.teads.tv micro.rubiconproject.com
2 prebid.cootlogix.com micro.rubiconproject.com
2 prebid.receptivity.io micro.rubiconproject.com
2 rt.marphezis.com micro.rubiconproject.com
2 prebid-server.rubiconproject.com micro.rubiconproject.com
2 ibtmedia.technoratimedia.com micro.rubiconproject.com
2 mweb-hb.presage.io micro.rubiconproject.com
2 region1.analytics.google.com www.googletagmanager.com
2 stats.myibtimes.com www.ibtimes.co.uk
g.ibtimes.co.uk
1 pixel-us-east.rubiconproject.com 1 redirects
1 bttrack.com
1 pixel-sync.sitescout.com player.aniview.com
1 image6.pubmatic.com ads.pubmatic.com
1 sync.adkernel.com ittpx.eskimi.com
1 dsp-service.pixad.com.tr ittpx.eskimi.com
1 cm.adform.net sync.connectad.io
1 bh.contextweb.com 1 redirects
1 aax-eu.amazon-adsystem.com
1 router.infolinks.com s.ad.smaato.net
1 a.amxrtb.com prebid.a-mo.net
1 eu-u.openx.net u.openx.net
1 player.aniview.com visitor.omnitagjs.com
1 measureadv.com visitor.omnitagjs.com
1 gum.aidemsrv.com visitor.omnitagjs.com
1 id.rlcdn.com visitor.omnitagjs.com
1 jadserve.postrelease.com visitor.omnitagjs.com
1 hb.trustedstack.com visitor.omnitagjs.com
1 csync.loopme.me 1 redirects
1 csync.smilewanted.com 1 redirects
1 api-ssp.spot.im visitor.omnitagjs.com
1 secure.adnxs.com visitor.omnitagjs.com
ssbsync.smartadserver.com
rtb.gumgum.com
player.aniview.com
1 s.ad.smaato.net prebid.receptivity.io
1 pbs-cs.yellowblue.io prebid.receptivity.io
1 ib.adnxs.com sync.connectad.io
ittpx.eskimi.com
u.openx.net
measureadv.com
1 ssp-sync.criteo.com scripts.opti-digital.com
measureadv.com
1 scripts.opti-digital.com micro.rubiconproject.com
1 ms-cookie-sync.presage.io micro.rubiconproject.com
1 sync.cootlogix.com micro.rubiconproject.com
1 dsp.outbrainimg.com
1 b1-dubdc1.outbrain.com
1 widgets.outbrain.com
1 prebid-a.rubiconproject.com micro.rubiconproject.com
1 sync.teads.tv static.teads.tv
1 fonts.gstatic.com fonts.googleapis.com
1 ads.rubiconproject.com securepubads.g.doubleclick.net
1 s.seedtag.com micro.rubiconproject.com
1 krk2.kargo.com micro.rubiconproject.com
1 fastlane.rubiconproject.com micro.rubiconproject.com
1 lb.eu-1-id5-sync.com micro.rubiconproject.com
1 www.google.ch www.ibtimes.co.uk
1 stats.g.doubleclick.net www.googletagmanager.com
1 id.crwdcntrl.net micro.rubiconproject.com
1 api.rlcdn.com micro.rubiconproject.com
1 id.hadron.ad.gt micro.rubiconproject.com
1 www.googletagmanager.com www.ibtimes.co.uk
1 micro.rubiconproject.com www.ibtimes.co.uk
1 www.ibtimes.co.uk
0 rtb.openx.net Failed measureadv.com
0 sync.pmbmonetize.live Failed measureadv.com
0 openx2-match.dotomi.com Failed u.openx.net
0 tr.blismedia.com Failed u.openx.net
0 dis.criteo.com Failed ittpx.eskimi.com
0 ad.360yield.com Failed ittpx.eskimi.com
measureadv.com
0 sync.sparteo.com Failed ittpx.eskimi.com
0 bidder.smartytouch.co Failed ittpx.eskimi.com
0 sync.adtelligent.com Failed ittpx.eskimi.com
0 rtb.gamoshi.io Failed ittpx.eskimi.com
0 s.console.adtarget.com.tr Failed ittpx.eskimi.com
0 tg.socdm.com Failed rtb.gumgum.com
0 s0.2mdn.net Failed ap.lijit.com
0 cs.admanmedia.com Failed ap.lijit.com
ittpx.eskimi.com
0 aorta.clickagy.com Failed ap.lijit.com
0 gw-iad-bid.ymmobi.com Failed sync.connectad.io
0 cs-server-s2s.yellowblue.io Failed s.ad.smaato.net
0 match.deepintent.com Failed rtb.gumgum.com
0 sync.srv.stackadapt.com Failed rtb.gumgum.com
0 ads.creative-serving.com Failed ssbsync.smartadserver.com
0 www.temu.com Failed ssbsync.smartadserver.com
ap.lijit.com
0 ce.lijit.com Failed ap.lijit.com
0 capi.connatix.com Failed
0 sync.ipredictive.com Failed rtb.gumgum.com
0 sync.a-mo.net Failed
0 match.prod.bidr.io Failed ap.lijit.com
0 px.ads.linkedin.com Failed
0 s.amazon-adsystem.com Failed
0 sync.technoratimedia.com Failed prebid.receptivity.io
0 audienceexposure.com Failed visitor.omnitagjs.com
0 sync.inmobi.com Failed visitor.omnitagjs.com
0 ads.yieldmo.com Failed visitor.omnitagjs.com
0 cs.media.net Failed visitor.omnitagjs.com
measureadv.com
0 csync.copper6.com Failed visitor.omnitagjs.com
0 sync-service.net Failed visitor.omnitagjs.com
0 b1sync.outbrain.com Failed visitor.omnitagjs.com
ssbsync.smartadserver.com
rtb.gumgum.com
0 ups.analytics.yahoo.com Failed visitor.omnitagjs.com
rtb.gumgum.com
u.openx.net
0 sync.1rx.io Failed prebid.receptivity.io
visitor.omnitagjs.com
ittpx.eskimi.com
measureadv.com
349 146
Subject Issuer Validity Valid
ibtimes.co.uk
Amazon RSA 2048 M02		 2025-05-31 -
2026-06-29		 a year crt.sh
g.ibtimes.co.uk
E8		 2026-01-08 -
2026-04-08		 3 months crt.sh
d.ibtimes.co.uk
E8		 2026-01-08 -
2026-04-08		 3 months crt.sh
myibtimes.com
Amazon RSA 2048 M02		 2025-07-08 -
2026-08-06		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-06 -
2026-04-03		 a year crt.sh
*.g.doubleclick.net
WE2		 2026-01-12 -
2026-04-06		 3 months crt.sh
*.google-analytics.com
WE2		 2026-01-12 -
2026-04-06		 3 months crt.sh
id.hadron.ad.gt
WE1		 2026-01-05 -
2026-04-05		 3 months crt.sh
id5-sync.com
E7		 2026-01-01 -
2026-04-01		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2025-02-06 -
2026-03-05		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M04		 2025-08-10 -
2026-09-08		 a year crt.sh
*.google.ch
WE2		 2026-01-12 -
2026-04-06		 3 months crt.sh
eu-1-id5-sync.com
R12		 2026-01-01 -
2026-04-01		 3 months crt.sh
*.prod.cloud.ogury.io
E8		 2026-01-26 -
2026-04-26		 3 months crt.sh
*.technoratimedia.com
Sectigo Public Server Authentication CA DV E36		 2025-10-03 -
2026-11-03		 a year crt.sh
*.marphezis.com
Sectigo Public Server Authentication CA DV R36		 2025-12-13 -
2027-01-10		 a year crt.sh
*.prod.euc1.green.ops.kargo.com
Amazon RSA 2048 M04		 2025-11-12 -
2026-12-11		 a year crt.sh
seedtag.com
WE1		 2026-01-20 -
2026-04-20		 3 months crt.sh
receptivity.io
WE1		 2026-01-09 -
2026-04-09		 3 months crt.sh
pbs.optidigital.com
WR3		 2026-01-22 -
2026-04-22		 3 months crt.sh
*.cootlogix.com
Starfield Secure Certificate Authority - G2		 2025-09-14 -
2026-10-13		 a year crt.sh
*.teads.tv
Thawte TLS RSA CA G1		 2025-05-18 -
2026-05-17		 a year crt.sh
adtrafficquality.google
WE2		 2026-01-12 -
2026-04-06		 3 months crt.sh
tpc.googlesyndication.com
WE2		 2026-01-12 -
2026-04-06		 3 months crt.sh
misc-sni.google.com
WE2		 2026-01-12 -
2026-04-06		 3 months crt.sh
upload.video.google.com
WE2		 2026-01-12 -
2026-04-06		 3 months crt.sh
*.gstatic.com
WE2		 2026-01-12 -
2026-04-06		 3 months crt.sh
teads.tv
R13		 2026-01-05 -
2026-04-05		 3 months crt.sh
*.outbrain.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-10-11 -
2026-10-13		 a year crt.sh
outbrainimg.com
R13		 2026-01-28 -
2026-04-28		 3 months crt.sh
ad-cdn.technoratimedia.com
E8		 2025-12-09 -
2026-03-09		 3 months crt.sh
opti-digital.com
WE1		 2026-01-14 -
2026-04-14		 3 months crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-10-02 -
2026-10-01		 a year crt.sh
omnitagjs.com
Sectigo Public Server Authentication CA DV R36		 2025-07-25 -
2026-08-24		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-12-23 -
2027-01-22		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M04		 2026-01-12 -
2027-02-09		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2026-01-20 -
2026-04-17		 3 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-09 -
2026-02-09		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-07-17 -
2026-08-17		 a year crt.sh
*.yellowblue.io
WR3		 2025-12-20 -
2026-03-20		 3 months crt.sh
*.33across.com
Sectigo Public Server Authentication CA DV R36		 2025-09-12 -
2026-09-30		 a year crt.sh
*.a-mo.net
R13		 2025-12-26 -
2026-03-26		 3 months crt.sh
sync.connectad.io
GeoTrust TLS RSA CA G1		 2026-01-31 -
2026-07-31		 6 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2025-08-12 -
2026-08-19		 a year crt.sh
*.lijit.com
R13		 2026-01-06 -
2026-04-06		 3 months crt.sh
smaato.net
Sectigo Public Server Authentication CA DV E36		 2025-09-01 -
2026-09-01		 a year crt.sh
*.ie-adex-prd-eks-1.ggops.com
Amazon RSA 2048 M02		 2025-03-27 -
2026-04-25		 a year crt.sh
*.spot.im
Amazon RSA 2048 M03		 2025-03-10 -
2026-04-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2025-03-19 -
2026-04-02		 a year crt.sh
*.trustedstack.com
Sectigo Public Server Authentication CA DV E36		 2025-10-07 -
2026-10-07		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2025-10-19 -
2026-11-16		 a year crt.sh
aidemsrv.com
WE1		 2025-12-19 -
2026-03-19		 3 months crt.sh
measureadv.com
Go Daddy Secure Certificate Authority - G2		 2025-12-18 -
2026-03-18		 3 months crt.sh
*.aniview.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-06-22 -
2026-06-23		 a year crt.sh
*.eskimi.com
GeoTrust TLS RSA CA G1		 2025-02-18 -
2026-03-21		 a year crt.sh
pbs.receptivity.io
WE1		 2025-12-08 -
2026-03-08		 3 months crt.sh
a.amxrtb.com
WE1		 2026-01-10 -
2026-04-10		 3 months crt.sh
infolinks.com
WE1		 2026-01-24 -
2026-04-24		 3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-12-19 -
2026-03-14		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-05-23 -
2026-06-18		 a year crt.sh
*.adnxs.com
GeoTrust TLS ECC CA G1		 2025-09-25 -
2026-10-26		 a year crt.sh
dsp-service.pixad.com.tr
E8		 2025-12-22 -
2026-03-22		 3 months crt.sh
*.adkernel.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2025-01-22 -
2026-02-23		 a year crt.sh
*.sitescout.com
GeoTrust TLS RSA CA G1		 2026-01-21 -
2027-02-01		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2025-03-06 -
2026-04-01		 a year crt.sh

This page contains 72 frames:

Primary Page: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Frame ID: 5C90D86F17D2D326689C89C63C295B88
Requests: 72 HTTP requests in this frame

Frame: https://d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 8CFEA2E4B790CF03C6240C8219691C94
Requests: 1 HTTP requests in this frame

Frame: https://d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Frame ID: 3816F4664AC9576EE87C6B58246A1625
Requests: 5 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Frame ID: B0F933E72AB638B8234563A770A2E8F4
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012601162341000/amp4ads-v0.mjs
Frame ID: 5AF382B162EE45A34335278A9ED95169
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsupvbalDa5ogJfTL-FNQgpLS28HKA-XtkXRVbxHjVxavB7ZUckAg4tdVVJz9d1BO1Gg71hxdBVqVqhaRTWPUaL7Vqb0rlHg4iP1o4-4b1f391CBXcFyRwo66GhqyEppK9L98xsW78sWlopplrgc5DuWHI4qEJOfpgasmJDUAsJJE4AWcB-hXjvXjsLNQMLWnnJBkCXGw2Lu9iJfKl2uBlRWdYcQb-WkgFMXTgJyWaE_ZdhXtubRpLjd7_IHWlKKt-1e2oF0zQWqUkXxLKIzmyB2uaZi3niRHg3iPqutgFrC7BxIVPzU4B_OdJHnIXPoune9C4afpVY0dAEmatDrlopsVYJ2trTyMekeiYoqjxG9kR-GtrNq0lfXcR7AqhVkfdXFAXzSlHDNNl9VKP61jUasKyoI03-fhx_4IuK3bge4TnvTOqOD4oUD5n2WypAomHRarNw&sig=Cg0ArKJSzNA5-1MJMSbwEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 7BB0DE4812CED7ED335725486B67D406
Requests: 21 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=249562&gdprIab=%7B%22status%22%3A24%2C%22consent%22%3A%22%22%2C%22reason%22%3A240%7D&fromFormat=true&env=js-web&hb_provider=prebid&auctid=b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9&vid=00000000-0000-0000-0000-000000000001&1770091404903=
Frame ID: 6DA4F2AF7604C0D283D5C32A71D97EF9
Requests: 1 HTTP requests in this frame

Frame: https://static.teads.tv/static/1523/media/vpaid-display/teads-vpaid-display.js
Frame ID: 4969A0B84CC7463E96FB90B2FDEDB76F
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 23772E3E47D02A026C884914F2EF1612
Requests: 1 HTTP requests in this frame

Frame: https://static.teads.tv/media/vpaid-display/iframe.html
Frame ID: ADF10A4ECDC0C91DC4F1AE8018A0A49D
Requests: 1 HTTP requests in this frame

Frame: https://static.teads.tv/static/master/media/flavors/nativeRenderer.js
Frame ID: 169794CD3AA6F9958DAAA52B0AD692BF
Requests: 6 HTTP requests in this frame

Frame: https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=&coppa=0
Frame ID: 46E125699C91EA7E417390A29F01F56A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: A9EC444E1B2AD0796F916B3534065940
Requests: 19 HTTP requests in this frame

Frame: https://ms-cookie-sync.presage.io/user-sync.html?gdpr_consent=&source=prebid&gpp=&gpp_sid=
Frame ID: E582CD6AEACBE91FE01DA79014DBA79C
Requests: 1 HTTP requests in this frame

Frame: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Frame ID: 5B886952C064B624968FACBB64BAFC67
Requests: 5 HTTP requests in this frame

Frame: https://rt.marphezis.com/sync?dpid=0
Frame ID: 8D731875704C05BC9E62EBAD9A6ABB49
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=pbjs%2F9.47.0
Frame ID: 5C38AB97997872D47297B37A5C48B6BE
Requests: 2 HTTP requests in this frame

Frame: https://scripts.opti-digital.com/js/presync.html?endpoint=optidigital
Frame ID: 429543230BE774E94A8DCD3067DF8B61
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 35929BA95E531013C4D64EAACB76189F
Requests: 3 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Frame ID: B1998E54B0FA51E4D450614E585B1425
Requests: 32 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=
Frame ID: 185B181A7BFEBE18830F2A92D8714F71
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: C6D8ABD076DE4800BE8904AE674014D8
Requests: 1 HTTP requests in this frame

Frame: https://ssp-sync.criteo.com/user-sync/iframe?gdprapplies=&gdpr=&ccpa=&gpp=&gpp_sid=&redir=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dcriteo%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BCRITEO_USER_ID%7D&profile=230
Frame ID: A725607FE06BD077F53C7A95ABF6491D
Requests: 1 HTTP requests in this frame

Frame: https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirect=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Frame ID: E8FA0AB441E12E729AA1559BC9533C45
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 8A7BA3E2D0314F20D4F25E200DAFDC4D
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: C419950DE336241ADED0F6F9B273924C
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 7B97528D3B95D3D768FC4862F4ECBD43
Requests: 3 HTTP requests in this frame

Frame: https://sync.connectad.io/iFrameSyncer?gdpr=&consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 319C850CD431E99EA9DB32F58BAFA646
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Frame ID: 7C468156DCE59309586BD8DC7FB98393
Requests: 8 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Frame ID: AE7DF234EACF1C19D4BD8296F95F8304
Requests: 11 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=&consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dimds%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BUSER_ID%5D
Frame ID: 1CE62E83E8D82E0D7A2D16F7BB3CC0C9
Requests: 2 HTTP requests in this frame

Frame: https://s.ad.smaato.net/i/?adExInit=p&redir=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&gdpr=&gdpr_consent=
Frame ID: 54C96AA168B08ADCAD143934E20A99D5
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: B52435C42D2147293EAD007D42C18B2F
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 3BD478F04F38A6B5B5AD3CF577D9F65F
Requests: 1 HTTP requests in this frame

Frame: https://gum.aidemsrv.com/ortb_sync?consent=&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DAIDEM_cookie_sync%26ttl%3D720%26uid%3Da059420d40b26f734077277f28046dd6%26visitor%3D&us_privacy=
Frame ID: 2D74A6A18EBC327DA1DDEF50032B9F08
Requests: 4 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?gdpr=0&gdpr_consent=&id=0015a00003HljHyAAJ&m=xch&rt=html&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3D33ACROSS_cookie_sync%26ttl%3D720%26uid%3D69111ecd4aa13a801a1b6a93d851020c%26visitor%3D33XUSERID33X
Frame ID: 2A083272C628E91464957D3C3C5199DD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=eu&gdpr=0&gdpr_consent=&p=adyoulike_2
Frame ID: 33D4C26C9C39F41FB5D5218D4ADDF0D0
Requests: 4 HTTP requests in this frame

Frame: https://measureadv.com/userIframe?gdpr=0&gdpr_consent=&p=5&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DHeroes_cookie_sync%26ttl%3D720%26uid%3Db11513b524b8fb6cfa1d87f3198b8359%26visitor%3D%7BUID%7D
Frame ID: AD8E26F9B1F69F095F847EAE5C269053
Requests: 13 HTTP requests in this frame

Frame: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?gdpr=0&gdpr_consent=&pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DOPENWEB_VIDEO_cookie_sync%26ttl%3D720%26uid%3D82df52214992aaa2796cd16591db7d78%26visitor%3D%5BAV_UID%5D
Frame ID: A47A1D0F255723ED935A98E7C454AD5A
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?gdpr=$0&gdpr_consent=${GDPR_STRING}&pubId=7a07370227fc000&us_privacy=$
Frame ID: A770A28897F438D78EECDE33F187D315
Requests: 1 HTTP requests in this frame

Frame: https://audienceexposure.com/iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DBRAVE_IO_cookie_sync%26ttl%3D720%26uid%3D25475356464fe052c2259a7545f8988b%26visitor%3D
Frame ID: 562D1C083C06C43C996A52DE2A0D3CB2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?endpoint=eu&gdpr=0&gdpr_consent=&p=adyoulike
Frame ID: 1F36A011F1AD366AEF1EF404BBCC5DDB
Requests: 4 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?gdpr=0&gdpr_consent=&id=0015a00003HljHyAAJ&m=xch&rt=html&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3D33ACROSS_cookie_sync%26ttl%3D720%26uid%3Ded55285db75018cd99af4f15b0f96f4c%26visitor%3D33XUSERID33X
Frame ID: D844EF69AC745145DE118A1BB681EB31
Requests: 1 HTTP requests in this frame

Frame: https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
Frame ID: 08BE90392C570B9BF531932A3F933F89
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: CFAA92B03E262A2663EC3ED65BC75449
Requests: 6 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D723%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: 9374A1AD2C78FCA85BD62442A1457114
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&redir=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dsovrn%26dataid%3Ddata12%26uuid%3D%24UID
Frame ID: F84C8A6FB7FC67B5DB58D1C8559C7695
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=connectad&us_privacy=1---
Frame ID: A4511D01894E283D83047CA2008EC0A2
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dadform%26dataid%3Ddata4%26uuid%3D%24UID
Frame ID: 396931423EFB8E895C8770BFDC887E90
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/pixel/1?dataid=data20&uuid=ML62PZ4F-1Z-HQAY&gdpr=0&us_privacy=1---
Frame ID: 18D50CADAAEEBC3BA129EB0C86A6700B
Requests: 1 HTTP requests in this frame

Frame: https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=eWg=&gdpr=0&gdpr_consent=&us_privacy=1---&bidswitch_ssp_id=rtaplus&bsw_custom_parameter=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb&callback=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D257
Frame ID: 45AD380404CC43324820D50429438092
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Frame ID: 5AAF147CA5D7AEE071A35451BAB29CAD
Requests: 8 HTTP requests in this frame

Frame: https://pbs.receptivity.io/setuid?bidder=connectad&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=43157aa7-6b7d-49ed-869d-0e4f7d8d2f92
Frame ID: 134425892D37D848136559E4D5B2AA4A
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=connectad&gdpr=0&gdpr_consent=&f=i&uid=43157aa7-6b7d-49ed-869d-0e4f7d8d2f92
Frame ID: 23ED1C4382A4FCC6EA8D7670202DD357
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=connectad&gdpr=&gdpr_consent=&us_privacy=1---
Frame ID: F7CCC18DD1D8716F3F73A870F7B62C42
Requests: 4 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=adf&i=6310936429702489107&gdpr=&gdpr_consent=
Frame ID: 306C7031614C3E852D3C86F33DA8C3D5
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81N2IxZmYzNy05NTEzLTRmMTUtODM4OC04NTUxZGNhMjMxZjk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Frame ID: C5F50117C3EA5DC24F136603BBFB3AF5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: FF8E30F4A4ADAA6B918B3CB0B64780C7
Requests: 3 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: 6FD8AE65BBC91B48379F36000E026D2F
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: CB9F48C29650D3A864C865629D5EB8C4
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=gumgum
Frame ID: EA3453F9F32A8838B2B0DA3D7A2B49B2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: C461AB94A48B306B24A81345AA0A9C67
Requests: 3 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=954530
Frame ID: 3475BB581CFB6E77A70902F6E9EC8FFA
Requests: 1 HTTP requests in this frame

Frame: https://ittpx.eskimi.com/sync?dp_id=221&user_id=6031504432374780892&gdpr=0&gdpr_consent=
Frame ID: 638AD927381E6C55BF4A73C6C59FADD9
Requests: 1 HTTP requests in this frame

Frame: https://dsp-service.pixad.com.tr/cookie_sync?r=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D206%26user_id%3D%24%7BUSER_ID%7D
Frame ID: 29EA85F719672AA76826063871EF9BA7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162270&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D140%26user_id%3D
Frame ID: C21C07529525756DBB89A490F63821D8
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=8c90176af2e65c8&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: D83BE9A1F7FF8D75EECFBD0C1D54762D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=eskimi&endpoint=eu
Frame ID: E4DDC34229B0661CCDC97945AAF0A868
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=&gdpr_consent=
Frame ID: F53729E96FE07EB6BAA37AFBDCEF80C0
Requests: 4 HTTP requests in this frame

Frame: https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D55%26key%3D%24UID
Frame ID: 7C52AAD084D50A9CC1D68D0BFB7044F0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 747F25D28716988B549BA61CFBD21604
Requests: 4 HTTP requests in this frame

Frame: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D72%26pid%3D62f53b2c7850d0786f227f64%26key%3D%7BuserId%7D
Frame ID: CB2638CF2284F34B40B64E687CF50074
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Is Zohran Mamdani Jeffrey Epstein's Son? Why a Viral Photo Has Fuelled Shock Claims Online | IBTimes UK

Detected technologies

Overall confidence: 50%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • \.doubleclick\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.googletagmanager\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • \.outbrain\.com/
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • \.33across\.com/
Overall confidence: 100%
Detected patterns
  • \.adform\.net/
Overall confidence: 100%
Detected patterns
  • \.amazon-adsystem\.com
Overall confidence: 100%
Detected patterns
  • ^(?!.*player).*aniview\.com/
Overall confidence: 100%
Detected patterns
  • securepubads\.g\.doubleclick.net/tag/js/gpt\.js
Overall confidence: 100%
Detected patterns
  • ^https://(?:cdn\.)?id5-sync\.com/
Overall confidence: 100%
Detected patterns
  • \.postrelease\.com/
Overall confidence: 100%
Detected patterns
  • \.sharethrough\.com/
Overall confidence: 100%
Detected patterns
  • \.(?:linksmart|lijit)\.com/
Overall confidence: 100%
Detected patterns
  • teads\.tv
Overall confidence: 100%
Detected patterns
  • \.adsrvr\.org/

Page Statistics

349
Requests

68 %
HTTPS

23 %
IPv6

99
Domains

146
Subdomains

88
IPs

9
Countries

2051 kB
Transfer

5026 kB
Size

84
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 142
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-optidigital&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pbs.optidigital.com/setuid?bidder=rubicon&uid=ML62PZ4F-1Z-HQAY
Request Chain 146
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-contxtful_technologies&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 302
  • https://pbs.receptivity.io/setuid?bidder=rubicon&f=b&uid=ML62PZ3R-1C-16OR
Request Chain 152
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Request Chain 153
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Request Chain 162
  • https://x.bidswitch.net/sync?gdpr=0&gdpr_consent=&ssp=adyoulike HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&gdpr_consent=&ssp=adyoulike HTTP 302
  • https://ups.analytics.yahoo.com/ups/58921/cms?bidswitch_ssp_id=adyoulike&ssp_user_id=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Request Chain 163
  • https://creativecdn.com/cm-notify?gdpr=0&gdpr_consent=&pi=adyoulike HTTP 302
  • https://creativecdn.com/cm-notify?gdpr=0&gdpr_consent=&pi=adyoulike&tc=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&name=RTB_HOUSE&gdpr=0&gdpr_consent=&pi=adyoulike&tc=1
Request Chain 164
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=JAHJ4YZq4O&r=https://visitor.omnitagjs.com/visitor/sync?visitor=$[PDID]&gdpr=0&gdpr_consent=&name=RICHEAUDIENCE&is_cookie_sync_uid=true&ttl=720&uid=6cad11f14dd8976d77c11874f989f80f&t HTTP 302
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=JAHJ4YZq4O&r=https://visitor.omnitagjs.com/visitor/sync?visitor=$[PDID]&gdpr=0&gdpr_consent=&name=RICHEAUDIENCE&is_cookie_sync_uid=true&ttl=720&uid=6cad11f14dd8976d77c11874f989f80f&t&rd=1 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?visitor=$f723398f-56f9-48bf-8ec3-1zz1770089592
Request Chain 167
  • https://csync.smilewanted.com/getuid?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DSMILE_WANTED_cookie_sync%26ttl%3D720%26uid%3Db8b40bf8d5517ea3b00b2820c8ec6161%26visitor%3D%24UID&source=openrtb&zoneCode=openrtb_openweb HTTP 302
  • https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&is_cookie_sync_uid=1&name=SMILE_WANTED_cookie_sync&ttl=720&uid=b8b40bf8d5517ea3b00b2820c8ec6161&visitor=3076d606bb79b66cb5113a16b92b0126
Request Chain 173
  • https://csync.loopme.me/?gdpr=0&gdpr_consent=&pubid=11480&redirect=https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor={device_id} HTTP 307
  • https://visitor.omnitagjs.com/visitor/sync?uid&name=LOOPME&gdpr_consent=null&visitor={device_id}&gdpr=0
Request Chain 176
  • https://rtb.mfadsrvr.com/sync?gdpr=0&gdpr_consent=&ssp=adyoulike HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?gdpr=0&gdpr_consent=&ssp=adyoulike HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?name=MEDIAFORCE&&uid=46263fa2a97ba86fb5c8b7e2d0f46f96&visitor=b2e801b8-a129-481d-96d7-b1e07e58d734
Request Chain 180
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=5c25ba01-8014-471d-b115-9488b0bab07b&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DOW_OPENX_cookie_sync%26ttl%3D720%26uid%3Dd824a89d4f4cae9a64782f9415878012%26visitor%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=5c25ba01-8014-471d-b115-9488b0bab07b&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DOW_OPENX_cookie_sync%26ttl%3D720%26uid%3Dd824a89d4f4cae9a64782f9415878012%26visitor%3D%7BOPENX_ID%7D HTTP 302
  • https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&is_cookie_sync_uid=1&name=OW_OPENX_cookie_sync&ttl=720&uid=d824a89d4f4cae9a64782f9415878012&visitor=ec5161e5-f517-4c68-a479-67cba7a6b27e
Request Chain 183
  • https://prebid.a-mo.net/cchain/0?cb=https://visitor.omnitagjs.com/visitor/sync?uid=cc74a90418053c5e5c118472fd8c7507&visitor= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=cc74a90418053c5e5c118472fd8c7507
Request Chain 184
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DINDEX_cookie_sync%26ttl%3D720%26uid%3Dea200206faeb16ecc9e6bc20f18ff71c%26visitor%3D&gdpr=0&gdpr_consent=&s=190532 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DINDEX_cookie_sync%26ttl%3D720%26uid%3Dea200206faeb16ecc9e6bc20f18ff71c%26visitor%3D&gdpr=0&gdpr_consent=&s=190532&C=1 HTTP 302
  • https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&is_cookie_sync_uid=1&name=INDEX_cookie_sync&ttl=720&uid=ea200206faeb16ecc9e6bc20f18ff71c&visitor=aYFzj7mqPVcAA6jkBk1dGQAA%263186
Request Chain 187
  • https://prebid.a-mo.net/cchain/0?cb=https://visitor.omnitagjs.com/visitor/sync?uid=642b2fc65afcd5ddddcf2d0e96254052&visitor= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=642b2fc65afcd5ddddcf2d0e96254052
Request Chain 198
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=eu&gdpr=0&gdpr_consent=&p=adyoulike HTTP 301
  • https://eus.rubiconproject.com/usync.html?endpoint=eu&gdpr=0&gdpr_consent=&p=adyoulike
Request Chain 200
  • https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14 HTTP 302
  • https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPgR6-S7qLqAT0nmEsOvP8E&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmNkNWJlNGQtYWNmZC0yNDgzLWNkNTEtMjIwNmJmMTcwZjMy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmNkNWJlNGQtYWNmZC0yNDgzLWNkNTEtMjIwNmJmMTcwZjMy&google_tc=
Request Chain 209
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0&__qcmcs=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NyoEjjYgBNksK1qMYCER2TByDdwsIAWGZHJsxmuE
Request Chain 210
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1064847436536957466
Request Chain 211
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=openx&gdpr=0
Request Chain 216
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=ML62PZ4F-1Z-HQAY&ex=d-rubiconproject.com&status=ok
Request Chain 217
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 218
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58912/cms?uid=QlCimIWHZzggTO1cZ0vQ2sn5EUdSAgOZEtemQ7w0kco&csrc=
Request Chain 219
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2I4ZTFhZTZiMzA3NjlmNWY1MzAwZTVhODZmY2E4NDZlN2RkM2YwNA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2I4ZTFhZTZiMzA3NjlmNWY1MzAwZTVhODZmY2E4NDZlN2RkM2YwNA&google_tc=
Request Chain 220
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 223
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=ML62PZ4F-1Z-HQAY
Request Chain 224
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=ML62PZ4F-1Z-HQAY&ex=d-rubiconproject.com&status=ok
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&process_consent=T&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENFqA8IcE65OTTBRU8DHc0w&google_cver=1
Request Chain 226
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUw2MlBaNEYtMVotSFFBWQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJB02mQCt6iX0EwLrKvNTFg&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUw2MlBaNEYtMVotSFFBWQ==&google_push=
Request Chain 227
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
Request Chain 228
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
  • https://sync.a-mo.net/setuid/magnite?uid=ML62PZ4F-1Z-HQAY
Request Chain 230
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=ML62PZ4F-1Z-HQAY&pId=11&gdpr=&gdpr_consent=&us_privacy=
Request Chain 231
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=ML62PZ4F-1Z-HQAY
Request Chain 234
  • https://t.adx.opera.com/pub/sync?pubid=pub10682794419520&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=8c6807b627678853&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10682794419520%26gdpr%3D0%26consent%3D%26us_privacy%3D%26custom_data%3D
Request Chain 235
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=smartadserver&bsw_custom_parameter=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=smartadserver&bsw_custom_parameter=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb&gdpr=0&gdpr_consent=
Request Chain 244
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=f787c9f7-4d9f-4271-bfca-6852bda5c014
Request Chain 250
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=yXYNcmD96Cjf&ev=1&gpp_sid=&gpp=&us_privacy=&pid=558355
Request Chain 253
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike_2&gdpr=0&gdpr_consent=&gdpr=0&khaos=ML62PZ4F-1Z-HQAY HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=50a8b71bce09185338b804811fc96dd2&visitor=ML62PZ4F-1Z-HQAY&name=RUBICON&gdpr=0
Request Chain 258
  • https://creativecdn.com/cm-notify?pi=connectad&us_privacy=1--- HTTP 302
  • https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=connectad&us_privacy=1---
Request Chain 260
  • https://pixel.rubiconproject.com/exchange/sync.php?p=connectad&gdpr=0&us_privacy=1--- HTTP 302
  • https://sync.connectad.io/pixel/1?dataid=data20&uuid=ML62PZ4F-1Z-HQAY&gdpr=0&us_privacy=1---
Request Chain 261
  • https://x.bidswitch.net/sync?ssp=rtaplus&user_id=43157aa7-6b7d-49ed-869d-0e4f7d8d2f92&gdpr=0&us_privacy=1--- HTTP 302
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=eWg=&gdpr=0&gdpr_consent=&us_privacy=1---&bidswitch_ssp_id=rtaplus&bsw_custom_parameter=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb&callback=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D257
Request Chain 269
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=&gdpr_consent=&_bee_ppp=1
Request Chain 270
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=5z7ch9dRXSNp&ev=1&pid=558511&gdpr_consent=&gdpr=
Request Chain 272
  • https://um.simpli.fi/lj_match?r=1770091407484&gdpr=&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=CE7DBA6459864997A33635F0BFC62C0A
Request Chain 274
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=TUhRVDRUWkhfdklnUHg4ZFRST19RaUE4 HTTP 302
  • https://s0.2mdn.net/dot.gif
Request Chain 275
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=sovrn&gdpr=&gdpr_consent=
Request Chain 276
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=&gdpr_consent= HTTP 302
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=63cbbc171aeefd52&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10014056052800%26gdpr%3D%26consent%3D%26us_privacy%3D%26custom_data%3D
Request Chain 277
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=adf&i=6310936429702489107&gdpr=&gdpr_consent=
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81N2IxZmYzNy05NTEzLTRmMTUtODM4OC04NTUxZGNhMjMxZjk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81N2IxZmYzNy05NTEzLTRmMTUtODM4OC04NTUxZGNhMjMxZjk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Request Chain 282
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=gumgum
Request Chain 283
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 287
  • https://ssbsync.smartadserver.com/api/sync?callerId=164&gdpr=0&gdpr_consent= HTTP 302
  • https://ittpx.eskimi.com/sync?dp_id=221&user_id=6031504432374780892&gdpr=0&gdpr_consent=
Request Chain 301
  • https://ssp-sync.criteo.com/user-sync/redirect?profile=342&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&redir=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D185%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D%26us_privacy%3D%24%7BUS_PRIVACY%7D%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=342&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fuid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue%26gdpr%3d%26gdprapplies%3dFalse%26ccpa%3d%26gpp%3d%26gpp_sid%3d%26profile%3d342%26redir%3dhttps%253A%252F%252Fittpx.eskimi.com%252Fsync%253Fdp_id%253D185%2526gdpr%253D%2524%7bGDPR%7d%2526gdpr_consent%253D%2524%7bGDPR_CONSENT%7d%2526us_privacy%253D%2524%7bUS_PRIVACY%7d%2526user_id%253D%2524%7bUSER_ID%7d&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Request Chain 311
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=3-znu8wMwwk-xTQIpuz76A==&ox_sc=1&ox_init=1
Request Chain 316
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=ML62PZ4F-1Z-HQAY HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=ML62PZ4F-1Z-HQAY&name=RUBICON&gdpr=0
Request Chain 342
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 345
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D24%26pid%3D62f53b2c7850d0786f227f64%26key%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=&biddername=24&pid=62f53b2c7850d0786f227f64&key=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb
Request Chain 350
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17184&khaos=ML62PZ4F-1Z-HQAY HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=ML62PZ4F-1Z-HQAY

349 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
www.ibtimes.co.uk/ 		270 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.121.38 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-3-216-121-38.compute-1.amazonaws.com
Software
/
Resource Hash
12cbb4f86d17197718e72f5b8d19d39c57f1323971099eeb097aea3dac582ac1
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
431
cache-control
public, max-age=3600
content-encoding
gzip
content-language
uk
content-length
65940
content-type
text/html; charset=UTF-8
date
Tue, 03 Feb 2026 04:03:22 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
x-b
V6.0.16 1st | web1
x-cache
hit cached
x-cache-hits
8
x-content-type-options
nosniff
x-debug
x-forwarded-for
176.10.106.10
x-frame-options
SAMEORIGIN
x-ua-device
desktop
x-xss-protection
1; mode=block
DMSans-Regular.woff2
g.ibtimes.co.uk/www/fonts/DMSans/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.ibtimes.co.uk/www/fonts/DMSans/DMSans-Regular.woff2
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://www.ibtimes.co.uk
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:49 GMT
content-type
font/woff2
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
12/29/2025 16:18:50
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
b22141ad4521a8988bc045675ceeedd4
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1332
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
Newsreader16pt-SemiBold.woff2
g.ibtimes.co.uk/www/fonts/Newsreader/woff2/ 		51 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.ibtimes.co.uk/www/fonts/Newsreader/woff2/Newsreader16pt-SemiBold.woff2
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
69e362979ada84f7f635266535702f9720adf55a40eca740306283d6c99467d2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://www.ibtimes.co.uk
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:49 GMT
content-type
font/woff2
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
12/29/2025 16:18:50
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
565faa37c9b51ece4754ebf29328a3e0
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1329
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
Genericons.woff
g.ibtimes.co.uk/www/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.ibtimes.co.uk/www/fonts/Genericons.woff
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://www.ibtimes.co.uk
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:49 GMT
content-type
font/woff
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
12/29/2025 16:18:50
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
1591a36983bbd939993b60ce258d2203
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1331
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
DMSans-Bold.woff2
g.ibtimes.co.uk/www/fonts/DMSans/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://g.ibtimes.co.uk/www/fonts/DMSans/DMSans-Bold.woff2
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
b81a9ab90db88af2647d2f7d87388f53434df33b4bc7216016489b9f79e41474
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://www.ibtimes.co.uk
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:49 GMT
content-type
font/woff2
vary
Accept-Encoding
cdn-cache
HIT
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
12/29/2025 16:18:50
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
7d2820f8745cd920dfa3f158dcd100b3
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1328
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
baby-zohran-mamdani-epstein-photo.webp
d.ibtimes.co.uk/en/full/1787635/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.ibtimes.co.uk/en/full/1787635/baby-zohran-mamdani-epstein-photo.webp?w=736&f=78a4a7f6eff1efc867f928d6bc8fa98e
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1331:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1331 /
Resource Hash
84b4b4d18f06432dec5b031e10f3edd7401043a80f61a43364b0f4f270089801
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-cacheable
YES
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Sun, 01 Feb 2026 19:29:39 GMT
content-type
image/webp
cdn-cachedat
02/01/2026 19:29:39
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
eab68fba6f7b006d98446b0b6266dc55
cdn-pullzone
4960440
x-cahce
HIT
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1330
content-language
uk
server
BunnyCDN-DE1-1331
cdn-requestcountrycode
CH
splide.min.css
g.ibtimes.co.uk/sys/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.ibtimes.co.uk/sys/css/splide.min.css?v=1769977227
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
5dc4af7385770d59d6585591783e0fdfbaec83df3c4a8a43801a46f8458767bf
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
zstd
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 02 Feb 2026 20:21:20 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
02/02/2026 20:21:20
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
f2011cf06669434c6016f9a5b9faa828
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1331
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
video-initial.css
g.ibtimes.co.uk/sys/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://g.ibtimes.co.uk/sys/css/video-initial.css?v=1769977227
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
746e82974aeef7fceb35fb68f78d041481ffb30ec365903cc0ff5e7f8200844f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
zstd
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 02 Feb 2026 20:21:20 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
02/02/2026 20:21:20
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
cfd667f5ec93d994258c6959a496da70
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1328
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
4ac430500a84c3c2726499aa2404ca03.js
g.ibtimes.co.uk/sys/js/ 		157 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ibtimes.co.uk/sys/js/4ac430500a84c3c2726499aa2404ca03.js?v=1769977227
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
81b95657bb735559daae8066e757034052ac672e64a85d74eb67c5206863e75d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
zstd
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 02 Feb 2026 20:21:20 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
02/02/2026 20:21:20
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
6eeb2ce1d6171105800262ec6075acc3
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1331
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
adblock_prebid.js
g.ibtimes.co.uk/www/js/ 		12 B
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ibtimes.co.uk/www/js/adblock_prebid.js
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
c122d1646edb04123c43440dd104ae105fd44061fcf8bb543b767c0cfb574819
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
zstd
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:50 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
12/29/2025 16:18:50
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
4b286078e5f0d1da3ca92ed177a26b5f
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1332
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
ivtcheck
stats.myibtimes.com/tool/ 		255 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.myibtimes.com/tool/ivtcheck?callback=fq_callback&ref=&cb=1770091402406
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.236.161.110 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-44-236-161-110.us-west-2.compute.amazonaws.com
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
91839338157c40c390b5271e93243ee9b088ffe6c279c2463b9c30095a39838e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

strict-transport-security
max-age=86400; includeSubDomains
cache-control
private, max-age=0
content-encoding
gzip
content-length
233
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
application/javascript
vary
Accept-Encoding
server
Apache/2.4.58 (Ubuntu)
19988.js
micro.rubiconproject.com/prebid/dynamic/ 		497 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://micro.rubiconproject.com/prebid/dynamic/19988.js
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.102.33.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-102-33-206.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) PHP/8.3.24 OpenSSL/3.5.1 /
Resource Hash
623bce18258d88b18b6f8560324f7f653448518fb737b76a9c27bff345cd47af

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

edge-cache-tag
prod-prebid-19988_IBTimesUK_Desktop-Automation.js
cache-control
public, must-revalidate, max-age=14400
content-encoding
gzip
expires
Tue, 03 Feb 2026 10:37:03 GMT
content-length
158644
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
text/javascript;charset=UTF-8
vary
accept-encoding, referer
server
Apache/2.4.65 (Debian) PHP/8.3.24 OpenSSL/3.5.1
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		107 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.127.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
lcfrai-in-f155.1e100.net
Software
cafe /
Resource Hash
1ef86c93f01d812b3928f34c0147ef22ddef81fdd79b5f118e971cb821d05824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
br
etag
760 / 20487 / 31096530 / config-hash: 579230881078696644
x-content-type-options
nosniff
expires
Tue, 03 Feb 2026 04:03:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
34483
x-xss-protection
0
server
cafe
ibt_player_bg2.webp
g.ibtimes.co.uk/video/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.ibtimes.co.uk/video/images/ibt_player_bg2.webp
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
0209a932e3afa64e853fd17cca2ee8beaacbd647cd3e912ec8df4495532fba2b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:45 GMT
cdn-cachedat
12/29/2025 16:18:45
content-type
image/webp
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-cache
HIT
cdn-requestid
9b33510a5d1f74dca9625592ef49540e
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1330
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
men2.png
g.ibtimes.co.uk/img/home/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.ibtimes.co.uk/img/home/men2.png
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
2f442dc69d359461789e3836ded171b045c0a4c7544de8808e87e049fd785195
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:45 GMT
cdn-cachedat
12/29/2025 16:18:45
content-type
image/png
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-cache
HIT
cdn-requestid
49b105caebfc06c1569dfce4212c9ae0
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1328
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
men.png
g.ibtimes.co.uk/img/home/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.ibtimes.co.uk/img/home/men.png
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
c766f58bc88374c4119cc2215ed72f372f23acdace50bfbb7c9904f1c78d42fb
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:45 GMT
cdn-cachedat
12/29/2025 16:18:45
content-type
image/png
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-cache
HIT
cdn-requestid
d46b1e25117b69af501ea0e404ab8e6e
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1332
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
ibt-logo-2023.svg
g.ibtimes.co.uk/www/images/ 		26 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.ibtimes.co.uk/www/images/ibt-logo-2023.svg
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
f36fe04fbe2b5530137c5e4d09a15356a8394fb486761e0a9f8418f468c22f11
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
zstd
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:50 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
12/29/2025 16:18:50
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
354ad37afb88229909ca513b6ee71b24
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1331
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
3a01ce5912471ea9604df7353ae5fd6f.js
g.ibtimes.co.uk/sys/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ibtimes.co.uk/sys/js/3a01ce5912471ea9604df7353ae5fd6f.js?v=1769977227
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
991665fec26365934d16a37ff4c8a45b54e9890027ea811dc26f8b7a37cd470f
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
zstd
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 02 Feb 2026 20:21:20 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
02/02/2026 20:21:20
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
cf35cccea9cf9a6c588c1737b7df27aa
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1330
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
js
www.googletagmanager.com/gtag/ 		414 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2PSJXFW77R
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fae2a0ba91a788e15d2f51e4bf2c29117baaf79a393561a1ff959630270838e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
zstd
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Tue, 03 Feb 2026 04:03:22 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145166
date
Tue, 03 Feb 2026 04:03:22 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
counter.js
g.ibtimes.co.uk/front/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ibtimes.co.uk/front/js/counter.js?a=28
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
e6b4fcbbc7197e0272fd5497748029d3c5d73f67826530439f36643d9f4169eb
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
zstd
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:49 GMT
content-type
application/javascript
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
12/29/2025 16:18:50
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
a3c00faa731a101cc1694ed5e0548d38
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1328
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
fonts_inline_2.css
g.ibtimes.co.uk/www/css/ 		0
675 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g.ibtimes.co.uk/www/css/fonts_inline_2.css
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:53 GMT
content-type
text/css; charset=UTF-8
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
12/29/2025 16:18:53
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
949be60576b746bc513ef3aed5af5bfe
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
content-length
0
cdn-edgestorageid
1330
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
icon_menu.svg
g.ibtimes.co.uk/www/images/ 		573 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.ibtimes.co.uk/www/images/icon_menu.svg
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
51787e1e314ad3cc5590ebd86beaeb71c8b6db4782ccd11e38b82664d81a39cf
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
zstd
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:50 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
12/29/2025 16:18:50
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
1ebceb06dcff7eb2fa433a9ed5fa0a7f
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1328
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
icon_search.svg
g.ibtimes.co.uk/www/images/ 		632 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.ibtimes.co.uk/www/images/icon_search.svg
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
7fbcc17efba54f27758c0e495b4b19bf78935ddccbdf7bf2ce3309cfc9fa698e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
zstd
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:50 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
12/29/2025 16:18:50
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
46f2d3c107331ae8773c05605034a763
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1329
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
ad.gif
g.ibtimes.co.uk/www/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.ibtimes.co.uk/www/images/ad.gif
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
f4f5f507f0937a05ff8808ef50b7bb3858b766f467038a9deb01c853e5fa9ac7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:50 GMT
cdn-cachedat
12/29/2025 16:18:50
content-type
image/gif
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-cache
HIT
cdn-requestid
2aa6d050d7927e383cfa8fadb977e5f8
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1328
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
flipboard.png
g.ibtimes.co.uk/www/images/ 		487 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.ibtimes.co.uk/www/images/flipboard.png
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
8e4828c7f1279f8d3afaad2bea4c1d743d32575ad63a3281cc4a8a79df116812
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:45 GMT
cdn-cachedat
12/29/2025 16:18:45
content-type
image/png
cdn-requestpullcode
200
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-cache
HIT
cdn-requestid
e0d7c466b7c67c9ab9d5979bc074ba90
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1332
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
pocket.svg
g.ibtimes.co.uk/www/img/social/ 		768 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.ibtimes.co.uk/www/img/social/pocket.svg
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
b1b5d2f11a1628f3b577688ec1e2259a499640f4b0353f0fe78aad0626585ab6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
zstd
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:50 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
12/29/2025 16:18:50
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
2db8ec492a3b90ecf0cb6254daee8ac0
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1329
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
twitter-x-black.svg
g.ibtimes.co.uk/www/img/social/ 		813 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.ibtimes.co.uk/www/img/social/twitter-x-black.svg
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
d4de2141084016547c2a008529efc8a51466516d47edbfe0e1cbfb52ae33ec46
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding
zstd
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 29 Dec 2025 16:18:50 GMT
content-type
image/svg+xml
vary
Accept-Encoding
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cdn-cachedat
12/29/2025 16:18:50
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
22953fbe173adadcb097ef278bed2670
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1331
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
savannah-guthrie-nancy-guthrie.jpg
d.ibtimes.co.uk/en/full/1788002/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.ibtimes.co.uk/en/full/1788002/savannah-guthrie-nancy-guthrie.jpg?w=400&h=268&l=52&t=35&f=ccc6740f8bc071e206c5a36a5b975b5d
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1331:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1331 /
Resource Hash
2f6a237878a6010bdbbea4c8efa32833e22a366fdf8b378579247db9c42d251a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-cacheable
YES
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Tue, 03 Feb 2026 03:23:49 GMT
content-type
image/jpeg
cdn-cachedat
02/03/2026 03:23:49
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
4fd8fd748eaabcff3b94bf6bc9bb5e08
cdn-pullzone
4960440
x-cahce
HIT
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1331
content-language
uk
server
BunnyCDN-DE1-1331
cdn-requestcountrycode
CH
wael-tarabishi-father-maher.png
d.ibtimes.co.uk/en/full/1788007/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.ibtimes.co.uk/en/full/1788007/wael-tarabishi-father-maher.png?w=400&h=268&f=90bd9ad4afc974bb65ed2b983fa46d7e
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1331:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1331 /
Resource Hash
28398ce6054f659e36623db82b15e2bd877829ae22d124d18ad481ecab405de0
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-cacheable
YES
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Tue, 03 Feb 2026 03:28:31 GMT
content-type
image/png
cdn-cachedat
02/03/2026 03:28:31
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
cd5bd58617f79dd916fb11bd109bf958
cdn-pullzone
4960440
x-cahce
HIT
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1332
content-language
uk
server
BunnyCDN-DE1-1331
cdn-requestcountrycode
CH
mv-raider.jpg
d.ibtimes.co.uk/en/full/1788021/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.ibtimes.co.uk/en/full/1788021/mv-raider.jpg?w=400&h=268&f=a0f0d040499b0b1713efe4d2bfe9cf2e
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1331:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1331 /
Resource Hash
993777f33eafdbfd1994eaf7dcf9d2a69415eb42444a77f7728afdc22bbcae36
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-cacheable
YES
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Tue, 03 Feb 2026 03:28:31 GMT
content-type
image/jpeg
cdn-cachedat
02/03/2026 03:28:31
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
b3bba3d724ea567983d9afc2c0c4916c
cdn-pullzone
4960440
x-cahce
HIT
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1329
content-language
uk
server
BunnyCDN-DE1-1331
cdn-requestcountrycode
CH
masked-ice-agents.jpg
d.ibtimes.co.uk/en/full/1788019/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.ibtimes.co.uk/en/full/1788019/masked-ice-agents.jpg?w=400&h=268&l=57&t=34&f=f615803570fc5269d7cbb3e759c7267d
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1331:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1331 /
Resource Hash
2d1ce3a27a57aafaab16bc75d68bcc4229f60439fdb5b3578b22aeee886beb7a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-cacheable
YES
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Tue, 03 Feb 2026 03:28:31 GMT
content-type
image/jpeg
cdn-cachedat
02/03/2026 03:28:31
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
b430bcafa2dd84c7cc144ba3b3eef060
cdn-pullzone
4960440
x-cahce
HIT
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1330
content-language
uk
server
BunnyCDN-DE1-1331
cdn-requestcountrycode
CH
jd-vance.jpg
d.ibtimes.co.uk/en/full/1785427/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.ibtimes.co.uk/en/full/1785427/jd-vance.jpg?w=400&h=268&f=74518f4e482dc9a4758e29f9d7474245
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1331:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1331 /
Resource Hash
4e62ba2afa35c00ab1b9f5efb8df129e7a41bf355ac15da84a948df06c9f94fb
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-cacheable
YES
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Thu, 22 Jan 2026 23:56:20 GMT
content-type
image/jpeg
cdn-cachedat
01/22/2026 23:56:20
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
d7588d5153bd358697b23aebdefb8be7
cdn-pullzone
4960440
x-cahce
HIT
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1328
content-language
uk
server
BunnyCDN-DE1-1331
cdn-requestcountrycode
CH
dar-es-salaam-tanzania.jpg
d.ibtimes.co.uk/en/full/1786332/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.ibtimes.co.uk/en/full/1786332/dar-es-salaam-tanzania.jpg?w=400&h=268&f=9ca3a5ac6a53b9cc2cd06b7c668fe720
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1331:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1331 /
Resource Hash
1cf1ef9cc36ac3a38ba670bc55c5b81906743db6c190cf5a9f46f5251ab100c4
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-cacheable
YES
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Tue, 27 Jan 2026 10:36:41 GMT
content-type
image/jpeg
cdn-cachedat
01/27/2026 10:36:41
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
c65b2f35615d7f616dd97ffa527b8cad
cdn-pullzone
4960440
x-cahce
HIT
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1332
content-language
uk
server
BunnyCDN-DE1-1331
cdn-requestcountrycode
CH
ukraine-flag.jpg
d.ibtimes.co.uk/en/full/1785027/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.ibtimes.co.uk/en/full/1785027/ukraine-flag.jpg?w=400&h=268&f=fb5a8cc3c2be20e05558595719529f07
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1331:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1331 /
Resource Hash
8ee36d3d4f3762e82be76fe9cad858d763a660e9dcc3d87ee7e8f11d65db9963
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-cacheable
YES
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Wed, 21 Jan 2026 13:13:16 GMT
content-type
image/jpeg
cdn-cachedat
01/21/2026 13:13:16
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
7ffa4f0687be137be766dca9f659170e
cdn-pullzone
4960440
x-cahce
HIT
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1332
content-language
uk
server
BunnyCDN-DE1-1331
cdn-requestcountrycode
CH
law.jpg
d.ibtimes.co.uk/en/full/1781421/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.ibtimes.co.uk/en/full/1781421/law.jpg?w=400&h=268&f=c278768d12a97c87a6d5617230a618c9
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1331:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1331 /
Resource Hash
32078327d38c454b789c3fedde5625c3478e07b1bdec675492beb84cfc8192eb
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-cacheable
YES
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Mon, 12 Jan 2026 16:06:53 GMT
content-type
image/jpeg
cdn-cachedat
01/12/2026 16:06:53
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
016c119e5ac8c532e2d819441b2da0ac
cdn-pullzone
4960440
x-cahce
HIT
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1329
content-language
uk
server
BunnyCDN-DE1-1331
cdn-requestcountrycode
CH
whitehall-westminster-london.jpg
d.ibtimes.co.uk/en/full/1778223/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.ibtimes.co.uk/en/full/1778223/whitehall-westminster-london.jpg?w=400&h=268&f=b02025225ec9d5b07f9bb6c7c7aaf940
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1331:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1331 /
Resource Hash
68c3da06578009e25717865e97fc3b58d48912f49e598a0ee32fc828fad956c9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-cacheable
YES
date
Tue, 03 Feb 2026 04:03:22 GMT
last-modified
Wed, 24 Dec 2025 10:40:49 GMT
content-type
image/jpeg
cdn-cachedat
12/24/2025 10:40:49
cdn-cache
HIT
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-requestid
1f61c9cddaa46852f68ec4b2f866dd23
cdn-pullzone
4960440
x-cahce
HIT
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1331
content-language
uk
server
BunnyCDN-DE1-1331
cdn-requestcountrycode
CH
article
stats.myibtimes.com/counter/ 		14 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.myibtimes.com/counter/article?ack=sys_callback&site_id=1&c_what=article&a_id=1775414&r_id=101295&c_id=1242&c_url=&referer=&device=desktop&a_editor=1&c_country=CH&xz=5&from=web&zyx=2&c_uque=1&c_ruque=1&c_visits=1&c_ts=nonpromoted&c_promo=&c_system=5&c_browser=1&c_agent=Mozilla/5.0%20(X11;%20Linux%20x86_64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/144.0.0.0%20Safari/537.36
Requested by
Host: g.ibtimes.co.uk
URL: https://g.ibtimes.co.uk/front/js/counter.js?a=28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.236.161.110 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-44-236-161-110.us-west-2.compute.amazonaws.com
Software
Apache/2.4.58 (Ubuntu) /
Resource Hash
2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

strict-transport-security
max-age=86400; includeSubDomains
cache-control
max-age=25920000
content-encoding
gzip
content-length
34
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Apache/2.4.58 (Ubuntu)
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/ 		625 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.127.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
lcfrai-in-f155.1e100.net
Software
cafe /
Resource Hash
ee32c8f48d014c736693f52803884fe6b8fde8eaf5bca64644386b7617d9f7d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
br
etag
5036611500841290486
age
61300
x-content-type-options
nosniff
expires
Tue, 02 Feb 2027 11:01:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 02 Feb 2026 11:01:42 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
201340
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202601290101/ 		64 KB
24 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202601290101/gpt
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.127.155 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
lcfrai-in-f155.1e100.net
Software
cafe /
Resource Hash
466b0344ce5bace91e6dfb5f19438c6ef87db6b832408acd02fb02dea5781768
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
883836590519103048
age
9378
x-content-type-options
nosniff
expires
Tue, 10 Feb 2026 01:27:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 03 Feb 2026 01:27:04 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=604800, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
24044
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202601290101"
pbhid
id.hadron.ad.gt/api/v1/ 		2 B
276 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=714&_it=prebid&t=1&src=id&domain=www.ibtimes.co.uk
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:2396 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
max-age=604800
content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
cf-ray
9c7f09c29944bb15-ZRH
access-control-allow-origin
*
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
application/json; charset=utf8
server
cloudflare
access-control-allow-headers
authorization,content-type
prebid
id5-sync.com/api/config/ 		195 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
3a95919c46dcd2241d4df96cbd58c5b8eec36c373584bb69ad83ddcf90992700
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.ibtimes.co.uk/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://www.ibtimes.co.uk
p3p
CP="CAO PSA OUR"
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
envelope
api.rlcdn.com/api/identity/ 		0
255 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=56
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
via
1.1 google
access-control-allow-origin
https://www.ibtimes.co.uk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 03 Feb 2026 04:03:22 GMT
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
id
id.crwdcntrl.net/ 		152 B
903 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?c=17506
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.38.143 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-108-128-38-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5dd74d9d520e519961ffb4afa24c248603c53d391cfc528a6d77a39d430d1397
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://www.ibtimes.co.uk
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
152
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
application/json;charset=utf-8
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-2PSJXFW77R&gtm=45je61u1v883553810za200zd883553810&_p=1770091402411&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=300410420.1770091403&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAAAGA&_s=1&tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~115938465~115938469~116185181~116185182~116988315~117041587&sid=1770091402&sct=1&seg=0&dl=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414&dt=Is%20Zohran%20Mamdani%20Jeffrey%20Epstein%27s%20Son%3F%20Why%20a%20Viral%20Photo%20Has%20Fuelled%20Shock%20Claims%20Online%20%7C%20IBTimes%20UK&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.ad_blocker=U&ep.page_type=article&ep.ads=Y&ep.ivt_fq=N&ep.section=World&ep.author=Christelle%20May%20Napiza&ep.article_id=1775414&ep.video=N&ep.video_type=n%2Fa&ep.video_abtest=NoVideo&ep.content_channel=News%20and%20Politics&ep.article_source=IBTimes%20UK&epn.paragraphs=12&tfd=792
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2PSJXFW77R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:171:0
report-to
{"group":"ascnsrsggc:171:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:171:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.ibtimes.co.uk
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:171:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
560 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2PSJXFW77R&cid=300410420.1770091403&gtm=45je61u1v883553810za200zd883553810&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~115938465~115938469~116185181~116185182~116988315~117041587
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2PSJXFW77R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:c21::9b Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:139:0
report-to
{"group":"ascnsrsggc:139:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:139:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.ibtimes.co.uk
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:139:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2PSJXFW77R&cid=300410420.1770091403&gtm=45je61u1v883553810za200zd883553810&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~115938465~115938469~116185181~116185182~116988315~117041587&z=1151189792
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 03 Feb 2026 04:03:22 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
v1
lb.eu-1-id5-sync.com/lb/ 		45 B
327 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
805df948e8fc1e5e19b5a16905d3e9f555d4fce7fb25cca2164fa4ab32ffee51
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.ibtimes.co.uk
content-encoding
gzip
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
application/json;charset=UTF-8
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
1492.json
id5-sync.com/g/v2/ 		575 B
835 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1492.json
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
5fc9a87a12842fab19e588e05a78a764b19ab383e72922547908c9146b64642c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.ibtimes.co.uk/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://www.ibtimes.co.uk
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
application/json
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials
true
header-bidding-request
mweb-hb.presage.io/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mweb-hb.presage.io/api/header-bidding-request
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.137.23.186 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-46-137-23-186.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ibtimes.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.ibtimes.co.uk
content-length
4
content-type
application/json
date
Tue, 03 Feb 2026 04:03:22 GMT
ibtmedia
ibtmedia.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ibtmedia.technoratimedia.com/openrtb/bids/ibtmedia?src=pbjs%2F9.47.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898 - Oracle Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.ibtimes.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.ibtimes.co.uk
access-control-max-age
86400
date
Tue, 03 Feb 2026 04:03:23 GMT
server
nginx
cookie_sync
prebid-server.rubiconproject.com/ 		49 B
335 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - Magnite, Inc., US),
Reverse DNS
Software
/
Resource Hash
c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://www.ibtimes.co.uk
content-length
71
vary
origin
auction
prebid-server.rubiconproject.com/openrtb2/ 		172 B
510 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - Magnite, Inc., US),
Reverse DNS
Software
/
Resource Hash
79a1516320cb5d9ab0c7882c8f1587592053ca9d50c1ba673b2fd1f715b8036e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
Pragma
no-cache
access-control-allow-credentials
true
Observe-Browsing-Topics
?1
Expires
0
access-control-allow-origin
https://www.ibtimes.co.uk
content-length
166
x-prebid
pbs-java/3.38.0
Content-Type
application/json
vary
origin
hb
rt.marphezis.com/ 		0
357 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/hb
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.203.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

access-control-max-age
86400
access-control-expose-headers
Content-Length
cache-control
no-store
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Model
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
expires
0
access-control-allow-origin
https://www.ibtimes.co.uk
date
Tue, 03 Feb 2026 04:03:22 GMT
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
fastlane.json
fastlane.rubiconproject.com/a/api/ 		624 B
835 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19988&site_id=493310&zone_id=2922354%3B2922340&size_id=2%3B15&alt_size_ids=55%2C57%3B&eid_id5-sync.com=0%5E1%5E%5E%5E%5E%5E&eid_crwdcntrl.net=273ecfde5e7464a274ac6e0aa186185ca02cdd31d2d6d83eb743689b5f7c2e66%5E1%5E%5E%5E%5E%5E&eid_pubcid.org=36ecad67-7007-477b-b031-f7496bcb5de8%5E1%5E%5E%5E%5E%5E&rf=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414&tg_i.domain=ibtimes.co.uk&tg_i.page=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414&tg_i.documentLang=en&tg_i.aupname=ibtimes.co.uk%2Ftop%3Bibtimes.co.uk%2Fright1&tg_i.divId=dfp-ad-top%3Bdfp-ad-right1&tg_i.pbadslot=%2F124813052%2Fibtimes.co.uk%2Ftop%3B%2F124813052%2Fibtimes.co.uk%2Fright1&tk_flint=dmpbjs_v9.47.0&x_source.tid=b96f0391-7cfe-480d-96d4-ac80095877a8&l_pb_bid_id=1470faf226a6fd1%3B15e653fe7088eb08&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7%3Bf5148009-b577-4f4b-b01a-4741d7ebeadb&rp_maxbids=1&p_gpid=%2F124813052%2Fibtimes.co.uk%2Ftop%3B%2F124813052%2Fibtimes.co.uk%2Fright1&m_ch_mobile=%3F0&slots=2&rand=0.8877336008679334
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT - Magnite, Inc., US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
b681c44482c96c5804fd78e52697cd74e9ab4de0340f1903ce9bb39c684acbb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://www.ibtimes.co.uk
content-length
624
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
prebid
krk2.kargo.com/api/v1/ 		2 B
485 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.118.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-127-118-188.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

access-control-expose-headers
NBR
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-encoding
gzip
accept-ch
Sec-CH-UA,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
pragma
no-cache
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
nbr
508
access-control-allow-origin
https://www.ibtimes.co.uk
content-length
26
krk-no-bid-reason
consent
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
application/json; charset=UTF-8
vary
Origin, Accept-Encoding
x-accel-expires
0
header-bidding-request
mweb-hb.presage.io/api/ 		0
155 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mweb-hb.presage.io/api/header-bidding-request
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
46.137.23.186 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-46-137-23-186.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.ibtimes.co.uk/

Response headers

access-control-allow-origin
https://www.ibtimes.co.uk
date
Tue, 03 Feb 2026 04:03:23 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
bid
s.seedtag.com/c/hb/ 		11 B
409 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.55.62 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
br
cf-cache-status
DYNAMIC
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
observe-browsing-topics
?1
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 03 Feb 2026 04:03:22 GMT
content-type
application/json; charset=utf-8
vary
X-HTTP-Method-Override
priority
u=1,i
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-credentials
true
via
1.1 google
cf-ray
9c7f09c3cc031a65-ZRH
access-control-allow-origin
https://www.ibtimes.co.uk
server
cloudflare
bid
prebid.receptivity.io/v1/prebid/IBTP251027/ 		234 B
589 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.receptivity.io/v1/prebid/IBTP251027/bid
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1744 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
11d0d10f68a5e5324c6f90e8382c38a5fcc8ea3ea59165ef649ebafb7e07855c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS, HEAD
cf-ray
9c7f09c3e83fbc4a-ZRH
access-control-allow-origin
https://www.ibtimes.co.uk
date
Tue, 03 Feb 2026 04:03:23 GMT
content-type
application/json
x-contxtful-variant
standard
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type, Authorization
bidder
pbs.optidigital.com/ 		0
255 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.optidigital.com/bidder
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.72.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
119.72.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
expires
0
access-control-allow-origin
https://www.ibtimes.co.uk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Feb 2026 04:03:22 GMT
x-prebid
pbs-go/38.6.0
content-type
application/json
vary
Accept-Encoding,Origin
ibtmedia
ibtmedia.technoratimedia.com/openrtb/bids/ 		0
189 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ibtmedia.technoratimedia.com/openrtb/bids/ibtmedia?src=pbjs%2F9.47.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898 - Oracle Corporation, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.ibtimes.co.uk/

Response headers

age
0
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
via
1.1 varnish
x-varnish
333973671
access-control-allow-origin
https://www.ibtimes.co.uk
date
Tue, 03 Feb 2026 04:03:24 GMT
server
nginx
66c73a16671afb3b7dd04c0d
prebid.cootlogix.com/prebid/multi/ 		0
17 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/66c73a16671afb3b7dd04c0d
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.190.187.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin
https://www.ibtimes.co.uk
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Tue, 03 Feb 2026 04:03:23 GMT
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
66c73a16671afb3b7dd04c0d
prebid.cootlogix.com/prebid/multi/ 		0
281 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.cootlogix.com/prebid/multi/66c73a16671afb3b7dd04c0d
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.190.187.27 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control
access-control-allow-origin
https://www.ibtimes.co.uk
cache-control
max-age=0, no-cache, must-revalidate, proxy-revalidate
date
Tue, 03 Feb 2026 04:03:23 GMT
vary
Accept-Encoding
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
bid-request
a.teads.tv/hb/ 		440 B
968 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software
/
Resource Hash
76b1643fd0020ba8131dfc357fbf6f5d3d3062d32e124fc5ab5686000725ad11
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

x-check-cacheable
NO
observe-browsing-topics
?1
expires
0
x-cache
MISS
date
Tue, 03 Feb 2026 04:03:23 GMT
content-type
application/json
x-served-by
cache-vie6357-VIE
x-cache-hits
0
vary
Accept-Encoding
x-u
/hb/bid-request
strict-transport-security
max-age=300
x-b
OT7pu8Xazv8kOHAME9TG23--F_euw1_load_testing_teads_tv
cache-control
max-age=0, no-cache, no-store
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma
no-cache
x-timer
S1770091403.891011,VS0,VE134
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
https://www.ibtimes.co.uk
content-length
440
traffic-path
DUBDC2
favicon.ico
g.ibtimes.co.uk/themes/favicons/ 		15 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://g.ibtimes.co.uk/themes/favicons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00:2::1329:1 , Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software
BunnyCDN-DE1-1329 /
Resource Hash
980c65db5f7c679fae74479bf9d3952f5a588add763822b4eee38e61836e3277
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cdn-status
200
content-encoding
br
date
Tue, 03 Feb 2026 04:03:23 GMT
last-modified
Mon, 29 Dec 2025 16:18:45 GMT
cdn-cachedat
12/29/2025 16:18:45
vary
Accept-Encoding
content-type
image/vnd.microsoft.icon
cdn-requestpullcode
200
strict-transport-security
max-age=86400; includeSubDomains
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
cdn-requesttime
0
cdn-cache
HIT
cdn-requestid
0853f3a4ab5b5c8bf80e98a9a99fd2b9
cdn-pullzone
4961065
cdn-proxyver
1.43
access-control-allow-origin
*
cdn-edgestorageid
1331
content-language
uk
server
BunnyCDN-DE1-1329
cdn-requestcountrycode
CH
sodar
ep1.adtrafficquality.google/getconfig/ 		18 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202601280101&st=env&sjk=6713095088847047
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.140.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
lcfraa-bt-in-f2.1e100.net
Software
cafe /
Resource Hash
fcd20a93f2c365ac03f4fb46850f6f2246958913d7b364a568bec3d7cbccdb0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13569
date
Tue, 03 Feb 2026 04:03:24 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
pagead2.googlesyndication.com/gampad/ 		28 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=6713095088847047&correlator=1325529560220720&eid=31096419%2C31096482%2C31096541%2C31096530%2C83321072&output=ldjh&gdfp_req=1&vrg=202601280101&ptt=17&impl=fif&trt=2&iu_parts=124813052%2Cibtimes.co.uk%2Ctop&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90%7C970x120%7C970x90%7C970x66&ifi=1&didk=253320911&dids=dfp-ad-top&adfs=1788690887&sfv=1-0-45&eri=1&sc=1&abxe=1&dt=1770091404135&lmt=1770091404&adxs=315&adys=249&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414&vis=1&psz=1600x251&msz=970x0&fws=4&ohw=1600&topics=5&tps=5&htps=5&psd=WzMxLFtdXQ..&dlt=1770091402303&idt=336&prev_scp=pos%3Dtop%26refresh%3DN%26hb_format_teads%3Dbanner%26hb_size_teads%3D728x90%26hb_pb_teads%3D0.10%26hb_adid_teads%3D411a3742a94a85d8%26hb_bidder_teads%3Dteads%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.10%26hb_adid%3D411a3742a94a85d8%26hb_bidder%3Dteads&cust_params=cat%3Dibtuk-world%26video%3DN%26article_id%3D1775414%26content%3DIAB12%26layout%3Dstandard%26paragraphs%3D12%26page_type%3Darticle%26keywords%3DZohran%2520Mamdani%252CNew%2520York%2520Mayor%2520Zohran%2520Mamdani%252CZohran%2520Mamdani%2520news%252CNew%2520York%2520Zohran%2520Mamdani%252CNY%2520Mayor%2520Zohran%2520Mamdani%252CZohran%2520Mamdani%27s%2520mother%252CZohran%2520Mamdani%2520Mira%2520Nair%252CMira%2520Nair%252CJeffrey%2520Epstein%252CEpstein%2520files%252CEpstein%252CEpstein%2520Files%2520Transparency%2520Act%252CJeffrey%2520Epstei%26contentsrc%3DIBTimes%2520UK%26focus%3DY%26w1200%3DY%26referrer%3Ddirect%26ts%3Dnonpromoted%26trsource%3DDirect%26brtype%3Dweb%26abt%3D2%26ip%3D176.10.106.10%26rsk%3DN%26kwgroup%3Dgeneric_negative_keywords%252Cmobkoi_q4_2024_keywords%26excl_cat%3D%257Cibt%257C%2520generic%2520negative%2520keywords%252C%257Cibt%257C%2520Mobkoi%2520Q4%25202024%2520keywords&adks=3939093184&frm=20&eoidce=1&gblpids=%2F124813052%2Fibtimes.co.uk%2Ftop&pb_szs=970x250%7C728x90%7C970x120%7C970x90%7C970x66&pbbce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
8a5f4e6267d1c347c8df1c21be1c644c787f9e77b12df32452c6c98d9dad1b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
br
google-lineitem-id
7184321468
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138542009009
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.ibtimes.co.uk
content-length
13769
x-xss-protection
0
server
cafe
ads
pagead2.googlesyndication.com/gampad/ 		62 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=6713095088847047&correlator=1325529560220720&eid=31096419%2C31096482%2C31096541%2C31096530%2C83321072&output=ldjh&gdfp_req=1&vrg=202601280101&ptt=17&impl=fif&trt=2&iu_parts=124813052%2Cibtimes.co.uk%2Cright1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&didk=3678771393&dids=dfp-ad-right1&adfs=3327167775&sfv=1-0-45&eri=1&sc=1&abxe=1&dt=1770091404142&lmt=1770091404&adxs=1029&adys=551&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414&vis=1&psz=300x251&msz=300x0&fws=516&ohw=300&topics=5&tps=5&htps=5&psd=WzMxLFtdXQ..&dlt=1770091402303&idt=336&prev_scp=pos%3Dright1%26refresh%3DN&cust_params=cat%3Dibtuk-world%26video%3DN%26article_id%3D1775414%26content%3DIAB12%26layout%3Dstandard%26paragraphs%3D12%26page_type%3Darticle%26keywords%3DZohran%2520Mamdani%252CNew%2520York%2520Mayor%2520Zohran%2520Mamdani%252CZohran%2520Mamdani%2520news%252CNew%2520York%2520Zohran%2520Mamdani%252CNY%2520Mayor%2520Zohran%2520Mamdani%252CZohran%2520Mamdani%27s%2520mother%252CZohran%2520Mamdani%2520Mira%2520Nair%252CMira%2520Nair%252CJeffrey%2520Epstein%252CEpstein%2520files%252CEpstein%252CEpstein%2520Files%2520Transparency%2520Act%252CJeffrey%2520Epstei%26contentsrc%3DIBTimes%2520UK%26focus%3DY%26w1200%3DY%26referrer%3Ddirect%26ts%3Dnonpromoted%26trsource%3DDirect%26brtype%3Dweb%26abt%3D2%26ip%3D176.10.106.10%26rsk%3DN%26kwgroup%3Dgeneric_negative_keywords%252Cmobkoi_q4_2024_keywords%26excl_cat%3D%257Cibt%257C%2520generic%2520negative%2520keywords%252C%257Cibt%257C%2520Mobkoi%2520Q4%25202024%2520keywords&adks=1360696013&frm=20&eoidce=1&gblpids=%2F124813052%2Fibtimes.co.uk%2Fright1&pb_szs=300x250&pbbce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
ed3c628e67c223a197ee268b09478fb5b2754321b1fe0a89a909b32e3fd9f1d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
content-encoding
br
google-lineitem-id
-1
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.ibtimes.co.uk
content-length
12401
x-xss-protection
0
server
cafe
container.html
d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 8CFE 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.161 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
lcfraa-bn-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Feb 2026 04:03:24 GMT
expires
Tue, 03 Feb 2026 04:03:24 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/gampad/ 		610 B
288 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=6713095088847047&correlator=1325529560220720&eid=31096419%2C31096482%2C31096541%2C31096530%2C83321072&output=ldjh&gdfp_req=1&vrg=202601280101&ptt=17&impl=fif&trt=2&iu_parts=124813052%2Cibtimes.co.uk%2Coop1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&didk=3894251035&dids=dfp-ad-oop1&adfs=2962996922&sfv=1-0-45&ists=1&eri=1&sc=1&abxe=1&dt=1770091404148&lmt=1770091404&adxs=0&adys=10576&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&topics=5&tps=5&htps=5&psd=WzMxLFtdXQ..&dlt=1770091402303&idt=336&prev_scp=pos%3Doop1%26refresh%3DN&cust_params=cat%3Dibtuk-world%26video%3DN%26article_id%3D1775414%26content%3DIAB12%26layout%3Dstandard%26paragraphs%3D12%26page_type%3Darticle%26keywords%3DZohran%2520Mamdani%252CNew%2520York%2520Mayor%2520Zohran%2520Mamdani%252CZohran%2520Mamdani%2520news%252CNew%2520York%2520Zohran%2520Mamdani%252CNY%2520Mayor%2520Zohran%2520Mamdani%252CZohran%2520Mamdani%27s%2520mother%252CZohran%2520Mamdani%2520Mira%2520Nair%252CMira%2520Nair%252CJeffrey%2520Epstein%252CEpstein%2520files%252CEpstein%252CEpstein%2520Files%2520Transparency%2520Act%252CJeffrey%2520Epstei%26contentsrc%3DIBTimes%2520UK%26focus%3DY%26w1200%3DY%26referrer%3Ddirect%26ts%3Dnonpromoted%26trsource%3DDirect%26brtype%3Dweb%26abt%3D2%26ip%3D176.10.106.10%26rsk%3DN%26kwgroup%3Dgeneric_negative_keywords%252Cmobkoi_q4_2024_keywords%26excl_cat%3D%257Cibt%257C%2520generic%2520negative%2520keywords%252C%257Cibt%257C%2520Mobkoi%2520Q4%25202024%2520keywords&adks=27380022&frm=20&eoidce=1&pbbce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
7487292179d18740ade30262bd6e6536df78f3e6f6a5b92d24bffa56caaea5be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.ibtimes.co.uk
content-length
259
x-xss-protection
0
server
cafe
ads
pagead2.googlesyndication.com/gampad/ 		610 B
289 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=6713095088847047&correlator=1325529560220720&eid=31096419%2C31096482%2C31096541%2C31096530%2C83321072&output=ldjh&gdfp_req=1&vrg=202601280101&ptt=17&impl=fif&trt=2&iu_parts=124813052%2Cibtimes.co.uk%2Coop2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&didk=3894251034&dids=dfp-ad-oop2&adfs=3297521526&sfv=1-0-45&ists=1&eri=1&sc=1&abxe=1&dt=1770091404150&lmt=1770091404&adxs=0&adys=10576&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&topics=5&tps=5&htps=5&psd=WzMxLFtdXQ..&dlt=1770091402303&idt=336&prev_scp=pos%3Doop2%26refresh%3DN&cust_params=cat%3Dibtuk-world%26video%3DN%26article_id%3D1775414%26content%3DIAB12%26layout%3Dstandard%26paragraphs%3D12%26page_type%3Darticle%26keywords%3DZohran%2520Mamdani%252CNew%2520York%2520Mayor%2520Zohran%2520Mamdani%252CZohran%2520Mamdani%2520news%252CNew%2520York%2520Zohran%2520Mamdani%252CNY%2520Mayor%2520Zohran%2520Mamdani%252CZohran%2520Mamdani%27s%2520mother%252CZohran%2520Mamdani%2520Mira%2520Nair%252CMira%2520Nair%252CJeffrey%2520Epstein%252CEpstein%2520files%252CEpstein%252CEpstein%2520Files%2520Transparency%2520Act%252CJeffrey%2520Epstei%26contentsrc%3DIBTimes%2520UK%26focus%3DY%26w1200%3DY%26referrer%3Ddirect%26ts%3Dnonpromoted%26trsource%3DDirect%26brtype%3Dweb%26abt%3D2%26ip%3D176.10.106.10%26rsk%3DN%26kwgroup%3Dgeneric_negative_keywords%252Cmobkoi_q4_2024_keywords%26excl_cat%3D%257Cibt%257C%2520generic%2520negative%2520keywords%252C%257Cibt%257C%2520Mobkoi%2520Q4%25202024%2520keywords&adks=2879959956&frm=20&eoidce=1&pbbce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
d9da2f0223f18b37dc201f589dddef5d40a876e487983e252c8e1f8b98b902e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.ibtimes.co.uk
content-length
260
x-xss-protection
0
server
cafe
ads
pagead2.googlesyndication.com/gampad/ 		16 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?pvsid=6713095088847047&correlator=1325529560220720&eid=31096419%2C31096482%2C31096541%2C31096530%2C83321072&output=ldjh&gdfp_req=1&vrg=202601280101&ptt=17&impl=fif&trt=2&iu_parts=124813052%2Cibtimes.co.uk%2Coop3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=5&didk=3894251033&dids=dfp-ad-oop3&adfs=2582240024&sfv=1-0-45&ists=1&eri=1&sc=1&abxe=1&dt=1770091404152&lmt=1770091404&adxs=0&adys=10576&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&topics=5&tps=5&htps=5&psd=WzMxLFtdXQ..&dlt=1770091402303&idt=336&prev_scp=pos%3Doop3%26refresh%3DN&cust_params=cat%3Dibtuk-world%26video%3DN%26article_id%3D1775414%26content%3DIAB12%26layout%3Dstandard%26paragraphs%3D12%26page_type%3Darticle%26keywords%3DZohran%2520Mamdani%252CNew%2520York%2520Mayor%2520Zohran%2520Mamdani%252CZohran%2520Mamdani%2520news%252CNew%2520York%2520Zohran%2520Mamdani%252CNY%2520Mayor%2520Zohran%2520Mamdani%252CZohran%2520Mamdani%27s%2520mother%252CZohran%2520Mamdani%2520Mira%2520Nair%252CMira%2520Nair%252CJeffrey%2520Epstein%252CEpstein%2520files%252CEpstein%252CEpstein%2520Files%2520Transparency%2520Act%252CJeffrey%2520Epstei%26contentsrc%3DIBTimes%2520UK%26focus%3DY%26w1200%3DY%26referrer%3Ddirect%26ts%3Dnonpromoted%26trsource%3DDirect%26brtype%3Dweb%26abt%3D2%26ip%3D176.10.106.10%26rsk%3DN%26kwgroup%3Dgeneric_negative_keywords%252Cmobkoi_q4_2024_keywords%26excl_cat%3D%257Cibt%257C%2520generic%2520negative%2520keywords%252C%257Cibt%257C%2520Mobkoi%2520Q4%25202024%2520keywords&adks=3256680343&frm=20&eoidce=1&pbbce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
9ac052e369577676d49aac4bf9cfa3f8b05e6ef707d11921e17a46fef10f9880
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
br
google-lineitem-id
7206878583
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138545336179
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.ibtimes.co.uk
content-length
5755
x-xss-protection
0
server
cafe
sodar2.js
ep2.adtrafficquality.google/sodar/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:c21::84 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
gzip
etag
"1747411493688989"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Tue, 03 Feb 2026 04:03:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
7188
x-xss-protection
0
server
sffe
container.html
d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com/safeframe/1-0-45/html/ Frame 3816 		7 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.161 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
lcfraa-bn-in-f1.1e100.net
Software
sffe /
Resource Hash
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
3121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Feb 2026 04:03:24 GMT
expires
Tue, 03 Feb 2026 04:03:24 GMT
last-modified
Thu, 08 May 2025 23:15:48 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-45/js/ Frame 3816 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-45/js/ext.js
Requested by
Host: d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com
URL: https://d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:c21::84 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com/

Response headers

content-encoding
br
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
x-content-type-options
nosniff
expires
Tue, 03 Feb 2026 04:03:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Thu, 08 May 2025 23:15:48 GMT
cache-control
private, max-age=300
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
content-length
6269
x-xss-protection
0
server
sffe
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20260129/r20110914/ Frame 3816 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20260129/r20110914/abg_lite_fy2021.js
Requested by
Host: d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com
URL: https://d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
bd04667d5d5feb14319f345a1a8e7486d8ab5aea560fb8be53cae5f6bc9d0e20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com/

Response headers

content-encoding
br
etag
11386605814003084292
age
22991
x-content-type-options
nosniff
expires
Mon, 16 Feb 2026 21:40:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 02 Feb 2026 21:40:13 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
8505
x-xss-protection
0
server
cafe
view
pagead2.googlesyndication.com/pcs/ Frame 3816 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvTPnNcuEWtJcM_yzCWnnGwA-rM8PhEogqv6fBZkDHkJJQIF0UjH8rZQj6MWNoz0ZAJmSgfEtDY86357xvCSzWrgfuc_rdknYw3j41btwInNZF5EEeGnswELCODa3BSB17UshGmfPyYPsOaSlAPl-VDpICZ7FvP1PzdaTWG6K8bynz2d2I2RQJel1-rAZXh5jVsvWD26UN3t66ccYxNy6JxyqqiyHiHWDII2F88yiKgLaoy1T5Nr-Apt4ih6Fcz5o2LhZ9PgysTmclQptxyNxrVM-AZUSecqVRENJK6F3U7wJrtxIp-J0ty_pFfo4kq1VuJXicFuK8NcnFgz-mfJqkMIvM6Qi86lKk-mE-UCMRUGGdAaYMrVO7sR-VpZ5v4Ihtc7mOv5ea4JOaboMe0sObgKB9Z0gd2&sig=Cg0ArKJSzAJByixIrcRiEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com
URL: https://d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com/safeframe/1-0-45/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 03 Feb 2026 04:03:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/237/ Frame B0F9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:c21::84 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.ibtimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1876
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5044
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 03 Feb 2026 03:32:08 GMT
expires
Tue, 03 Feb 2026 04:22:08 GMT
last-modified
Tue, 13 May 2025 23:17:50 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3816 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e919c8a24ea55257a06b34fa70372c84cf86983599ac27fb840602ff85ba15c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
SqhuXs8LEnja8wrBGLPQRoRhbZvIg-ttMWsNtflDo9s.js
pagead2.googlesyndication.com/bg/ Frame B0F9 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SqhuXs8LEnja8wrBGLPQRoRhbZvIg-ttMWsNtflDo9s.js
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
sffe /
Resource Hash
4aa86e5ecf0b1278daf30ac118b3d04684616d9bc883eb6d316b0db5f943a3db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/

Response headers

content-encoding
br
age
83935
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options
nosniff
expires
Tue, 02 Feb 2027 04:44:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Feb 2026 04:44:29 GMT
last-modified
Mon, 26 Jan 2026 17:48:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges
bytes
content-length
21151
x-xss-protection
0
server
sffe
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012601162341000/ Frame 5AF3 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012601162341000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
9fdcce895f1f0d2aa98c8340f4ef808a9cc7f738b4a05b06c79c2c71ef619e72
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
br
etag
"62f083700a32e09a"
age
119503
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Mon, 01 Feb 2027 18:51:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Feb 2026 18:51:41 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
56197
x-xss-protection
0
server
sffe
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012601162341000/v0/ Frame 5AF3 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012601162341000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
237148df834b5df077d6098229bb55cbc4a85d80f1a9eea7c8affaf0033bb886
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
br
etag
"6a8030aa67e95998"
age
119503
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Mon, 01 Feb 2027 18:51:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 01 Feb 2026 18:51:41 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
5230
x-xss-protection
0
server
sffe
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012601162341000/v0/ Frame 5AF3 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012601162341000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
550a8d9823f9478dec5dedee978be491e74aeed19274cf75aa2dda682a9429af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
br
etag
"b0e203f1636923ae"
age
274105
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Sat, 30 Jan 2027 23:54:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 30 Jan 2026 23:54:59 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
29103
x-xss-protection
0
server
sffe
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012601162341000/v0/ Frame 5AF3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012601162341000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
141cf908f738cc4c8be42250587f1e0facc9b4ead3eb358c1cc6bb52cf25b494
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
br
etag
"a0bb99c69aef74c1"
age
3519
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Wed, 03 Feb 2027 03:04:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Feb 2026 03:04:45 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
1908
x-xss-protection
0
server
sffe
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012601162341000/v0/ Frame 5AF3 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012601162341000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e3f96e2bc879688d165d23b0780dd7182e11f695b7cd175bf5805d1e35cb9253
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
br
etag
"ddae6e55d558a40d"
age
71148
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options
nosniff
expires
Tue, 02 Feb 2027 08:17:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 02 Feb 2026 08:17:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
content-length
12943
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/ Frame 5AF3 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
97dd735032b2a6159004696a70b48a88be35840f15c379cdb5500400bc77a1f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 03 Feb 2026 04:03:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 03 Feb 2026 03:03:51 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ Frame 5AF3 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
97dd735032b2a6159004696a70b48a88be35840f15c379cdb5500400bc77a1f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 03 Feb 2026 04:03:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 03 Feb 2026 03:38:54 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
truncated
/ Frame 5AF3 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4b55318d32023d44d0a865491ac6a1cdff67be7725456a12616564c088b7c1b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 5AF3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
14819457070020093239
age
49538
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 03 Feb 2026 14:17:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2502
x-xss-protection
0
date
Mon, 02 Feb 2026 14:17:46 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
adchoices_blue_wb.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 5AF3 		209 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/adchoices/adchoices_blue_wb.png
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
135fe1822959b8811afafc20effec079f339c96788df6e47e933a7d0c267921b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
public, max-age=86400
timing-allow-origin
*
etag
2799713854418114702
age
52833
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 03 Feb 2026 13:22:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
209
x-xss-protection
0
date
Mon, 02 Feb 2026 13:22:51 GMT
content-type
image/png
vary
Accept-Encoding
server
cafe
14763004658117789537
tpc.googlesyndication.com/simgad/8283651072210494562/ Frame 5AF3 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8283651072210494562/14763004658117789537?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIqgIQnAEYASABLQAAAD8wqgI4nAFFAACAPw&rs=AOga4qknbGNXNJ8ZhnbWkH-UuxwdNKQajA
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:c21::84 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
221461a540614a6cf1e927b43f5107953c9df881e290cd5d41b3cd2f3a4a0854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Wed, 03 Feb 2027 04:03:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
image/jpeg
last-modified
Mon, 27 Jun 2022 22:47:23 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
19047
x-xss-protection
0
server
sffe
14763004658117789537
tpc.googlesyndication.com/simgad/11037363029803240119/ Frame 5AF3 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11037363029803240119/14763004658117789537?sqp=4sqPyQR5QncIABIUDc3MzD4VAAAAQB0AAAAAJQAAAAAYACIKDQAAgD8VAACAPypPCFoQAR0AALRCIAEoATAGOANAgMLXL0gAUABYAGBacAJ4AIABAIgBAJABAJ0BAACAP6ABAKgBALABgK3iBLgB____________AcUBLbKdPg&rs=AOga4qmJzfkQ1HGlbutnFmhTv6rr4RuQxA
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:c21::84 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d9ed2786eaf095e44e201efbce242b7624881280cd04622b411b2f8163db7bb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Wed, 03 Feb 2027 04:03:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
image/png
last-modified
Fri, 24 Jun 2022 10:31:21 GMT
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
1460
x-xss-protection
0
server
sffe
adview
pagead2.googlesyndication.com/pagead/ Frame 5AF3 		0
0
generate_204
ep2.adtrafficquality.google/ Frame B0F9 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep2.adtrafficquality.google/generate_204?aYq1Wg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:c21::84 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 03 Feb 2026 04:03:24 GMT
cross-origin-resource-policy
cross-origin
view
pagead2.googlesyndication.com/pcs/ Frame 7BB0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsupvbalDa5ogJfTL-FNQgpLS28HKA-XtkXRVbxHjVxavB7ZUckAg4tdVVJz9d1BO1Gg71hxdBVqVqhaRTWPUaL7Vqb0rlHg4iP1o4-4b1f391CBXcFyRwo66GhqyEppK9L98xsW78sWlopplrgc5DuWHI4qEJOfpgasmJDUAsJJE4AWcB-hXjvXjsLNQMLWnnJBkCXGw2Lu9iJfKl2uBlRWdYcQb-WkgFMXTgJyWaE_ZdhXtubRpLjd7_IHWlKKt-1e2oF0zQWqUkXxLKIzmyB2uaZi3niRHg3iPqutgFrC7BxIVPzU4B_OdJHnIXPoune9C4afpVY0dAEmatDrlopsVYJ2trTyMekeiYoqjxG9kR-GtrNq0lfXcR7AqhVkfdXFAXzSlHDNNl9VKP61jUasKyoI03-fhx_4IuK3bge4TnvTOqOD4oUD5n2WypAomHRarNw&sig=Cg0ArKJSzNA5-1MJMSbwEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.ibtimes.co.uk
URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 03 Feb 2026 04:03:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
creative.js
ads.rubiconproject.com/prebid/ Frame 7BB0 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-63-179.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) PHP/8.3.19 OpenSSL/3.0.15 /
Resource Hash
fba9fe0f8bc7798542fbf60c608aef87485c06db68cc3ac9a0b3def45aefc110

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
gzip
access-control-allow-credentials
true
expires
Tue, 03 Feb 2026 04:03:24 GMT
access-control-allow-origin
*
content-length
9687
date
Tue, 03 Feb 2026 04:03:24 GMT
last-modified
Wed, 13 Aug 2025 20:22:43 GMT
content-type
text/javascript;charset=UTF-8
server
Apache/2.4.62 (Debian) PHP/8.3.19 OpenSSL/3.0.15
vary
Accept-Encoding
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7BB0 		229 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202601280101/pubads_impl.js?cb=31096530
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
6b61aaf7fb8b0749c9fec1637c6422f432eb6a4c307c3fbf5f4b4fcb7e636239
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

content-encoding
br
etag
9279113283505045237
age
702
x-content-type-options
nosniff
expires
Tue, 03 Feb 2026 04:51:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Tue, 03 Feb 2026 03:51:42 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
72076
x-xss-protection
0
server
cafe
KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
fonts.gstatic.com/s/roboto/v50/ Frame 5AF3 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v50/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.140.163 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
lcfraa-bt-in-f3.1e100.net
Software
sffe /
Resource Hash
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Origin
https://www.ibtimes.co.uk
Referer
https://fonts.googleapis.com/

Response headers

age
500525
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 28 Jan 2027 09:01:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 Jan 2026 09:01:19 GMT
last-modified
Tue, 18 Nov 2025 19:00:07 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
40128
x-xss-protection
0
server
sffe
view
pagead2.googlesyndication.com/btr/ Frame 5AF3 		0
0
b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9
a.teads.tv/a2/hb/ad/ Frame 7BB0 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/a2/hb/ad/b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software
/
Resource Hash
544d0a3465bed5f93e9bd7b0f9ddb88a198d9296e0d9df2bc0db7273f5130729
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

x-check-cacheable
NO
expires
0
x-cache
MISS
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
application/javascript; charset=UTF-8
x-served-by
cache-vie6357-VIE
x-cache-hits
0
vary
Accept-Encoding
x-u
/hb/ad/b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9?
strict-transport-security
max-age=300
x-b
OT7pu8Xazv8kOHAME9TG23--F_euw1_load_testing_teads_tv
cache-control
max-age=0, no-cache, no-store
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
pragma
no-cache
x-timer
S1770091405.595742,VS0,VE67
access-control-allow-credentials
true
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
16633
traffic-path
DUBDC2
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BB0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=fle-fetch-start2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 03 Feb 2026 04:03:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BB0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 03 Feb 2026 04:03:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 7BB0 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07ddb7021152b8e387111f2d7a7ae31fb5cccd5ad5ffb863bdd598dad2bb3f1f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7BB0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 03 Feb 2026 04:03:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
teads-format.min.js
static.teads.tv/static/master/media/format/v3/ Frame 7BB0 		459 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.teads.tv/static/master/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/a2/hb/ad/b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
639612e7692da7536b9fe948bf9530c2262f2f8bf80001f1479935d2d2d8f78b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

x-amz-id-2
4BHYpUwG7684NaETL8bMm9VzisIRyDGS4Muomrmyt4RuQobZm12pIRiqNe9jjxIr7qovHev67NL6tI/pBoIhSBz3byuX7F4K
cache-control
private, must-revalidate, max-age=177
content-encoding
br
etag
"a4f31f49b378214df935e3a047aaf0b3"
x-amz-request-id
A2V3CXKKA11RW7MP
accept-ranges
bytes
content-length
109803
date
Tue, 03 Feb 2026 04:03:24 GMT
last-modified
Fri, 30 Jan 2026 12:59:07 GMT
content-type
text/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
track
t2.teads.tv/ Frame 7BB0 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t2.teads.tv/track?action=hbSlotAvailable&pid=249562&pageId=232819&vid=00000000-0000-0000-0000-000000000001&pfid=42&env=js-web&ut=0&auctid=b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9&sid=506866&scid=6875&hb_provider=prebid&hb_ad_unit_code=dfp-ad-top&pscid=21832&psid=585625&cost=x9njW_qsWWhCchgkp2TmuMFG&cost_curr=GBP&analyticsOnly=false&brid=103918&mrs=prg-827&ad_source_id=165&dsp_campaign_id=64339820&dsp_creative_id=202388253&fms=9&p=l1s_v399xu4xugnyo1ZBUJqL9qu_M7sMom3tewIqmMVGJNRQnVyjC2zyk22XrIV3RQE&cts=1770091403003&cs=-913068398651757524205&1770091403003&slot=native&hb_w=728&hb_h=90&fv=1523&ts=1770091404901&referer=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
image/gif
iframe
sync.teads.tv/ Frame 6DA4 		153 B
431 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.teads.tv/iframe?pid=249562&gdprIab=%7B%22status%22%3A24%2C%22consent%22%3A%22%22%2C%22reason%22%3A240%7D&fromFormat=true&env=js-web&hb_provider=prebid&auctid=b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9&vid=00000000-0000-0000-0000-000000000001&1770091404903=
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY - Fastly, Inc., US),
Reverse DNS
Software
pekko-http/1.1.0 /
Resource Hash
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

Referer
https://www.ibtimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=0, no-cache, no-store
content-length
153
content-type
text/html; charset=UTF-8
date
Tue, 03 Feb 2026 04:03:25 GMT
server
pekko-http/1.1.0
traffic-path
DUBDC2, VIE, Europe
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-check-cacheable
NO
x-served-by
cache-vie6331-VIE
x-timer
S1770091405.978234,VS0,VE33
x-user-geo
EU-WEST-1
track
t.teads.tv/ Frame 7BB0 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.teads.tv/track?action=adReceived&env=js-web&auctid=b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9&pageId=232819&pid=249562&hb_provider=prebid&vid=00000000-0000-0000-0000-000000000001&su_int=prebid&slot=native&pfid=42&fv=1523&ts=1770091404904&f=1&referer=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
image/gif
teads-vpaid-display.js
static.teads.tv/static/1523/media/vpaid-display/ Frame 4969 		54 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.teads.tv/static/1523/media/vpaid-display/teads-vpaid-display.js
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b7ee1c53adb31e9f10551e9cfd2dc6b33f8a1cd05516f68c41f43cd4e841ae67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2
8NHE5thVc7gUGagnowpIDA152fVEioJefTeh6AJ2OJ76ywIWwKvgQyLgekm0n0jWI4JyB9NXFkI=
cache-control
private, must-revalidate, max-age=122
content-encoding
br
etag
"3361ffcbc7a8d7995cbcc13bbcc51314"
x-amz-request-id
A2V8AWRF8G19HA26
accept-ranges
bytes
content-length
17702
date
Tue, 03 Feb 2026 04:03:24 GMT
last-modified
Fri, 30 Jan 2026 12:59:32 GMT
content-type
text/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
truncated
/ Frame 2377 		388 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5095a3412e3e5138964280ccd43c217cd2341b61ebc8a5288a808b8e2639ea2f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
view
pagead2.googlesyndication.com/pcs/ Frame 7BB0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss6UjNr2zg-iwYwSIh5nsscCQRCFY_0NSRCFh6RdOlxiCMPirQ683akD9biHcGZCKIyccjzW9Ybu6J-YiaFxLyhtfDO5m2WkCb6zV-tlc4yERBPI_653OxvvRtfGhnpj5GceJFYNb76PpBsnXqlYYAsONdXKYQn668rjrmU1c3m1VRJpHY-v4dFnAFRIFC-YkhzThVoBAY1b3dPhyhnEJMZNCBaEdJRuEzdCOTMof53Ad3AgNaLDcYJ5-STMPP_nYUW6qpGwU7j2Cnk5JdfHA8Si-n6_DL9rNk_7gfzRP_6tJ0II2d0fwTKPDfX-OIJ9YpgNkF5jq_lv9Yrgjd0Ufly-ZpsohCtDv9H9sfKdPW1943emVM0tERz7wPdUIIgdPs56R2u71tBLZYPJJOh9nZusEcSjJAfSW8j-eKFwZmDLjccNGTx7qE2DxloQs4vm01i86QYjg&sig=Cg0ArKJSzFTPmPQv7Qs8EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 03 Feb 2026 04:03:24 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
track
t.teads.tv/ Frame 7BB0 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t.teads.tv/track?action=adAvailable-success&env=js-web&auctid=b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9&pageId=232819&pid=249562&hb_provider=prebid&vid=00000000-0000-0000-0000-000000000001&su_int=prebid&slot=native&pfid=42&sid=506866&fv=1523&ts=1770091404952&f=1&referer=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Tue, 03 Feb 2026 04:03:24 GMT
content-type
image/gif
iframe.html
static.teads.tv/media/vpaid-display/ Frame ADF1 		1 KB
856 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.teads.tv/media/vpaid-display/iframe.html
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/1523/media/vpaid-display/teads-vpaid-display.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
daeaceae7fd7857280ab71af9b6926d9a2d24d0b6b78ef5d713749e741a99224

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
private, must-revalidate, max-age=1800, no-transform
content-encoding
gzip
content-length
518
content-type
text/html
date
Tue, 03 Feb 2026 04:03:25 GMT
etag
"c77e615a11d506c4330aa23cfae59629"
expires
Tue, 03 Feb 2026 04:33:25 GMT
last-modified
Tue, 27 Jan 2026 16:06:59 GMT
vary
Accept-Encoding
x-amz-id-2
vFQckIPUhwNlQQNNsUrXTOdMteK495NytEVFhisXuXNjkmF9KT1ZfzZVAk/MYbAoVbVG8bfltes=
x-amz-request-id
GGEW0FG35Z324F2X
x-amz-server-side-encryption
AES256
track
t2.teads.tv/ Frame 7BB0 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t2.teads.tv/track?action=impression&pid=249562&vid=00000000-0000-0000-0000-000000000001&pfid=42&mediaFileType=js&env=js-web&ut=0&auctid=b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9&sid=506866&scid=6875&piv=0&ad_source_id=165&dsp_campaign_id=64339820&dsp_creative_id=202388253&pscid=21832&psid=585625&hb_provider=prebid&hb_ad_unit_code=dfp-ad-top&revenue=RW5wQ7hn8raH6fbcf8etPKbZ&revenue_curr=USD&analyticsOnly=false&fms=9&p=wnK4Qs97-fqOp_K2YplEXR2Ak0ocj3IXAWNpoCBTsHd9hgDuv0XddD5sOn0DvJT_j94CVWmhsmssghsw4UJMkkkB&cts=1770091403003&cs=903775665075594696105&1770091403003&slot=native&fv=1523&plft=apa,apnf&hb_w=728&hb_h=90&referer=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Tue, 03 Feb 2026 04:03:25 GMT
content-type
image/gif
track
t2.teads.tv/ Frame 7BB0 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t2.teads.tv/track?action=adCall&pid=249562&pageId=232819&auctid=b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9&vid=00000000-0000-0000-0000-000000000001&hb_provider=prebid&hb_ad_unit_code=dfp-ad-top&env=js-web&gdpr_apply=true&ca=false&bsias=safe&pfid=42&sid=506866&brid=103918&mrs=prg-827&rpm_reason=3&ut=0&p=XlqqdThRnZJZKFE1wH12I8mHsoeVEbX6sWCEwCmIG1MNBYF--IG12LKX5_1QDxYRtZV7O9Gv_-tDB4B0ZOBNAbBw&cts=1770091403004&cs=-471207458104361649305&fv=1523&ts=1770091404970&referer=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Tue, 03 Feb 2026 04:03:25 GMT
content-type
image/gif
event
prebid-a.rubiconproject.com/ 		0
126 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.29.220 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-29-220.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://www.ibtimes.co.uk/

Response headers

date
Tue, 03 Feb 2026 04:03:25 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin
*
sodar
ep1.adtrafficquality.google/pagead/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=237&t=2&li=gpt_m202601280101&jk=6713095088847047&bg=!WlmlWRbNAAa-3yOHnt87ADQBe5WfOOXlj0ZC2gql4umf5UYY-PlkTojz320Y1R0H-7LLpS_OaQqa_EYPXyqyH7TTUQdOAgAAAD1SAAAAAmgBB34ANyxcfTD7knRxE35WjvR-hYJSmsLvE8yQraCUuJhS8EqMlzxiD63FTKhLlw3pxXTkFDNwsP1S8QsKAM8KMvauL1lM3knkpUtT7iYhWwh_TG_8ryKauCjk-T-pPZYr8RFWxPfOtv6bMiEb89VcO1ph3hNAstmgvMFr-qt_8xmMUZIGr1KTPdMYuSasnrA5kVRssiVsSKQc7t-oTti2TR6lNyMR_D78Kv0qp_zPvWZ9GanYfOjjMNavZHxsJpd9Yk0ceazlgCea2WyexTcVI1ywpdPPr1KdO-o24A5aLZTT-0Sm8IrBB-d8xRZAZFq1utKOEFRXennRISN7Q1vKh7dUpHim-u8kB2fzoReZAlvjlLdn6byDFrqJHi1IWexR39BwUexbXF5mVl-haWsYT-a9KSDcDyuKyZpcvs_ticYcMcWnJQu6oZHqCvoKgSCA2evLjDjFplpnV8Ye4iDCKNGYAKR1iFL0AlnXgXWm2lszZ7YKHJMsaeqMChwpNggEacqx5KH83eZT8shTTcuWiupESw_dXHHcgkWCzpvN6FIrXZJRZ72E56HVruR6bKme67OfmdKofk7SS21vSeF4hTrbcPMdRUw_YIX6j32b27q95pJGQ3Q_DhtHUexjzfWl9tsrqOnNpMbDwKCpuTJr1lwkXP3g1QMHyl3TTuzTFxK5T0JNAadY1SPblhZbL_BSYvPMilo9yv-Vwk987l2zsLfVGZ77JrWGBtWGHGr1vdNy-8BgPtvIGVwVwghJ1jRYtUVN_vDHvxISCqveNAUK98-FZM5HqFVXt4o4j1Phj4r7LSgO0fYTZP0GaaLivZ-_ARCBUhswfQ9ha_INlHbou1tjREou08OPoX1Hjzmrnadb3XWHClDn7RcYId-t45fpUcPaCLT20JKiRnkhhDt0aY5vVAePELo30YLoDU0t0pOFFztRHNzwRfUa6d_qUjNNRjqb-8wq1Op5OJMlM9N2V4xmH1_hiTIToiAOKfyrTIMnk-FN7AH7C31vkcckWX2l7NLTOG42kp5RtY7hQ83XGY15tm8yYh0y2V6--DICjMzPtCjymPZh_QSdF4YhVLX7eD9ChkpFhXgaIZB-g0E6LODsWNfuRCx-R0ABS9OCSonserLGEYR6cS3g7sO0NN0lXYYJJAi2hyKAmnw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.140.162 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
lcfraa-bt-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

timing-allow-origin
*
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Tue, 03 Feb 2026 04:03:25 GMT
x-xss-protection
0
content-type
image/
server
cafe
nativeRenderer.js
static.teads.tv/static/master/media/flavors/ Frame 1697 		103 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.teads.tv/static/master/media/flavors/nativeRenderer.js
Requested by
Host:
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cd36dcb0f01b43339f3a12c924b0a2c516302819e114d2c9acf8ce3e89f795d4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://static.teads.tv/media/vpaid-display/iframe.html

Response headers

x-amz-id-2
5js+jmtrclmPiGfYbv+Rlc2h7EaEzUPMO1he2Q5xhY5astT6BgqaW76Ra7/hkIVwvvIAkksCcaibrOayoFj1dgtzSdyv3xMZ
cache-control
private, must-revalidate, max-age=248
content-encoding
gzip
etag
"2b51949ee8021e92c3781cc7576d2a95"
x-amz-request-id
CM0WWR8SHZSHAASF
accept-ranges
bytes
content-length
19359
date
Tue, 03 Feb 2026 04:03:25 GMT
last-modified
Fri, 30 Jan 2026 12:59:02 GMT
content-type
text/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 1697 		990 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host:
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://static.teads.tv/

Response headers

content-encoding
gzip
asset-revision
74dfe52e5c30
etag
W/"235-eYk6CsQS1qkZRtt996JWbUUUvQ0"
access-control-allow-methods
GET,POST
date
Tue, 03 Feb 2026 04:03:25 GMT
content-type
image/svg+xml
last-modified
Sun, 01 Feb 2026 06:38:46 GMT
vary
Accept-Encoding
x-traceid
b796f1c5feb2c5bd3d6a394565bdb758
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=14400
timing-allow-origin
*, *
access-control-request-headers
X-OB-STG,X-OB-PRD
access-control-allow-credentials
false
access-control-allow-origin
*
content-length
565
/
b1-dubdc1.outbrain.com/bidder/win/teads/486b3686-00b5-11f1-96b9-d7627960986f/0.163608/GYCFULWXY5SI6LR4RRBS4EWJNTCNKLCLHHPZIHK3CQRTYT45F4GPDPMDXSPAUAKW6OUANLXVP6ZQWVWE7A7Z4MUQ3PK3ZFCMN4GTU55SA3IP2FR... Frame 1697 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-dubdc1.outbrain.com/bidder/win/teads/486b3686-00b5-11f1-96b9-d7627960986f/0.163608/GYCFULWXY5SI6LR4RRBS4EWJNTCNKLCLHHPZIHK3CQRTYT45F4GPDPMDXSPAUAKW6OUANLXVP6ZQWVWE7A7Z4MUQ3PK3ZFCMN4GTU55SA3IP2FRBMQB4WWC4L3E5WSY3GIKXK7ZZ4NJFWSQLEQIFRIKJ4SEWXSO6455TQJKLW32I32ZZR45FS63YQWYZ672HMHTOUMKW7RFBE2MRHK24N2ERGY52RFBIP33X45J3A7VNT3EVNFLD3HA4XNUGIEARYOEUMUY3BK7KZVEMV5OM74KPBP3XV6WNPVIXEV65TF7XGE6SOSETLHWGP2RW2Q5TSGHNMEUHR3UUA2IDHNG6JRVURUKWVQKKB7QV6WCAJKJ5WHSNPGIRGGQ2TAI7CLJMPS3BUYG3ZQXA67S5N4Y4QTC7Z3DKUDPYTHKNCMSEHCBRZ46U7MZWAQMSTO7YNQXEUJWJGPFTQUWR62XE42KCWIRIGZ4DMYBUQAITRGB7JEG2CVMSY3NVI2SBHAJB7WNFYVCBL5X6MOLE53QEQ5N2LKY2YYLZW23WZGSCZ63PFO2BQKDJ7NR5OYPTVN4WPB5ILRPRSKHKD2H4EKSFJPKYD3GIT4NXVQKMYYR72RJEI7CK4XXBZZVQA5JNAVQKI2Z2CTPO7DJTPKPVHKYZJE7H2Z2PRDUNNAAFLT6M4O5LP6ZHLI6B6KSGK2OAKMRHY3RNDXOT3OLTPFTX5ZSNQ2IVSVYQSHGM7ZYVJEA2D4A3VVGHTRRMKELTMI67NTVZZGX7FG3OTBB25QDVQ2375E4TGSXOCGENKEDTXKUPNZ4QBJI6CJF2BY336KDWZSBYJ7L4J52KBS7FSDEAQ7FSCD5EYHW3QCVJH3NG2FBROGERJTQYTWR5NHWP4ONXRSV3HTYCTEHJPICLIPDXC67TMIS43S7ZGRGNQ4CQJVCS463TYGEBORJSZUD5AMBVCXOLWG3JLS23OGQ6KME3DTQSYPCOPR46VQK265DDE64INBAJZ3O27SAWAUYJZI4YWMYH5GGS/?amtw=${AUCTION_MIN_TO_WIN}
Requested by
Host:
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.202.117.248 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-202-117-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://static.teads.tv/

Response headers

date
Tue, 03 Feb 2026 04:03:25 GMT
strict-transport-security
max-age=31536000
content-length
0
/
b1t-dubdc1.outbrain.com/t/imp/impression/4WDV4TXUU4M5QX255ZCFMW6VMNQGBDUW6POWU7YODQMODAOMUMIS6TYBUQ7TQ4S7Z44IDRBWAFHTAZWFE3ZOV4EGAF7RKLT2H6OOBSM7RUNCR2SBVKQRUWH65EZWSCVEVJA64LUBGVZUOQTEZOL2UFM26QKB... Frame 1697 		26 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-dubdc1.outbrain.com/t/imp/impression/4WDV4TXUU4M5QX255ZCFMW6VMNQGBDUW6POWU7YODQMODAOMUMIS6TYBUQ7TQ4S7Z44IDRBWAFHTAZWFE3ZOV4EGAF7RKLT2H6OOBSM7RUNCR2SBVKQRUWH65EZWSCVEVJA64LUBGVZUOQTEZOL2UFM26QKBVPVQXOB4JB6ZQD63MQV5F2AZWQYIZFW35BLUPZYKLHY4IOFBYAGVRL42Y6Y5FN5QSCXCUNBUTYKQ3CRE3EALQQNU47ITTS47OGKOSLZHAV4AYYUBG26GDNXJP72NGY7BYADZTECE2WWEDGAK7TTQW6O2TCD7YR3A2FF4YLLEGAEHZXIDXG5S2XJNVCBXK4LBGEHHY7LBBUPGSJTURSAKVMGA/?
Requested by
Host:
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.202.117.248 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-202-117-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://static.teads.tv/

Response headers

strict-transport-security
max-age=31536000
content-length
26
date
Tue, 03 Feb 2026 04:03:25 GMT
content-type
image/gif
5e42c99914524f2eccdfa6ee50893bf592.jpg
dsp.outbrainimg.com/p/srv/sha/69/57/2d/ Frame 1697 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.outbrainimg.com/p/srv/sha/69/57/2d/5e42c99914524f2eccdfa6ee50893bf592.jpg?fit=crop&crop=faces,center&thomcrop&w=203.84000000000003&h=90&fm=jpg
Requested by
Host:
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a2-16-241-200.deploy.static.akamaitechnologies.com
Software
imgix /
Resource Hash
8cb6215eda8f075618912cb48adc9d63f5d3ecb6508be5863db7d208fa01afaf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://static.teads.tv/

Response headers

X-Served-By
cache-fra-eddf8230109-FRA
Cache-Control
public, max-age=12358
Timing-Allow-Origin
*
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Alt-Svc
h3=":443"; ma=93600
Content-Length
11149
Date
Tue, 03 Feb 2026 04:03:25 GMT
Last-Modified
Fri, 30 Jan 2026 07:35:01 GMT
Content-Type
image/jpeg
Server
imgix
x-imgix-id
6b2ff74a9a1967d1978131e247538cff5de457bd
activeview
pagead2.googlesyndication.com/pcs/ Frame 5AF3 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoyb_7lRbwsOFYpY15-NuncA9ZDJcP7hMRnNa_jATpgMzQ1KOQ9GlmVqfiWEI7PYQdKhPcQmSK0uiX_MM5CnCxcDuxcPLfC6gC58pI40Skc7uTEQL2VRtWb1vWe0_wtRh9IhM4QPrnHcRlAXELXJjFxasNsOWhTSaP6sI8qTPn8v69CdBrrleS535ImmUVi4LBzmuE_cwhRVwjofkDQQ&sig=Cg0ArKJSzOjVK_zGHABcEAE&id=ampim&o=1029,426&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=171&tls=1171&g=100&h=100&tt=1171&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 03 Feb 2026 04:03:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 7BB0 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuG9wUzhJ5kGTq0gEPF-5kEZSiwHYyJ43ops30Ht5e11ZPDASK-AuTQdJvMFgDZbG9gMqwKRbYIjZPum00LKCKPwwu_Pn6VQbb5fVpnEKFWq4Pi5Wp7Fv-OpoPJzcMbTUpUy2hpDoKGxzpgkEdXuMk_E9U-2wDniong6eL4tehwFfJmcEmGyNLGEA&sig=Cg0ArKJSzGfv0MTcRmZoEAE&id=lidar2&mcvt=1000&p=204,436,294,1164&tm=1335.8999999761581&tu=335.69999998807907&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20260202&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3939093184&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=6602420400&rst=1770091404451&rpt=490&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 03 Feb 2026 04:03:25 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
b1t-dubdc1.outbrain.com/t/imp/view/4WDV4TXUU4M5QX255ZCFMW6VMNQGBDUW6POWU7YODQMODAOMUMIS6TYBUQ7TQ4S7Z44IDRBWAFHTAZWFE3ZOV4EGAF7RKLT2H6OOBSM7RUNCR2SBVKQRUWH65EZWSCVEVJA64LUBGVZUOQTEZOL2UFM26QKBVPVQXO... Frame 1697 		26 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1t-dubdc1.outbrain.com/t/imp/view/4WDV4TXUU4M5QX255ZCFMW6VMNQGBDUW6POWU7YODQMODAOMUMIS6TYBUQ7TQ4S7Z44IDRBWAFHTAZWFE3ZOV4EGAF7RKLT2H6OOBSM7RUNCR2SBVKQRUWH65EZWSCVEVJA64LUBGVZUOQTEZOL2UFM26QKBVPVQXOB4JB6ZQD63MQV5F2AZWQYIZFW35BLUPZYKLHY4IOFBYAGVRL42Y6Y5FN5QSCXCUNBUTYKQ3CRE3EALQQNU47ITTS47OGKOSLZHAV4AYYUBG26GDNXJP72NGY7BYADZTECE2WWEDGAK7TTQW6O2TCD7YR3A2FF4YLLEGAEHZXIDXG5S2XJNVCBXK4LBGEHHY7LBBUPGSJTURSAKVMGA/?
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/master/media/flavors/nativeRenderer.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.202.117.248 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-202-117-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://static.teads.tv/

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
https://static.teads.tv
content-length
26
date
Tue, 03 Feb 2026 04:03:26 GMT
content-type
image/gif
access-control-allow-credentials
true
/
b1t-dubdc1.outbrain.com/t/imp/view/4WDV4TXUU4M5QX255ZCFMW6VMNQGBDUW6POWU7YODQMODAOMUMIS6TYBUQ7TQ4S7Z44IDRBWAFHTAZWFE3ZOV4EGAF7RKLT2H6OOBSM7RUNCR2SBVKQRUWH65EZWSCVEVJA64LUBGVZUOQTEZOL2UFM26QKBVPVQXO... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://b1t-dubdc1.outbrain.com/t/imp/view/4WDV4TXUU4M5QX255ZCFMW6VMNQGBDUW6POWU7YODQMODAOMUMIS6TYBUQ7TQ4S7Z44IDRBWAFHTAZWFE3ZOV4EGAF7RKLT2H6OOBSM7RUNCR2SBVKQRUWH65EZWSCVEVJA64LUBGVZUOQTEZOL2UFM26QKBVPVQXOB4JB6ZQD63MQV5F2AZWQYIZFW35BLUPZYKLHY4IOFBYAGVRL42Y6Y5FN5QSCXCUNBUTYKQ3CRE3EALQQNU47ITTS47OGKOSLZHAV4AYYUBG26GDNXJP72NGY7BYADZTECE2WWEDGAK7TTQW6O2TCD7YR3A2FF4YLLEGAEHZXIDXG5S2XJNVCBXK4LBGEHHY7LBBUPGSJTURSAKVMGA/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.202.117.248 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-202-117-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://static.teads.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
HEAD, GET, OPTIONS
access-control-allow-origin
https://static.teads.tv
access-control-max-age
600
date
Tue, 03 Feb 2026 04:03:26 GMT
strict-transport-security
max-age=31536000
track
t2.teads.tv/ Frame 7BB0 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t2.teads.tv/track?action=visible-1&pid=249562&vid=00000000-0000-0000-0000-000000000001&pfid=42&piv=0&env=js-web&ut=0&auctid=b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9&sid=506866&scid=6875&pscid=21832&psid=585625&hb_provider=prebid&hb_ad_unit_code=dfp-ad-top&p=j1tOJeC7DXAqN_RibT9kqXe5yQfqyDfDRib6kcTlHfLJbGa6FsJiB18enNOlObvIMfA&cts=1770091403003&cs=441303114977894430805&1770091403003&slot=native&fv=1523&plft=apa,apnf&referer=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Tue, 03 Feb 2026 04:03:26 GMT
content-type
image/gif
/
sync.cootlogix.com/api/sync/iframe/ Frame 46E1 		109 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.cootlogix.com/api/sync/iframe/?cid=&gdpr=0&gdpr_consent=&us_privacy=&coppa=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.209.77.117 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
/
Resource Hash
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84

Request headers

Referer
https://www.ibtimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-methods
GET, HEAD, OPTIONS, POST
access-control-allow-origin
*
content-length
109
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
p3p
CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
usync.html
eus.rubiconproject.com/ Frame A9EC 		269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://www.ibtimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
etag
"10d-63d602600b800-gzip"
last-modified
Wed, 27 Aug 2025 22:17:04 GMT
server
Apache/2.4.65 (Debian)
vary
Accept-Encoding
user-sync.html
ms-cookie-sync.presage.io/ Frame E582 		78 B
261 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ms-cookie-sync.presage.io/user-sync.html?gdpr_consent=&source=prebid&gpp=&gpp_sid=
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.80.128.60 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-99-80-128-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5b36081aa7ff53b6bc9320413586af1cd87602b6e01dc99b9f34f64f5976705f

Request headers

Referer
https://www.ibtimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
content-length
78
content-type
text/html; charset=utf-8
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
iframe
prebid.receptivity.io/v1/prebid/IBTP251027/sync/ Frame 5B88 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1744 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d84a57d140a6afe0025151ffae45abc3239d41b31cb1545e5b783bb0589d724e

Request headers

Referer
https://www.ibtimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization
access-control-allow-methods
GET, POST, OPTIONS, HEAD
cf-ray
9c7f09dec98270cb-ZRH
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 03 Feb 2026 04:03:27 GMT
server
cloudflare
vary
Accept-Encoding
x-contxtful-variant
standard
sync
rt.marphezis.com/ Frame 8D73 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://rt.marphezis.com/sync?dpid=0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.203.175 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.ibtimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Authorization, X-Requested-With
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS
access-control-allow-origin
access-control-expose-headers
Content-Length
access-control-max-age
86400
date
Tue, 03 Feb 2026 04:03:27 GMT
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 5C38 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=pbjs%2F9.47.0
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17ac Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
48e91d4f502af9b9a9c6135df61355513e8b199f112feb771f3a72420b0d26a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.ibtimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Access-Control-Allow-Origin
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
Akamai-GRN
0.ac163017.1770091407.2689bf9b
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
6364
Content-MD5
tHzFZVedyfEA5m/38I1NDw==
Content-Type
text/html; charset=utf-8
Date
Tue, 03 Feb 2026 04:03:27 GMT
ETag
a49979a5-3580-4664-9b42-756a7d144234
Expires
Tue, 03 Feb 2026 05:03:27 GMT
Last-Modified
Thu, 16 Oct 2025 17:34:53 GMT
Vary
Accept-Encoding
opc-request-id
iad-1:e2-Q_SGgI-kAgHQ8cYvUXF0flisPZsn9PVtccUXO_eUrly1nvXWf6N0mA3qdHroy
storage-tier
Standard
strict-transport-security
max-age=31536000; includeSubDomains
version-id
c9f4af07-3929-43f7-89ea-29181b4d739f
x-api-id
native
x-content-type-options
nosniff
presync.html
scripts.opti-digital.com/js/ Frame 4295 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://scripts.opti-digital.com/js/presync.html?endpoint=optidigital
Requested by
Host: micro.rubiconproject.com
URL: https://micro.rubiconproject.com/prebid/dynamic/19988.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.2.52 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aac2e9185aa7915a4dda7c912cabb7b9476e466dee4710f4af43e4d21b996d09

Request headers

Referer
https://www.ibtimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=7200
cf-cache-status
HIT
cf-ray
9c7f09decae2be68-ZRH
content-encoding
br
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Tue, 03 Feb 2026 06:03:27 GMT
priority
u=0,i
server
cloudflare
server-timing
cfExtPri
vary
accept-encoding
x-cloud-trace-context
327b90f3d5bd9113baf4eb60d85e07a5
cookie_sync
pbs.optidigital.com/ Frame 4295 		2 KB
921 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.optidigital.com/cookie_sync
Requested by
Host: scripts.opti-digital.com
URL: https://scripts.opti-digital.com/js/presync.html?endpoint=optidigital
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.72.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
119.72.160.34.bc.googleusercontent.com
Software
/
Resource Hash
a51a9f168f96b542c4df180c13e2f6e528660126537ce7e90c0448a7870dd3fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://scripts.opti-digital.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
via
1.1 google
expires
0
access-control-allow-origin
https://scripts.opti-digital.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
673
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding,Origin
usync.js
eus.rubiconproject.com/ Frame A9EC 		45 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash
3896bdb752b2449b7ced47b8d2fda34b733889a45e166e50d6f5507b65da461d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html

Response headers

cache-control
max-age=56490
content-encoding
gzip
expires
Tue, 03 Feb 2026 19:44:57 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11500
date
Tue, 03 Feb 2026 04:03:27 GMT
last-modified
Mon, 02 Feb 2026 19:44:57 GMT
x-powered-by
PHP/8.3.24
server
Apache/2.4.65 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame A9EC 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 , Germany, ASN26667 (RUBICONPROJECT - Magnite, Inc., US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
60b165552398b5723379d087b804c2a0
content-length
7
content-type
application/json; charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3592 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: scripts.opti-digital.com
URL: https://scripts.opti-digital.com/js/presync.html?endpoint=optidigital
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://scripts.opti-digital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=102391
content-encoding
gzip
content-length
7259
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Wed, 04 Feb 2026 08:29:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
isync
visitor.omnitagjs.com/visitor/ Frame B199 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Requested by
Host: scripts.opti-digital.com
URL: https://scripts.opti-digital.com/js/presync.html?endpoint=optidigital
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.1.1.166 Paris, France, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.1.1.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
65724519bb87d93a73bb8c88a881ca07bf9e1d62bc53050144fb9a109b3537d0

Request headers

Referer
https://scripts.opti-digital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-length
2525
content-type
text/html; charset=UTF-8
date
Tue, 03 Feb 2026 04:03:27 GMT
p3p
CP="CAO PSA OUR"
server
fasthttp
vary
Accept-Encoding
via
1.1 kong/3.9.1
x-kong-proxy-latency
0
x-kong-request-id
846b4475b7098401aed8464b97d75614
x-kong-upstream-latency
8
/
onetag-sys.com/usync/ Frame 185B 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: scripts.opti-digital.com
URL: https://scripts.opti-digital.com/js/presync.html?endpoint=optidigital
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
d6b9ac8ccff69f2de32254b96a2bb180535f809c2d8059d40be5844a8cbad026
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://scripts.opti-digital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-cache, no-transform no-transform, no-cache
content-length
2504
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame C6D8 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: scripts.opti-digital.com
URL: https://scripts.opti-digital.com/js/presync.html?endpoint=optidigital
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://scripts.opti-digital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 03 Feb 2026 04:03:27 GMT
iframe
ssp-sync.criteo.com/user-sync/ Frame A725 		43 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/iframe?gdprapplies=&gdpr=&ccpa=&gpp=&gpp_sid=&redir=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dcriteo%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BCRITEO_USER_ID%7D&profile=230
Requested by
Host: scripts.opti-digital.com
URL: https://scripts.opti-digital.com/js/presync.html?endpoint=optidigital
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3a , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c78038539d61fb4a84b70308e1a825d638cfacc207299b6fe6fb5d8fb1e8497f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://scripts.opti-digital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 03 Feb 2026 04:03:26 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
getuid
ib.adnxs.com/ Frame 4295 		0
0
sync
ssbsync-global.smartadserver.com/api/ Frame 4295 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.202.238.101 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip101.ip-149-202-238.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://scripts.opti-digital.com/

Response headers

date
Tue, 03 Feb 2026 04:03:27 GMT
content-length
0
setuid
pbs.optidigital.com/ Frame 4295
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-optidigital&gdpr=&gdpr_consent=&us_privacy=
  • https://pbs.optidigital.com/setuid?bidder=rubicon&uid=ML62PZ4F-1Z-HQAY
86 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.optidigital.com/setuid?bidder=rubicon&uid=ML62PZ4F-1Z-HQAY
Protocol
H2
Server
34.160.72.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
119.72.160.34.bc.googleusercontent.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://scripts.opti-digital.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/png
vary
Accept-Encoding,Origin

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://pbs.optidigital.com/setuid?bidder=rubicon&uid=ML62PZ4F-1Z-HQAY
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
08d2322ff6a2719f13397777e30d0962
content-length
0
Content-Type
text/html
v1
match.sharethrough.com/FGMrCMMc/ Frame 5B88 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/FGMrCMMc/v1?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirectUri=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.153.64.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-153-64-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://prebid.receptivity.io/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
rmphb
sync.1rx.io/usersync2/ Frame 5B88 		0
0
sync
ssbsync-global.smartadserver.com/api/ Frame 5B88 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dequativ%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5Bssb_sync_pid%5D
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.202.238.101 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip101.ip-149-202-238.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://prebid.receptivity.io/

Response headers

date
Tue, 03 Feb 2026 04:03:27 GMT
content-length
0
setuid
pbs.receptivity.io/ Frame 5B88
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-contxtful_technologies&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://pbs.receptivity.io/setuid?bidder=rubicon&f=b&uid=ML62PZ3R-1C-16OR
0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.receptivity.io/setuid?bidder=rubicon&f=b&uid=ML62PZ3R-1C-16OR
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
H2
Server
2606:4700::6812:1744 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://prebid.receptivity.io/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
via
1.1 google
cf-ray
9c7f09e05b4d1453-ZRH
expires
0
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
text/html
vary
Accept-Encoding,Origin
server
cloudflare

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://pbs.receptivity.io/setuid?bidder=rubicon&f=b&uid=ML62PZ3R-1C-16OR
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
08d2322ff6a2719f13397777e30d0962
content-length
0
Content-Type
text/html
pbs-iframe
pbs-cs.yellowblue.io/ Frame E8FA 		0
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs-cs.yellowblue.io/pbs-iframe?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&redirect=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Drise%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BPBS_UID%5D
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.140.152 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
152.140.207.35.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://prebid.receptivity.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://prebid.receptivity.io/
access-control-expose-headers
X-Reason
content-length
0
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
server
istio-envoy
via
1.1 google
x-envoy-decorator-operation
rtb-cookie-sync.default.svc.cluster.local:80/*
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to compliance policy: gdpr is not applied
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8A7B 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://prebid.receptivity.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=102391
content-encoding
gzip
content-length
7259
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Wed, 04 Feb 2026 08:29:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame C419 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D33XUSERID33X&id=zzz000000000002zzz
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP008 /
Resource Hash

Request headers

Referer
https://prebid.receptivity.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Feb 2026 04:03:27 GMT
server
33XP008
x-33x-status
2020008
isyn
prebid.a-mo.net/ Frame 7B97 		154 B
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
163.5.194.37 , France, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
Software
envoy /
Resource Hash
f0ed00cf68a8e66deeae077e33592f9045340207eb2e7e952fd165dbfd4e56be

Request headers

Referer
https://prebid.receptivity.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 03 Feb 2026 04:03:26 GMT
server
envoy
vary
accept-encoding, Accept-Encoding
x-envoy-upstream-service-time
0
iFrameSyncer
sync.connectad.io/ Frame 319C 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/iFrameSyncer?gdpr=&consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
8361f8c482e75bdd4be879c9e719bfd830e3f7ab75173f65d1740211f053c2db

Request headers

Referer
https://prebid.receptivity.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/html; charset=utf-8
date
Tue, 03 Feb 2026 04:03:27 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
permissions-policy
browsing-topics=()
x-azure-ref
20260203T040327Z-r1664d85786ztgr9hC1ZRHq4an0000000qvg000000002vaz
x-cache
CONFIG_NOCACHE
cm
u.openx.net/w/1.0/ Frame 7C46
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3...
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbid...
716 B
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash
3c2c15e77654eba004ad38e79ca86b57b67028d638e47679b930f0d0258ce638

Request headers

Referer
https://prebid.receptivity.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
br
content-length
494
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept, Accept-Encoding
via
1.1 google
x-forwarded-for
176.10.106.10

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 03 Feb 2026 04:03:26 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept, Accept-Encoding
via
1.1 google
x-forwarded-for
176.10.106.10
/
ap.lijit.com/beacon/prebid-server/ Frame AE7D
Redirect Chain
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_si...
  • https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_si...
2 KB
962 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.202.143.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-202-143-113.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
72f9eb1e0e692eba7f350b78af802b1ca14d7a2f69207d2203f6df61bfec0bc1

Request headers

Referer
https://prebid.receptivity.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-encoding
gzip
content-length
752
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1

Redirect headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Fri, 20 Mar 2009 00:00:00 GMT
location
https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 1CE6 		18 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=&consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dimds%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BUSER_ID%5D
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:12::1730:17ac Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
48e91d4f502af9b9a9c6135df61355513e8b199f112feb771f3a72420b0d26a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://prebid.receptivity.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
Access-Control-Allow-Origin
Access-Control-Expose-Headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,cache-control,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
Akamai-GRN
0.95163017.1770091407.66da278
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
6364
Content-MD5
tHzFZVedyfEA5m/38I1NDw==
Content-Type
text/html; charset=utf-8
Date
Tue, 03 Feb 2026 04:03:27 GMT
ETag
a49979a5-3580-4664-9b42-756a7d144234
Expires
Tue, 03 Feb 2026 05:03:27 GMT
Last-Modified
Thu, 16 Oct 2025 17:34:53 GMT
Vary
Accept-Encoding
opc-request-id
iad-1:G3n91c2VA6Tkfyn4M8yHBvCNJrAm3LRskUNp6cYTDlbNyuVBHqXyb1L2gYQG9U9W
storage-tier
Standard
strict-transport-security
max-age=31536000; includeSubDomains
version-id
c9f4af07-3929-43f7-89ea-29181b4d739f
x-api-id
native
x-content-type-options
nosniff
/
s.ad.smaato.net/i/ Frame 54C9 		503 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.ad.smaato.net/i/?adExInit=p&redir=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&gdpr=&gdpr_consent=
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.1.242.226 Groningen, Netherlands, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
226.242.1.34.bc.googleusercontent.com
Software
/
Resource Hash
ac23f38754ad58a73a42d5e8598f98f9a7eb19bb1e83c96ea41c8b8589e96292

Request headers

Referer
https://prebid.receptivity.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

content-length
503
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
via
1.1 google
prbds2s
rtb.gumgum.com/usync/ Frame B524 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.208.190.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-208-190-113.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ee877fb7f1902f8e1566896f8c9747d95c58b9dc04c9a35e787ec03a23a227c4

Request headers

Referer
https://prebid.receptivity.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 03 Feb 2026 04:03:27 GMT
etag
W/"0522071d7345c2b6d5cbd475f9a930d31"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame 3BD4 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: prebid.receptivity.io
URL: https://prebid.receptivity.io/v1/prebid/IBTP251027/sync/iframe?pbjs=1&coppa=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://prebid.receptivity.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Tue, 03 Feb 2026 04:03:27 GMT
geo
ut.pubmatic.com/ Frame 3592 		29 B
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
cb70f9de096cb6f0c317ddb5eba06ecae004895c7856d86d373380f49ca70a3e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-origin
*
cache-control
max-age=172800
content-length
29
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
application/json
geo
ut.pubmatic.com/ Frame 8A7B 		29 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
cb70f9de096cb6f0c317ddb5eba06ecae004895c7856d86d373380f49ca70a3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
29
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
application/json
setuid
pbs.optidigital.com/ Frame B199 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.optidigital.com/setuid?bidder=adyoulike&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=d42ed4755d9c3a5fe9d3660ad3e2512b
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.72.119 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
119.72.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
text/html
vary
Accept-Encoding,Origin
getuid
secure.adnxs.com/ Frame B199 		0
0
cms
ups.analytics.yahoo.com/ups/58921/ Frame B199
Redirect Chain
  • https://x.bidswitch.net/sync?gdpr=0&gdpr_consent=&ssp=adyoulike
  • https://x.bidswitch.net/ul_cb/sync?gdpr=0&gdpr_consent=&ssp=adyoulike
  • https://ups.analytics.yahoo.com/ups/58921/cms?bidswitch_ssp_id=adyoulike&ssp_user_id=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
0
0
sync
visitor.omnitagjs.com/visitor/ Frame B199
Redirect Chain
  • https://creativecdn.com/cm-notify?gdpr=0&gdpr_consent=&pi=adyoulike
  • https://creativecdn.com/cm-notify?gdpr=0&gdpr_consent=&pi=adyoulike&tc=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&name=RTB_HOUSE&gdpr=0&gdpr_consent=&pi=adyoulike&tc=1
49 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&name=RTB_HOUSE&gdpr=0&gdpr_consent=&pi=adyoulike&tc=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
34.1.1.166 Paris, France, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.1.1.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

x-kong-request-id
d4d2f51193ee2361b25ba92e61c07a07
via
1.1 kong/3.9.1
x-kong-upstream-latency
6
x-kong-proxy-latency
0
content-length
49
p3p
CP="CAO PSA OUR"
date
Tue, 03 Feb 2026 04:03:26 GMT
content-type
image/gif
server
fasthttp

Redirect headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&name=RTB_HOUSE&gdpr=0&gdpr_consent=&pi=adyoulike&tc=1
content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
pragma
no-cache
vary
Accept-Encoding
sync
visitor.omnitagjs.com/visitor/ Frame B199
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=JAHJ4YZq4O&r=https://visitor.omnitagjs.com/visitor/sync?visitor=$[PDID]&gdpr=0&gdpr_consent=&name=RICHEAUDIENCE&is_cookie_sync_uid=...
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=JAHJ4YZq4O&r=https://visitor.omnitagjs.com/visitor/sync?visitor=$[PDID]&gdpr=0&gdpr_consent=&name=RICHEAUDIENCE&is_cookie_sync_uid=...
  • https://visitor.omnitagjs.com/visitor/sync?visitor=$f723398f-56f9-48bf-8ec3-1zz1770089592
49 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?visitor=$f723398f-56f9-48bf-8ec3-1zz1770089592
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
34.1.1.166 Paris, France, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.1.1.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

x-kong-request-id
e3e66e58b8bd7e4a0e3eff321671683c
via
1.1 kong/3.9.1
x-kong-upstream-latency
0
x-kong-proxy-latency
0
content-length
49
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
server
fasthttp

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?visitor=$f723398f-56f9-48bf-8ec3-1zz1770089592
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date
Tue, 03 Feb 2026 03:33:12 GMT
content-type
text/html; charset=UTF-8
x-powered-by
PHP/8.2.4
server
nginx/1.14.1
rmpssp
sync.1rx.io/usersync2/ Frame B199 		0
0
ayl_pixel
api-ssp.spot.im/pixels/ Frame B199 		0
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-ssp.spot.im/pixels/ayl_pixel?ayl_id=d42ed4755d9c3a5fe9d3660ad3e2512b
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.85 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-18-244-18-85.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

via
1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
xse23K3Kc8XqrSYnaP-yYkuHzkMPzv0LYrZQTiGNEukJaTk-Yh_a_w==
date
Tue, 03 Feb 2026 04:03:27 GMT
x-amz-cf-pop
FRA56-P11
sync
visitor.europe-west9.gcp.omnitagjs.com/visitor/ Frame B199
Redirect Chain
  • https://csync.smilewanted.com/getuid?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name...
  • https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&is_cookie_sync_uid=1&name=SMILE_WANTED_cookie_sync&ttl=720&uid=b8b40bf8d5517ea3b00b2820c8ec6161&visitor=3076d606bb79...
49 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&is_cookie_sync_uid=1&name=SMILE_WANTED_cookie_sync&ttl=720&uid=b8b40bf8d5517ea3b00b2820c8ec6161&visitor=3076d606bb79b66cb5113a16b92b0126
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
34.1.1.166 Paris, France, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.1.1.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

x-kong-request-id
65c32927b242c13c0224dd168b603a11
via
1.1 kong/3.9.1
x-kong-upstream-latency
0
x-kong-proxy-latency
0
content-length
49
p3p
CP="CAO PSA OUR"
date
Tue, 03 Feb 2026 04:03:26 GMT
content-type
image/gif
server
fasthttp

Redirect headers

location
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&is_cookie_sync_uid=1&name=SMILE_WANTED_cookie_sync&ttl=720&uid=b8b40bf8d5517ea3b00b2820c8ec6161&visitor=3076d606bb79b66cb5113a16b92b0126
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-ray
9c7f09e06ecabc08-ZRH
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
generic
match.adsrvr.org/track/cmf/ Frame B199 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=0&gdpr_consent=&ttd_pid=k2j3gqp&ttd_tpi=1
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

content-length
70
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
server
Kestrel
getuid
eb2.3lift.com/ Frame B199 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DTRIPLELIFT_cookie_sync%26ttl%3D720%26uid%3D771bebe2d6221e9ca65e16ebf8d2f6f3%26visitor%3D%24UID
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
ImgSync
image8.pubmatic.com/AdServer/ Frame B199 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&p=156813&pu=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DPUBMATIC_cookie_sync%26ttl%3D720%26uid%3D12d885878bc90a9e71c01a70f29ea564%26visitor%3D%23PMUID
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

date
Tue, 03 Feb 2026 04:03:27 GMT
strict-transport-security
max-age=16070400; includeSubDomains
content-length
0
/
b1sync.outbrain.com/usersync/adyoulike/ Frame B199 		0
0
v1
match.sharethrough.com/universal/ Frame B199 		0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?gdpr=0&gdpr_consent=&supply_id=wldemn0V
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.153.64.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-153-64-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
sync
visitor.omnitagjs.com/visitor/ Frame B199
Redirect Chain
  • https://csync.loopme.me/?gdpr=0&gdpr_consent=&pubid=11480&redirect=https://visitor.omnitagjs.com/visitor/sync?uid=68c72dd412a8d0f3f6d2276db2509939&name=LOOPME&visitor={device_id}
  • https://visitor.omnitagjs.com/visitor/sync?uid&name=LOOPME&gdpr_consent=null&visitor={device_id}&gdpr=0
49 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid&name=LOOPME&gdpr_consent=null&visitor={device_id}&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
34.1.1.166 Paris, France, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.1.1.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

x-kong-request-id
33937e17c8a8406b956846347cf1b467
via
1.1 kong/3.9.1
x-kong-upstream-latency
2
x-kong-proxy-latency
0
content-length
49
date
Tue, 03 Feb 2026 04:03:26 GMT
content-type
image/gif
server
fasthttp

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid&name=LOOPME&gdpr_consent=null&visitor={device_id}&gdpr=0
content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
server
_
ImgSync
image8.pubmatic.com/AdServer/ Frame B199 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&p=159706&pu=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DPUBMATIC_cookie_sync%26ttl%3D720%26uid%3D90d885878bc90a9e71c01a70f29ea564%26visitor%3D%23PMUID
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.18 , United States, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

date
Tue, 03 Feb 2026 04:03:27 GMT
strict-transport-security
max-age=16070400; includeSubDomains
content-length
0
cksync.php
hb.trustedstack.com/ Frame B199 		43 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.trustedstack.com/cksync.php?coppa=&cs=66&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DDBLOCK_cookie_sync%26ttl%3D720%26uid%3D726e82370458832fe1172100a5249d53%26visitor%3D%3Cvsid%3E&type=opw&usp=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.110.189.215 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-length
43
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
vary
Accept-Encoding
sync
visitor.omnitagjs.com/visitor/ Frame B199
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?gdpr=0&gdpr_consent=&ssp=adyoulike
  • https://rtb.mfadsrvr.com/ul_cb/sync?gdpr=0&gdpr_consent=&ssp=adyoulike
  • https://visitor.omnitagjs.com/visitor/sync?name=MEDIAFORCE&&uid=46263fa2a97ba86fb5c8b7e2d0f46f96&visitor=b2e801b8-a129-481d-96d7-b1e07e58d734
0
0
101967
jadserve.postrelease.com/suid/ Frame B199 		43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101967?gdpr=0&gdpr_consent=&ntv_r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DNATIVO_cookie_sync%26ttl%3D720%26uid%3Ddfa2d1e00a030a516d67f419d0043c46%26visitor%3DNTV_USER_ID
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.74.75.213 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-74-75-213.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
ssp
sync-service.net/ Frame B199 		0
0
3ccb4268afab0c2b1373a8a8fdc5011f.gif
csync.copper6.com/ Frame B199 		0
0
sync
visitor.europe-west9.gcp.omnitagjs.com/visitor/ Frame B199
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=5c25ba01-8014-471d-b115-9488b0bab07b&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2F...
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=5c25ba01-8014-471d-b115-9488b0bab07b&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisit...
  • https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&is_cookie_sync_uid=1&name=OW_OPENX_cookie_sync&ttl=720&uid=d824a89d4f4cae9a64782f9415878012&visitor=ec5161e5-f517-4c...
49 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&is_cookie_sync_uid=1&name=OW_OPENX_cookie_sync&ttl=720&uid=d824a89d4f4cae9a64782f9415878012&visitor=ec5161e5-f517-4c68-a479-67cba7a6b27e
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
34.1.1.166 Paris, France, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.1.1.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

x-kong-request-id
6eb3407b4381f70b8d92e9626a0d8c23
via
1.1 kong/3.9.1
x-kong-upstream-latency
5
x-kong-proxy-latency
0
content-length
49
p3p
CP="CAO PSA OUR"
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
server
fasthttp

Redirect headers

cache-control
private, max-age=0, no-cache
location
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&is_cookie_sync_uid=1&name=OW_OPENX_cookie_sync&ttl=720&uid=d824a89d4f4cae9a64782f9415878012&visitor=ec5161e5-f517-4c68-a479-67cba7a6b27e
pragma
no-cache
x-forwarded-for
176.10.106.10
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
vary
Accept, Accept-Encoding
pixel
ap.lijit.com/ Frame B199 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DSOVRN_cookie_sync%26ttl%3D720%26uid%3D03fc5f59ac2ef35e26f79e31c2c3945b%26visitor%3D%24UID
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.202.143.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-202-143-113.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

x-envoy-upstream-service-time
2
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Tue, 03 Feb 2026 04:03:27 GMT
vary
Accept-Encoding
server
istio-envoy
access-control-allow-headers
X-Requested-With, Content-Type
pixel
ap.lijit.com/ Frame B199 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DSOVRN_cookie_sync%26ttl%3D720%26uid%3Df31946ef3cc9a9babc9d92376f7665ec%26visitor%3D%24UID
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.202.143.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-202-143-113.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Tue, 03 Feb 2026 04:03:27 GMT
vary
Accept-Encoding
server
istio-envoy
access-control-allow-headers
X-Requested-With, Content-Type
sync
visitor.omnitagjs.com/visitor/ Frame B199
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https://visitor.omnitagjs.com/visitor/sync?uid=cc74a90418053c5e5c118472fd8c7507&visitor=
  • https://visitor.omnitagjs.com/visitor/sync?uid=cc74a90418053c5e5c118472fd8c7507
49 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=cc74a90418053c5e5c118472fd8c7507
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
34.1.1.166 Paris, France, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.1.1.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

x-kong-request-id
eef1584b18bda1676de3cd0fc7a1b94b
via
1.1 kong/3.9.1
x-kong-upstream-latency
1
x-kong-proxy-latency
0
content-length
49
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
server
fasthttp

Redirect headers

cache-control
max-age=0, private, must-revalidate
location
https://visitor.omnitagjs.com/visitor/sync?uid=cc74a90418053c5e5c118472fd8c7507
content-length
0
date
Tue, 03 Feb 2026 04:03:26 GMT
x-envoy-upstream-service-time
0
vary
accept-encoding
server
envoy
sync
visitor.europe-west9.gcp.omnitagjs.com/visitor/ Frame B199
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DINDEX_cookie_...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DINDEX_cookie_...
  • https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&is_cookie_sync_uid=1&name=INDEX_cookie_sync&ttl=720&uid=ea200206faeb16ecc9e6bc20f18ff71c&visitor=aYFzj7mqPVcAA6jkBk1...
49 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&is_cookie_sync_uid=1&name=INDEX_cookie_sync&ttl=720&uid=ea200206faeb16ecc9e6bc20f18ff71c&visitor=aYFzj7mqPVcAA6jkBk1dGQAA%263186
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
34.1.1.166 Paris, France, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.1.1.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

x-kong-request-id
30a13c0bc08f006d5178aa5b340c165c
via
1.1 kong/3.9.1
x-kong-upstream-latency
3
x-kong-proxy-latency
0
content-length
49
p3p
CP="CAO PSA OUR"
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
server
fasthttp

Redirect headers

cf-cache-status
DYNAMIC
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=n7rG%2Fi6tioT3FFTVeEYF5Mm3KLgNTuguv7jP8VXUG1wh6uZecE3s04x%2BIUlvmMvCypIAkM0wWrcSZ6AFYcG6DM3q6ta15efhBFTS3PeAdJ2SVeEiraJI"}]}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Tue, 03 Feb 2026 04:03:27 GMT
vary
accept-encoding
priority
u=3,i
cache-control
no-cache
location
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&is_cookie_sync_uid=1&name=INDEX_cookie_sync&ttl=720&uid=ea200206faeb16ecc9e6bc20f18ff71c&visitor=aYFzj7mqPVcAA6jkBk1dGQAA%263186
nel
{"report_to":"cf-nel","success_fraction":0.01,"max_age":604800}
pragma
no-cache
cf-ray
9c7f09e1bf6d039d-ZRH
content-length
0
server
cloudflare
f3c49daf592d06bab39258cac72c0de9.gif
csync.copper6.com/ Frame B199 		0
0
cksync
cs.media.net/ Frame B199 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame B199
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https://visitor.omnitagjs.com/visitor/sync?uid=642b2fc65afcd5ddddcf2d0e96254052&visitor=
  • https://visitor.omnitagjs.com/visitor/sync?uid=642b2fc65afcd5ddddcf2d0e96254052
49 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=642b2fc65afcd5ddddcf2d0e96254052
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
34.1.1.166 Paris, France, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.1.1.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://visitor.omnitagjs.com/

Response headers

x-kong-request-id
653d4b498f857c1a117fac1624248637
via
1.1 kong/3.9.1
x-kong-upstream-latency
5
x-kong-proxy-latency
0
content-length
49
date
Tue, 03 Feb 2026 04:03:26 GMT
content-type
image/gif
server
fasthttp

Redirect headers

cache-control
max-age=0, private, must-revalidate
location
https://visitor.omnitagjs.com/visitor/sync?uid=642b2fc65afcd5ddddcf2d0e96254052
content-length
0
date
Tue, 03 Feb 2026 04:03:26 GMT
x-envoy-upstream-service-time
4
vary
accept-encoding
server
envoy
pbsync
ads.yieldmo.com/ Frame B199 		0
0
oRTB
sync.inmobi.com/ Frame B199 		0
0
711333.gif
id.rlcdn.com/ Frame B199 		0
0
ortb_sync
gum.aidemsrv.com/ Frame 2D74 		179 KB
179 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.aidemsrv.com/ortb_sync?consent=&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DAIDEM_cookie_sync%26ttl%3D720%26uid%3Da059420d40b26f734077277f28046dd6%26visitor%3D&us_privacy=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.170.8 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f2b53327f12ed7538e069e872ac0580babdf8fe1bc5860ae4afc92ba807d8db
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
9c7f09e05d9dbbfc-ZRH
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
priority
u=0,i
referrer-policy
same-origin
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=2%2FERoAvlqJ0B2GeWgRgGP2chHzGp%2Fhj62Om%2BdxMgo2uOTDEQWSuATzh%2FvEUOFGSfD26V3QwCAwYZylLvv97RywGZFnMI88SwRb2W7wM%3D"}]}
server
cloudflare
server-timing
cfExtPri
vary
accept-encoding
x-frame-options
SAMEORIGIN
/
ssc-cms.33across.com/ps/ Frame 2A08 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?gdpr=0&gdpr_consent=&id=0015a00003HljHyAAJ&m=xch&rt=html&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3D33ACROSS_cookie_sync%26ttl%3D720%26uid%3D69111ecd4aa13a801a1b6a93d851020c%26visitor%3D33XUSERID33X
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP018 /
Resource Hash

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Feb 2026 04:03:27 GMT
server
33XP018
x-33x-status
2020008
usync.html
eus.rubiconproject.com/ Frame 33D4 		269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=eu&gdpr=0&gdpr_consent=&p=adyoulike_2
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
etag
"10d-63d602600b800-gzip"
last-modified
Wed, 27 Aug 2025 22:17:04 GMT
server
Apache/2.4.65 (Debian)
vary
Accept-Encoding
userIframe
measureadv.com/ Frame AD8E 		2 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://measureadv.com/userIframe?gdpr=0&gdpr_consent=&p=5&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DHeroes_cookie_sync%26ttl%3D720%26uid%3Db11513b524b8fb6cfa1d87f3198b8359%26visitor%3D%7BUID%7D
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
204.62.14.130 Clifton, United States, ASN46636 (NATCOWEB - NatCoWeb Corp., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://visitor.omnitagjs.com
Connection
keep-alive
Date
Tue, 03 Feb 2026 04:03:27 GMT
Keep-Alive
timeout=5
Transfer-Encoding
chunked
ssync.html
player.aniview.com/ssync/62f53b2c7850d0786f227f64/ Frame A47A 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?gdpr=0&gdpr_consent=&pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DOPENWEB_VIDEO_cookie_sync%26ttl%3D720%26uid%3D82df52214992aaa2796cd16591db7d78%26visitor%3D%5BAV_UID%5D
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:33::212:40c5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8cecad7988c322f2c35c14e99a4b936bd643cdaaa9216e9174bb1a442ff841dd

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Alt-Svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1683
Content-Type
text/html
Date
Tue, 03 Feb 2026 04:03:27 GMT
ETag
"15a46f2f4450880eb635e62a551bbd04"
Expires
Tue, 03 Feb 2026 04:18:27 GMT
Last-Modified
Thu, 25 Jul 2024 11:37:12 GMT
Server
UploadServer
Vary
Accept-Encoding
X-GUploader-UploadID
AHxI1nPPBsD_AtAlthh9UYN7S1D7ZmtBA3T4JpVyFE1oJjNMpZJA0VFk64G2vIfykIn1IjPqzdg
x-goog-generation
1721907432551634
x-goog-hash
crc32c=X7Uy+Q== md5=FaRvL0RQiA62NeYqVRu9BA==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
5380
/
onetag-sys.com/usync/ Frame A770 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?gdpr=$0&gdpr_consent=${GDPR_STRING}&pubId=7a07370227fc000&us_privacy=$
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
d6b9ac8ccff69f2de32254b96a2bb180535f809c2d8059d40be5844a8cbad026
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-cache, no-transform no-transform, no-cache
content-length
2504
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
strict-transport-security
max-age=15552000
iframe
audienceexposure.com/ Frame 562D 		0
0
usync.html
eus.rubiconproject.com/ Frame 1F36
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?endpoint=eu&gdpr=0&gdpr_consent=&p=adyoulike
  • https://eus.rubiconproject.com/usync.html?endpoint=eu&gdpr=0&gdpr_consent=&p=adyoulike
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?endpoint=eu&gdpr=0&gdpr_consent=&p=adyoulike
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
etag
"10d-63d602600b800-gzip"
last-modified
Wed, 27 Aug 2025 22:17:04 GMT
server
Apache/2.4.65 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
location
https://eus.rubiconproject.com/usync.html?endpoint=eu&gdpr=0&gdpr_consent=&p=adyoulike
server
AkamaiGHost
/
ssc-cms.33across.com/ps/ Frame D844 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?gdpr=0&gdpr_consent=&id=0015a00003HljHyAAJ&m=xch&rt=html&ru=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3D33ACROSS_cookie_sync%26ttl%3D720%26uid%3Ded55285db75018cd99af4f15b0f96f4c%26visitor%3D33XUSERID33X
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST - Steadfast, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP013 /
Resource Hash

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

date
Tue, 03 Feb 2026 04:03:27 GMT
server
33XP013
x-33x-status
2020008
sync
ittpx.eskimi.com/ Frame 08BE
Redirect Chain
  • https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14
  • https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.40.16.220 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.220.16.40.188.clients.your-server.de
Software
/
Resource Hash
3eca7b680a55d131360f49e59b504fb2df4ac9d657f23b90a5a3888da8aaf6c9

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-type
text/html; charset=UTF-8
date
Tue, 03 Feb 2026 04:03:27 GMT

Redirect headers

cache-control
no-cache
content-type
text/html; charset=UTF-8
date
Tue, 03 Feb 2026 04:03:27 GMT
location
https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
sync
ssbsync.smartadserver.com/api/ Frame CFAA 		743 B
698 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.202.238.101 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip101.ip-149-202-238.eu
Software
/
Resource Hash
8093a35a73bc7eb1e09e261e8a3d45b59b58055d27f7d212ce28dcf26ba5e344

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

cache-control
no-cache,no-store
content-encoding
br
content-type
text/html
date
Tue, 03 Feb 2026 04:03:26 GMT
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
vary
Accept-Encoding
services
sync.technoratimedia.com/ Frame 1CE6 		0
0
usync.js
eus.rubiconproject.com/ Frame 33D4 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=eu&gdpr=0&gdpr_consent=&p=adyoulike_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash
3896bdb752b2449b7ced47b8d2fda34b733889a45e166e50d6f5507b65da461d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?endpoint=eu&gdpr=0&gdpr_consent=&p=adyoulike_2

Response headers

cache-control
max-age=56490
content-encoding
gzip
expires
Tue, 03 Feb 2026 19:44:57 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11500
date
Tue, 03 Feb 2026 04:03:27 GMT
last-modified
Mon, 02 Feb 2026 19:44:57 GMT
x-powered-by
PHP/8.3.24
server
Apache/2.4.65 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 33D4 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=ML62PZ2X-1A-DA2H
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 , Germany, ASN26667 (RUBICONPROJECT - Magnite, Inc., US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
60b165552398b5723379d087b804c2a0
content-length
7
content-type
application/json; charset=UTF-8
setuid
pbs.receptivity.io/ Frame 7C46 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.receptivity.io/setuid?bidder=openx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=3964e248-dc15-49ce-b33d-b8aaf4ae03df
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1744 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
via
1.1 google
cf-ray
9c7f09e0bbc31453-ZRH
expires
0
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
text/html
vary
Accept-Encoding,Origin
server
cloudflare
sd
us-u.openx.net/w/1.0/ Frame 7C46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPgR6-S7qLqAT0nmEsOvP8E&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPgR6-S7qLqAT0nmEsOvP8E&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
176.10.106.10
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 03 Feb 2026 04:03:26 GMT
content-type
image/gif
vary
Accept

Redirect headers

cache-control
no-cache, must-revalidate
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPgR6-S7qLqAT0nmEsOvP8E&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
295
date
Tue, 03 Feb 2026 04:03:27 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
pixel
cm.g.doubleclick.net/ Frame 7C46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmNkNWJlNGQtYWNmZC0yNDgzLWNkNTEtMjIwNmJmMTcwZjMy
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmNkNWJlNGQtYWNmZC0yNDgzLWNkNTEtMjIwNmJmMTcwZjMy&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmNkNWJlNGQtYWNmZC0yNDgzLWNkNTEtMjIwNmJmMTcwZjMy&google_tc=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Tue, 03 Feb 2026 04:03:27 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

cache-control
no-cache, must-revalidate
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmNkNWJlNGQtYWNmZC0yNDgzLWNkNTEtMjIwNmJmMTcwZjMy&google_tc=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
326
date
Tue, 03 Feb 2026 04:03:27 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
openx
match.adsrvr.org/track/cmf/ Frame 7C46 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=00ba6d87-658a-7a27-d8b1-78bf75f5c152&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

content-length
70
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
server
Kestrel
sd
us-u.openx.net/w/1.0/ Frame 7C46
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0&__qcmcs=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NyoEjjYgBNksK1qMYCER2TByDdwsIAWGZHJsxmuE
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NyoEjjYgBNksK1qMYCER2TByDdwsIAWGZHJsxmuE
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
176.10.106.10
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 03 Feb 2026 04:03:26 GMT
content-type
image/gif
vary
Accept

Redirect headers

strict-transport-security
max-age=86400
cache-control
private, no-store, proxy-revalidate
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=NyoEjjYgBNksK1qMYCER2TByDdwsIAWGZHJsxmuE
content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7C46
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1064847436536957466
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1064847436536957466
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
176.10.106.10
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
vary
Accept

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1064847436536957466
pragma
no-cache
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-methods
GET
expires
-1
access-control-allow-origin
*
content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
server
nginx
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
sd
us-u.openx.net/w/1.0/ Frame 7C46
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=openx&gdpr=0
43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=openx&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&gpp=&gpp_sid=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
176.10.106.10
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 03 Feb 2026 04:03:26 GMT
content-type
image/gif
vary
Accept

Redirect headers

expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=openx&gdpr=0
content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
pragma
no-cache
vary
Accept-Encoding
setuid
pbs.receptivity.io/ Frame 7B97 		0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.receptivity.io/setuid?bidder=amx&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1744 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://prebid.a-mo.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
via
1.1 google
cf-ray
9c7f09e0cbc91453-ZRH
expires
0
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
text/html
vary
Accept-Encoding,Origin
server
cloudflare
n1.js
a.amxrtb.com/js/ Frame 7B97 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.amxrtb.com/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&s=pbs&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:dfa -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
59044c0e5cf5820448373e4ede00b8d1f0b45dc331b2d9c71a5d707b1d1f0dee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://prebid.a-mo.net/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"594c94f05d6e65f49ee3acdd5d971b89"
age
5666
expires
Tue, 03 Feb 2026 08:03:27 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
Nbjw_Qkg1luWkuDXQRBIcFWs0wDMoDwRYE2KG1LxI4Edy7o1rvv_Ng==
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
text/javascript
last-modified
Fri, 17 Nov 2023 21:37:06 GMT
vary
Accept-Encoding
cache-control
public, max-age=14400
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
cf-ray
9c7f09e12c0f444c-ZRH
x-amz-cf-pop
FRA6-C1
server
cloudflare
x-amz-server-side-encryption
AES256
setuid
pbs.receptivity.io/ Frame 54C9 		0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.receptivity.io/setuid?bidder=smaato&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=e2f80df11b
Requested by
Host: s.ad.smaato.net
URL: https://s.ad.smaato.net/i/?adExInit=p&redir=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1744 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://s.ad.smaato.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
via
1.1 google
cf-ray
9c7f09e0cbcf1453-ZRH
expires
0
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
text/html
vary
Accept-Encoding,Origin
server
cloudflare
smat-us
router.infolinks.com/dyn/ Frame 54C9 		35 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/smat-us?user_id=e2f80df11b&gdpr=0&gdpr_consent=
Requested by
Host: s.ad.smaato.net
URL: https://s.ad.smaato.net/i/?adExInit=p&redir=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://s.ad.smaato.net/

Response headers

cache-control
no-store, no-cache, private
cf-cache-status
DYNAMIC
pragma
no-cache
via
1.1 google
cf-ray
9c7f09e10f2375ff-ZRH
expires
Mon, 03 Feb 2025 04:03:27 GMT
access-control-allow-origin
*
content-length
35
p3p
CP="NON DSP NID OUR COR"
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
server
cloudflare
ecm3
s.amazon-adsystem.com/ Frame A9EC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=ML62PZ4F-1Z-HQAY&ex=d-rubiconproject.com&status=ok
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame A9EC
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
0
0
cms
ups.analytics.yahoo.com/ups/58912/ Frame A9EC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://ups.analytics.yahoo.com/ups/58912/cms?uid=QlCimIWHZzggTO1cZ0vQ2sn5EUdSAgOZEtemQ7w0kco&csrc=
0
0
pixel
cm.g.doubleclick.net/ Frame A9EC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2I4ZTFhZTZiMzA3NjlmNWY1MzAwZTVhODZmY2E4NDZlN2RkM2YwNA
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2I4ZTFhZTZiMzA3NjlmNWY1MzAwZTVhODZmY2E4NDZlN2RkM2YwNA&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2I4ZTFhZTZiMzA3NjlmNWY1MzAwZTVhODZmY2E4NDZlN2RkM2YwNA&google_tc=
Protocol
H3
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Tue, 03 Feb 2026 04:03:27 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

cache-control
no-cache, must-revalidate
location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2I4ZTFhZTZiMzA3NjlmNWY1MzAwZTVhODZmY2E4NDZlN2RkM2YwNA&google_tc=
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
334
date
Tue, 03 Feb 2026 04:03:27 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
esync
token.rubiconproject.com/ Frame A9EC
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Protocol
HTTP/1.1
Server
69.173.144.165 , Germany, ASN26667 (RUBICONPROJECT - Magnite, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
102e9138201bc46179fa572a61474df9
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store
timing-allow-origin
*
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
dcm
s.amazon-adsystem.com/ Frame A9EC 		0
0
rubicon
match.adsrvr.org/track/cmf/ Frame A9EC 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

content-length
70
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
server
Kestrel
setuid
px.ads.linkedin.com/ Frame A9EC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=ML62PZ4F-1Z-HQAY
0
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame A9EC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9eu
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=ML62PZ4F-1Z-HQAY&ex=d-rubiconproject.com&status=ok
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=ML62PZ4F-1Z-HQAY&ex=d-rubiconproject.com&status=ok
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid
N5DRF0K8PH4WR2J0NW84
Content-Length
43
Date
Tue, 03 Feb 2026 04:03:27 GMT
Content-Type
image/gif
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=ML62PZ4F-1Z-HQAY&ex=d-rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
2536856a70099687149b541d371e5a62
content-length
0
Content-Type
text/html
tap.php
pixel.rubiconproject.com/ Frame A9EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&process_consent=T
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&process_consent=T&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENFqA8IcE65OTTBRU8DHc0w&google_cver=1
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENFqA8IcE65OTTBRU8DHc0w&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.139 , Germany, ASN26667 (RUBICONPROJECT - Magnite, Inc., US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
2536856a70099687149b541d371e5a62
Pragma
no-cache
content-length
42
Content-Type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENFqA8IcE65OTTBRU8DHc0w&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
326
date
Tue, 03 Feb 2026 04:03:27 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
pixel
cm.g.doubleclick.net/ Frame A9EC
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TUw2MlBaNEYtMVotSFFBWQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJB02mQCt6iX0EwLrKvNTFg&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUw2MlBaNEYtMVotSFFBWQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUw2MlBaNEYtMVotSFFBWQ==&google_push=
Protocol
H3
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Tue, 03 Feb 2026 04:03:27 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TUw2MlBaNEYtMVotSFFBWQ==&google_push=
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
08d2322ff6a2719f13397777e30d0962
content-length
0
Content-Type
text/html
rp
match.prod.bidr.io/cookie-sync/ Frame A9EC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
0
0
magnite
sync.a-mo.net/setuid/ Frame A9EC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
  • https://sync.a-mo.net/setuid/magnite?uid=ML62PZ4F-1Z-HQAY
0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame A9EC 		0
0
pixel
capi.connatix.com/us/ Frame A9EC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=ML62PZ4F-1Z-HQAY&pId=11&gdpr=&gdpr_consent=&us_privacy=
0
0
merge
ce.lijit.com/ Frame A9EC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=ML62PZ4F-1Z-HQAY
0
0
geo
ut.pubmatic.com/ Frame 3592 		29 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
cb70f9de096cb6f0c317ddb5eba06ecae004895c7856d86d373380f49ca70a3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
29
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
application/json
sync
visitor.omnitagjs.com/visitor/ Frame CFAA 		49 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=6031504432374780892&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.1.1.166 Paris, France, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.1.1.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ssbsync.smartadserver.com/

Response headers

x-kong-request-id
5bd4b465cee3974e90c51279217d367c
via
1.1 kong/3.9.1
x-kong-upstream-latency
2
x-kong-proxy-latency
0
content-length
49
p3p
CP="CAO PSA OUR"
date
Tue, 03 Feb 2026 04:03:26 GMT
content-type
image/gif
server
fasthttp
pixel-opera
www.temu.com/api/adx/cm/ Frame CFAA
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10682794419520&us_privacy=&gdpr=0&gdpr_consent=
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=8c6807b627678853&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10682794419520%26gdpr%...
0
0
bsw_sync
ads.creative-serving.com/ul_cb/ Frame CFAA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=smartadserver&bsw_custom_parameter=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=smartadserver&bsw_custom_parameter=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb&gdpr=0&gdpr_consent=
0
0
getuid
secure.adnxs.com/ Frame CFAA 		0
0
/
b1sync.outbrain.com/usersync/smart/ Frame CFAA 		0
0
truncated
/ Frame 2D74 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 2D74 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 2D74 		155 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
geo
ut.pubmatic.com/ Frame 8A7B 		29 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
cb70f9de096cb6f0c317ddb5eba06ecae004895c7856d86d373380f49ca70a3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
29
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
application/json
getuid
secure.adnxs.com/ Frame B524 		0
0
sync
x.bidswitch.net/ Frame B524 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_57b1ff37-9513-4f15-8388-8551dca231f9&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2 - Google LLC, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
usersync
usersync.gumgum.com/ Frame B524
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=f787c9f7-4d9f-4271-bfca-6852bda5c014
35 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=f787c9f7-4d9f-4271-bfca-6852bda5c014
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
54.247.188.220 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-188-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

expires
0
cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
date
Tue, 03 Feb 2026 04:03:27 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

cache-control
private, max-age=0, no-cache
location
https://usersync.gumgum.com/usersync?b=opx&i=f787c9f7-4d9f-4271-bfca-6852bda5c014
pragma
no-cache
x-forwarded-for
176.10.106.10
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 03 Feb 2026 04:03:26 GMT
content-type
image/gif
vary
Accept, Accept-Encoding
sync
sync.srv.stackadapt.com/ Frame B524 		0
0
cms
ups.analytics.yahoo.com/ups/58935/ Frame B524 		0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame B524 		0
0
142
match.deepintent.com/usersync/ Frame B524 		0
0
/
b1sync.outbrain.com/usersync/gumgum/ Frame B524 		0
0
usersync
rtb.gumgum.com/ Frame B524
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&us_privacy=&gpp=&gpp_sid=&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=yXYNcmD96Cjf&ev=1&gpp_sid=&gpp=&us_privacy=&pid=558355
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=yXYNcmD96Cjf&ev=1&gpp_sid=&gpp=&us_privacy=&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
52.208.190.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-208-190-113.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
pragma
no-cache
expires
0
content-length
35
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif;charset=UTF-8
server
nginx

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
location
https://rtb.gumgum.com/usersync?b=pln&i=yXYNcmD96Cjf&ev=1&gpp_sid=&gpp=&us_privacy=&pid=558355
timing-allow-origin
*
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server
bh-deployment-7555f47cbf-r2vvm
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-CH
server
Jetty(12.0.22)
sync
ssbsync.smartadserver.com/api/ Frame B524 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.202.238.101 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip101.ip-149-202-238.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Tue, 03 Feb 2026 04:03:27 GMT
content-length
0
setuid
pbs.receptivity.io/ Frame B524 		0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.receptivity.io/setuid?bidder=gumgum&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=e_57b1ff37-9513-4f15-8388-8551dca231f9
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1744 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
via
1.1 google
cf-ray
9c7f09e13c4a1453-ZRH
expires
0
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
text/html
vary
Accept-Encoding,Origin
server
cloudflare
sync
visitor.omnitagjs.com/visitor/ Frame 33D4
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike_2&gdpr=0&gdpr_consent=&gdpr=0&khaos=ML62PZ4F-1Z-HQAY
  • https://visitor.omnitagjs.com/visitor/sync?uid=50a8b71bce09185338b804811fc96dd2&visitor=ML62PZ4F-1Z-HQAY&name=RUBICON&gdpr=0
49 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=50a8b71bce09185338b804811fc96dd2&visitor=ML62PZ4F-1Z-HQAY&name=RUBICON&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
34.1.1.166 Paris, France, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.1.1.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

x-kong-request-id
4f18ed6c4885ba40c901253ca6cab905
via
1.1 kong/3.9.1
x-kong-upstream-latency
0
x-kong-proxy-latency
0
content-length
49
p3p
CP="CAO PSA OUR"
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
server
fasthttp

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://visitor.omnitagjs.com/visitor/sync?uid=50a8b71bce09185338b804811fc96dd2&visitor=ML62PZ4F-1Z-HQAY&name=RUBICON&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
102e9138201bc46179fa572a61474df9
content-length
0
Content-Type
text/html
track
t2.teads.tv/ Frame 7BB0 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t2.teads.tv/track?action=visible-2&pid=249562&vid=00000000-0000-0000-0000-000000000001&pfid=42&piv=0&env=js-web&ut=0&auctid=b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9&sid=506866&scid=6875&pscid=21832&psid=585625&hb_provider=prebid&hb_ad_unit_code=dfp-ad-top&p=baVezSa_VV7OFXQoAVmRRg_DTIddm1UhZ76L-Dma75_OdCAei0yYB9dOhK7SovkDq44&cts=1770091403003&cs=-715666405985132123705&1770091403003&slot=native&fv=1523&plft=apa,apnf&referer=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 9374 		0
0
usync.js
eus.rubiconproject.com/ Frame 1F36 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?endpoint=eu&gdpr=0&gdpr_consent=&p=adyoulike
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash
3896bdb752b2449b7ced47b8d2fda34b733889a45e166e50d6f5507b65da461d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?endpoint=eu&gdpr=0&gdpr_consent=&p=adyoulike

Response headers

cache-control
max-age=56490
content-encoding
gzip
expires
Tue, 03 Feb 2026 19:44:57 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11500
date
Tue, 03 Feb 2026 04:03:27 GMT
last-modified
Mon, 02 Feb 2026 19:44:57 GMT
x-powered-by
PHP/8.3.24
server
Apache/2.4.65 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame F84C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&redir=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dsovrn%26dataid%3Ddata12%26uuid%3D%24UID
Requested by
Host: sync.connectad.io
URL: https://sync.connectad.io/iFrameSyncer?gdpr=&consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.202.143.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-202-143-113.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://sync.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Tue, 03 Feb 2026 04:03:27 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
1
sync.connectad.io/umatch/ Frame A451
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=connectad&us_privacy=1---
  • https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=connectad&us_privacy=1---
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=connectad&us_privacy=1---
Requested by
Host: sync.connectad.io
URL: https://sync.connectad.io/iFrameSyncer?gdpr=&consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
date
Tue, 03 Feb 2026 04:03:27 GMT
x-azure-ref
20260203T040327Z-r1664d85786ztgr9hC1ZRHq4an0000000qvg000000002vba
x-cache
CONFIG_NOCACHE

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=connectad&us_privacy=1---
pragma
no-cache
vary
Accept-Encoding
cookie
cm.adform.net/ Frame 3969 		35 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dadform%26dataid%3Ddata4%26uuid%3D%24UID
Requested by
Host: sync.connectad.io
URL: https://sync.connectad.io/iFrameSyncer?gdpr=&consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM Adform A/S, DK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://sync.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
content-type
image/gif
date
Tue, 03 Feb 2026 04:03:27 GMT
server
nginx
1
sync.connectad.io/pixel/ Frame 18D5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=connectad&gdpr=0&us_privacy=1---
  • https://sync.connectad.io/pixel/1?dataid=data20&uuid=ML62PZ4F-1Z-HQAY&gdpr=0&us_privacy=1---
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/pixel/1?dataid=data20&uuid=ML62PZ4F-1Z-HQAY&gdpr=0&us_privacy=1---
Requested by
Host: sync.connectad.io
URL: https://sync.connectad.io/iFrameSyncer?gdpr=&consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
date
Tue, 03 Feb 2026 04:03:27 GMT
x-azure-ref
20260203T040327Z-r1664d85786ztgr9hC1ZRHq4an0000000qvg000000002vb8
x-cache
CONFIG_NOCACHE

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://sync.connectad.io/pixel/1?dataid=data20&uuid=ML62PZ4F-1Z-HQAY&gdpr=0&us_privacy=1---
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
2536856a70099687149b541d371e5a62
content-length
0
sync
gw-iad-bid.ymmobi.com/adx/user/ Frame 45AD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=rtaplus&user_id=43157aa7-6b7d-49ed-869d-0e4f7d8d2f92&gdpr=0&us_privacy=1---
  • https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=eWg=&gdpr=0&gdpr_consent=&us_privacy=1---&bidswitch_ssp_id=rtaplus&bsw_custom_parameter=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb&callback=https%3A%2F%2...
0
0
cm
u.openx.net/w/1.0/ Frame 5AAF 		604 B
458 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Requested by
Host: sync.connectad.io
URL: https://sync.connectad.io/iFrameSyncer?gdpr=&consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM - Google LLC, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash
73d8eff056a4e3ef053cf682bf8aefec58e4a516a77a63b13e51d225441b036b

Request headers

Referer
https://sync.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0, no-cache
content-encoding
br
content-length
437
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
pragma
no-cache
vary
Accept, Accept-Encoding
via
1.1 google
x-forwarded-for
176.10.106.10
setuid
pbs.receptivity.io/ Frame 1344 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.receptivity.io/setuid?bidder=connectad&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=43157aa7-6b7d-49ed-869d-0e4f7d8d2f92
Requested by
Host: sync.connectad.io
URL: https://sync.connectad.io/iFrameSyncer?gdpr=&consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1744 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://sync.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
9c7f09e12c3b1453-ZRH
content-encoding
gzip
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
0
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,Origin
via
1.1 google
setuid
ib.adnxs.com/prebid/ Frame 23ED 		146 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=connectad&gdpr=0&gdpr_consent=&f=i&uid=43157aa7-6b7d-49ed-869d-0e4f7d8d2f92
Requested by
Host: sync.connectad.io
URL: https://sync.connectad.io/iFrameSyncer?gdpr=&consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEXUS - Xandr Inc., US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.25.5 /
Resource Hash
bfb16f2d35702077ef9d8416d9eef53d688ff16e6faf73d5b9913d76e1144d9a

Request headers

Referer
https://sync.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

content-length
146
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
server
nginx/1.25.5
x-proxy-origin
176.10.106.10; 176.10.106.10; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; *.adnxs.com
usync.html
eus.rubiconproject.com/ Frame F7CC 		269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=connectad&gdpr=&gdpr_consent=&us_privacy=1---
Requested by
Host: sync.connectad.io
URL: https://sync.connectad.io/iFrameSyncer?gdpr=&consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dconnectad%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://sync.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
etag
"10d-63d602600b800-gzip"
last-modified
Wed, 27 Aug 2025 22:17:04 GMT
server
Apache/2.4.65 (Debian)
vary
Accept-Encoding
services
sync.technoratimedia.com/ Frame 5C38 		0
0
setuid
pbs.receptivity.io/ Frame AE7D 		0
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.receptivity.io/setuid?bidder=sovrn&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=MHQT4TZH_vIgPx8dTRO_QiA8&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1744 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache
via
1.1 google
cf-ray
9c7f09e13c431453-ZRH
expires
0
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
text/html
vary
Accept-Encoding,Origin
server
cloudflare
pixel.gif
aorta.clickagy.com/ Frame AE7D 		0
0
svr
match.prod.bidr.io/cookie-sync/ Frame AE7D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=&gdpr_consent=&_bee_ppp=1
0
0
merge
ce.lijit.com/ Frame AE7D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=5z7ch9dRXSNp&ev=1&pid=558511&gdpr_consent=&gdpr=
0
0
f6840be316cff8120b331878d1e34728.gif
cs.admanmedia.com/ Frame AE7D 		0
0
merge
ce.lijit.com/ Frame AE7D
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1770091407484&gdpr=&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=CE7DBA6459864997A33635F0BFC62C0A
0
0
sync
ssbsync.smartadserver.com/api/ Frame AE7D 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=146&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
149.202.238.101 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip101.ip-149-202-238.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ap.lijit.com/

Response headers

date
Tue, 03 Feb 2026 04:03:26 GMT
content-length
0
dot.gif
s0.2mdn.net/ Frame AE7D
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=TUhRVDRUWkhfdklnUHg4ZFRST19RaUE4
  • https://s0.2mdn.net/dot.gif
0
0
merge
ce.lijit.com/ Frame AE7D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=sovrn&gdpr=&gdpr_consent=
0
0
pixel-opera
www.temu.com/api/adx/cm/ Frame AE7D
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub10014056052800&gdpr=&gdpr_consent=
  • https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=63cbbc171aeefd52&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10014056052800%26gdpr%3...
0
0
usersync
usersync.gumgum.com/ Frame 306C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1301&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=adf&i=6310936429702489107&gdpr=&gdpr_consent=
35 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=adf&i=6310936429702489107&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.188.220 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-188-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
0
pragma
no-cache

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
-1
location
https://usersync.gumgum.com/usersync?b=adf&i=6310936429702489107&gdpr=&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame C5F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81N2IxZmYzNy05NTEzLTRmMTUtODM4OC04NTUxZGNhMjMxZjk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81N2IxZmYzNy05NTEzLTRmMTUtODM4OC04NTUxZGNhMjMxZjk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
170 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81N2IxZmYzNy05NTEzLTRmMTUtODM4OC04NTUxZGNhMjMxZjk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.141.66 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
tzfraa-ar-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
435
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81N2IxZmYzNy05NTEzLTRmMTUtODM4OC04NTUxZGNhMjMxZjk=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FF8E 		21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=102391
content-encoding
gzip
content-length
7259
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Wed, 04 Feb 2026 08:29:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 6FD8 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

content-length
70
content-type
image/gif
date
Tue, 03 Feb 2026 04:03:27 GMT
server
Kestrel
idsync
tg.socdm.com/aux/ Frame CB9F 		0
0
usersync
usersync.gumgum.com/ Frame EA34
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=gumgum
35 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.188.220 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-247-188-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
0
pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=gumgum
pragma
no-cache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame C461
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
etag
"10d-63d602600b800-gzip"
last-modified
Wed, 27 Aug 2025 22:17:04 GMT
server
Apache/2.4.65 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
ssync
sync.aniview.com/ Frame A47A 		0
0
khaos.json
token.rubiconproject.com/ Frame 1F36 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=0&khaos=ML62PZ4F-1Z-HQAY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 , Germany, ASN26667 (RUBICONPROJECT - Magnite, Inc., US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
bf69dc5aae46de3b3e054e69ad3ea11b
content-length
7
content-type
application/json; charset=UTF-8
sync.html
s.console.adtarget.com.tr/ Frame 3475 		0
0
sync
ittpx.eskimi.com/ Frame 638A
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=164&gdpr=0&gdpr_consent=
  • https://ittpx.eskimi.com/sync?dp_id=221&user_id=6031504432374780892&gdpr=0&gdpr_consent=
13 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ittpx.eskimi.com/sync?dp_id=221&user_id=6031504432374780892&gdpr=0&gdpr_consent=
Requested by
Host: ittpx.eskimi.com
URL: https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.40.16.220 Falkenstein, Germany, ASN24940 (HETZNER-AS Hetzner Online GmbH, DE),
Reverse DNS
static.220.16.40.188.clients.your-server.de
Software
/
Resource Hash

Request headers

Referer
https://ittpx.eskimi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-type
text/html; charset=UTF-8
date
Tue, 03 Feb 2026 04:03:27 GMT
x-empty-response-reason
User ID is not defined

Redirect headers

content-length
0
date
Tue, 03 Feb 2026 04:03:27 GMT
location
https://ittpx.eskimi.com/sync?dp_id=221&user_id=6031504432374780892&gdpr=0&gdpr_consent=
cookie_sync
dsp-service.pixad.com.tr/ Frame 29EA 		2 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://dsp-service.pixad.com.tr/cookie_sync?r=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D206%26user_id%3D%24%7BUSER_ID%7D
Requested by
Host: ittpx.eskimi.com
URL: https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.147 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Pixad
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ittpx.eskimi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
9c7f09e1c995be61-ZRH
content-encoding
br
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
nel
{"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
permissions-policy
browsing-topics=()
priority
u=0,i
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=6J0NrsHthH9seWnF3cMdb0QseNyoTc7xcbodt19h5ximfH7WEJQu43wOXK7xqke1%2Fjf5nV6km07b1Pkl7wUvuOOELqQT4MXONW%2Ba6R0tz4FApw7ElA%3D%3D"}]}
server
cloudflare
server-timing
cfExtPri
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin accept-encoding
working-on
pixad-k8s
x-powered-by
Pixad
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C21C 		21 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162270&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D140%26user_id%3D
Requested by
Host: ittpx.eskimi.com
URL: https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://ittpx.eskimi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=102391
content-encoding
gzip
content-length
7259
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Wed, 04 Feb 2026 08:29:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D83B 		2 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=8c90176af2e65c8&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ittpx.eskimi.com
URL: https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ittpx.eskimi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-cache, no-transform no-transform, no-cache
content-length
2504
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame E4DD 		269 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=eskimi&endpoint=eu
Requested by
Host: ittpx.eskimi.com
URL: https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) /
Resource Hash

Request headers

Referer
https://ittpx.eskimi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
etag
"10d-63d602600b800-gzip"
last-modified
Wed, 27 Aug 2025 22:17:04 GMT
server
Apache/2.4.65 (Debian)
vary
Accept-Encoding
user_sync
rtb.gamoshi.io/ Frame 08BE 		0
0
csync
sync.adtelligent.com/ Frame 08BE 		0
0
csync
sync.adtelligent.com/ Frame 08BE 		0
0
rmpssp
sync.1rx.io/usersync2/ Frame 08BE 		0
0
match
bidder.smartytouch.co/ssp/ Frame 08BE 		0
0
pixel
ap.lijit.com/ Frame 08BE 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&gpp=&gpp_sid=&redir=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D194%26user_id%3D%24UID
Requested by
Host: ittpx.eskimi.com
URL: https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.202.143.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-202-143-113.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ittpx.eskimi.com/

Response headers

x-envoy-upstream-service-time
1
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Tue, 03 Feb 2026 04:03:27 GMT
vary
Accept-Encoding
server
istio-envoy
access-control-allow-headers
X-Requested-With, Content-Type
s2s_sync
sync.sparteo.com/ Frame 08BE 		0
0
user-sync
sync.adkernel.com/ Frame 08BE 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=252325&gdpr=0&gdpr_consent=&us_privacy=&t=image&r=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D52%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26user_id%3D%7BUID%7D
Requested by
Host: ittpx.eskimi.com
URL: https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.67.200.72 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU PHOENIX NAP, LLC., US),
Reverse DNS
1.cpm.ams1.wowcon.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ittpx.eskimi.com/

Response headers

Cache-Control
no-store
Content-Length
0
Date
Tue, 03 Feb 2026 04:03:27 GMT
Server
nginx
Connection
close
server_match
ad.360yield.com/ Frame 08BE 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 08BE
Redirect Chain
  • https://ssp-sync.criteo.com/user-sync/redirect?profile=342&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&redir=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D185%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7...
  • https://dis.criteo.com/dis/usersync.aspx?r=73&p=342&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fuid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue%26gdpr%3d%26gdprapplies%3dFal...
0
0
60967d2e0594f2cb7e88f52e0a1f64d7.gif
cs.admanmedia.com/ Frame 08BE 		0
0
getuid
ib.adnxs.com/ Frame 08BE 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame 08BE 		49 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?&uid=e22c0948961a98a00dd07d6c14450aab&visitor=1742b04e-5021-4221-9c3f-01cd2ebf8114
Requested by
Host: ittpx.eskimi.com
URL: https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.1.1.166 Paris, France, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.1.1.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ittpx.eskimi.com/

Response headers

x-kong-request-id
20d57a0b722f087077f9145ee938b834
via
1.1 kong/3.9.1
x-kong-upstream-latency
5
x-kong-proxy-latency
0
content-length
49
p3p
CP="CAO PSA OUR"
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
server
fasthttp
9.gif
id5-sync.com/s/1854/ Frame 08BE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/1854/9.gif?puid=1742b04e-5021-4221-9c3f-01cd2ebf8114&gdpr=0&gdpr_consent=&gpp=&gpp_sid=&us_privacy=
Requested by
Host: ittpx.eskimi.com
URL: https://ittpx.eskimi.com/sync?gdpr=0&gdpr_consent=&sp_id=14&er=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ittpx.eskimi.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F537 		21 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/prebid-server/?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&url=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-168-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://ap.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=102391
content-encoding
gzip
content-length
7259
content-type
text/html
date
Tue, 03 Feb 2026 04:03:27 GMT
expires
Wed, 04 Feb 2026 08:29:58 GMT
last-modified
Mon, 29 Sep 2025 15:12:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame F7CC 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=connectad&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash
3896bdb752b2449b7ced47b8d2fda34b733889a45e166e50d6f5507b65da461d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=connectad&gdpr=&gdpr_consent=&us_privacy=1---

Response headers

cache-control
max-age=56490
content-encoding
gzip
expires
Tue, 03 Feb 2026 19:44:57 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11500
date
Tue, 03 Feb 2026 04:03:27 GMT
last-modified
Mon, 02 Feb 2026 19:44:57 GMT
x-powered-by
PHP/8.3.24
server
Apache/2.4.65 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
1
sync.connectad.io/umatch/ Frame 5AAF 		0
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.connectad.io/umatch/1?dataid=data5&uuid=3964e248-dc15-49ce-b33d-b8aaf4ae03df
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-cache
CONFIG_NOCACHE
date
Tue, 03 Feb 2026 04:03:27 GMT
x-azure-ref
20260203T040327Z-r1664d85786ztgr9hC1ZRHq4an0000000qvg000000002vbg
getuid
ib.adnxs.com/ Frame 5AAF 		0
0
cms
ups.analytics.yahoo.com/ups/58934/ Frame 5AAF 		0
0
pixel
cm.g.doubleclick.net/ Frame 5AAF
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=3-znu8wMwwk-xTQIpuz76A==&ox_sc=1&ox_init=1
0
0
sync
x.bidswitch.net/ Frame 5AAF 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=openx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2 - Google LLC, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://u.openx.net/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
openx
tr.blismedia.com/v1/api/sync/ Frame 5AAF 		0
0
current
openx2-match.dotomi.com/match/bounce/ Frame 5AAF 		0
0
usync.js
eus.rubiconproject.com/ Frame C461 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash
3896bdb752b2449b7ced47b8d2fda34b733889a45e166e50d6f5507b65da461d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum

Response headers

cache-control
max-age=56490
content-encoding
gzip
expires
Tue, 03 Feb 2026 19:44:57 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11500
date
Tue, 03 Feb 2026 04:03:27 GMT
last-modified
Mon, 02 Feb 2026 19:44:57 GMT
x-powered-by
PHP/8.3.24
server
Apache/2.4.65 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
sync
visitor.omnitagjs.com/visitor/ Frame 1F36
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=ML62PZ4F-1Z-HQAY
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=ML62PZ4F-1Z-HQAY&name=RUBICON&gdpr=0
49 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=ML62PZ4F-1Z-HQAY&name=RUBICON&gdpr=0
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dadyoulike%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BBUYER_USERID%5D
Protocol
H2
Server
34.1.1.166 Paris, France, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
166.1.1.34.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

x-kong-request-id
bf3eb7426d8707716b9f5235ffda6744
via
1.1 kong/3.9.1
x-kong-upstream-latency
6
x-kong-proxy-latency
0
content-length
49
p3p
CP="CAO PSA OUR"
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
server
fasthttp

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=ML62PZ4F-1Z-HQAY&name=RUBICON&gdpr=0
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
102e9138201bc46179fa572a61474df9
content-length
0
Content-Type
text/html
khaos.json
token.rubiconproject.com/ Frame F7CC 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1---&khaos=ML62PZ4F-1Z-HQAY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 , Germany, ASN26667 (RUBICONPROJECT - Magnite, Inc., US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
bf69dc5aae46de3b3e054e69ad3ea11b
content-length
7
content-type
application/json; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame E4DD 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=eskimi&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash
3896bdb752b2449b7ced47b8d2fda34b733889a45e166e50d6f5507b65da461d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=eskimi&endpoint=eu

Response headers

cache-control
max-age=56490
content-encoding
gzip
expires
Tue, 03 Feb 2026 19:44:57 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11500
date
Tue, 03 Feb 2026 04:03:27 GMT
last-modified
Mon, 02 Feb 2026 19:44:57 GMT
x-powered-by
PHP/8.3.24
server
Apache/2.4.65 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
geo
ut.pubmatic.com/ Frame FF8E 		29 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
cb70f9de096cb6f0c317ddb5eba06ecae004895c7856d86d373380f49ca70a3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
29
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
application/json
khaos.json
token.rubiconproject.com/ Frame C461 		0
0
khaos.json
token.rubiconproject.com/ Frame E4DD 		0
0
sync
visitor.europe-west9.gcp.omnitagjs.com/visitor/ Frame AD8E 		0
0
psync
sync.pmbmonetize.live/ Frame AD8E 		0
0
server_match
ad.360yield.com/ Frame AD8E 		0
0
sync
x.bidswitch.net/ Frame AD8E 		0
0
redirect
ssp-sync.criteo.com/user-sync/ Frame AD8E 		0
0
sync
ssbsync.smartadserver.com/api/ Frame AD8E 		0
0
getuid
ib.adnxs.com/ Frame AD8E 		0
0
cksync
cs.media.net/ Frame AD8E 		0
0
prebid
rtb.openx.net/sync/ Frame AD8E 		0
0
rmpssp
sync.1rx.io/usersync2/ Frame AD8E 		0
0
cookie
c1.adform.net/ Frame AD8E 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame AD8E 		0
0
geo
ut.pubmatic.com/ Frame F537 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame F7CC 		0
0
geo
ut.pubmatic.com/ Frame C21C 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame F537 		0
69 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=937628&p=156212&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.231.98.107 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 03 Feb 2026 04:03:27 GMT
strict-transport-security
max-age=16070400; includeSubDomains
content-length
0
geo
ut.pubmatic.com/ Frame FF8E 		29 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
cb70f9de096cb6f0c317ddb5eba06ecae004895c7856d86d373380f49ca70a3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-length
29
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
application/json
geo
ut.pubmatic.com/ Frame F537 		29 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=156212
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
cb70f9de096cb6f0c317ddb5eba06ecae004895c7856d86d373380f49ca70a3e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-origin
*
cache-control
max-age=172800
content-length
29
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
application/json
geo
ut.pubmatic.com/ Frame C21C 		29 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ut.pubmatic.com/geo?pubid=162270
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162270&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D140%26user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.116 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software
/
Resource Hash
cb70f9de096cb6f0c317ddb5eba06ecae004895c7856d86d373380f49ca70a3e
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

strict-transport-security
max-age=16070400; includeSubDomains
access-control-allow-origin
*
cache-control
max-age=172800
content-length
29
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
application/json
getuid
secure.adnxs.com/ Frame 7C52 		146 B
293 B 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D55%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?gdpr=0&gdpr_consent=&pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DOPENWEB_VIDEO_cookie_sync%26ttl%3D720%26uid%3D82df52214992aaa2796cd16591db7d78%26visitor%3D%5BAV_UID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 -, , ASN (),
Reverse DNS
Software
nginx/1.25.5 /
Resource Hash
bfb16f2d35702077ef9d8416d9eef53d688ff16e6faf73d5b9913d76e1144d9a

Request headers

Referer
https://player.aniview.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

content-length
146
content-type
text/html
date
Tue, 03 Feb 2026 04:03:28 GMT
server
nginx/1.25.5
x-proxy-origin
176.10.106.10; 176.10.106.10; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; *.adnxs.com
usync.html
eus.rubiconproject.com/ Frame 747F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
269 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?gdpr=0&gdpr_consent=&pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DOPENWEB_VIDEO_cookie_sync%26ttl%3D720%26uid%3D82df52214992aaa2796cd16591db7d78%26visitor%3D%5BAV_UID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) /
Resource Hash
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9

Request headers

Referer
https://player.aniview.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Tue, 03 Feb 2026 04:03:28 GMT
etag
"10d-63d602600b800-gzip"
last-modified
Wed, 27 Aug 2025 22:17:04 GMT
server
Apache/2.4.65 (Debian)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 03 Feb 2026 04:03:28 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
server
AkamaiGHost
pixelSync
pixel-sync.sitescout.com/dmp/ Frame CB26 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D72%26pid%3D62f53b2c7850d0786f227f64%26key%3D%7BuserId%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/ssync/62f53b2c7850d0786f227f64/ssync.html?gdpr=0&gdpr_consent=&pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DOPENWEB_VIDEO_cookie_sync%26ttl%3D720%26uid%3D82df52214992aaa2796cd16591db7d78%26visitor%3D%5BAV_UID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.216.150 -, , ASN (),
Reverse DNS
Software
A /
Resource Hash

Request headers

Referer
https://player.aniview.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
max-age=0,no-cache,no-store
date
Tue, 03 Feb 2026 04:03:28 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A
via
1.1 google
sync
x.bidswitch.net/ Frame A47A 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=&user_id=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN19527 (GOOGLE-2 - Google LLC, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://player.aniview.com/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Tue, 03 Feb 2026 04:03:28 GMT
content-type
image/gif
cookiesyncendpoint
sync.aniview.com/ Frame A47A
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D24%26pid%3D62f53b2c7850d0786f227f64%26key%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us...
  • https://sync.aniview.com/cookiesyncendpoint?auid=&biddername=24&pid=62f53b2c7850d0786f227f64&key=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb
0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=&biddername=24&pid=62f53b2c7850d0786f227f64&key=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb
Protocol
H2
Server
172.240.45.96 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://player.aniview.com/

Response headers

content-length
0
date
Tue, 03 Feb 2026 04:03:28 GMT
x-envoy-upstream-service-time
0
server
istio-envoy

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://sync.aniview.com/cookiesyncendpoint?auid=&biddername=24&pid=62f53b2c7850d0786f227f64&key=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Feb 2026 04:03:28 GMT
cookiesyncredir
bttrack.com/pixel/ Frame A47A 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D204%26pid%3D62f53b2c7850d0786f227f64%26key%3D%7Bglobalid%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://player.aniview.com/

Response headers

strict-transport-security
max-age=31536000;
cache-control
private,no-cache
x-servername
track005-iad
pragma
no-cache
expires
-1
content-length
35
date
Tue, 03 Feb 2026 04:03:27 GMT
content-type
image/gif
pixel
ap.lijit.com/ Frame A47A 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?us_privacy=&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D18%26key%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.202.143.113 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-202-143-113.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://player.aniview.com/

Response headers

x-envoy-upstream-service-time
2
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, DELETE, PUT
access-control-allow-origin
*
date
Tue, 03 Feb 2026 04:03:28 GMT
vary
Accept-Encoding
server
istio-envoy
access-control-allow-headers
X-Requested-With, Content-Type
usync.js
eus.rubiconproject.com/ Frame 747F 		45 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.4.65 (Debian) / PHP/8.3.24
Resource Hash
3896bdb752b2449b7ced47b8d2fda34b733889a45e166e50d6f5507b65da461d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east

Response headers

cache-control
max-age=56490
content-encoding
gzip
expires
Tue, 03 Feb 2026 19:44:57 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
content-length
11500
date
Tue, 03 Feb 2026 04:03:27 GMT
last-modified
Mon, 02 Feb 2026 19:44:57 GMT
x-powered-by
PHP/8.3.24
server
Apache/2.4.65 (Debian)
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 747F 		7 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=ML62PZ4F-1Z-HQAY
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 , Germany, ASN26667 (RUBICONPROJECT - Magnite, Inc., US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Pragma
no-cache
access-control-allow-credentials
true
Expires
0
access-control-allow-origin
https://eus.rubiconproject.com
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
bf69dc5aae46de3b3e054e69ad3ea11b
content-length
7
content-type
application/json; charset=UTF-8
cookiesyncendpoint
sync.aniview.com/ Frame 747F
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17184&khaos=ML62PZ4F-1Z-HQAY
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=ML62PZ4F-1Z-HQAY
0
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=ML62PZ4F-1Z-HQAY
Protocol
H2
Server
172.240.45.96 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://eus.rubiconproject.com/

Response headers

content-length
0
date
Tue, 03 Feb 2026 04:03:28 GMT
x-envoy-upstream-service-time
0
server
istio-envoy

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=ML62PZ4F-1Z-HQAY
Pragma
no-cache
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
d139bf5b66e810af4a62b7cc5441f392
content-length
0
Content-Type
text/html
track
t2.teads.tv/ Frame 7BB0 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t2.teads.tv/track?action=visible-3&pid=249562&vid=00000000-0000-0000-0000-000000000001&pfid=42&piv=0&env=js-web&ut=0&auctid=b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9&sid=506866&scid=6875&pscid=21832&psid=585625&hb_provider=prebid&hb_ad_unit_code=dfp-ad-top&p=M7oNNuK1SiCXNBJf0sx9h6lWrMl8puydWiI5YoMaCFvqdDJCWWH88IBwhWb92YucV0g&cts=1770091403003&cs=254031608005641319505&1770091403003&slot=native&fv=1523&plft=apa,apnf&referer=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Tue, 03 Feb 2026 04:03:28 GMT
content-type
image/gif
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-2PSJXFW77R&gtm=45je61u1v883553810za200zd883553810&_p=1770091402411&gcd=13l3l3l3l1l1&npa=0&dma=0&cid=300410420.1770091403&ul=de-ch&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEIAAGQ&tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~115938465~115938469~116185181~116185182~116988315~117041587&sid=1770091402&sct=1&seg=0&dl=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414&dt=Is%20Zohran%20Mamdani%20Jeffrey%20Epstein%27s%20Son%3F%20Why%20a%20Viral%20Photo%20Has%20Fuelled%20Shock%20Claims%20Online%20%7C%20IBTimes%20UK&_s=2&tfd=7405
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2PSJXFW77R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.ibtimes.co.uk/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:171:0
report-to
{"group":"ascnsrsggc:171:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:171:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.ibtimes.co.uk
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:171:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 03 Feb 2026 04:03:29 GMT
content-type
text/plain
server
Golfe2
track
t2.teads.tv/ Frame 7BB0 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t2.teads.tv/track?action=visible-4&pid=249562&vid=00000000-0000-0000-0000-000000000001&pfid=42&piv=0&env=js-web&ut=0&auctid=b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9&sid=506866&scid=6875&pscid=21832&psid=585625&hb_provider=prebid&hb_ad_unit_code=dfp-ad-top&p=yfqHP21WLSKltDWJ37qydS4SKdwFhYQEwU4jhu81sRouYV5vPRpH4XeIhT7Smu62jPE&cts=1770091403003&cs=-474349645250082241205&1770091403003&slot=native&fv=1523&plft=apa,apnf&referer=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Tue, 03 Feb 2026 04:03:29 GMT
content-type
image/gif
track
t2.teads.tv/ Frame 7BB0 		23 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://t2.teads.tv/track?action=visible-5&pid=249562&vid=00000000-0000-0000-0000-000000000001&pfid=42&piv=0&env=js-web&ut=0&auctid=b9a3c7ba-d7f6-46db-bb1b-cce46c5b61e7_da527fd6-3587-4fdb-ac31-e2a59bcb75a9&sid=506866&scid=6875&pscid=21832&psid=585625&hb_provider=prebid&hb_ad_unit_code=dfp-ad-top&p=_4P70bKVxpDUsb4T_a8GmgucvqkLpobFKJibZ53XrsPDIpL8szhlIDyzoG2wj3Pj3T0&cts=1770091403003&cs=-779809229593750694205&1770091403003&slot=native&fv=1523&plft=apa,apnf&referer=https%3A%2F%2Fwww.ibtimes.co.uk%2Fzohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Requested by
Host: static.teads.tv
URL: https://static.teads.tv/static/master/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.219.139.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-219-139-198.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36
Referer
https://www.ibtimes.co.uk/

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
date
Tue, 03 Feb 2026 04:03:30 GMT
content-type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/adview?ai=CinHIjHOBae2TDarWt_gPipnu2QGRk561gQGb6I-14hTQvfaeo0cQASDr9eYkYPWFgICMBKAB3tez4gLIAQapAhV0egkTg7U-4AIAqAMByAMKqgSRA0_Q3_XcXeevkHTfxpUzQ_BUxw7JIqyt9m2EsGfTi5cTt8awfTYd-sgJQ63gSa-UuLebDl2wjr35_g2PeEvqCJhm4BnXQKXZOeDHymbwo0fIZmV1Q6NV8u7BhJk2o5nn3YniBT6618cXUbgSGjmds4i9CbyLxGTWEIGcWBF-9Aj3TtxB4pVZe46z6sL-neBw76Ml-Z91fHxWgt-XJ07QtWODpk9p40slOTHpqCaDihomVhHQaARCC5tXZyZeowq0x6Z7Wco9VA9nM-DP4CS51yrrN2EVhVjDLgDFh3yt67kLsAr_z7ObHrdLPD_O2T_uit1IeXkyjReqazZrImtWozqHTjnkOYrxtFKPmbOOsxV6YzULowsLmJlk6GA507UGvMuQkWBIoSdGE6m2WFq126RH6e1uYlnqDfXRBi-KzTsIiK5f-xCC0GOavVAVmxzhn6csFChqlHTZpezzxDyKbvVb4XbU9WaSaUrFLsGaW1TjsHCsLQrsmk-ibs44aAJWHVjk25SIU9P48AKqktxyMdmlwAT_ueSWkwLgBAGIBf6N6IEHkgUECAQYAZIFBAgFGASgBjeAB4qozJ0BqAenzLECqAemvhuoB8zOsQKoB_PRG6gHltgbqAeqm7ECqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAfVyRuoB9m2sQKoB_fCsQLYBwHyBwQQxZsE0ggwCJHhgFAQARidATIIq4uAgICAgAo6DACAwICAgICogAKoA0i9_cE6WK3e96q4vJIDmglFaHR0cHM6Ly93d3cudHJ1ZWZmZWxnYXJ0ZW4uY2gvP2dhZF9zb3VyY2U9NSZnYWRfY2FtcGFpZ25pZD0xODgyODUxMDcwgAoDyAsBogwIKgYKBNbasQKqDQJDSOINEwiwxPiquLySAxUq6w0JHYqMOxvqDRMIrNX4qri8kgMVKusNCR2KjDsbiA7___________8B2BMN0BUByhYCCgD4FgGAFwGyFywKHAgAEhRwdWItOTAwNzcxODEwOTQ1MzQ5MBj8hCIYASoKNzkwNjMwNjYyNroXAjgBqhgXCQAAAABQ3PBAEgo3OTA2MzA2NjI2GAGyGAkSApJPGDciAQDQGAHCGQIIAQ&sigh=J-ddrJRBEpo&uach_m=%5BUACH%5D&ase=2&nis=ATTRIBUTION_REPORTING_STATUS&template_id=492&ebtr=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/btr/view?ai=CinHIjHOBae2TDarWt_gPipnu2QGRk561gQGb6I-14hTQvfaeo0cQASDr9eYkYPWFgICMBKAB3tez4gLIAQapAhV0egkTg7U-4AIAqAMByAMKqgSRA0_Q3_XcXeevkHTfxpUzQ_BUxw7JIqyt9m2EsGfTi5cTt8awfTYd-sgJQ63gSa-UuLebDl2wjr35_g2PeEvqCJhm4BnXQKXZOeDHymbwo0fIZmV1Q6NV8u7BhJk2o5nn3YniBT6618cXUbgSGjmds4i9CbyLxGTWEIGcWBF-9Aj3TtxB4pVZe46z6sL-neBw76Ml-Z91fHxWgt-XJ07QtWODpk9p40slOTHpqCaDihomVhHQaARCC5tXZyZeowq0x6Z7Wco9VA9nM-DP4CS51yrrN2EVhVjDLgDFh3yt67kLsAr_z7ObHrdLPD_O2T_uit1IeXkyjReqazZrImtWozqHTjnkOYrxtFKPmbOOsxV6YzULowsLmJlk6GA507UGvMuQkWBIoSdGE6m2WFq126RH6e1uYlnqDfXRBi-KzTsIiK5f-xCC0GOavVAVmxzhn6csFChqlHTZpezzxDyKbvVb4XbU9WaSaUrFLsGaW1TjsHCsLQrsmk-ibs44aAJWHVjk25SIU9P48AKqktxyMdmlwAT_ueSWkwLgBAGIBf6N6IEHkgUECAQYAZIFBAgFGASgBjeAB4qozJ0BqAenzLECqAemvhuoB8zOsQKoB_PRG6gHltgbqAeqm7ECqAeOzhuoB5PYG6gH8OAbqAfulrECqAf-nrECqAevvrECqAfVyRuoB9m2sQKoB_fCsQLYBwHyBwQQxZsE0ggwCJHhgFAQARidATIIq4uAgICAgAo6DACAwICAgICogAKoA0i9_cE6WK3e96q4vJIDmglFaHR0cHM6Ly93d3cudHJ1ZWZmZWxnYXJ0ZW4uY2gvP2dhZF9zb3VyY2U9NSZnYWRfY2FtcGFpZ25pZD0xODgyODUxMDcwgAoDyAsBogwIKgYKBNbasQKqDQJDSOINEwiwxPiquLySAxUq6w0JHYqMOxvqDRMIrNX4qri8kgMVKusNCR2KjDsbiA7___________8B2BMN0BUByhYCCgD4FgGAFwGyFywKHAgAEhRwdWItOTAwNzcxODEwOTQ1MzQ5MBj8hCIYASoKNzkwNjMwNjYyNroXAjgBqhgXCQAAAABQ3PBAEgo3OTA2MzA2NjI2GAGyGAkSApJPGDciAQDQGAHCGQIIAQ&sigh=J-ddrJRBEpo&uach_m=%5B%5D&ase=2&nis=4&template_id=492&ibtr=1
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fpbs.optidigital.com%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%5BRX_UUID%5D
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://visitor.omnitagjs.com/visitor/sync?visitor=$UID&gdpr=0&gdpr_consent=&name=XANDR&ttl=720&uid=873b5671a0604f5f48e99b573982a1b8&t=
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58921/cms?bidswitch_ssp_id=adyoulike&ssp_user_id=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?gdpr=0&gdpr_consent=&sub=adyoulike
Domain
b1sync.outbrain.com
URL
https://b1sync.outbrain.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DZEMANTA_NATIVE_1_2_cookie_sync%26ttl%3D720%26uid%3D89d80fd15e7f2bb7930a72a9cd0d9d38%26visitor%3D__UID__&gdpr=0&gdpr_consent=
Domain
visitor.omnitagjs.com
URL
https://visitor.omnitagjs.com/visitor/sync?name=MEDIAFORCE&&uid=46263fa2a97ba86fb5c8b7e2d0f46f96&visitor=b2e801b8-a129-481d-96d7-b1e07e58d734
Domain
sync-service.net
URL
https://sync-service.net/ssp?gdpr=0&gdpr_consent=&pl=bi&token=0K3iZk8wcIw5
Domain
csync.copper6.com
URL
https://csync.copper6.com/3ccb4268afab0c2b1373a8a8fdc5011f.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DOW_COPPER6_cookie_sync%26ttl%3D720%26uid%3D00eb920739e79147a212d968f6877653%26visitor%3D%5BUID%5D
Domain
csync.copper6.com
URL
https://csync.copper6.com/f3c49daf592d06bab39258cac72c0de9.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DCOPPER6_APP_cookie_sync%26ttl%3D720%26uid%3D123285a4642e0170ed8b35a36075585%26visitor%3D%5BUID%5D
Domain
cs.media.net
URL
https://cs.media.net/cksync?cs=88&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DMEDIANET_cookie_sync%26ttl%3D720%26uid%3D45ed37d56d3d4fceb796822ed9fe8a30%26visitor%3D%3Cvsid%3E&type=opd
Domain
ads.yieldmo.com
URL
https://ads.yieldmo.com/pbsync?gdpr=0&gdpr_consent=&is=ady&redirectUri=https://visitor.omnitagjs.com/visitor/sync?name=YIELDMO&ttl=720&uid=3ee5cefc896f9db66dd131a32a91d57f&visitor=$UID
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/oRTB?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DINMOBI_cookie_sync%26ttl%3D720%26uid%3D92d1046e90693deddd1b2d07d3ad9898%26visitor%3D%7BID5UID%7D
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/711333.gif?
Domain
audienceexposure.com
URL
https://audienceexposure.com/iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DBRAVE_IO_cookie_sync%26ttl%3D720%26uid%3D25475356464fe052c2259a7545f8988b%26visitor%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?gdpr=&consent=&us_privacy=&gpp=&gppsid=&cb=https%3A%2F%2Fpbs.receptivity.io%2Fsetuid%3Fbidder%3Dimds%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%5BUSER_ID%5D&srv=cs&att=99
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?id=ML62PZ4F-1Z-HQAY&ex=d-rubiconproject.com&status=ok
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58912/cms?uid=QlCimIWHZzggTO1cZ0vQ2sn5EUdSAgOZEtemQ7w0kco&csrc=
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=ML62PZ4F-1Z-HQAY
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
Domain
sync.a-mo.net
URL
https://sync.a-mo.net/setuid/magnite?uid=ML62PZ4F-1Z-HQAY
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
Domain
capi.connatix.com
URL
https://capi.connatix.com/us/pixel?puid=ML62PZ4F-1Z-HQAY&pId=11&gdpr=&gdpr_consent=&us_privacy=
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=80&3pid=ML62PZ4F-1Z-HQAY
Domain
www.temu.com
URL
https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=8c6807b627678853&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10682794419520%26gdpr%3D0%26consent%3D%26us_privacy%3D%26custom_data%3D
Domain
ads.creative-serving.com
URL
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=smartadserver&bsw_custom_parameter=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb&gdpr=0&gdpr_consent=
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Domain
b1sync.outbrain.com
URL
https://b1sync.outbrain.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__UID__&gdpr=0&gdpr_consent=
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58935/cms?gdpr=&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
b1sync.outbrain.com
URL
https://b1sync.outbrain.com/usersync/gumgum/?puid=e_57b1ff37-9513-4f15-8388-8551dca231f9&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__UID__
Domain
cs-server-s2s.yellowblue.io
URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D723%26dspCookie%3D%7BpartnerId%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
gw-iad-bid.ymmobi.com
URL
https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=eWg=&gdpr=0&gdpr_consent=&us_privacy=1---&bidswitch_ssp_id=rtaplus&bsw_custom_parameter=7d8d2e0a-6347-43a9-b8e2-288c718f3bcb&callback=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D257
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?src=pbjs%2F9.47.0&srv=cs&att=99
Domain
aorta.clickagy.com
URL
https://aorta.clickagy.com/pixel.gif?ch=185&cm=MHQT4TZH_vIgPx8dTRO_QiA8&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=&gdpr_consent=
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/svr?gdpr=&gdpr_consent=&_bee_ppp=1
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=49&3pid=5z7ch9dRXSNp&ev=1&pid=558511&gdpr_consent=&gdpr=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/f6840be316cff8120b331878d1e34728.gif?puid=[UID]&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D122%263pid%3D%5BUID%5D&gdpr=&gdpr_consent=
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=2&3pid=CE7DBA6459864997A33635F0BFC62C0A
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/dot.gif
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=86&3pid=Dxc2h3h_XoUYn8SkRzR6RTSWkTvh6D-iHhw5meZVdCo&pi=sovrn&gdpr=&gdpr_consent=
Domain
www.temu.com
URL
https://www.temu.com/api/adx/cm/pixel-opera?adx_uid=63cbbc171aeefd52&gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Ft.adx.opera.com%2Fsync%3Fvendor%3D60369%26pubid%3Dpub10014056052800%26gdpr%3D%26consent%3D%26us_privacy%3D%26custom_data%3D
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
sync.aniview.com
URL
https://sync.aniview.com/ssync?gdpr=0&gdpr_consent=&pid=62f53b2c7850d0786f227f64&r=https%3A%2F%2Fvisitor.europe-west9.gcp.omnitagjs.com%2Fvisitor%2Fsync%3Fgdpr%3D0%26gdpr_consent%3D%26is_cookie_sync_uid%3D1%26name%3DOPENWEB_VIDEO_cookie_sync%26ttl%3D720%26uid%3D82df52214992aaa2796cd16591db7d78%26visitor%3D%5BAV_UID%5D
Domain
s.console.adtarget.com.tr
URL
https://s.console.adtarget.com.tr/sync.html?aid=954530
Domain
rtb.gamoshi.io
URL
https://rtb.gamoshi.io/user_sync?bidder=eskimi&gdpr=0&gdpr_consent=&us_privacy=&rurl=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D93%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D%26us_privacy%3D%5BUS_PRIVACY%5D%26user_id%3D%5Bgusr%5D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D113%26user_id%3D%7Buid%7D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D277%26user_id%3D%7Buid%7D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=eskimi
Domain
bidder.smartytouch.co
URL
https://bidder.smartytouch.co/ssp/match?redirect=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D296%26user_id%3D%7Buser_id%7D
Domain
sync.sparteo.com
URL
https://sync.sparteo.com/s2s_sync?gdpr=0&gdpr_consent=&us_privacy=&redirect_url=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D312%26user_id%3D%7Buser_id%7D
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=2650&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D298%26gdpr%3D%7BGDPR%7D%26gdpr_consent%3D%7BGDPR_CONSENT%7D%26us_privacy%3D%7BCCPA_CONSENT%7D%26user_id%3D%7BPUB_USER_ID%7D
Domain
dis.criteo.com
URL
https://dis.criteo.com/dis/usersync.aspx?r=73&p=342&dis=0&url=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fredirect%3fuid%3d%40%40CRITEO_USERID%40%40%26dised%3dtrue%26gdpr%3d%26gdprapplies%3dFalse%26ccpa%3d%26gpp%3d%26gpp_sid%3d%26profile%3d342%26redir%3dhttps%253A%252F%252Fittpx.eskimi.com%252Fsync%253Fdp_id%253D185%2526gdpr%253D%2524%7bGDPR%7d%2526gdpr_consent%253D%2524%7bGDPR_CONSENT%7d%2526us_privacy%253D%2524%7bUS_PRIVACY%7d%2526user_id%253D%2524%7bUSER_ID%7d&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
Domain
cs.admanmedia.com
URL
https://cs.admanmedia.com/60967d2e0594f2cb7e88f52e0a1f64d7.gif?puid=1742b04e-5021-4221-9c3f-01cd2ebf8114&redir=https%3A%2F%2Fittpx.eskimi.com%2Fsync%3Fdp_id%3D106%26user_id%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=&gpp=&gpp_sid=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://ittpx.eskimi.com/sync?dp_id=193&gdpr=0&gdpr_consent=&us_privacy=&user_id=$UID
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
Domain
ups.analytics.yahoo.com
URL
https://ups.analytics.yahoo.com/ups/58934/cms?gdpr=0
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=3-znu8wMwwk-xTQIpuz76A==&ox_sc=1&ox_init=1
Domain
tr.blismedia.com
URL
https://tr.blismedia.com/v1/api/sync/openx
Domain
openx2-match.dotomi.com
URL
https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid=f74757c8-5b09-9447-6ce1-4be9ab7f26b3
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/khaos.json?khaos=ML62PZ4F-1Z-HQAY
Domain
token.rubiconproject.com
URL
https://token.rubiconproject.com/khaos.json?khaos=ML62PZ4F-1Z-HQAY
Domain
visitor.europe-west9.gcp.omnitagjs.com
URL
https://visitor.europe-west9.gcp.omnitagjs.com/visitor/sync?gdpr=0&gdpr_consent=&is_cookie_sync_uid=1&name=Heroes_cookie_sync&ttl=720&uid=b11513b524b8fb6cfa1d87f3198b8359&visitor=c3dab314-0564-5211-b9f6-6247517a33a7
Domain
sync.pmbmonetize.live
URL
https://sync.pmbmonetize.live/psync?t=s&e=106&cb=https%3A%2F%2Fmeasureadv.com%2FuserBackIframe%3Fuid%3D%25USER_ID%25%26p%3D1
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=1805&r=https%3A%2F%2Fmeasureadv.com%2FuserBackIframe%3Fuid%3D%7BPUB_USER_ID%7D%26p%3D3
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=videoheroes&user_id=c3dab314-0564-5211-b9f6-6247517a33a7
Domain
ssp-sync.criteo.com
URL
https://ssp-sync.criteo.com/user-sync/redirect?profile=342&redir=https%3A%2F%2Fmeasureadv.com%2FuserBackIframe%3Fuid%3D%24%7BCRITEO_USER_ID%7D%26p%3D5
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=75&redirectUri=https%3A%2F%2Fmeasureadv.com%2FuserBackIframe%3Fuid%3D%5Bssb_sync_pid%5D%26p%3D6
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https%3A%2F%2Fmeasureadv.com%2FuserBackIframe%3Fuid%3D%24UID%26p%3D7
Domain
cs.media.net
URL
https://cs.media.net/cksync?cs=146&type=vid&redirect=https%3A%2F%2Fmeasureadv.com%2FuserBackIframe%3Fuid%3D%3Cvsid%3E%26p%3D8
Domain
rtb.openx.net
URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fmeasureadv.com%2FuserBackIframe%3Fuid%3D%24%7BUID%7D%26p%3D9
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/rmpssp?sub=seven
Domain
c1.adform.net
URL
https://c1.adform.net/cookie?redirect_url=https%3A%2F%2Fmeasureadv.com%2FuserBackIframe%3Fuid%3D%24UID%26p%3D11
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?p=161018&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D161018%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fmeasureadv.com%252FuserBackIframe%253Fuid%253D%2523PMUID%2526p%253D13
Domain
ut.pubmatic.com
URL
https://ut.pubmatic.com/geo?pubid=156212
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=connectad&gdpr=&gdpr_consent=&us_privacy=1---&us_privacy=1---&khaos=ML62PZ4F-1Z-HQAY
Domain
ut.pubmatic.com
URL
https://ut.pubmatic.com/geo?pubid=162270

Verdicts & Comments Add Verdict or Comment

221 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 string| CEN_DOMAIN number| current_timestamp object| dfpSlots object| dfpEx object| fqtag object| oa object| doFir object| doReady object| dataLayer number| brW number| brH function| _LJ function| LJ function| LC function| setCookieHours function| setCookie function| deleteCookie function| getCookie function| getCookieString function| getUrlParameters function| loadJS function| appendCSS function| GCSS function| execFunc function| ibt_log function| ibt_error string| SITE_DOMAIN string| str object| a function| openLogin function| closeLogin function| adjustLoginHeight function| login_success string| LANG function| commentHeight function| afterLogin object| relList function| setCookieSecure function| LJS function| LJSA string| site_name string| site_id string| site_domain string| uspString object| consentPrebid string| referrer number| timerStart object| utm_result2 function| TrafficSource string| trsource string| brtype object| connection string| con_type string| highval_str object| pbjs object| googletag function| extractHostname number| site_random string| ibtmedia_device object| keyEx string| NoPassFQ string| adBlock object| adblockedcmd number| site_ads string| pageFocus string| dfp_cat string| fq_ref string| pageRefreshed string| w1200 boolean| fqs_loaded string| ts object| utm_result string| fq_source number| FAILSAFE_TIMEOUT number| PREBID_TIMEOUT function| verification_callback function| fq_callback function| ivt_common number| fqtimeout function| loadAdTags object| adsTagLoad number| abt_rand string| abt number| abt100 object| videoAdUnit object| pbSlots object| amzSlots object| pbSlotsLazy object| amzSlotsLazy function| amznVideoAPS function| amznVideoAPS_refresh object| adexl_fpd function| checkReqCap function| gptRefresh function| defineDFPSlot function| insertLazySlots function| removeLazySlots function| loadLazyAdUnits function| prebidVideoAd_refresh function| initAdserver function| adsTimeout function| executeAdsTagLoad string| keyExC string| DVPreFilter string| site_ads_text boolean| amznads2_loaded boolean| pbjs_loaded string| wo_section string| wo_pagetype string| pb_videos number| hb_timeout_var number| ad_loaded function| insertAdsOnRelatedArticle function| refreshInViewSlot function| loadGA4 function| gtag function| getPvP object| ibt_cter string| STATS_D string| MAIN_D string| DATA_D string| GRAPHIC_D object| doWLoad function| createBookmark function| doAfterLoad function| lazyLoad function| closeFrame function| commentPoster function| closePoster function| sessSync function| signin_page function| login_callback function| logout_callback function| openSignin function| closeSignin function| _hasPopupBlocker object| scroll_initial function| scroll_active function| isEmpty function| localLogin function| setJsonData function| putJsonData function| parseQuery function| windowProperty function| work_editor_region function| work_editor boolean| m_moving_on boolean| adjust_height function| m_move_next function| m_move_prev function| poll_result function| get_poll function| active_poll function| check_slide function| begin_slide function| lazyEmbed function| mainIBTembed function| loadDataTableScript function| exeDataTable function| windowBlack function| closeBlack object| ibtUrlParameter function| getLineItemTargeting function| getFrameDocument function| removeUnwantedCreative function| detect360 function| pauseIbtPlayer function| pauseOtherPlayer function| showIbtimesTv function| showIbtimesTv_360 function| showIbtimesTv_nextStage function| showIbtimesTvArticle object| FingerprintJS function| close_paywall function| check_status function| extra_do_video function| $ function| jQuery number| p number| str_len string| h function| getOS function| getBrowser string| m number| k function| sys_callback string| stats_str function| news_counter function| oa_counter function| oa_callback object| ggeac object| google_tag_data object| google_js_reporting_queue object| pbjsChunk object| _pbjsGlobals object| regeneratorRuntime object| invibes object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal string| o object| google_reactive_ads_global_state number| google_unique_id object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| teads object| google_image_requests

84 Cookies

Domain/Path Name / Value
www.ibtimes.co.uk/ Name: X-UA-Info
Value: country|CH|state|OTHER|city|OTHER|latitude|47.144900|longitude|8.155100|isp|Datasource AG|ip|176.10.106.10|device|desktop|time|1770091402
www.ibtimes.co.uk/ Name: orir
Value:
.ibtimes.co.uk/ Name: cds1
Value: 1
.ibtimes.co.uk/ Name: cus1
Value: 1
.ibtimes.co.uk/ Name: cmx1
Value: 1
.ibtimes.co.uk/ Name: ustats
Value: 0.5329102446302059
.ibtimes.co.uk/ Name: pbjs_sharedId
Value: 36ecad67-7007-477b-b031-f7496bcb5de8
.ibtimes.co.uk/ Name: pbjs_sharedId_cst
Value: zix7LPQsHA%3D%3D
www.ibtimes.co.uk/ Name: _lr_retry_request
Value: true
www.ibtimes.co.uk/ Name: _lr_env_src_ats
Value: false
.ibtimes.co.uk/ Name: _ga
Value: GA1.1.300410420.1770091403
.id5-sync.com/ Name: id5
Value: 4ff3c333-2557-7be8-9ddd-ec7fd23bd9f1#1770091402660#1
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 3ae922be915f49f13b2ee7c1b4eebe0c
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4nGNQME5MtTQySkq1NDRNM7FMMzROMkpNNU82TDJJTU1KNUhmAILMxuIuBgQAAGqgC4Q%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4nGNgYGDIbCzuYoADABevAeg%3D"
.ibtimes.co.uk/ Name: panoramaId_expiry
Value: 1770696202709
.ibtimes.co.uk/ Name: _cc_id
Value: 3ae922be915f49f13b2ee7c1b4eebe0c
.ibtimes.co.uk/ Name: panoramaId
Value: 273ecfde5e7464a274ac6e0aa186185ca02cdd31d2d6d83eb743689b5f7c2e66
.receptivity.io/ Name: contxtfulSM
Value: ad1b81b5-095d-4816-bd7d-81952d8dec11
.ibtimes.co.uk/ Name: __eoi
Value: ID=04da0c107d260309:T=1770091404:RT=1770091404:S=AA-AfjZ4BAMSUJNplK_tkCvUMVuy
.ibtimes.co.uk/ Name: _ga_2PSJXFW77R
Value: GS2.1.s1770091402$o1$g0$t1770091404$j58$l0$h0
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.omnitagjs.com/ Name: ayl_visitor
Value: d42ed4755d9c3a5fe9d3660ad3e2512b
.rubiconproject.com/ Name: khaos
Value: ML62PZ4F-1Z-HQAY
.rubiconproject.com/ Name: khaos_p
Value: ML62PZ4F-1Z-HQAY
.pbs.optidigital.com/ Name: uidod
Value: e30=
.pbs.optidigital.com/ Name: uidadyoulike
Value: eyJ1aWQiOiJkNDJlZDQ3NTVkOWMzYTVmZTlkMzY2MGFkM2UyNTEyYiJ9
.pbs.optidigital.com/ Name: uidrubicon
Value: eyJ1aWQiOiJNTDYyUFo0Ri0xWi1IUUFZIn0=
.openx.net/ Name: i
Value: d31652de-cc0d-45d0-8267-b05711d2f2af|1770091407
.smaato.net/ Name: SCM
Value: e2f80df11b
.smaato.net/ Name: SCMp
Value: e2f80df11b
.smaato.net/ Name: SCMinf
Value: e2f80df11b
.connectad.io/ Name: uid
Value: 43157aa7-6b7d-49ed-869d-0e4f7d8d2f92
.smilewanted.com/ Name: sw_user_params_infos
Value: lRZ4%2B4BjGB75GCG4angrKyDOUCN48Fc%2BO72SVNZ3tLib%2FyzRH9xE5G6U8MM%2BqFrM3rLLVIKR%2FjiwRgKcsUzSrhQ2TJervNlrjXWkOhzGsM1vlBS6lSB%2BlWEwRVmCLIgXUHymXZO7ZlOOdP7xeDmNKQ%3D%3D
.smartadserver.com/ Name: pid
Value: 6031504432374780892
.lijit.com/ Name: ljt_reader
Value: MHQT4TZH_vIgPx8dTRO_QiA8
.gumgum.com/ Name: vst
Value: e_57b1ff37-9513-4f15-8388-8551dca231f9
.eskimi.com/ Name: __eDId
Value: 1742b04e-5021-4221-9c3f-01cd2ebf8114
.creativecdn.com/ Name: g
Value: mscdpoNJ6nczF80S4wal_1770091407460
.creativecdn.com/ Name: ts
Value: 1770091407
.richaudience.com/ Name: pdid
Value: f723398f-56f9-48bf-8ec3-1zz1770089592
.eskimi.com/ Name: __eSSync
Value: 1770098667:14
.lijit.com/ Name: ljtrtbexp
Value: eJxdzLsRACAIA9BdqC0IfgBX89zdVlK%2BXJIjI2XDHV2h6k2sMgZ5klc1tNfAQQUzXtBFZsaf3AdmrSAw
.bidswitch.net/ Name: tuuid
Value: 7d8d2e0a-6347-43a9-b8e2-288c718f3bcb
.bidswitch.net/ Name: c
Value: 1770091407
.bidswitch.net/ Name: tuuid_lu
Value: 1770091407
.csync.loopme.me/ Name: viewer_token
Value: 5c2b3a9a-df14-4ba4-ae75-f75a0a8b049b
.doubleclick.net/ Name: IDE
Value: AHWqTUluhX4jqPcsyJECj3Lz2jdDWHC77aQqLD2k87VBw1bV6O7rpYdNt1BhaVWJMA4
.openx.net/ Name: pd
Value: v2|1770091407|guvNiygen0wk
.quantserve.com/ Name: mc
Value: 6981738f-8f3a2-f1a1c-399ea
.adform.net/ Name: C
Value: 1
.casalemedia.com/ Name: CMID
Value: aYFzj7mqPVcAA6jkBk1dGQAA
.casalemedia.com/ Name: CMPS
Value: 3186
.casalemedia.com/ Name: CMPRO
Value: 3186
.quantserve.com/ Name: sp
Value: CggIknESAxCxEQ==
.amazon-adsystem.com/ Name: ad-id
Value: A8DDdbDsTkSunSGhkmEu60M|t
.infolinks.com/ Name: SAMUSERCOOKIE
Value: e2f80df11b
.opera.com/ Name: OAU
Value: OPUb4a9d816d6e247f8a2ccc22c82d4e7ae
.adform.net/ Name: uid
Value: 1064847436536957466
.connectad.io/ Name: id
Value: eyJpdiI6ImRzcDllYW9PTzlabWJZZnZFVzZ5ZFE9PSIsInZhbHVlIjoiLy85Sy9jS1h0YUN0LzN3WFZSRmsyUlpOZUgwdFM5aFlXamUzNkxMTXZZL1h2UGc5OUVpMzhkTUE0MDl5cUZjYXFFVVlSd3VrRENDc3pmc3B3ZkxNNkpIbWZhNGtmbU9jQTY5MWdkaThWeEJ5RGtXanpORFF5ZkNMSmZicW5SdUsrUzRMK2wzL2V0K2Q3WWEyRUdBVzNoT0p5RGxrWGwvYXdWYThrVjVOaVl2amp5TTZ5M3RYL1BJNE5GaG9YT2NsZ2JpNlJGTmtTTUV2cFRiR0pUQWprQkd3RjBQNnR6TU5zanNqVWNWTDhrbllQZlpzV0xvWm5GZmtrWUg1cnBBcWFKWFV5MDJPZ0tLVDVtN0V4OGdLRVh0aTNMeXcyeWtSV2Nycm5jcDJDNmk3Yis1citYLzd0dlAvZmFkbkM3ZnY2TUM4a2VnWWo5S1Y4czVZOElTY3lVdzczOW12OGNnQXNvTHV1UTZOWlJNck42cU53MDRvNnFMd1EvMmt6MHdDREQ1b3ZLQmNscEhhQmhidlI5ZFJwZFd4MUY4bFNldXBFOFlvVVdLdTN0ZUlkSFVSYm5LSkk1V0FlT010UEVjRDVVU3UzdGI2TjI4WW1BTmFqZ2tpZm02YSsxYzdWOXJ2d1Y4YTF4c0tyTG1HSUNCM1hrTUFmdldTd2I3cHREM0NHUGlyTmtjcVkwSjMxeWtUcGFTMHZRYmFibXBUL2RDa1hGNUhCdHZ0dG1Fd3hZNTh4UXBLK0xDS3N5WjZqbkZzIiwibWFjIjoiOGQ2NjdlMzI2ZjZhZTY5NmZhMjU0MTZhNTMxODI5M2I4YzNmYmNlMWE3MzkyZDY2NGExMjAyNTg5YzQ0MWFhYyIsInRhZyI6IiJ9
.mfadsrvr.com/ Name: tuuid
Value: b2e801b8-a129-481d-96d7-b1e07e58d734
.mfadsrvr.com/ Name: c
Value: 1770091407
.mfadsrvr.com/ Name: tuuid_lu
Value: 1770091407
.pixad.com.tr/ Name: uid
Value: bd3f6b89-d4ac-4a2e-8d40-6322cc507f46
.postrelease.com/ Name: visitor
Value: b97ce1bf-56e2-477f-a566-ead463f957e5
.postrelease.com/ Name: status
Value: 0
.rlcdn.com/ Name: rlas3
Value: VzvBbtQPbix4SBWzXWKTilA95YujQgG5VAUuT6lw4VY=
.rlcdn.com/ Name: pxrc
Value: CI/nhcwGEgYIkLwrEAA=
.contextweb.com/ Name: V
Value: yXYNcmD96Cjf
.contextweb.com/ Name: VP
Value: part_yXYNcmD96Cjf
.contextweb.com/ Name: pb_rtb_ev
Value: 3-230n|7bq.0.1
.contextweb.com/ Name: pb_rtb_ev_part
Value: 3-230n|7bq.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 1402b1e05f6b7575
.receptivity.io/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJndW1ndW0iOnsidWlkIjoiZV81N2IxZmYzNy05NTEzLTRmMTUtODM4OC04NTUxZGNhMjMxZjkiLCJleHBpcmVzIjoiMjAyNi0wMi0xN1QwNDowMzoyNy42MjgyMzM5ODVaIn19fQ==
measureadv.com/ Name: new
Value: 1
measureadv.com/ Name: uid
Value: c3dab314-0564-5211-b9f6-6247517a33a7
.simpli.fi/ Name: suid
Value: CE7DBA6459864997A33635F0BFC62C0A
.creative-serving.com/ Name: tuuid
Value: bb76d851-ffcb-4975-9553-67295b91974f
.creative-serving.com/ Name: c
Value: 1770091407
.creative-serving.com/ Name: tuuid_lu
Value: 1770091407
.mfadsrvr.com/ Name: ssh
Value: !adyoulike=1770091407
.rubiconproject.com/ Name: audit_p
Value: 1|BFmNKVDjBeySEXLr9Gy/gn7s0unaCf07pGRc/K5F0HOT5JOdE07T+xdsVOSurVBLVXzkr8IIjE4kEa5N2k7U1SEEFoCDRlfY5fvCZrsWYKqGsZF86SCNHp6vykz9WjpV6fPX+39VEvlo8946LEpae7n2bxUNX7fWNF0jHXcHxm+upM4Zzwbyq7FowDEVirzZcYGm112B/65Ii/0PgMapEQ==
.rubiconproject.com/ Name: audit
Value: 1|BFmNKVDjBeySEXLr9Gy/gn7s0unaCf07pGRc/K5F0HOT5JOdE07T+xdsVOSurVBLVXzkr8IIjE4kEa5N2k7U1SEEFoCDRlfY5fvCZrsWYKqGsZF86SCNHp6vykz9WjpV6fPX+39VEvlo8946LEpae7n2bxUNX7fWNF0jHXcHxm+upM4Zzwbyq7FowDEVirzZcYGm112B/65Ii/0PgMapEQ==

8 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=56
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://prebid-server.rubiconproject.com/cookie_sync
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
rendering warning URL: https://ep2.adtrafficquality.google/sodar/sodar2/237/runner.html
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0D0190344270000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://gum.aidemsrv.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
network error URL: https://ib.adnxs.com/prebid/setuid?bidder=connectad&gdpr=0&gdpr_consent=&f=i&uid=43157aa7-6b7d-49ed-869d-0e4f7d8d2f92
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D%26biddername%3D55%26key%3D%24UID
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://www.ibtimes.co.uk/zohran-mamdani-jeffrey-epsteins-son-why-viral-photo-has-fuelled-shock-claims-online-1775414
Message:
The resource https://g.ibtimes.co.uk/video/images/ibt_player_bg2.webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.amxrtb.com
a.teads.tv
aax-eu.amazon-adsystem.com
ad-cdn.technoratimedia.com
ad.360yield.com
ads.creative-serving.com
ads.pubmatic.com
ads.rubiconproject.com
ads.yieldmo.com
aorta.clickagy.com
ap.lijit.com
api-ssp.spot.im
api.rlcdn.com
audienceexposure.com
b1-dubdc1.outbrain.com
b1sync.outbrain.com
b1t-dubdc1.outbrain.com
bh.contextweb.com
bidder.smartytouch.co
bttrack.com
c1.adform.net
capi.connatix.com
cdn.ampproject.org
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.media.net
csync.copper6.com
csync.loopme.me
csync.smilewanted.com
d.ibtimes.co.uk
d055bab3dee8d88250911c3a23925feb.safeframe.googlesyndication.com
dis.criteo.com
dsp-service.pixad.com.tr
dsp.outbrainimg.com
eb2.3lift.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.ibtimes.co.uk
gum.aidemsrv.com
gw-iad-bid.ymmobi.com
hb.trustedstack.com
ib.adnxs.com
ibtmedia.technoratimedia.com
id.crwdcntrl.net
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
ittpx.eskimi.com
jadserve.postrelease.com
krk2.kargo.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
measureadv.com
micro.rubiconproject.com
ms-cookie-sync.presage.io
mweb-hb.presage.io
onetag-sys.com
openx2-match.dotomi.com
pagead2.googlesyndication.com
pbs-cs.yellowblue.io
pbs.optidigital.com
pbs.receptivity.io
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
player.aniview.com
prebid-a.rubiconproject.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.cootlogix.com
prebid.receptivity.io
px.ads.linkedin.com
region1.analytics.google.com
router.infolinks.com
rt.marphezis.com
rtb.gamoshi.io
rtb.gumgum.com
rtb.openx.net
s.ad.smaato.net
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.seedtag.com
s0.2mdn.net
scripts.opti-digital.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp-sync.criteo.com
ssum-sec.casalemedia.com
static.teads.tv
stats.g.doubleclick.net
stats.myibtimes.com
sync-service.net
sync.1rx.io
sync.a-mo.net
sync.adkernel.com
sync.adtelligent.com
sync.aniview.com
sync.connectad.io
sync.cootlogix.com
sync.inmobi.com
sync.ipredictive.com
sync.pmbmonetize.live
sync.richaudience.com
sync.sparteo.com
sync.srv.stackadapt.com
sync.teads.tv
sync.technoratimedia.com
t.teads.tv
t2.teads.tv
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
ut.pubmatic.com
visitor.europe-west9.gcp.omnitagjs.com
visitor.omnitagjs.com
widgets.outbrain.com
www.google.ch
www.googletagmanager.com
www.ibtimes.co.uk
www.temu.com
x.bidswitch.net
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.creative-serving.com
ads.yieldmo.com
aorta.clickagy.com
audienceexposure.com
b1sync.outbrain.com
bidder.smartytouch.co
c1.adform.net
capi.connatix.com
ce.lijit.com
cm.g.doubleclick.net
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.media.net
csync.copper6.com
dis.criteo.com
gw-iad-bid.ymmobi.com
ib.adnxs.com
id.rlcdn.com
image8.pubmatic.com
match.deepintent.com
match.prod.bidr.io
openx2-match.dotomi.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
px.ads.linkedin.com
rtb.gamoshi.io
rtb.openx.net
s.amazon-adsystem.com
s.console.adtarget.com.tr
s0.2mdn.net
secure.adnxs.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
sync-service.net
sync.1rx.io
sync.a-mo.net
sync.adtelligent.com
sync.aniview.com
sync.inmobi.com
sync.ipredictive.com
sync.pmbmonetize.live
sync.sparteo.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
tr.blismedia.com
ups.analytics.yahoo.com
ut.pubmatic.com
visitor.europe-west9.gcp.omnitagjs.com
visitor.omnitagjs.com
www.temu.com
x.bidswitch.net
103.231.98.107
103.67.200.72
104.102.33.206
104.16.55.62
104.18.2.52
104.18.26.193
108.128.38.143
13.248.245.213
134.209.77.117
136.110.189.215
141.95.33.120
141.95.98.64
142.250.201.161
142.251.127.155
142.251.140.162
142.251.140.163
142.251.141.66
146.190.187.27
149.202.238.101
151.101.66.132
162.19.138.83
163.5.194.37
168.119.146.39
172.240.45.96
172.66.170.8
172.66.41.9
172.67.74.147
18.153.64.118
18.202.117.248
18.202.143.113
18.244.18.85
185.184.8.90
185.64.189.116
185.89.211.84
188.166.203.175
188.40.16.220
192.132.33.68
198.47.127.18
2.16.241.200
2001:4860:4802:34::36
204.62.14.130
208.93.169.131
216.19.192.2
23.219.139.198
23.37.63.179
2400:52e0:1e00:2::1329:1
2400:52e0:1e00:2::1331:1
2602:803:c003:200::21
2602:803:c004:200::137
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:10::6814:2396
2606:4700:10::6814:28de
2606:4700::6812:1744
2606:4700::6812:dfa
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:bdf::45
2a00:1450:4001:808::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2008
2a00:1450:4001:814::2001
2a00:1450:4001:c21::84
2a00:1450:4001:c21::9b
2a02:2638:3::3a
2a02:26f0:3500:12::1730:17ac
2a02:26f0:480:33::212:40c5
2a04:4e42:200::644
3.122.29.220
3.127.118.188
3.216.121.38
34.1.1.166
34.1.242.226
34.120.133.55
34.160.72.119
34.36.216.150
35.207.140.152
35.214.136.108
35.214.141.3
35.244.154.8
35.244.159.8
37.157.2.235
37.157.5.84
37.252.171.53
44.236.161.110
46.137.23.186
51.89.9.252
52.208.190.113
52.223.40.198
52.95.126.160
54.247.188.220
54.74.75.213
67.202.105.21
69.173.144.139
69.173.144.165
88.221.168.201
88.221.169.246
88.221.169.78
99.80.128.60
0209a932e3afa64e853fd17cca2ee8beaacbd647cd3e912ec8df4495532fba2b
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
07ddb7021152b8e387111f2d7a7ae31fb5cccd5ad5ffb863bdd598dad2bb3f1f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f2b53327f12ed7538e069e872ac0580babdf8fe1bc5860ae4afc92ba807d8db
11d0d10f68a5e5324c6f90e8382c38a5fcc8ea3ea59165ef649ebafb7e07855c
12cbb4f86d17197718e72f5b8d19d39c57f1323971099eeb097aea3dac582ac1
135fe1822959b8811afafc20effec079f339c96788df6e47e933a7d0c267921b
141cf908f738cc4c8be42250587f1e0facc9b4ead3eb358c1cc6bb52cf25b494
14b660a511e14a9a481c6fe43c576f36c61b656cfd379728c54f1128e1855966
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
1cf1ef9cc36ac3a38ba670bc55c5b81906743db6c190cf5a9f46f5251ab100c4
1ef86c93f01d812b3928f34c0147ef22ddef81fdd79b5f118e971cb821d05824
20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
221461a540614a6cf1e927b43f5107953c9df881e290cd5d41b3cd2f3a4a0854
237148df834b5df077d6098229bb55cbc4a85d80f1a9eea7c8affaf0033bb886
28398ce6054f659e36623db82b15e2bd877829ae22d124d18ad481ecab405de0
2d1ce3a27a57aafaab16bc75d68bcc4229f60439fdb5b3578b22aeee886beb7a
2ec0b21f417bbe2beccc0a0fdc58fd9b26c97958897c46c07185ad3d97be9f48
2f442dc69d359461789e3836ded171b045c0a4c7544de8808e87e049fd785195
2f6a237878a6010bdbbea4c8efa32833e22a366fdf8b378579247db9c42d251a
32078327d38c454b789c3fedde5625c3478e07b1bdec675492beb84cfc8192eb
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3896bdb752b2449b7ced47b8d2fda34b733889a45e166e50d6f5507b65da461d
3a95919c46dcd2241d4df96cbd58c5b8eec36c373584bb69ad83ddcf90992700
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c2c15e77654eba004ad38e79ca86b57b67028d638e47679b930f0d0258ce638
3eca7b680a55d131360f49e59b504fb2df4ac9d657f23b90a5a3888da8aaf6c9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
466b0344ce5bace91e6dfb5f19438c6ef87db6b832408acd02fb02dea5781768
48e91d4f502af9b9a9c6135df61355513e8b199f112feb771f3a72420b0d26a3
4aa86e5ecf0b1278daf30ac118b3d04684616d9bc883eb6d316b0db5f943a3db
4c95e84767aed248594e7d485707c7ed904fd2fe4ec3ea98687fc2de59ddf231
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e62ba2afa35c00ab1b9f5efb8df129e7a41bf355ac15da84a948df06c9f94fb
5095a3412e3e5138964280ccd43c217cd2341b61ebc8a5288a808b8e2639ea2f
51787e1e314ad3cc5590ebd86beaeb71c8b6db4782ccd11e38b82664d81a39cf
544d0a3465bed5f93e9bd7b0f9ddb88a198d9296e0d9df2bc0db7273f5130729
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550a8d9823f9478dec5dedee978be491e74aeed19274cf75aa2dda682a9429af
59044c0e5cf5820448373e4ede00b8d1f0b45dc331b2d9c71a5d707b1d1f0dee
5b36081aa7ff53b6bc9320413586af1cd87602b6e01dc99b9f34f64f5976705f
5b6ceeffb380eae16e91dcf08a3493068aa5b7bd6f4c3f4ad7b4daa188d5c2cb
5dc4af7385770d59d6585591783e0fdfbaec83df3c4a8a43801a46f8458767bf
5dd74d9d520e519961ffb4afa24c248603c53d391cfc528a6d77a39d430d1397
5fc9a87a12842fab19e588e05a78a764b19ab383e72922547908c9146b64642c
623bce18258d88b18b6f8560324f7f653448518fb737b76a9c27bff345cd47af
639612e7692da7536b9fe948bf9530c2262f2f8bf80001f1479935d2d2d8f78b
65724519bb87d93a73bb8c88a881ca07bf9e1d62bc53050144fb9a109b3537d0
68c3da06578009e25717865e97fc3b58d48912f49e598a0ee32fc828fad956c9
69e362979ada84f7f635266535702f9720adf55a40eca740306283d6c99467d2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b61aaf7fb8b0749c9fec1637c6422f432eb6a4c307c3fbf5f4b4fcb7e636239
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
72f9eb1e0e692eba7f350b78af802b1ca14d7a2f69207d2203f6df61bfec0bc1
73d8eff056a4e3ef053cf682bf8aefec58e4a516a77a63b13e51d225441b036b
746e82974aeef7fceb35fb68f78d041481ffb30ec365903cc0ff5e7f8200844f
7487292179d18740ade30262bd6e6536df78f3e6f6a5b92d24bffa56caaea5be
76b1643fd0020ba8131dfc357fbf6f5d3d3062d32e124fc5ab5686000725ad11
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
79a1516320cb5d9ab0c7882c8f1587592053ca9d50c1ba673b2fd1f715b8036e
7fbcc17efba54f27758c0e495b4b19bf78935ddccbdf7bf2ce3309cfc9fa698e
805df948e8fc1e5e19b5a16905d3e9f555d4fce7fb25cca2164fa4ab32ffee51
8093a35a73bc7eb1e09e261e8a3d45b59b58055d27f7d212ce28dcf26ba5e344
81b95657bb735559daae8066e757034052ac672e64a85d74eb67c5206863e75d
8361f8c482e75bdd4be879c9e719bfd830e3f7ab75173f65d1740211f053c2db
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84b4b4d18f06432dec5b031e10f3edd7401043a80f61a43364b0f4f270089801
86026c4396c7a5c7f080d806078c5359fb22c7a52f321cb17efdbac4a8302308
8a5f4e6267d1c347c8df1c21be1c644c787f9e77b12df32452c6c98d9dad1b0e
8cb6215eda8f075618912cb48adc9d63f5d3ecb6508be5863db7d208fa01afaf
8cecad7988c322f2c35c14e99a4b936bd643cdaaa9216e9174bb1a442ff841dd
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e4828c7f1279f8d3afaad2bea4c1d743d32575ad63a3281cc4a8a79df116812
8ee36d3d4f3762e82be76fe9cad858d763a660e9dcc3d87ee7e8f11d65db9963
91839338157c40c390b5271e93243ee9b088ffe6c279c2463b9c30095a39838e
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
97dd735032b2a6159004696a70b48a88be35840f15c379cdb5500400bc77a1f8
980c65db5f7c679fae74479bf9d3952f5a588add763822b4eee38e61836e3277
991665fec26365934d16a37ff4c8a45b54e9890027ea811dc26f8b7a37cd470f
993777f33eafdbfd1994eaf7dcf9d2a69415eb42444a77f7728afdc22bbcae36
9ac052e369577676d49aac4bf9cfa3f8b05e6ef707d11921e17a46fef10f9880
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9fdcce895f1f0d2aa98c8340f4ef808a9cc7f738b4a05b06c79c2c71ef619e72
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1aa01f31d4087317f5d4e5ef4ea70a73e38124a45f1553dbe8968ea16068b84
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a51a9f168f96b542c4df180c13e2f6e528660126537ce7e90c0448a7870dd3fd
a7f65c0446b6cac3175458f6388304d0c23e70d11fa0db20920a619f1bc18623
aac2e9185aa7915a4dda7c912cabb7b9476e466dee4710f4af43e4d21b996d09
ac23f38754ad58a73a42d5e8598f98f9a7eb19bb1e83c96ea41c8b8589e96292
b1b5d2f11a1628f3b577688ec1e2259a499640f4b0353f0fe78aad0626585ab6
b4b55318d32023d44d0a865491ac6a1cdff67be7725456a12616564c088b7c1b
b681c44482c96c5804fd78e52697cd74e9ab4de0340f1903ce9bb39c684acbb2
b7ee1c53adb31e9f10551e9cfd2dc6b33f8a1cd05516f68c41f43cd4e841ae67
b81a9ab90db88af2647d2f7d87388f53434df33b4bc7216016489b9f79e41474
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd04667d5d5feb14319f345a1a8e7486d8ab5aea560fb8be53cae5f6bc9d0e20
bfb16f2d35702077ef9d8416d9eef53d688ff16e6faf73d5b9913d76e1144d9a
c096a407308f10208f1283bf386d16fa88753abe15d84e7bbd4e16e8e7a4ef3e
c122d1646edb04123c43440dd104ae105fd44061fcf8bb543b767c0cfb574819
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c766f58bc88374c4119cc2215ed72f372f23acdace50bfbb7c9904f1c78d42fb
c78038539d61fb4a84b70308e1a825d638cfacc207299b6fe6fb5d8fb1e8497f
cb70f9de096cb6f0c317ddb5eba06ecae004895c7856d86d373380f49ca70a3e
cd36dcb0f01b43339f3a12c924b0a2c516302819e114d2c9acf8ce3e89f795d4
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d4de2141084016547c2a008529efc8a51466516d47edbfe0e1cbfb52ae33ec46
d6b9ac8ccff69f2de32254b96a2bb180535f809c2d8059d40be5844a8cbad026
d84a57d140a6afe0025151ffae45abc3239d41b31cb1545e5b783bb0589d724e
d9da2f0223f18b37dc201f589dddef5d40a876e487983e252c8e1f8b98b902e5
d9ed2786eaf095e44e201efbce242b7624881280cd04622b411b2f8163db7bb2
daeaceae7fd7857280ab71af9b6926d9a2d24d0b6b78ef5d713749e741a99224
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f96e2bc879688d165d23b0780dd7182e11f695b7cd175bf5805d1e35cb9253
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
e4df52d49c57bc3e7158cb052cc05c60f1258c24de5c5728dac5d43272943ad9
e6b4fcbbc7197e0272fd5497748029d3c5d73f67826530439f36643d9f4169eb
e919c8a24ea55257a06b34fa70372c84cf86983599ac27fb840602ff85ba15c6
ed3c628e67c223a197ee268b09478fb5b2754321b1fe0a89a909b32e3fd9f1d5
ee32c8f48d014c736693f52803884fe6b8fde8eaf5bca64644386b7617d9f7d9
ee877fb7f1902f8e1566896f8c9747d95c58b9dc04c9a35e787ec03a23a227c4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ed00cf68a8e66deeae077e33592f9045340207eb2e7e952fd165dbfd4e56be
f1a68bf826c55985468304f4284a09cb8a68e82503d764166e611a7c58a85a4b
f36fe04fbe2b5530137c5e4d09a15356a8394fb486761e0a9f8418f468c22f11
f4f5f507f0937a05ff8808ef50b7bb3858b766f467038a9deb01c853e5fa9ac7
fae2a0ba91a788e15d2f51e4bf2c29117baaf79a393561a1ff959630270838e4
fba9fe0f8bc7798542fbf60c608aef87485c06db68cc3ac9a0b3def45aefc110
fcd20a93f2c365ac03f4fb46850f6f2246958913d7b364a568bec3d7cbccdb0d