urlscan.io logo urlscan.io
SecurityTrails logo

www.visiontimes.com Open in urlscan Pro
2606:4700:20::681a:3e4  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary...
Submission: On May 15 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 7 countries across 76 domains to perform 258 HTTP transactions. The main IP is 2606:4700:20::681a:3e4, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.visiontimes.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 14th 2023. Valid for: a year.
This is the only time www.visiontimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2600:9000:24f... 16509 (AMAZON-02)
13 2607:f8b0:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:24f... 16509 (AMAZON-02)
1 2a04:fa87:fff... 2635 (AUTOMATTIC)
2 2607:f8b0:400... 15169 (GOOGLE)
6 2600:9000:251... 16509 (AMAZON-02)
3 108.138.107.138 16509 (AMAZON-02)
2 4 2620:100:a001::c 19750 (AS-CRITEO)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 74.119.119.139 19750 (AS-CRITEO)
1 4 162.19.138.117 16276 (OVH)
1 18.235.70.17 14618 (AMAZON-AES)
1 2 68.67.160.117 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 216.22.16.1 30633 (LEASEWEB-...)
1 142.250.80.34 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 18.164.107.227 16509 (AMAZON-02)
2 103.146.40.154 18229 (CTRLS-AS-...)
13 2607:f8b0:400... 15169 (GOOGLE)
2 52.204.157.234 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 23.204.76.201 16625 (AKAMAI-AS)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 3 2607:f8b0:400... 15169 (GOOGLE)
2 7 2607:f8b0:400... 15169 (GOOGLE)
1 162.19.138.119 16276 (OVH)
1 2 8.28.7.81 62713 (AS-PUBMATIC)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2 151.101.194.49 54113 (FASTLY)
1 1 199.38.167.131 54312 (ROCKETFUEL)
7 8.28.7.83 62713 (AS-PUBMATIC)
3 21 52.46.143.56 16509 (AMAZON-02)
8 8 54.242.205.90 14618 (AMAZON-AES)
9 12 142.251.32.98 15169 (GOOGLE)
1 1 198.148.27.139 19189 (PULSEPOINT)
2 2 199.187.193.182 47043 (SMARTADSE...)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
1 1 216.200.232.249 30419 (MEDIAMATH...)
2 16 162.248.18.37 62713 (AS-PUBMATIC)
2 2 173.231.178.85 32475 (SINGLEHOP...)
1 1 2620:116:800b... 14618 (AMAZON-AES)
1 169.197.150.8 398989 (DEEPINTENT)
1 74.119.119.150 19750 (AS-CRITEO)
2 2 52.0.159.111 14618 (AMAZON-AES)
1 1 52.202.56.4 14618 (AMAZON-AES)
1 2 3.229.46.135 14618 (AMAZON-AES)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 35.214.153.92 15169 (GOOGLE)
1 1 69.90.254.78 13768 (COGECO-PEER1)
3 34.149.40.38 15169 (GOOGLE)
4 6 34.111.113.62 396982 (GOOGLE-CL...)
7 7 3.33.220.150 16509 (AMAZON-02)
2 3 35.71.139.29 16509 (AMAZON-02)
1 2 3.216.88.130 14618 (AMAZON-AES)
3 3 35.236.220.17 396982 (GOOGLE-CL...)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
3 3 34.200.65.202 14618 (AMAZON-AES)
2 162.248.18.34 62713 (AS-PUBMATIC)
1 2 2600:1f18:4e9... 14618 (AMAZON-AES)
4 4 2606:ae80:145... 25751 (VALUECLICK)
1 1 54.167.181.92 14618 (AMAZON-AES)
3 3 35.211.178.172 19527 (GOOGLE-2)
2 2 2604:9e00:1:1... 27257 (WEBAIR-IN...)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
1 2 38.68.201.140 174 (COGENT-174)
4 4 207.198.113.89 13768 (COGECO-PEER1)
1 54.145.158.212 14618 (AMAZON-AES)
2 2 185.167.164.49 198622 (ADFORM)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 2620:100:a001::4 19750 (AS-CRITEO)
1 5 23.192.31.127 16625 (AKAMAI-AS)
1 1 2600:9000:220... 16509 (AMAZON-02)
1 51.222.239.230 16276 (OVH)
3 11 192.40.39.223 27381 (CASALE-MEDIA)
1 1 20.127.253.7 8075 (MICROSOFT...)
4 9 34.192.116.223 14618 (AMAZON-AES)
1 52.54.178.10 14618 (AMAZON-AES)
1 1 63.251.86.50 32475 (SINGLEHOP...)
1 5 63.251.86.51 32475 (SINGLEHOP...)
4 2600:9000:210... 16509 (AMAZON-02)
15 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2 192.35.249.138 11742 (SPOTX-IAD)
9 12 8.43.72.97 26667 (RUBICONPR...)
3 54.160.44.156 14618 (AMAZON-AES)
1 1 68.67.181.211 29990 (ASN-APPNEX)
6 7 199.127.204.171 26120 (RHYTHMONE)
1 1 34.111.151.213 396982 (GOOGLE-CL...)
1 1 34.206.243.164 14618 (AMAZON-AES)
1 1 192.132.33.46 18568 (BIDTELLECT)
2 2 35.207.24.140 15169 (GOOGLE)
1 34.96.105.8 396982 (GOOGLE-CL...)
10 2607:f8b0:400... 15169 (GOOGLE)
1 1 8.39.36.142 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 67.220.228.201 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
8 2607:f8b0:400... 15169 (GOOGLE)
258 71
31    2606:4700:20::681a:3e4 (United States)

ASN13335 (CLOUDFLARENET, US)
www.visiontimes.com
img.visiontimes.com
3    2600:9000:24f1:ce00:7:6b7b:1000:93a1 (United States)

ASN16509 (AMAZON-02, US)
sdki.truepush.com
13    2607:f8b0:4006:817::2002 (New York, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    2606:4700:20::681a:3c9 (United States)

ASN13335 (CLOUDFLARENET, US)
intothebid.com
1    2600:9000:24f0:4400:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.matomo.cloud
1    2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)
secure.gravatar.com
2    2607:f8b0:4006:823::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2600:9000:2511:5e00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
3    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
3    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
4    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
1    18.235.70.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-70-17.compute-1.amazonaws.com
id.crwdcntrl.net
2    68.67.160.117 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
8    216.22.16.1 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 216.22.16.1.servint.net
prg.smartadserver.com
1    142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    18.164.107.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-107-227.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
2    103.146.40.154 (India)

ASN18229 (CTRLS-AS-IN CtrlS, IN)
sdk.truepush.com
13    2607:f8b0:4006:81d::200e (New York, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    52.204.157.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-157-234.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    23.204.76.201 (Miami, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-76-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:4004:c1d::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2607:f8b0:4006:80a::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
7    2607:f8b0:4006:816::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    162.19.138.119 (France)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
7    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
21    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
8    54.242.205.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-242-205-90.compute-1.amazonaws.com
match.prod.bidr.io
12    142.251.32.98 (Milwaukee, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net
cm.g.doubleclick.net
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
ssbsync-us.smartadserver.com
1    2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
16    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    173.231.178.85 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    52.0.159.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-159-111.compute-1.amazonaws.com
pm.w55c.net
1    52.202.56.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-56-4.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    3.229.46.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-46-135.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
3    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
6    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
7    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    3.216.88.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-88-130.compute-1.amazonaws.com
thrtle.com
3    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
3    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2600:1f18:4e9:5a01:d0a0:257f:95e7:202f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
4    2606:ae80:1451:22::760 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
amazon-tam-match.dotomi.com
1    54.167.181.92 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-181-92.compute-1.amazonaws.com
sync.ipredictive.com
3    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    2604:9e00:1:129::2:a01 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.marketiq.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    38.68.201.140 (United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
4    207.198.113.89 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    54.145.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-158-212.compute-1.amazonaws.com
rtb.adentifi.com
2    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    2607:f8b0:4006:822::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2607:f8b0:4006:822::2001 (New York, United States)

ASN15169 (GOOGLE, US)
724b151cdf99a9c97491bf65f9e2d213.safeframe.googlesyndication.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
5    23.192.31.127 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-31-127.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
1    2600:9000:2209:0:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
11    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
r.casalemedia.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
9    34.192.116.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-116-223.compute-1.amazonaws.com
match.sharethrough.com
1    52.54.178.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-178-10.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
1    63.251.86.50 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
5    63.251.86.51 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
4    2600:9000:210b:d400:10:43f:4352:ad61 (United States)

ASN16509 (AMAZON-02, US)
gw.geoedge.be
15    2607:f8b0:4006:806::2001 (New York, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2607:f8b0:4006:820::2002 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    192.35.249.138 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
12    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-us-east.rubiconproject.com
token.rubiconproject.com
3    54.160.44.156 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-44-156.compute-1.amazonaws.com
ads.yieldmo.com
1    68.67.181.211 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
7    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
1    34.206.243.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-243-164.compute-1.amazonaws.com
sync.crwdcntrl.net
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: NET-33-132-192.46.bidtellect.com
bttrack.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
10    2607:f8b0:4006:81c::2001 (New York, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2607:f8b0:4006:81f::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2607:f8b0:4006:816::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
31 visiontimes.com
www.visiontimes.com
img.visiontimes.com
1 MB
29 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 514
image6.pubmatic.com — Cisco Umbrella Rank: 746
image2.pubmatic.com — Cisco Umbrella Rank: 958
simage2.pubmatic.com — Cisco Umbrella Rank: 707
image4.pubmatic.com — Cisco Umbrella Rank: 1104
simage4.pubmatic.com — Cisco Umbrella Rank: 1277
34 KB
29 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 234
211 KB
26 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
s.amazon-adsystem.com — Cisco Umbrella Rank: 293
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1052
77 KB
24 googlesyndication.com
724b151cdf99a9c97491bf65f9e2d213.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
407 KB
22 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2017
analytics.google.com — Cisco Umbrella Rank: 278
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 83
57 KB
18 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1111
eus.rubiconproject.com — Cisco Umbrella Rank: 589
pixel.rubiconproject.com — Cisco Umbrella Rank: 352
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1113
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 6287
token.rubiconproject.com — Cisco Umbrella Rank: 600
30 KB
11 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575
dsum.casalemedia.com — Cisco Umbrella Rank: 1344
r.casalemedia.com — Cisco Umbrella Rank: 1403
9 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 375
218 KB
10 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1705
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 607
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 5101
4 KB
10 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 1720
gw.geoedge.be — Cisco Umbrella Rank: 1951
369 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 540
6 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 559
4 KB
8 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 429
mug.criteo.com — Cisco Umbrella Rank: 2429
dis.criteo.com — Cisco Umbrella Rank: 674
9 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
4 KB
6 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 639
ce.lijit.com — Cisco Umbrella Rank: 926
5 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 471
1 KB
6 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 444
cdn.id5-sync.com — Cisco Umbrella Rank: 1008
38 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1651
mp.4dex.io — Cisco Umbrella Rank: 2234
u.4dex.io — Cisco Umbrella Rank: 4062
27 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
3 KB
5 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 301
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448
2 KB
5 truepush.com
sdki.truepush.com — Cisco Umbrella Rank: 64888
sdk.truepush.com — Cisco Umbrella Rank: 83792
22 KB
4 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5712
ads.yieldmo.com — Cisco Umbrella Rank: 661
3 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 668
3 KB
4 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3491
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5283
1 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 324
2 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 949
1 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 792
1 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 389
1 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
secure.adnxs.com — Cisco Umbrella Rank: 440
4 KB
3 intothebid.com
intothebid.com — Cisco Umbrella Rank: 158280
120 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1106
807 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1173
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 760
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
105 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 585
1 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 5066
967 B
2 marketiq.com
rtb2-useast.marketiq.com — Cisco Umbrella Rank: 4800
766 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1317
683 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1473
835 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 848
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1397
1011 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 682
772 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
237 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 726
459 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
114 KB
2 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2607
sync.crwdcntrl.net — Cisco Umbrella Rank: 875
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
137 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
1 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
514 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2107
173 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 881
351 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1696
349 B
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1523
622 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 798
149 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 761
531 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 664
13 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
902 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1183
287 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6707
378 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 974
554 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1396
674 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1003
226 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2462
308 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 700
940 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1098
223 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 740
592 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 505
737 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1433
4 KB
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 573
966 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 806
790 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1065
406 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 179
2 KB
1 gravatar.com
secure.gravatar.com — Cisco Umbrella Rank: 2127
2 KB
1 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 20299
0 alexametrics.com Failed
certify-js.alexametrics.com Failed
258 76
Domain Requested by
21 s.amazon-adsystem.com 3 redirects ads.pubmatic.com
rumcdn.geoedge.be
s.amazon-adsystem.com
match.sharethrough.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
ce.lijit.com
17 www.visiontimes.com www.visiontimes.com
16 simage2.pubmatic.com 2 redirects ads.pubmatic.com
15 tpc.googlesyndication.com rumcdn.geoedge.be
www.visiontimes.com
14 img.visiontimes.com www.visiontimes.com
13 fundingchoicesmessages.google.com rumcdn.geoedge.be
www.visiontimes.com
13 securepubads.g.doubleclick.net www.visiontimes.com
securepubads.g.doubleclick.net
rumcdn.geoedge.be
12 cm.g.doubleclick.net 9 redirects sync-amz.ads.yieldmo.com
www.visiontimes.com
s.amazon-adsystem.com
10 cdn.ampproject.org rumcdn.geoedge.be
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
8 pagead2.googlesyndication.com rumcdn.geoedge.be
securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 match.prod.bidr.io 8 redirects
8 prg.smartadserver.com intothebid.com
7 match.adsrvr.org 7 redirects
7 image2.pubmatic.com ads.pubmatic.com
7 www.google.com 2 redirects www.visiontimes.com
rumcdn.geoedge.be
6 pixel.rubiconproject.com 3 redirects s.amazon-adsystem.com
6 pixel.tapad.com 4 redirects ads.pubmatic.com
sync-amz.ads.yieldmo.com
6 rumcdn.geoedge.be intothebid.com
rumcdn.geoedge.be
www.visiontimes.com
5 sync.1rx.io 5 redirects
5 ce.lijit.com 1 redirects s.amazon-adsystem.com
ce.lijit.com
4 token.rubiconproject.com 4 redirects
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 gw.geoedge.be rumcdn.geoedge.be
4 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
4 eus.rubiconproject.com www.visiontimes.com
s.amazon-adsystem.com
eus.rubiconproject.com
4 pixel-sync.sitescout.com 4 redirects
4 id5-sync.com 1 redirects intothebid.com
cdn.id5-sync.com
4 gum.criteo.com 2 redirects rumcdn.geoedge.be
3 ads.yieldmo.com sync-amz.ads.yieldmo.com
3 x.bidswitch.net 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 ad.turn.com 3 redirects
3 um.simpli.fi 3 redirects
3 eb2.3lift.com 2 redirects ads.pubmatic.com
3 u.4dex.io ads.pubmatic.com
www.visiontimes.com
3 googleads.g.doubleclick.net 1 redirects www.visiontimes.com
3 mug.criteo.com www.visiontimes.com
3 c.amazon-adsystem.com intothebid.com
c.amazon-adsystem.com
3 intothebid.com www.visiontimes.com
3 sdki.truepush.com www.visiontimes.com
sdki.truepush.com
2 pixel-us-east.rubiconproject.com 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 sync.targeting.unrulymedia.com 1 redirects ce.lijit.com
2 sync.search.spotxchange.com 2 redirects
2 www.googletagservices.com rumcdn.geoedge.be
2 amazon-tam-match.dotomi.com 2 redirects
2 c1.adform.net 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 rtb2-useast.marketiq.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 thrtle.com 1 redirects ads.pubmatic.com
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 cm.adgrx.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 www.facebook.com www.visiontimes.com
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 ads.pubmatic.com www.visiontimes.com
ads.pubmatic.com
2 cdn.id5-sync.com rumcdn.geoedge.be
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 sdk.truepush.com sdki.truepush.com
2 connect.facebook.net www.visiontimes.com
connect.facebook.net
2 ib.adnxs.com 1 redirects intothebid.com
2 script.4dex.io intothebid.com
script.4dex.io
2 www.googletagmanager.com www.visiontimes.com
www.googletagmanager.com
1 simage4.pubmatic.com ads.pubmatic.com
1 fonts.googleapis.com client
1 aax-eu.amazon-adsystem.com s.amazon-adsystem.com
1 px.ads.linkedin.com s.amazon-adsystem.com
1 pixel-us-west.rubiconproject.com 1 redirects
1 tr.blismedia.com ce.lijit.com
1 bttrack.com 1 redirects
1 r.casalemedia.com ssum-sec.casalemedia.com
1 sync.crwdcntrl.net 1 redirects
1 dmp.brand-display.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ap.lijit.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 sync.inmobi.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 onetag-sys.com s.amazon-adsystem.com
1 s.ad.smaato.net 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 static.criteo.net rumcdn.geoedge.be
1 cdn.jsdelivr.net rumcdn.geoedge.be
1 724b151cdf99a9c97491bf65f9e2d213.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com rumcdn.geoedge.be
1 rtb.adentifi.com ads.pubmatic.com
1 dsp.adkernel.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 ums.acuityplatform.com 1 redirects
1 csync.loopme.me 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 match.deepintent.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 sync.mathtag.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 p.rfihub.com 1 redirects
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 www.googleadservices.com rumcdn.geoedge.be
1 mp.4dex.io intothebid.com
1 id.crwdcntrl.net intothebid.com
1 secure.gravatar.com www.visiontimes.com
1 cdn.matomo.cloud www.visiontimes.com
0 certify-js.alexametrics.com Failed www.visiontimes.com
258 116
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-02-14 -
2024-02-14		 a year crt.sh
sdki.truepush.com
Amazon RSA 2048 M01		 2023-02-22 -
2023-09-23		 7 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
intothebid.com
GTS CA 1P5		 2023-04-19 -
2023-07-18		 3 months crt.sh
cdn.matomo.cloud
Amazon RSA 2048 M01		 2023-02-24 -
2023-12-25		 10 months crt.sh
*.gravatar.com
Sectigo ECC Domain Validation Secure Server CA		 2022-11-23 -
2023-12-24		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-10		 8 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-22 -
2023-05-23		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.truepush.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-13 -
2023-09-13		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
u.4dex.io
GTS CA 1D4		 2023-05-01 -
2023-07-30		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-08-12		 5 months crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-04-12 -
2023-07-11		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh

This page contains 41 frames:

Primary Page: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Frame ID: 8148C826A447EEC4F7CE9FC011BA474B
Requests: 111 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: C132B4AA7189321C95AE01DF453C9B6A
Requests: 21 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGKfpQAKXaX7-wBa
Frame ID: 0A69ADECFAE00651D0CAFCB37FE90550
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=997336239957990237
Frame ID: BE0164F0DC83204674933FF9C0F7C1E9
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 030BC06C7EE2E9934262C11C4F24C6CA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMEU7IxT8AACDhhe5xzg&gdpr=0&gdpr_consent=
Frame ID: DD529CD28995C1EA4CFD027E75D39567
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:07bf6462-9fa5-4c00-b44d-35d8a666903a&gdpr=0&gdpr_consent=
Frame ID: 04B4C7A70E2A4B4A9C2B6DF2C2DA73AB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d8b1e020-f364-11ed-afed-79fe905fd7cd
Frame ID: 1BA7E70742496F4AB7CA384A832B9555
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1878449818340226898&gdpr=0&gdpr_consent=
Frame ID: DFC0307EB7BC8E94D55C9712EB1F359D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1ZmxGtrL5h3OlOYR0ZqqGICasRHOn78e0s6KF3iZ
Frame ID: 20C01512AF4190DBB479924D6787A4D0
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: B67E742C809A4A4CD5983C59CD3C4778
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 5653EB8D4DE59F786AB343A23A8EA113
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:YhYaFqPF1PYFs95&gdpr=0&gdpr_consent=
Frame ID: 845961298459BF544CB92C6BAE57E080
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=75VtjvQJUThyUo15rWbu4SaEdkQ&gdpr=0&gdpr_consent=
Frame ID: 11CD6E37CE06759DF3A9D725E8FBB7CE
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039
Frame ID: F7F71CB131C86768B328DA2B8ADCDA4B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&gdpr=0&gdpr_consent=
Frame ID: 7EC1997CDDB88CE3EDE61717A229E15A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: BC2E9C04731B6FE998C3C023EDF8E7F0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=780068531250
Frame ID: D2F0461FA3040A06367F9C7F0EF9CE90
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)3A697C57-7C9E-4D0E-A86D-0F8BE60D9039
Frame ID: 140B74AC6DD72940151F6D5E26518A9C
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
Frame ID: 4EB7DAF30C66F80E5A86744D38B43BA7
Requests: 1 HTTP requests in this frame

Frame: https://724b151cdf99a9c97491bf65f9e2d213.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CC2EEC20CCA3BC7D500E7A33F5F0BCED
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Frame ID: C375638CEBDF84046E41D149B4794A00
Requests: 10 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B3EC8E26A07674252BB8E629E092A9F5
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 4E073B6B19614F5A737A6F1015DFA40E
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: B242C5B7AF4CD29B711AD17F0672E8C6
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 1EF541FE5FCBD827009E639CCF2A7EDD
Requests: 10 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8778593393162565071&gdpr=0&gdpr_consent=
Frame ID: 33E4FD01C83DE0CEB5C4EDEB979CED6B
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-1571LgcBfWAjtqRTUXQOp0bpw6uCuvL2hG6fO3P7-g
Frame ID: AE345689706FB9E79D189D99A09A056C
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFxqoaVdU35AMTCD3XAAAAAAA&expiration=1684271398&is_secure=true
Frame ID: 86B466BDD24B6D2CB0B13969E6D9341C
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: 2DC4CBDB940D41BB5FDA32790DACE2B5
Requests: 6 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: 2CE6A0E21D22550BE42D0ADCDB0DAE0E
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: B2EA998C80254153C294EC6A9D409A78
Requests: 11 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1MRmMzV2w1RTJ1SldQQ3ZjaWJLY2hkbWhtYlRPaldUWX5B
Frame ID: 8FCF46E8BEBFF2DC88E8E93D9A8FDD86
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: 631E5C2A51C18C3581ECCC202F57CD6E
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4448101507711343862130
Frame ID: 01EA00248A297FF294A79CFAE2B2C868
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.visiontimes.com&gdpr=0&gdpr_consent=
Frame ID: 2FB06872D334866C52EFDC704D9A7654
Requests: 2 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Frame ID: 4B21007D7B082F6D6F0CB604DDE771CD
Requests: 14 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Frame ID: 75C5970C8A16672DE6BB1F417B321BF1
Requests: 10 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Frame ID: 44010E72936014C24C0C31C68CD6D05D
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F25A50B61931555BBC7F812DC1AD6576
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EDAC6A3A350519C91D42FF18536DEC80
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Machine Learning Analysis Reveals Most COVID-19 Deaths May Have Been Due to Secondary Infection - Vision Times

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

258
Requests

79 %
HTTPS

36 %
IPv6

76
Domains

116
Subdomains

71
IPs

7
Countries

3317 kB
Transfer

8108 kB
Size

173
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.visiontimes.com%2F&domain=www.visiontimes.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=CBjrVXxaR1lFcEFpMjNFWlI2alFWSXdmRDdxK0UzOEhjdCtJTFFHRFhVRWZwUnE3VzIwM1FWL0xEejI5MURhdWlvMUh1L2QxTmVyaWRRYVR2SFRZZWxnTkcwL1dZdUpzdXlVS0JWWGwzV29NTnlFeW1hUURqcDZYN3lmK3dwODNqQlpxU1ZkUzB0MmZCZ0tWRWRVTU9sbEprcC9uWEZUZkJNekpmL1FaL3QrTW9BeEJWRU1BaU9yRDJ5VjFMQmloaFpIQ1F1WXpRNkEyb2VPcE5PQ2dVaXFjNDU0cVJpaFljK0hLS2dCTmZCb24vUGI0eFBIaEgvWDZKb3VGbGFUU1A1ZUIzfA&cppv=2
Request Chain 79
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/464712619/?random=1784283487&cv=11&fst=1684184996712&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fmachine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Machine%20Learning%20Analysis%20Reveals%20Most%20COVID-19%20Deaths%20May%20Have%20Been%20Due%20to%20Secondary%20Infection%20-%20Vision%20Times&value=0&auid=254402097.1684184997&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=pJ9iZLijOsLD_gS82KKABA&sscte=1&crd=&eitems=ChAI8LCHowYQlqKdsc7m4tJYEh0AJVrbTe-Cihz6aZLc8Otrvpv5fLPRyUpetPyCqg&pscrd=EkxDaEFJOExDSG93WVFsb3ktdlBmTzQ0TXBFaVVBRmtPellTSFdmV3V0TjFSLUx5amY3bjdjRXZReWF5S2FZTDRqYTFZTXJMSUZQcnI4GldDaEFJOExDSG93WVFpSU8zM3Z2RDZKWnRFaTBBRzFOVzBWckh2OW15OVNPTFR6OTVSVEtOQmRRRTR0TzhUR3NJTEpWYl8wSE1oQXpjbnFWWmJkd241NkU HTTP 302
  • https://www.google.com/pagead/1p-conversion/464712619/?random=1784283487&cv=11&fst=1684184996712&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fmachine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Machine%20Learning%20Analysis%20Reveals%20Most%20COVID-19%20Deaths%20May%20Have%20Been%20Due%20to%20Secondary%20Infection%20-%20Vision%20Times&value=0&auid=254402097.1684184997&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExDSG93WVFsb3ktdlBmTzQ0TXBFaVVBRmtPellTSFdmV3V0TjFSLUx5amY3bjdjRXZReWF5S2FZTDRqYTFZTXJMSUZQcnI4GldDaEFJOExDSG93WVFpSU8zM3Z2RDZKWnRFaTBBRzFOVzBWckh2OW15OVNPTFR6OTVSVEtOQmRRRTR0TzhUR3NJTEpWYl8wSE1oQXpjbnFWWmJkd241NkU&is_vtc=1&ocp_id=pJ9iZLijOsLD_gS82KKABA&eitems=ChAI8LCHowYQlqKdsc7m4tJYEh0AJVrbTZEcDz5aC5tWIY3d8KSBbmUWsvAwcKHvpA&random=2526245148
Request Chain 85
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGKfpQAKXaX7-wBa
Request Chain 86
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=997336239957990237
Request Chain 87
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 88
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETUVVN0l4VDhBQUNEaGhlNXh6Zw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADMEU7IxT8AACDhhe5xzg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADMEU7IxT8AACDhhe5xzg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADMEU7IxT8AACDhhe5xzg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8778593393162565071&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADMEU7IxT8AACDhhe5xzg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D8778593393162565071%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=8778593393162565071&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMEU7IxT8AACDhhe5xzg&gdpr=0&gdpr_consent=
Request Chain 89
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:07bf6462-9fa5-4c00-b44d-35d8a666903a&gdpr=0&gdpr_consent=
Request Chain 90
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d8b1e020-f364-11ed-afed-79fe905fd7cd
Request Chain 91
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1878449818340226898&gdpr=0&gdpr_consent=
Request Chain 92
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1ZmxGtrL5h3OlOYR0ZqqGICasRHOn78e0s6KF3iZ
Request Chain 95
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:YhYaFqPF1PYFs95&gdpr=0&gdpr_consent=
Request Chain 96
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=75VtjvQJUThyUo15rWbu4SaEdkQ&gdpr=0&gdpr_consent=
Request Chain 97
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=82a31aa6-3f4b-4bdd-91c8-ea44399a66d4&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039
Request Chain 98
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&gdpr=0&gdpr_consent=
Request Chain 99
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 100
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=780068531250
Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Oml8V3yeTQ6obQ-L5g2QOQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 103
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=dd686dd4-1c65-4e82-9116-5abc5618c496%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=57e90848-2bba-4bbe-a9e5-84854c75a2a1&ttd_puid=dd686dd4-1c65-4e82-9116-5abc5618c496%2C%2C
Request Chain 104
  • https://eb2.3lift.com/xuid?mid=7976&xuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&dongle=u6nf&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Request Chain 105
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&vxii_pid=12&vxii_pid1=10067&vxii_rcid=bd7e74c1-3b1b-42be-920a-877bcf26719f
Request Chain 106
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0E2OTdDNTctN0M5RS00RDBFLUE4NkQtMEY4QkU2MEQ5MDM5&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 107
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMlDkFF03ck-K2Lecj3m-RE&google_cver=1
Request Chain 108
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:358D9F46F8F14121BAA67F8549D18ECF
Request Chain 109
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4201811658813377110&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 110
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=57e90848-2bba-4bbe-a9e5-84854c75a2a1&gdpr=0&gdpr_consent=
Request Chain 111
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6RGEmcxE2uWTsp53.hsKkgDzXO4.ln4-~A&gdpr=0
Request Chain 113
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=72378521cec21876&is_secure=true&networkId=17100&version=1&nuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMD1VNyALQ9ANfSR0VAAAAAAA&expiration=1684271398&nuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 114
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cc614e47-c197-4019-a2e1-31bf2fab522c&gdpr=0&gdpr_consent=
Request Chain 115
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=pubmatic&bsw_param=302793a9-b009-4a77-8b97-31881106423f HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dpubmatic%26bsw_param%3D302793a9-b009-4a77-8b97-31881106423f HTTP 302
  • https://rtb2-useast.marketiq.com/sync?adkuid=A9164306052756289766&exchange=685&ssp=pubmatic&bsw_param=302793a9-b009-4a77-8b97-31881106423f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A9164306052756289766&expires=5&ssp=pubmatic&bsw_param=302793a9-b009-4a77-8b97-31881106423f HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=302793a9-b009-4a77-8b97-31881106423f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 116
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_102BA81D6_7BD4C4BC&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 117
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=
Request Chain 119
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7375415336311263156
Request Chain 121
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
Request Chain 135
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 137
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AADMEU7IxT8AACDhhe5xzg&ex=beeswax.com
Request Chain 138
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=aa474415
Request Chain 140
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=358D9F46F8F14121BAA67F8549D18ECF&ex=simpli.fi&status=ok
Request Chain 141
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 142
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8778593393162565071&gdpr=0&gdpr_consent=
Request Chain 143
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-1571LgcBfWAjtqRTUXQOp0bpw6uCuvL2hG6fO3P7-g
Request Chain 144
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=65b1f1cc72ea21f2&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFxqoaVdU35AMTCD3XAAAAAAA&expiration=1684271398&is_secure=true
Request Chain 148
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1MRmMzV2w1RTJ1SldQQ3ZjaWJLY2hkbWhtYlRPaldUWX5B
Request Chain 149
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 150
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4448101507711343862130
Request Chain 159
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=visiontimes.com&sn=ChromeSyncframe&so=3&topUrl=www.visiontimes.com&bundle=qV3ANV9kTTZsTUR4cjZqWnF3dTE4RVNzN1A5QTBZVDVpVWt5YkhDYXklMkJGTDVrSiUyQkNpRlh4bTdzVkZlNGdEJTJGRFdkJTJCaTIyZDMxVzRBWlklMkJGcFJLTVFZTXJ1cUhnc3I5Q2VUVDJyOEgyNUpXSnVKM3hPQ0FoOGpRZGZnNXRzTTFXeDFFYUY&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=0_Vzt3xqdmFJeDBzMUJRN2o3YWpkZno2dnBMc2JlbHgwSWwzc1ZyeFFqWlVmdG1NeVhEQjR6aHYxZEUrUkpQRXdZcm1uQjVPZ3dXSGNsK0k1aEYzLy93N2l2YndnNGZkMjY2RUFYV3NOR2h5UC9xWk42YitsYitwTHZSQy9BVjNkdUdKNjVqVVlOaHRGa0hxeGMyOEtXTmRqZ3NFdXphZG5QMzZ0QllFek5COVZKSDlCYWYxcWVEdmNOS1BwTjlkckg1bzYrcFdjYWRuTndUT24rL2IvMWxwNThtL1Q1dldMeEhURk5lelBYT1dpVGNzaU9wTlRnVW41cHFDOUgxZVdyM2hlVjRMdjdna1RGdnkvbDBBUFc5YVpKNUlnUkxWdHZSa3FSM0lQSTQ0cEJpYz18&cppv=2
Request Chain 161
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=d9452277-f364-11ed-bcac-1424bc380103 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=d9452230-f364-11ed-bcac-1424bc380103
Request Chain 162
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=57e90848-2bba-4bbe-a9e5-84854c75a2a1&gdpr=0&gdpr_consent=
Request Chain 163
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LHPC9HXG-L-AICT&gdpr=0
Request Chain 164
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEKpwF4HYwFLV4s8MPTLl0I0&google_cver=1
Request Chain 168
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g657f9e07bcad1747107 HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=57e90848-2bba-4bbe-a9e5-84854c75a2a1
Request Chain 169
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=g657f9e07bcad1747107 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Ddd686dd4-1c65-4e82-9116-5abc5618c496%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1878449818340226898&pt=dd686dd4-1c65-4e82-9116-5abc5618c496%2C%2C
Request Chain 170
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1684184998490 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1167756536 HTTP 302
  • https://sync.1rx.io/usersync/turn/4201811658813377110?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-09448689-6b54-47c0-8409-ce635edd6016-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-09448689-6b54-47c0-8409-ce635edd6016-005 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-09448689-6b54-47c0-8409-ce635edd6016-005
Request Chain 174
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZGKfpoLWRQ5M6Qb4PSjtAQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH_JWXUka_t3T8Pl3L8unKQ&google_cver=1
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGKfpoLWRQ5M6Qb4PSjtAQAADtoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELGtbZNibPOhX5hjGRFeOW0&google_cver=1
Request Chain 177
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=57e90848-2bba-4bbe-a9e5-84854c75a2a1&expiration=1686776998&gdpr=0&gdpr_consent=
Request Chain 178
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=650496af-54c7-1eda-a7e0e7c9
Request Chain 179
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Daddbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Daddbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Daddbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=
Request Chain 180
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADMEU7IxT8AACDhhe5xzg&expiration=1685394598
Request Chain 181
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=50f4a04d-f0d7-447b-9d8a-7bb12363bf88
Request Chain 186
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7611985188 HTTP 302
  • https://sync.1rx.io/usersync/turn/4201811658813377110?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-09448689-6b54-47c0-8409-ce635edd6016-005
Request Chain 187
  • https://um.simpli.fi/lj_match?r=1684184998519&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=358D9F46F8F14121BAA67F8549D18ECF
Request Chain 188
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=993e8912-b5e5-4f51-bb41-2a21ddeb8326
Request Chain 189
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LHPC9IAG-1H-L9UI&gdpr=0
Request Chain 193
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZGKfpoLWRQ5M6Qb4PSjtAQAADtoAAAIB
Request Chain 194
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LHPC9HXG-L-AICT HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LHPC9HXG-L-AICT&ex=d-rubiconproject.com&status=ok
Request Chain 207
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LHPC9HXG-L-AICT HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LHPC9HXG-L-AICT
Request Chain 209
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=57e90848-2bba-4bbe-a9e5-84854c75a2a1&gdpr=0&gdpr_consent=&expires=30
Request Chain 210
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHPC9HXG-L-AICT
Request Chain 211
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhQQzlIWEctTC1BSUNU HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDKpN2K_le0iEjbe_fnTuSI&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQQzlJQUctMUgtTDlVSQ==&google_push=
Request Chain 212
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2JlZDIxMTdiNmJhOWVkZjE3YWRjOGYzYzhhMzU2MDgyOGJmZTljMQ
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC2_T9p5OYFrCHTgPBvBrxU&google_cver=1
Request Chain 215
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ndUtDxgbS62lVTEH0cWqvQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ndUtDxgbS62lVTEH0cWqvQ
Request Chain 216
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/CgDx-hx8p9en1EaeJx97EQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-b_jxRIZE2oKoiX9J.W5Tz8fyC8jx7znhy85HKA--~A
Request Chain 219
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 246
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

258 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
www.visiontimes.com/2023/05/15/ 		78 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d1f7551f262d76ac392303394af6b0d0ffd9e6c362e4db60de95fcbc82330a4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-apo-via
origin,no-cache
cf-cache-status
BYPASS
cf-edge-cache
cache,platform=wordpress
cf-ray
7c7e5d5dad8eda27-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 21:09:55 GMT
link
<https://www.visiontimes.com/wp-json/>; rel="https://api.w.org/", <https://www.visiontimes.com/wp-json/wp/v2/posts/460920>; rel="alternate"; type="application/json", <https://www.visiontimes.com/?p=460920>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAYEOFyUjybe3HEpuPn6CfgTPOnVmIhLxpCexOTUXmOduQMutCNaVyyXeJ%2BFKM2oXgIRB0UCTWqmo%2FvQAkxFkjLgnSo%2ByKhFTDo9xIudI5CVE97E5qJDiyxSCjqUuySysI1c6jlk3ngE7zqFC8jV2gY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache-status
STALE
x-device
desktop
x-elasticpress-query
true
autoptimize_0cd5a73be04580700736ef842a35713e.css
www.visiontimes.com/wp-content/cache/autoptimize/css/ 		304 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0712306467b4b72eb281d641d0ff0add41af0c5e0172c46532cf1df67d0ab2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:55 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 05 Mar 2023 18:17:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6404dcbd-4bf68"
x-cache-status
STALE
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vek9P48%2BkVExN%2BhTHueCo3vqDNjCjdJ8vb2HlcKtlWP1tvsGKKQWwaH5VDeL2rvlvinG6dwZRLUgY%2F4MN%2BxVMDIjPdfz0bhpAkILu3xXyOF3fO4hefNnuD6Ot5s%2Fc6DBRQeObVkZc3ZkVDd3eoQ10To%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=864000
cf-ray
7c7e5d5f48afda27-MIA
x-device
desktop
expires
Thu, 25 May 2023 21:05:32 GMT
app.js
sdki.truepush.com/sdk/v2.0.3/ 		1 KB
950 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/v2.0.3/app.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:ce00:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c600adb1e3d6281621818ba058f98a8fa9ba43bd31a97c2cf98901400ba6f461

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 09:35:32 GMT
content-encoding
gzip
via
1.1 d0bce79fed43d50812383302c31b7430.cloudfront.net (CloudFront)
last-modified
Mon, 07 Dec 2020 12:54:29 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
1337664
etag
"b861f6349fdb27190bd25dbfcd7674ff"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
581
x-amz-cf-id
KTl1b6QSri5D8JZQgtD-Y2ok8PB3xVRUTQz2GPByxwygjJp1RmK9_g==
menu-mobile-926eb40a4c.svg
www.visiontimes.com/wp-content/themes/vt/dist/assets/images/ 		1 KB
804 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/images/menu-mobile-926eb40a4c.svg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b92670afda59fa4ccc4a37cf5709f8452696eab3a58f2fc3e17a109e37c2d78

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63bee1fb-4ad"
x-cache-status
STALE
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WJ3yXpEk2YIUaD1NQfLhdA%2BmHGb8XxCkvFSfSPWBh7jvfThih%2BFu34gGBzvlMFaYnubjY7nFAj3buA9PV3Jqh2%2BmEJtEEGFfrRJSOB58uIRX3pSqRizLgsvMVzQFpM%2FvBTLP5tZSvks3ba2q9A1MU0k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
7c7e5d60db98da27-MIA
x-device
desktop
expires
Thu, 31 Dec 2037 23:55:55 GMT
vision-times-logo-fc9b3d60e2.svg
www.visiontimes.com/wp-content/themes/vt/dist/assets/images/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/images/vision-times-logo-fc9b3d60e2.svg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08ca7520df21a77ad6adfc790f9c1b6d76d91b7133040edf4c2769e2815dda10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63bee1fb-2e4b"
x-cache-status
STALE
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgdkmFeX7uyowp3ZT8ehyYIk0f02667MnC5IozsBupS7WamDkkXtiyItgiUCwcDTVmBVpPchDJAtp7BQ7Sad0vMDk5Kv2c2UijUs2nl%2BANXxF8FVZRNLbbeYXHGs1GZ2kPBUfoG1oO6RfsiJnnmS0jg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
7c7e5d60db9bda27-MIA
x-device
desktop
expires
Thu, 31 Dec 2037 23:55:55 GMT
vision-times-sm-logo-66a6be678b.svg
www.visiontimes.com/wp-content/themes/vt/dist/assets/images/ 		11 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/images/vision-times-sm-logo-66a6be678b.svg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d034eebaa59c0d499dcbe8cbe0fba6d96b0d9abf6b0ab07942496965db4392d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63bee1fb-2abb"
x-cache-status
STALE
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzqB9D9otRtYoYYMhhznvE%2FL5NJKyjFbURAtJdH6G53QDpde8T%2Fq3Y2otb%2BROhWwfbhTOOyjKkXBHdzEnajuosKkJviqgzaKPjNN2N%2FGwmjezWsakErfoy2T5W%2BWJTxVZ0%2B30MoyQziPalcaW8uCfT8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
7c7e5d60db9dda27-MIA
x-device
desktop
expires
Thu, 31 Dec 2037 23:55:55 GMT
email-decode.min.js
www.visiontimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 12 May 2023 14:04:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"645e4758-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCaF%2B4666Y%2BMh4XCwdnQ0mVs%2BfnOOXNTvGeLBG%2Byf74Pd%2F%2BNuDkPfminnOXLdsxP5uqsyIwiKuIGo30sVifwEnIwBVoAbsUbz6EYdGBVrEjEAdWkDsfD5qtTq%2BPRLDWg3vhmVX1DJg53z%2B%2BMws6y8LQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7c7e5d60bb6bda27-MIA
expires
Wed, 17 May 2023 21:09:55 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f081c27e6a2edfbcfd9cc859a55d95b8eefce744c29929e2ff23328fe5896c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25464
x-xss-protection
0
server
cafe
etag
854 / 19492 / 31074524 / config-hash: 1127544179918750415
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 15 May 2023 21:09:56 GMT
prebid.vt_en.js
intothebid.com/wrapper/vt/ 		282 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intothebid.com/wrapper/vt/prebid.vt_en.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4517329a1a3efcb408a4d33f16b3b7b56ee8472ed54533efebb2627532c9ecf1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1896
cf-polished
origSize=289051
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Sat, 18 Dec 2021 13:42:26 GMT
server
cloudflare
etag
W/"4691b-61bde542-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=66RG5giCw2w2TR3HeKgFeRy%2FkjoLgQJ7h%2BPhb0O9DlJ%2Bjmu4gc1sjv4z2psY5FTxUlNwTwB5%2FAN9WY41ar3zcwGyvDUVRV%2BaCQvKEhsRhoSh4ptDl7ArVOOQDwdHxr3yIid71l901AWKSnQx"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=3600
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c7e5d617d493361-MIA
expires
Tue, 14 May 2024 20:38:04 GMT
hp_vt_en.js
intothebid.com/wrapper/vt/ 		0
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://intothebid.com/wrapper/vt/hp_vt_en.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
strict-transport-security
max-age=0; includeSubDomains
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1896
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Tue, 08 Feb 2022 18:28:05 GMT
server
cloudflare
etag
"0-6202b635-0;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LnAyMySfpOMpMBU7uUK%2BRSiSh7LA1Y6SNeu1hV7U4fLVvXtvjo7r1zvIURIFaH%2FADmpa9yJ1mHRs41sNJssLG7aUi9o1CD61jKbrjPcfrpp0v%2BJSUMHWbA1kM9W8Ub2NW%2B3nuP7EYfAKdlq"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=3600
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
platform
hostinger
cf-ray
7c7e5d617d4d3361-MIA
expires
Tue, 14 May 2024 20:38:04 GMT
hb_vt_en.js
intothebid.com/wrapper/vt/ 		113 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intothebid.com/wrapper/vt/hb_vt_en.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3c9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2803a6c3d48a023daf4db4bf1747ca82522ddbc951350aef12d88f1ba2a96a7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1896
cf-polished
origSize=140124
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
public
referrer-policy
no-referrer-when-downgrade
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 22:06:15 GMT
server
cloudflare
etag
W/"2235c-6398f757-0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwSD%2BKjePMe6xDIoSUaDmkY5mFmbeWLOXru82wIDgpC%2F55z3ACOq6hcfBdecJu6jcqYJ0Buak3N7468xSSyRUNmXo1%2F6DtWERFo6DsrroMOV%2BpHq330s3ao%2FWkp1Y5C9SyGUy7dlpEF%2BvW2f"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=3600
x-turbo-charged-by
LiteSpeed
platform
hostinger
cf-ray
7c7e5d617d513361-MIA
expires
Tue, 14 May 2024 20:38:04 GMT
autoptimize_6d5b05acf688e50291fd02da8c9c051d.js
www.visiontimes.com/wp-content/cache/autoptimize/js/ 		1 MB
233 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/cache/autoptimize/js/autoptimize_6d5b05acf688e50291fd02da8c9c051d.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5fdc70826f109d45dfe6b1bdc92453430df22e7111858cae205a6b20b714c4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Jun 2022 21:34:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62bcc577-12381c"
x-cache-status
STALE
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCULeAfeJ02JrpeZX2keBH8UDgvDwWp%2BipLVwiHE%2Bw7K7kz8gMTMQ%2FG9RKQXgJ2ndhKXCuGZ0DQroM8LMLM7cTz4HszntFufeIzcoBTSEPsWnsPfYck7q8QZjCThdJLAIX%2FqEgiDrd2WtCBIOKfbCXk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=864000
cf-ray
7c7e5d60db9eda27-MIA
x-device
desktop
expires
Thu, 25 May 2023 21:05:32 GMT
matomo.js
cdn.matomo.cloud/kreativreason.matomo.cloud/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/kreativreason.matomo.cloud/matomo.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f0:4400:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
three-dots-03739ca6ce.svg
www.visiontimes.com/wp-content/themes/vt/dist/assets/icons/ 		1 KB
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/icons/three-dots-03739ca6ce.svg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
543c813be0525f2c048c1c3976f9a8291df8adec2b57e6d0e6891c2670909ea1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63bee1fb-4dc"
x-cache-status
STALE
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJHb0Ls6W%2FGtf7%2BTJlkpKyEVItnaC2oFf6rcnRy7ZNs7m%2Bs%2FpIENZyM0%2F0A7%2FXj4t9Gt%2FBLcBYBWJkhfMwUO52sRAtbU2uf7eM27gHv894dl8EBRq9kPkGDlVD1W5tNDX5awA8pV58%2FXtoVhOpy%2Fry0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=315360000
cf-ray
7c7e5d60ebc5da27-MIA
x-device
desktop
expires
Thu, 31 Dec 2037 23:55:55 GMT
red-bg-long-f63d9b889b.png
www.visiontimes.com/wp-content/themes/vt/dist/Components/GridNewsFour/Assets/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/Components/GridNewsFour/Assets/red-bg-long-f63d9b889b.png
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abefa59fd4da2a604317561896c55aaec82198cbbc69d6a218a5bd5451ef9c5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
STALE
content-length
6116
x-device
desktop
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
"63bee1fb-17e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kN4AW05MJCMqhvJohnsH0b7927ZAauULAT2x14H7dPugoHcqfHlZJdXr%2FRgKzd6%2FFwq6QevqicRbRafh6U8xUqI2RTbzOreL8wCVEI8s6vpHxm0fCPulOFKyn1qOo%2FgSYqI9TwbGv2rmsuFrwbpGk8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7e5d60ebc9da27-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
red-bg-pix-7d7408dba4.png
www.visiontimes.com/wp-content/themes/vt/dist/assets/images/ 		510 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/images/red-bg-pix-7d7408dba4.png
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df52439a2eb01b5cee40d8220d544f683e176cc1bf335a3d248f0cb622b1b2b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
STALE
content-length
510
x-device
desktop
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
"63bee1fb-1fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izRQmdU07%2Fz585OEh1VJ1Y1y%2Fs5Z4ewHK7kLjKwx3SoDP%2BhCvEos8qLorHat4c50DsEJZ%2FaZMAGbbfdXHElGqvFAiOWI34k5V%2Bsw7N%2BrwUq2QTOx2mL5xjotBpQQKhX26i8jk6SR%2FuiUZcRRsSrNWcw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7e5d60ebccda27-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
load-more-bg-33d8317938.png
www.visiontimes.com/wp-content/themes/vt/dist/Components/ListMostRead/Assets/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/Components/ListMostRead/Assets/load-more-bg-33d8317938.png
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
857c25b7523733b88952a25344cd212bcc6fd526837e7e35b227ee661b8f6dac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
STALE
content-length
6677
x-device
desktop
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
"63bee1fb-1a15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrM4MHksijTGzesniGpr3rVH4gCUUJ5zwT6gmsLgqu9rC7KvPeI1%2F60P6MsNkGkRCQ4HSkXFUc3LxMq3dvuFluFnGE%2F7e87ytYcZ8rSHKv%2FGM%2BZR33YtiwjDAmYWY0tPkdU7rofPoMoB6eW9x5XiGWU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7e5d60ebceda27-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
924b00ecb2d3b22c84dfd3e73f23d8ccabba0f1810b9bc1828a0b5aa4c9e0310

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
Calisto-MT-583e9c844f.ttf
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/ 		71 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/Calisto-MT-583e9c844f.ttf
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcfb32778237c4943934f45b8373ddc2dac1ff2bce0758f1206919d6b771935c

Request headers

Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
STALE
content-length
73048
x-device
desktop
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
"63bee1fb-11d58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=536fy82TqrJ7QdcA%2FpJBs1RU8KQjwzSiUFP9KEuJXbJ3fE8dHkyrP3zlK995mtxrpcP6IoTJVypQnRgOGpsV1Z24R0jdujD5hzNj46hBDg%2FfRXEw5AYFs5133%2FngnLL30OBuK340o%2B99xIcn3H0ydWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7e5d60ebd4da27-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
OpenSans-Bold-5bc6b83602.ttf
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/ 		127 KB
127 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/OpenSans-Bold-5bc6b83602.ttf
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8229f8206a0b49a2dc74820a78380eaf807c3d0f2066a53562d2b650aa21139

Request headers

Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
STALE
content-length
129784
x-device
desktop
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
"63bee1fb-1faf8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qOmt1Xf98CirhA0AgJXkmR2mM7P8wurKqmgcRzmKVp4Ixyw7Bdv%2BMRl4XQEiyjoQNA6zLUlUM9oBQd7xNOqs0hH3OOP%2B6vznQA37WrB6M92EnNzcs2mSJNChGK%2FjraNpzdQSUR9K3MuC0qK2lAy0KU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7e5d60fbd9da27-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-solid-900.woff2
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/fa-solid-900.woff2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
STALE
content-length
78196
x-device
desktop
last-modified
Fri, 11 Mar 2022 18:40:17 GMT
server
cloudflare
etag
"622b9791-13174"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeCmkBREihFLftFygCmyK27LN5RizvOKIa5l073k%2FDo74vtVcpT5xJvVI96bW309XH%2FPUxD64Nhup6MGCbiFbD7FrN%2F0zBGaZ2uzHdj3To5fFpuDU1KaACqgr39Jtv2DyEQaurwM%2B6n4yjgBgskfXJM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c7e5d60fbdada27-MIA
expires
Wed, 14 Jun 2023 21:05:32 GMT
OpenSans_SemiCondensed-Bold-f0d9656ed3.ttf
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/ 		127 KB
127 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/OpenSans_SemiCondensed-Bold-f0d9656ed3.ttf
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa6978820330032ed14523dbcc082cbb7c621e7061ed75192981cc22324292a2

Request headers

Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
STALE
content-length
130080
x-device
desktop
last-modified
Wed, 11 Jan 2023 16:21:15 GMT
server
cloudflare
etag
"63bee1fb-1fc20"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMI8TL%2BZWBDK2kKh705z8cC%2FGxzgxf9az0DGrX4BVNX9ebE%2BTQ5IP26dkmoJhVR0iLk3VSUMhvhT%2BOjqxn00kR7gx4pG1%2Futi9BRTk5saB2ux%2BwL14SDf8ZmUXUJR0k%2F6lJD2G%2FAPwHfQnM%2BZDsNOTc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7c7e5d610c04da27-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-brands-400.woff2
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/fa-brands-400.woff2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
STALE
content-length
76764
x-device
desktop
last-modified
Fri, 11 Mar 2022 18:40:17 GMT
server
cloudflare
etag
"622b9791-12bdc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvBn%2Fq%2BUfUm9BEhI5ggg%2FUVZBuQ3lGJXACb078PFRys8vwNKUURX6yJ%2Ftb1q4EeM7tTG%2BTyO8ZLPpNlUeEbVqDa9h7MlPv7GQQPWGvAEDdVVLd7riO3lO40euCRs7MobFe53WdY%2F6P0GMvwcnfc9j5o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c7e5d610c08da27-MIA
expires
Wed, 14 Jun 2023 21:05:32 GMT
fa-regular-400.woff2
www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.visiontimes.com/wp-content/themes/vt/dist/assets/fonts/webfonts/fa-regular-400.woff2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Request headers

Referer
https://www.visiontimes.com/wp-content/cache/autoptimize/css/autoptimize_0cd5a73be04580700736ef842a35713e.css
Origin
https://www.visiontimes.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache-status
HIT
content-length
13276
x-device
desktop
last-modified
Fri, 11 Mar 2022 18:40:17 GMT
server
cloudflare
etag
"622b9791-33dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5tRGcw7VBfxCH%2F2odog7fDcM02szmo1dLEXRqbAzu26RO8DqdQnEM1W16Wy3WNemstfL33eiPh9tsMJ15Gm3QPT9uKwThVcIXAq1LuBFd6yXZRZEQtAcNrfBRASQcmaiJgRO%2F8jE4CtlQ68SDUsC0M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7c7e5d610c09da27-MIA
expires
Wed, 14 Jun 2023 21:09:08 GMT
182dd511dd531fcb21ce7dfb5eb6d732
secure.gravatar.com/avatar/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.gravatar.com/avatar/182dd511dd531fcb21ce7dfb5eb6d732?s=30&r=g
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
62067d30a82c5fa271f263c2bca39a7091afb9fb6ebcd321190e17c489b7529c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-nc
MISS mia 1
date
Mon, 15 May 2023 21:09:56 GMT
last-modified
Wed, 11 Jan 1984 08:00:00 GMT
server
nginx
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=300
content-disposition
inline; filename="182dd511dd531fcb21ce7dfb5eb6d732.jpg"
accept-ranges
bytes
link
<https://www.gravatar.com/avatar/182dd511dd531fcb21ce7dfb5eb6d732?s=30&r=g>; rel="canonical"
content-length
1299
expires
Mon, 15 May 2023 21:14:56 GMT
GettyImages-1234464938.jpg
img.visiontimes.com/2023/05/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/GettyImages-1234464938.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
004589df2911624de98351e90b6081cdd49cb81d8cbc735eaa562870e53f5e40

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
last-modified
Mon, 15 May 2023 16:45:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"646261c5-18356"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8XFYAVyPYMheaxPRYX49ZjKb%2BDGccDLMyqn1LitKTdt7mrLmOLp6rwT7V3ZA1nUlEEkW3zKMJL%2BxoWU51QEo%2BXwXkY3aERDNfff89GssS4hwJs%2BIlqcspcByUMhwJE%2F7P%2BNiDqSDBVNBJeCuN3qDyg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d624e64da27-MIA
content-length
99158
expires
Mon, 29 May 2023 21:09:56 GMT
GettyImages-1252029816-485x360.jpg
img.visiontimes.com/2023/05/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/GettyImages-1252029816-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef207a86f8123b803cba15db0d8e6a306fe4d10e53532a080bf1349d5f0cddd5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
last-modified
Mon, 15 May 2023 19:41:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64628ad0-44b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJV5M3qM3vPP2pV6swqRM4x0vpGB8leuc56mVDR3ab%2FOeVPqnhuI7BP%2BiWjtiLHxR0pi8LLf5tXwWxaKP%2FfctxV8x9XqNC8UbX7HqrpF9wOZk9G5bS%2BbK7pe%2B1CAw%2BTaBr%2Bh1H1lTc1SBKYRUOPIuxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d624e5fda27-MIA
content-length
17584
expires
Mon, 29 May 2023 21:09:56 GMT
GettyImages-1489513807-485x360.jpg
img.visiontimes.com/2023/05/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/GettyImages-1489513807-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
753c73173aeae97b95d42e21bc6e64abccec125889f83f32573829a2392fd691

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
last-modified
Mon, 15 May 2023 18:00:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64627338-869a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivdwnCNcT6U%2FSaKqEQI9DTFY7SQb7IdFAA5JeXowyQPQBDvr1p77GRVsI%2B%2FWPHwpULztpiTjIciTyYDpwIsWlkaRByvux4mERhYZ1WfLQbTRIbA3pUUkZoajXFbLPfo2WHNQot%2BVKqEUSUlleLIDiUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d624e6bda27-MIA
content-length
34458
expires
Mon, 29 May 2023 21:09:56 GMT
513-new-york-falun-dafa-day-parade-485x360.jpeg
img.visiontimes.com/2023/05/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/513-new-york-falun-dafa-day-parade-485x360.jpeg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b3d660cfa369db69d2a34a66590c51ae01c59e1e5e153b8fdb5ba27c33b97f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
last-modified
Sat, 13 May 2023 18:00:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"645fd02c-d6aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3%2FlL9AzyEsPG6U9G%2Boe8G%2B1ihr0N1x2U7SbX5brSFdA%2FJ%2FWSn5DI989jLAEBsC6tMSYpRQ9eed%2F2NTIWEoDSiweqhsXGCXGo8JOtqUwdU72QQz7N4Zkgo7RaCwpOvXcqT2Il5JuWIRLRVWKlqjKvlY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d624e68da27-MIA
content-length
54954
expires
Mon, 29 May 2023 21:09:56 GMT
Happy-Mothers-Day-GettyImages-1212290254-485x360.jpg
img.visiontimes.com/2023/05/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/Happy-Mothers-Day-GettyImages-1212290254-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
973d61ffd9b8fc5464a6d8fcf39f4d518e79fa361c231c7476fd84d0c43a3990

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
last-modified
Fri, 12 May 2023 20:50:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"645ea679-7c86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6M3FiCL7Rhg1NZ6xZkV0PhD8ePB7AF5dR5CemxlJstyOcHsdcvs7gJiF82ZQ7QXo55gSs6ctNl3JU6vmdxa4be%2B8pRm3BoXMXIsY6VlKVO0b0DLgBmcZcVVT8dVFWx%2FGCDuuUqWgApJFUUWqKdbdGq0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d624e66da27-MIA
content-length
31878
expires
Mon, 29 May 2023 21:09:56 GMT
New-York-City-Household-Food-Consumption-Tracking-Carbon-Climate-Greenhouse-Gasses-485x360.jpg
img.visiontimes.com/2023/04/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/04/New-York-City-Household-Food-Consumption-Tracking-Carbon-Climate-Greenhouse-Gasses-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18e159d48019f540367ff0b5fe22b775481bdbb1e448367592ee9320378b3b79

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
last-modified
Wed, 19 Apr 2023 19:53:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"644046c3-a34c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMk0xsBe9rOlhg7FzEqpnBJ1ozObKymTO4E%2Bz1KEeHlTEqawa93LxvY3cnsQAHfJIdiXbeRfqMBdu0ZDk1PK3036zRGQvjZeVaVZ0IlfnsA4d9pavRa2zxIEtvybkZWvBi00C6lbNLvRteEYoZ%2Fg1JA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d625e8fda27-MIA
content-length
41804
expires
Mon, 29 May 2023 21:09:56 GMT
Benadryl-Challenge-TikTok-Promoting-Suicide-485x360.jpg
img.visiontimes.com/2023/04/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/04/Benadryl-Challenge-TikTok-Promoting-Suicide-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca654a84b46303968bd518b44c59765cbcd5f9da2e1849aaff5b04830725e3f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
last-modified
Fri, 21 Apr 2023 07:04:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6442358d-53f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sET5m5pvX0LiiVKYjGsxv0BJOVlgKw%2FrWEDD3VKcHwlnzEHKN04m%2FcJJWCgsDV4HQqKdmJwzBjwP%2FJhFriz8fGNDTW%2BFmH7BxApgzfNBx9%2FK%2BphPKaOpXEdA%2FzlvqDmtrwovk5Inbz2R1VhJyz1N6uQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d625e8ada27-MIA
content-length
21497
expires
Mon, 29 May 2023 21:09:56 GMT
GettyImages-1347948466-485x360.jpg
img.visiontimes.com/2023/04/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/04/GettyImages-1347948466-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18c641d6ffba288e8c3aa659e344f5078e06bef643a3f70b738a107f5225d9a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
last-modified
Wed, 19 Apr 2023 16:58:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64401dae-6000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpeKddJZp59PGgWw49DSxAs13AUb%2BHzo2TkTqSxwQfDK3yeTCUkhClcP2p6wAf7wf8jUU6YV%2BqZDZAcjPStCei%2Fh%2BOHdpQq69EpTKKLBrTKQImQq3ayguz%2FAjJ%2FeHgmQ40PdSkn9PbW7lNZh6sg2X5M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d625e93da27-MIA
content-length
24576
expires
Mon, 29 May 2023 21:09:56 GMT
GettyImages-1251952181-485x360.jpg
img.visiontimes.com/2023/04/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/04/GettyImages-1251952181-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb84d55d0eff18a727382e14c781549b9157e06de76f7fd0fbd1ba3993ef47d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
last-modified
Tue, 18 Apr 2023 19:20:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"643eed81-4f80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gaw2HLn0RauRbjC0AV7wS6nPMVjNDUFgHN99nlXyHC1ZIKFjHVQ0Cl7CFVr4POzv6%2Bq4dU5wHtAcoO3X6fjjUkYRtdg%2F5NeYN6gMWQS%2BCMAfOiErUNMBOiSRaL3EcGk1jQ%2BrJXWoLlyrv9E4Ih72fTY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d63a8e7da27-MIA
content-length
20352
expires
Mon, 29 May 2023 21:09:56 GMT
GettyImages-1351312041-485x360.jpg
img.visiontimes.com/2023/05/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/GettyImages-1351312041-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37ee14a863ff71490b976ec2dd4891f72aaa350cbae91ea6590fa079a17ca482

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
last-modified
Wed, 03 May 2023 16:50:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"645290c3-6bcf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYgblMhECM9okZw3w8HmhJSTONdlybijVuvily%2FX7gNmYdpGSf90hFEn3wSWn%2B6Gis7YyMNJ3l1ScYDocTIZgLeI7Ea0E4AG05w8JykrKzXfYUVYjgpO7bs5E4UqmjGuQI5jM1QwiA002Vuz8Q%2BeQk4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d63d927da27-MIA
content-length
27599
expires
Mon, 29 May 2023 21:09:56 GMT
GettyImages-1196587766-485x360.jpg
img.visiontimes.com/2023/04/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/04/GettyImages-1196587766-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
371dedf7de0db5146a3d67d490d968951d5098b692b72a22364f0886a830b093

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
199765
cf-polished
origSize=27612, status=webp_bigger
content-length
25941
cf-bgj
imgq:100,h2pri
last-modified
Thu, 20 Apr 2023 20:58:33 GMT
server
cloudflare
etag
"6441a779-6bdc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FwVsfiNi8tcMLHIk3I835ExIFJQR%2BxXSsIqaiEwNZTC5MC4gpJR%2FKjBtNL4AVYc3A6vGzE%2BXiVTe08KP7GYoREJgR5sFSf5NuyZObZbLP3wBM%2F9e2S%2BAKzXBhnO%2F07HmXbKB7Yj1ZG7Y%2BE4PqO8xzZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d63e951da27-MIA
expires
Sat, 27 May 2023 13:40:31 GMT
Banner-700x420-1-485x360.jpeg
img.visiontimes.com/2023/01/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/01/Banner-700x420-1-485x360.jpeg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c317be5449bc22f0218b741201bf2d9ad83298e9d0a80a05105e4aace497e68b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
last-modified
Mon, 30 Jan 2023 20:52:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63d82e00-502b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWEPU1gJ%2BNHlt%2F4prADB4PFsWknCldlxWTnoDehEyQDBoDMmGRcjxxVZxaqyMhj48JumZuL0osUIum4ySwaW0I7ztx1B3gRWcl0BGAdU8HCCUDaWWZ4knjhNAfszJeYPpJ6YGcLAzXvAyFk%2B9NG0mGk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d63f95fda27-MIA
content-length
20523
expires
Mon, 29 May 2023 21:09:56 GMT
Dublin-Declaration-Animal-Frontiers-Meat-Animal-Livestock-Necessary-Positive--485x360.jpg
img.visiontimes.com/2023/05/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2023/05/Dublin-Declaration-Animal-Frontiers-Meat-Animal-Livestock-Necessary-Positive--485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
110ac832aea4640f04bc676352db0f3a8353733a2e5b082308b84dfce265b895

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
last-modified
Wed, 03 May 2023 02:08:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6451c200-b953"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggki4ohqx0XZobjHsQlYFDJn6PqKQeV6KMn70VtyKCFVy%2BTvYBPrHsyAjO%2FPHA92fMPlxtmT2lPlfVM5QW%2BUold3o77bqTERXvkOKfi0xonJZ6YaVMU5Vb%2BfYXr%2FWxQwvxMQPD8%2BSspn%2BzwEQShWpw8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d640978da27-MIA
content-length
47443
expires
Mon, 29 May 2023 21:09:56 GMT
Dutch-Netherlands-Government-Confiscate-3000-Farms-Saving-Environment-485x360.jpg
img.visiontimes.com/2022/11/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.visiontimes.com/2022/11/Dutch-Netherlands-Government-Confiscate-3000-Farms-Saving-Environment-485x360.jpg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db81b96903718193b33fb7c3556f7693ebee23327a62cbf8ded1191410b8fb69

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cf-cache-status
MISS
last-modified
Tue, 29 Nov 2022 05:02:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63859268-8e0c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P64qn1KmRoS88aoDQ1cCpGa5HWvvXQ6FsK95DA%2B85H6v1NpiT0B8ihSEC138l7oq2P3v%2BxbyH7E12QEx46fBIEp7adIzXE5M6TULHzLduO5cFsLfIHbDeX1xgWrRli2nnv4crG416%2FEowWD5c4UkgIs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7c7e5d641983da27-MIA
content-length
36364
expires
Mon, 29 May 2023 21:09:56 GMT
gtm.js
www.googletagmanager.com/ 		151 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8PQVQT
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dda2940cb955e2cd2f9d18d83251dc89e571836784f0ad9faf87918cb1defbef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
57920
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 May 2023 21:09:56 GMT
version.json
sdki.truepush.com/sdk/ 		176 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/version.json
Requested by
Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.3/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:ce00:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4ecf24b7db78a8e99bb3c0581cc859f5edc4ef62e682d91e963ff3e9f8763c62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 07:06:51 GMT
via
1.1 25c8a58d4773aeef98fa0f0f950689bc.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 05:36:06 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
1432985
etag
"327739750637fd5a1dd49dd855637862"
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
cache-control
max-age=300
accept-ranges
bytes
content-length
176
x-amz-cf-id
3a_SY_GgdpQmmql6hOrYxjq12kwVF_W7rwaWPv4QMtmO1CoJAdX7Jg==
grumi-ip.js
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/hb_vt_en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:5e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 20:56:08 GMT
x-amz-version-id
HFh6IzfXdoZ1C3.xWGNljbr4Xf2FaWTm
content-encoding
br
last-modified
Mon, 27 Mar 2023 06:19:39 GMT
server
AmazonS3
via
1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"22b4da07003fc88ea067e3f866ea9c5a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
828
x-amz-cf-id
05fEHCIoQF4mgAQ4b9Yht5YKP9XmFbYLenPemHpvpkwIsbrxa6GhFQ==
apstag.js
c.amazon-adsystem.com/aax2/ 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/hb_vt_en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a95e7d0a3cb18909649c1c1cf3a03b867df399d7a68a95438700d0c250190ea5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 20:17:37 GMT
content-encoding
gzip
via
1.1 0459f0f7053eeb224fd9fe0f5db5970a.cloudfront.net (CloudFront), 1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:10 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, JFK50-P3
age
3140
x-amz-server-side-encryption
AES256
etag
W/"7495a9027cbb36cfc88c8eb9e9614a3b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
OxpzBJ08v7RuhQe0mrT8vPj8EtcPZEXhW_pGOfSlvkuqx246h65r4A==
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.visiontimes.com%2F&domain=www.visiontimes.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.visiontimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 15 May 2023 21:09:56 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
218700
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
localstore.js
script.4dex.io/ 		483 B
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 21:09:56 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
345757
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njeo4F1m6P8mVokHpwAeAZ33CL5%2FnVFXlLfSleI9L%2FlHtf97ySzzgoNmCSoBmUYnwhZemgyuvL4YRk1q4uVXcxVJdAI6gFotv99Yw%2Fh5XQ1Te0AkK7T7JY7%2Bl%2FlV0TGITOEL9pnAtqvZpMrv"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7c7e5d63d876b3d4-MIA
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.visiontimes.com%2F&domain=www.visiontimes.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=CBjrVXxaR1lFcEFpMjNFWlI2alFWSXdmRDdxK0UzOEhjdCtJTFFHRFhVRWZwUnE3VzIwM1FWL0xEejI5MURhdWlvMUh1L2QxTmVyaWRRYVR2SFRZZWxnTkcwL1dZdUpzdXlVS0JWWGwzV29NTnlFeW1hUURqcDZYN3lmK3...
367 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=CBjrVXxaR1lFcEFpMjNFWlI2alFWSXdmRDdxK0UzOEhjdCtJTFFHRFhVRWZwUnE3VzIwM1FWL0xEejI5MURhdWlvMUh1L2QxTmVyaWRRYVR2SFRZZWxnTkcwL1dZdUpzdXlVS0JWWGwzV29NTnlFeW1hUURqcDZYN3lmK3dwODNqQlpxU1ZkUzB0MmZCZ0tWRWRVTU9sbEprcC9uWEZUZkJNekpmL1FaL3QrTW9BeEJWRU1BaU9yRDJ5VjFMQmloaFpIQ1F1WXpRNkEyb2VPcE5PQ2dVaXFjNDU0cVJpaFljK0hLS2dCTmZCb24vUGI0eFBIaEgvWDZKb3VGbGFUU1A1ZUIzfA&cppv=2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f93d7de0b18db662f7431d257739e8ab6d1b9810f892504283acbaf264c26594
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
600523
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:55 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=CBjrVXxaR1lFcEFpMjNFWlI2alFWSXdmRDdxK0UzOEhjdCtJTFFHRFhVRWZwUnE3VzIwM1FWL0xEejI5MURhdWlvMUh1L2QxTmVyaWRRYVR2SFRZZWxnTkcwL1dZdUpzdXlVS0JWWGwzV29NTnlFeW1hUURqcDZYN3lmK3dwODNqQlpxU1ZkUzB0MmZCZ0tWRWRVTU9sbEprcC9uWEZUZkJNekpmL1FaL3QrTW9BeEJWRU1BaU9yRDJ5VjFMQmloaFpIQ1F1WXpRNkEyb2VPcE5PQ2dVaXFjNDU0cVJpaFljK0hLS2dCTmZCb24vUGI0eFBIaEgvWDZKb3VGbGFUU1A1ZUIzfA&cppv=2
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
578949
content-length
0
expires
0
1009.json
id5-sync.com/g/v2/ 		600 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1009.json
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
0a14b62bf8b523b4158254d61d4cc0a6129c9dbaefbae6242d421f320174bcc0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
id
id.crwdcntrl.net/ 		75 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.70.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-70-17.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
0d881e30ed60a314c07c97b31ad0678bea9a215c9d575f9ecdba2b28cb9c8fa0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:56 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache
x-server
10.40.39.241
access-control-allow-credentials
true
content-length
75
expires
0
prebid
ib.adnxs.com/ut/v3/ 		954 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.117 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6003f8587c289f6264395e82066363705a416bcef667fb8294d2bfd214573afc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 15 May 2023 21:09:56 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ba844cc6-c5d6-4675-9f33-305a416996d0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.visiontimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
mp.4dex.io/ 		1002 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93375df1e636b8fd3cc93e22e43f96f1dcaaf929824e9ced08d3da4b242902ac

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Mon, 15 May 2023 21:09:56 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1096
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c7e5d64f978daf1-MIA
expires
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:55 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:56 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:55 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:55 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:55 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
v1
prg.smartadserver.com/prebid/ 		0
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: intothebid.com
URL: https://intothebid.com/wrapper/vt/prebid.vt_en.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:55 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
main.js
sdki.truepush.com/sdk/v2.0.4/ 		80 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdki.truepush.com/sdk/v2.0.4/main.js
Requested by
Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.3/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:ce00:7:6b7b:1000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6dc50509c75d563ba18f32e35c8aa2ff630f46492df8dad7c66515fe6eaf34ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 22 Apr 2023 12:39:08 GMT
content-encoding
gzip
via
1.1 d0bce79fed43d50812383302c31b7430.cloudfront.net (CloudFront)
last-modified
Wed, 27 Jul 2022 04:37:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
2017849
etag
"3d47f45ecfb765f8b8b58d2a4b1883fb"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
18934
x-amz-cf-id
0RxvrEUR3F8g1Rqn5bazd5gljiWVdmXjc3FQLXCPwHcyNBK1YxJakA==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/ 		403 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074524
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 14:04:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
25535
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127561
x-xss-protection
0
server
cafe
etag
1000764176958695900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 14 May 2024 14:04:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		534 B
790 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.visiontimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dcd17d87223e4a3c2032ebf5197703e662d81c36f61f73e13667dacf2931d291
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247
x-xss-protection
0
expires
Mon, 15 May 2023 21:09:56 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 21:09:56 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
195368
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxWnMEgvlcPAjmRyTQsOBYKXTOKzcK9WrKoT9V%2FGK40497TlVCcS6AvJMi%2FbVlzTnncnE3eNSU%2FUbeQ01%2BjNxY%2Br3hJI%2ByQXAE08Y1jsOtNqqvmO8uYiIT4gWO%2FORkSpePk0tx19jWXFHGyk"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7c7e5d657aae3360-MIA
grumi.js
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ 		241 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:5e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d1803dffa6f20435a88c9eb3122be063901b00b95839fee0e8f67a6244b4b69

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 20:50:48 GMT
x-amz-version-id
K6PC6L7rBfTKoQcxojQryxVNxPG0tETg
content-encoding
br
last-modified
Mon, 15 May 2023 20:38:35 GMT
server
AmazonS3
via
1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"53e158c7a15dfcce97fdeb0b0560f65a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1149
x-amz-cf-id
y6g6gMT32eU4j74FBta5IN_t_Fh1JbsJOeiXXvDocnl0F7tOJr6RCw==
/
www.googleadservices.com/pagead/conversion/464712619/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/464712619/?random=1684184996712&cv=11&fst=1684184996712&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fmachine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Machine%20Learning%20Analysis%20Reveals%20Most%20COVID-19%20Deaths%20May%20Have%20Been%20Due%20to%20Secondary%20Infection%20-%20Vision%20Times&value=0&bttype=purchase&auid=254402097.1684184997&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
14dc422716e3771c4842b233513bec1ac71b5174d91b1781123d3d2d1cd1790e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1717
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
atrk.js
certify-js.alexametrics.com/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 15 May 2023 21:09:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
7Li/lv2uGBGzDlajnDViVzNAGmvdy+Ns79Wh22EYmuHkgmbScN7dDZkuKNWBo48q1A1it0zuLFYRNHypSVF9Kw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		232 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7LEG9MJJ0Q&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8PQVQT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b4858f1ed4a3bd2f80208200acef725144d23fe8f491cda086c0759249485dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82044
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 15 May 2023 21:09:56 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		469 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.visiontimes.com&pubid=3461f73b-6362-4745-8a10-f16ffbdf676e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
7d023f18fa0dabb2d29a1926fe8e6e0f794724f4359ceb19869a409a1e7e98a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 16:21:14 GMT
via
1.1 0667564db9d2ec4ceec667e46b842a9c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
17322
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
469
x-amz-cf-id
1smpEeaVMawuR2NYXURH1oHBJRiTY3jYJnX_jyJA00R5rnbuhA85Sw==
bid
aax.amazon-adsystem.com/e/dtb/ 		200 B
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fmachine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html&pid=vhz29l5DtGUWS&cb=0&ws=1600x1200&v=23.505.1627&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1637331984526-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22652677200%2Fvisiontimes_en%2Fdesktop_catfish%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1637331987129-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22652677200%2Fvisiontimes_en%2Fdesktop_middle_01%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1637331990247-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22652677200%2Fvisiontimes_en%2Fdesktop_middle_02%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1637331992487-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22652677200%2Fvisiontimes_en%2Fdesktop_middle_03%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1637331996002-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2222652677200%2Fvisiontimes_en%2Fdesktop_sidebar_01%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1637331998545-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2222652677200%2Fvisiontimes_en%2Fdesktop_sidebar_02%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1637332002034-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22652677200%2Fvisiontimes_en%2Fdesktop_top%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!152media.info%2C152M164%2C1%2C%2C%2C&pubid=3461f73b-6362-4745-8a10-f16ffbdf676e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.107.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-107-227.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
07b7fad6048490c6557477137ad2c678b11164d6303d07304552beb29d4aae1f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:57 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 4229f114865802c4acd3e785fddcbf9c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P6
x-amz-rid
DSXDS51K7083JCEVFPEC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
200
x-amz-cf-id
hxDgffTy6nIE-IlKYucInPTb-A_wQeUFN0oeqq9VadSj7eXL6SgasA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 6104f765cfecf9c49eb7195c359eea46.cloudfront.net (CloudFront)
date
Mon, 15 May 2023 21:09:57 GMT
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
au5LqUiaJEQqjynSnUoXT7PbOTzPgJo5aNQArnplfr3-OljeS8n5iA==
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=CBjrVXxaR1lFcEFpMjNFWlI2alFWSXdmRDdxK0UzOEhjdCtJTFFHRFhVRWZwUnE3VzIwM1FWL0xEejI5MURhdWlvMUh1L2QxTmVyaWRRYVR2SFRZZWxnTkcwL1dZdUpzdXlVS0JWWGwzV29NTnlFeW1hUURqcDZYN3lmK3dwODNqQlpxU1ZkUzB0MmZCZ0tWRWRVTU9sbEprcC9uWEZUZkJNekpmL1FaL3QrTW9BeEJWRU1BaU9yRDJ5VjFMQmloaFpIQ1F1WXpRNkEyb2VPcE5PQ2dVaXFjNDU0cVJpaFljK0hLS2dCTmZCb24vUGI0eFBIaEgvWDZKb3VGbGFUU1A1ZUIzfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 15 May 2023 21:09:56 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
232906
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truepushSDKPlatfromDetails
sdk.truepush.com/api/v2/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
Requested by
Host: sdki.truepush.com
URL: https://sdki.truepush.com/sdk/v2.0.4/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.154 , India, ASN18229 (CTRLS-AS-IN CtrlS, IN),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
fbaac91675e4fb73e0e243081c362535d0160dd5713886ecd67d07b563d847f7
Security Headers
Name Value
Content-Security-Policy img-src * data:
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 15 May 2023 21:09:59 GMT
Content-Security-Policy
img-src * data:
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Permitted-Cross-Domain-Policies
none
Transfer-Encoding
chunked
X-DNS-Prefetch-Control
off
Connection
keep-alive
X-XSS-Protection
0
Referrer-Policy
no-referrer
Server
nginx/1.16.1
ETag
W/"440-gEXwGwkjIAH1gUSKTC9YzU08nwk"
Expect-CT
max-age=0
Vary
Origin, X-HTTP-Method-Override, Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.visiontimes.com
X-Download-Options
noopen
Access-Control-Allow-Credentials
true
truepushSDKPlatfromDetails
sdk.truepush.com/api/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.truepush.com/api/v2/truepushSDKPlatfromDetails
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.146.40.154 , India, ASN18229 (CTRLS-AS-IN CtrlS, IN),
Reverse DNS
Software
nginx/1.16.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.visiontimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
https://www.visiontimes.com
Connection
keep-alive
Content-Length
0
Date
Mon, 15 May 2023 21:09:57 GMT
Server
nginx/1.16.1
Vary
Origin, Access-Control-Request-Headers
X-Powered-By
Express
22652677200
fundingchoicesmessages.google.com/i/ 		132 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22652677200?ers=3
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3b613a16b9c6d096b99ba07579eb4f95395e6687273f27520aca06fcb2e4cbf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5dc0o_cUZlHytZ9hS0_MkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-5dc0o_cUZlHytZ9hS0_MkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.157.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-157-234.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.visiontimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 15 May 2023 21:09:57 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
C05E5NY4BR3QH5SM
age
805
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c7e5d670e86031c-MIA
x-amz-id-2
dmR7r7pMt3z+eGFTgt2FlrgJ+fKN3Ks1Xt+weTXEceCE1hvofQcO6qqZEoh0voPEqRPxD765G9s=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.157.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-157-234.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 21:09:57 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C132 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.204.76.201 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=35503
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 15 May 2023 21:09:57 GMT
expires
Tue, 16 May 2023 07:01:40 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
collect
analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-7LEG9MJJ0Q&gtm=45je35a0&_p=1050153074&_gaz=1&cid=1535622750.1684184997&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684184996&sct=1&seg=0&dl=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fmachine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html&dt=Machine%20Learning%20Analysis%20Reveals%20Most%20COVID-19%20Deaths%20May%20Have%20Been%20Due%20to%20Secondary%20Infection%20-%20Vision%20Times&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_author=Todd%20Crawford
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LEG9MJJ0Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7LEG9MJJ0Q&cid=1535622750.1684184997&gtm=45je35a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7LEG9MJJ0Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-conversion/464712619/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/464712619/?random=1784283487&cv=11&fst=1684184996712&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
  • https://www.google.com/pagead/1p-conversion/464712619/?random=1784283487&cv=11&fst=1684184996712&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F202...
42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/464712619/?random=1784283487&cv=11&fst=1684184996712&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fmachine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Machine%20Learning%20Analysis%20Reveals%20Most%20COVID-19%20Deaths%20May%20Have%20Been%20Due%20to%20Secondary%20Infection%20-%20Vision%20Times&value=0&auid=254402097.1684184997&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExDSG93WVFsb3ktdlBmTzQ0TXBFaVVBRmtPellTSFdmV3V0TjFSLUx5amY3bjdjRXZReWF5S2FZTDRqYTFZTXJMSUZQcnI4GldDaEFJOExDSG93WVFpSU8zM3Z2RDZKWnRFaTBBRzFOVzBWckh2OW15OVNPTFR6OTVSVEtOQmRRRTR0TzhUR3NJTEpWYl8wSE1oQXpjbnFWWmJkd241NkU&is_vtc=1&ocp_id=pJ9iZLijOsLD_gS82KKABA&eitems=ChAI8LCHowYQlqKdsc7m4tJYEh0AJVrbTZEcDz5aC5tWIY3d8KSBbmUWsvAwcKHvpA&random=2526245148
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Server
2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:57 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:57 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/464712619/?random=1784283487&cv=11&fst=1684184996712&bg=ffffff&guid=ON&async=1&gtm=45He35a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fmachine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html&label=KWl_CLD7yuIDEKvny90B&hn=www.googleadservices.com&frm=0&tiba=Machine%20Learning%20Analysis%20Reveals%20Most%20COVID-19%20Deaths%20May%20Have%20Been%20Due%20to%20Secondary%20Infection%20-%20Vision%20Times&value=0&auid=254402097.1684184997&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExDSG93WVFsb3ktdlBmTzQ0TXBFaVVBRmtPellTSFdmV3V0TjFSLUx5amY3bjdjRXZReWF5S2FZTDRqYTFZTXJMSUZQcnI4GldDaEFJOExDSG93WVFpSU8zM3Z2RDZKWnRFaTBBRzFOVzBWckh2OW15OVNPTFR6OTVSVEtOQmRRRTR0TzhUR3NJTEpWYl8wSE1oQXpjbnFWWmJkd241NkU&is_vtc=1&ocp_id=pJ9iZLijOsLD_gS82KKABA&eitems=ChAI8LCHowYQlqKdsc7m4tJYEh0AJVrbTZEcDz5aC5tWIY3d8KSBbmUWsvAwcKHvpA&random=2526245148
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
b387a4825827f075022ca881f008355af630321ddfd3f64800c9c18b78cfb0e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.visiontimes.com
date
Mon, 15 May 2023 21:09:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
448123030045464
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/448123030045464?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5daf3ddd0d8644eaaf32623d688bc566f5c0085f28fe8a3b9010fe243fe2343e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 15 May 2023 21:09:57 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87900
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
sRhLT8kIxHs4/EExbWEPavuxZkb4EXRz+7CCb6e8raWali2fbQ5VX9yZWyGOf1caWeCJtWnLWXuljva6x8mnjA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), gyroscope=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C132 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99082751&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
89bb96ac7b8c02fd87c0486f2a256f8ad3aa063caf3224292aceee1c50054551

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 21:09:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
AGSKWxXnBaaG-F-7FFRlNb_oIs1-Teu9TSyvzH7ICHsIq5zh3b59i5JFgRqAlQp1fdwbovyZD4AwyRCt_ME9DuTFiA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXnBaaG-F-7FFRlNb_oIs1-Teu9TSyvzH7ICHsIq5zh3b59i5JFgRqAlQp1fdwbovyZD4AwyRCt_ME9DuTFiA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0MTg0OTk3LDI2NzAwMDAwMF0sIkI5RDZFNDYwLTYyNjktNEE2MC05NDlFLTE5RTMzRUFFNjJFMyIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LnZpc2lvbnRpbWVzLmNvbS8yMDIzLzA1LzE1L21hY2hpbmUtbGVhcm5pbmctYW5hbHlzaXMtcmV2ZWFscy1tb3N0LWNvdmlkLTE5LWRlYXRocy1tYXktaGF2ZS1iZWVuLWR1ZS10by1zZWNvbmRhcnktaW5mZWN0aW9uLmh0bWwiLG51bGwsW1s4LCJPRlpFR3I4aVdLMCJdLFs5LCJlbi1VUyJdLFsxNywiWzBdIl1dXQ
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cc4a24bc8d65d0fe135555f2bc27b8fcd171ae92a18f7e5153ac9e0f469e5313
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7W7CC3Mem7SEKk37_QIZ0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:57 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-7W7CC3Mem7SEKk37_QIZ0Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=448123030045464&ev=PageView&dl=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fmachine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html&rl=&if=false&ts=1684184997314&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684184997310.1198975153&it=1684184997076&coo=false&rqm=GET
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 15 May 2023 21:09:57 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 0A69
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGKfpQAKXaX7-wBa
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 15 May 2023 21:09:57 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760030-MIA
x-timer
S1684184998.574821,VS0,VE27

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Mon, 15 May 2023 21:09:57 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZGKfpQAKXaX7-wBa
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia-kmia1760030-MIA
x-timer
S1684184997.489017,VS0,VE26
Pug
image2.pubmatic.com/AdServer/ Frame BE01
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=997336239957990237
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=997336239957990237
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 20:55:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 15 May 2023 21:09:57 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=997336239957990237
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
s.amazon-adsystem.com/ Frame 030B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 21:09:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
S4ZMYSPNGKS5BTMMJ5CE

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 15 May 2023 21:09:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8ZR5XHAAN4K0WHH6R756
Pug
image2.pubmatic.com/AdServer/ Frame DD52
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFETUVVN0l4VDhBQUNEaGhlNXh6Zw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADMEU7IxT8AACDhhe5xzg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADMEU7IxT8AACDhhe5xzg&pid=558502&do=add&gd...
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADMEU7IxT8AACDhhe5xzg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=8778593393162565071&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADMEU7IxT8AACDhhe5xzg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D8778593393162565071%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=8778593393162565071&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMEU7IxT8AACDhhe5xzg&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMEU7IxT8AACDhhe5xzg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 20:55:41 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 15 May 2023 21:09:59 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADMEU7IxT8AACDhhe5xzg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 04B4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:07bf6462-9fa5-4c00-b44d-35d8a666903a&gdpr=0&gdpr_consent=
42 B
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:07bf6462-9fa5-4c00-b44d-35d8a666903a&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 15 May 2023 21:09:57 GMT
Expires
Mon, 15 May 2023 21:09:56 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master ord-pixel-x55 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:07bf6462-9fa5-4c00-b44d-35d8a666903a&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 1BA7
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d8b1e020-f364-11ed-afed-79fe905fd7cd
42 B
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d8b1e020-f364-11ed-afed-79fe905fd7cd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Mon, 15 May 2023 21:09:57 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d8b1e020-f364-11ed-afed-79fe905fd7cd
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-5
Pug
simage2.pubmatic.com/AdServer/ Frame DFC0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1878449818340226898&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1878449818340226898&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
0b01f42d-3c55-4eca-8cf9-4365de12584f
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 15 May 2023 21:09:57 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1878449818340226898&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame 20C0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1ZmxGtrL5h3OlOYR0ZqqGICasRHOn78e0s6KF3iZ
42 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1ZmxGtrL5h3OlOYR0ZqqGICasRHOn78e0s6KF3iZ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 15 May 2023 21:09:57 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=1ZmxGtrL5h3OlOYR0ZqqGICasRHOn78e0s6KF3iZ
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
141
match.deepintent.com/usersync/ Frame B67E 		0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Mon, 15 May 2023 21:09:57 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
c
usersync.aspx
dis.criteo.com/dis/ Frame 5653 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 21:09:57 GMT
expires
Mon, 15 May 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
406082
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8459
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:YhYaFqPF1PYFs95&gdpr=0&gdpr_consent=
42 B
221 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:YhYaFqPF1PYFs95&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Mon, 15 May 2023 21:09:56 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:YhYaFqPF1PYFs95&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-0494e75ed7bee96cc@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 11CD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=75VtjvQJUThyUo15rWbu4SaEdkQ&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=75VtjvQJUThyUo15rWbu4SaEdkQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 15 May 2023 21:09:57 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=75VtjvQJUThyUo15rWbu4SaEdkQ&gdpr=0&gdpr_consent=
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame F7F7
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=82a31aa6-3f4b-4bdd-91c8-ea44399a66d4&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039
42 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.46.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-46-135.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Mon, 15 May 2023 21:09:57 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 15 May 2023 21:09:57 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 7EC1
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&gdpr=0&gdpr_consent=
42 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 21:09:57 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame BC2E
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 21:09:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 15 May 2023 21:09:57 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame D2F0
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=780068531250
42 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=780068531250
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=780068531250
setuid
u.4dex.io/ Frame 140B 		0
657 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)3A697C57-7C9E-4D0E-A86D-0F8BE60D9039
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 15 May 2023 21:09:57 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C132
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Oml8V3yeTQ6obQ-L5g2QOQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
23.204.76.201 Miami, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-76-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:57 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=35503
accept-ranges
bytes
content-length
5554
expires
Tue, 16 May 2023 07:01:40 GMT

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame C132
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=dd686dd4-1c65-4e82-9116-5abc5618c496%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=57e90848-2bba-4bbe-a9e5-84854c75a2a1&ttd_puid=dd686dd4-1c65-4e82-9116-5abc5618c496%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=57e90848-2bba-4bbe-a9e5-84854c75a2a1&ttd_puid=dd686dd4-1c65-4e82-9116-5abc5618c496%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:57 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=57e90848-2bba-4bbe-a9e5-84854c75a2a1&ttd_puid=dd686dd4-1c65-4e82-9116-5abc5618c496%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
xuid
eb2.3lift.com/ Frame C132
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7976&xuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&dongle=u6nf&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7976&xuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 15 May 2023 21:09:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7976&xuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&dongle=u6nf&gdpr=0&cmp_cs=&us_privacy=
date
Mon, 15 May 2023 21:09:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame C132
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&vxii_pid=12&vxii_pid1=10067&vxii_rcid=bd7e74c1-3b1b-42be-920a-877bcf26719f
43 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&vxii_pid=12&vxii_pid1=10067&vxii_rcid=bd7e74c1-3b1b-42be-920a-877bcf26719f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
3.216.88.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-216-88-130.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Mon, 15 May 2023 21:09:57 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&vxii_pid=12&vxii_pid1=10067&vxii_rcid=bd7e74c1-3b1b-42be-920a-877bcf26719f
date
Mon, 15 May 2023 21:09:57 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame C132
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0E2OTdDNTctN0M5RS00RDBFLUE4NkQtMEY4QkU2MEQ5MDM5&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C132
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMlDkFF03ck-K2Lecj3m-RE&google_cver=1
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMlDkFF03ck-K2Lecj3m-RE&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMlDkFF03ck-K2Lecj3m-RE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C132
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:358D9F46F8F14121BAA67F8549D18ECF
42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:358D9F46F8F14121BAA67F8549D18ECF
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Mon, 15 May 2023 21:09:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:358D9F46F8F14121BAA67F8549D18ECF
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 14 May 2023 21:09:57 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C132
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4201811658813377110&gdpr=0&gdpr_consent=&us_privacy=
1 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4201811658813377110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 21:09:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4201811658813377110&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 15 May 2023 21:09:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C132
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=57e90848-2bba-4bbe-a9e5-84854c75a2a1&gdpr=0&gdpr_consent=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=57e90848-2bba-4bbe-a9e5-84854c75a2a1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=57e90848-2bba-4bbe-a9e5-84854c75a2a1&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame C132
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6RGEmcxE2uWTsp53.hsKkgDzXO4.ln4-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6RGEmcxE2uWTsp53.hsKkgDzXO4.ln4-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:56 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-6RGEmcxE2uWTsp53.hsKkgDzXO4.ln4-~A&gdpr=0
date
Mon, 15 May 2023 21:09:57 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
3A697C57-7C9E-4D0E-A86D-0F8BE60D9039
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C132 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3A697C57-7C9E-4D0E-A86D-0F8BE60D9039?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:d0a0:257f:95e7:202f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:57 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame C132
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=72378521cec21876&is_secure=true&networkId=17100&version=1&nuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMD1VNyALQ9ANfSR0VAAAAAAA&expiration=1684271398&nuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&...
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMD1VNyALQ9ANfSR0VAAAAAAA&expiration=1684271398&nuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:58 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMD1VNyALQ9ANfSR0VAAAAAAA&expiration=1684271398&nuid=3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C132
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cc614e47-c197-4019-a2e1-31bf2fab522c&gdpr=0&gdpr_consent=
1 B
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cc614e47-c197-4019-a2e1-31bf2fab522c&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 21:09:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cc614e47-c197-4019-a2e1-31bf2fab522c&gdpr=0&gdpr_consent=
Date
Mon, 15 May 2023 21:09:58 GMT
Connection
keep-alive
X-CI-RTID
02de93cd-f8b3-4234-abae-02e53a5a0016
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame C132
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb2-useast.marketiq.com/sync?exchange=685&ssp=pubmatic&bsw_param=302793a9-b009-4a77-8b97-31881106423f
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.marketiq.com%2Fsync%3Fexchange%3D685%26ssp%3Dpubmatic%26bsw_param%3D302793a9-b009-4a77-8b97-31881106423f
  • https://rtb2-useast.marketiq.com/sync?adkuid=A9164306052756289766&exchange=685&ssp=pubmatic&bsw_param=302793a9-b009-4a77-8b97-31881106423f
  • https://x.bidswitch.net/sync?dsp_id=458&user_id=A9164306052756289766&expires=5&ssp=pubmatic&bsw_param=302793a9-b009-4a77-8b97-31881106423f
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=302793a9-b009-4a77-8b97-31881106423f&gdpr=&gdpr_consent=&gdpr_pd=
1 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=302793a9-b009-4a77-8b97-31881106423f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 15 May 2023 21:09:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=302793a9-b009-4a77-8b97-31881106423f&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 15 May 2023 21:09:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sn.ashx
pmp.mxptint.net/ Frame C132
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA9_102BA81D6_7BD4C4BC&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Server
38.68.201.140 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-367189798; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Mon, 15 May 2023 21:09:57 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-367189798; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 15 May 2023 21:09:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame C132
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:57 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame C132 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-158-212.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C132
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7375415336311263156
42 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7375415336311263156
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 15 May 2023 21:09:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=7375415336311263156
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.visiontimes.com
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
iu3
s.amazon-adsystem.com/ Frame 4EB7
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
370 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
1b5d32e056bc3ab72bddd2b3d3a1ae15ee13afae22636867109a660cfea064ad
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
370
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 15 May 2023 21:09:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8M4818SJ7457FWG529HF

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 15 May 2023 21:09:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BX2XBV96CCXEWHY9X0ZQ
AGSKWxVE5JD3l1CagQ2taVFLOdz9g7WAtZe3VyhF-T2rf1L6SVN4As7tzpePvz4cBjL2Ycvhc2HTqVZzm6hm6uVfQdyATq5EuIujTrXlaQkFxw_zHruQ9S4bh-YQaBpGzX5Rl4pVitQA
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVE5JD3l1CagQ2taVFLOdz9g7WAtZe3VyhF-T2rf1L6SVN4As7tzpePvz4cBjL2Ycvhc2HTqVZzm6hm6uVfQdyATq5EuIujTrXlaQkFxw_zHruQ9S4bh-YQaBpGzX5Rl4pVitQA?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0MTg0OTk3LDU3NDAwMDAwMF0sIkI5RDZFNDYwLTYyNjktNEE2MC05NDlFLTE5RTMzRUFFNjJFMyIsbnVsbCxudWxsLFtudWxsLFs3LDldLG51bGwsMl0sImh0dHBzOi8vd3d3LnZpc2lvbnRpbWVzLmNvbS8yMDIzLzA1LzE1L21hY2hpbmUtbGVhcm5pbmctYW5hbHlzaXMtcmV2ZWFscy1tb3N0LWNvdmlkLTE5LWRlYXRocy1tYXktaGF2ZS1iZWVuLWR1ZS10by1zZWNvbmRhcnktaW5mZWN0aW9uLmh0bWwiLG51bGwsW1s4LCJPRlpFR3I4aVdLMCJdLFs5LCJlbi1VUyJdLFsxNywiWzBdIl1dXQ
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3bcf11c15da7bcd40e1ad8cbfc48dbf8e00194f04ac8e143ca0c67b41447b6c3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-D1PWYjXY2roXtMJHvG5zjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:57 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-D1PWYjXY2roXtMJHvG5zjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681262126399519&correlator=1226505157723614&eid=31074524&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&gdpr=0&iu_parts=22652677200%2Cvisiontimes_en%2Cdesktop_top&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&adks=2296131749&didk=2870634651&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684184997603&lmt=1684184997&dlt=1684184995696&idt=1102&adxs=436&adys=30&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fmachine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html&frm=20&vis=1&psz=1600x150&msz=1600x90&fws=4&ohw=1600&ga_vid=1535622750.1684184997&ga_sid=1684184998&ga_hid=1050153074&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86ac8250b5282d15315516cb5ce3242096aac110ba2eba921ed84b48e78671ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17621
x-xss-protection
0
google-lineitem-id
6248293137
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138426273959
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
724b151cdf99a9c97491bf65f9e2d213.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CC2E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://724b151cdf99a9c97491bf65f9e2d213.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 21:09:57 GMT
expires
Tue, 14 May 2024 21:09:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681262126399519&correlator=1226505157723614&eid=31074524&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&gdpr=0&iu_parts=22652677200%2Cvisiontimes_en%2Cdesktop_catfish&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=3176531151&didk=2584957841&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684184997658&lmt=1684184997&dlt=1684184995696&idt=1102&adxs=436&adys=1109&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fmachine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html&frm=20&vis=1&psz=1600x-1&msz=1598x-1&fws=512&ohw=0&ga_vid=1535622750.1684184997&ga_sid=1684184998&ga_hid=1050153074&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
914d7a3d15d52bae94f0dceed31f020e2c1fabebb8955e46f4dd48471e61f47c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11573
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681262126399519&correlator=1226505157723614&eid=31074524&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&gdpr=0&iu_parts=22652677200%2Cvisiontimes_en%2Cdesktop_sidebar_02&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=3&adks=2760202181&didk=712528481&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684184997677&lmt=1684184997&dlt=1684184995696&idt=1102&adxs=1069&adys=2050&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fmachine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html&frm=20&vis=1&psz=313x310&msz=313x250&fws=4&ohw=1600&ga_vid=1535622750.1684184997&ga_sid=1684184998&ga_hid=1050153074&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2169f17e3a11ea908bd60ead2e3a1c7b3d6482c7e4e6ed04b5960e12eeb640e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11386
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=681262126399519&correlator=1226505157723614&eid=31074524&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fif&gdpr=0&iu_parts=22652677200%2Cvisiontimes_en%2Cdesktop_sidebar_01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=4&adks=3438327699&didk=2376093582&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1684184997688&lmt=1684184997&dlt=1684184995696&idt=1102&adxs=1069&adys=798&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.visiontimes.com%2F2023%2F05%2F15%2Fmachine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html&frm=20&vis=1&psz=313x310&msz=313x250&fws=4&ohw=1600&ga_vid=1535622750.1684184997&ga_sid=1684184998&ga_hid=1050153074&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3702e02419751db72b7b39d42ff00636aa864a120951bc4defa47780494038f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17420
x-xss-protection
0
google-lineitem-id
6122896206
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138425427223
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
922.json
id5-sync.com/g/v2/ 		594 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/922.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
321aa4e48792b7db9d20e0f4686d7f0bd11b2da30eba3a5b15b7a25176ed2744
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 21:09:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.visiontimes.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:57 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
D0KV3SQFPN9X6G6W
age
2278
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c7e5d6c7fe3031c-MIA
x-amz-id-2
npyswO53H0h3EBSnz9X6/wNI+yFo3GHE1DAQMoBd8fX7CezzxbERIkohwYnNHlgJgGkoDJKFHcb9M0uA+VfDoQ==
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 21:09:57 GMT
x-content-type-options
nosniff
content-encoding
br
age
29381
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-mia-kmia1760072-MIA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
45743643f59f16035654fdd211460a86c9b3572ef7faaa109a8d41350ee624d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 11 May 2023 09:44:47 GMT
server
nginx
etag
W/"645cb90f-a938"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 16 May 2023 21:09:57 GMT
grumi.js
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ Frame C375 		241 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:5e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d1803dffa6f20435a88c9eb3122be063901b00b95839fee0e8f67a6244b4b69

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 20:50:48 GMT
x-amz-version-id
K6PC6L7rBfTKoQcxojQryxVNxPG0tETg
content-encoding
br
last-modified
Mon, 15 May 2023 20:38:35 GMT
server
AmazonS3
via
1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"53e158c7a15dfcce97fdeb0b0560f65a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1150
x-amz-cf-id
dBGlqwNDKGeCmotL2qkMi9H6M3B82oQ2soFawWgQnPxnm18cZ5D2iw==
/
www.facebook.com/tr/ Frame B3EC 		0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.visiontimes.com
Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.visiontimes.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 21:09:57 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
pr
s.amazon-adsystem.com/v3/ Frame 4E07 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8c7452eb88c5395b2de1b0089fbff1859e973eedf699c43cd50631e6f2b52716
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
3205
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 15 May 2023 21:09:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
58PQ2KGE53FB7201BP7C
usync.html
eus.rubiconproject.com/ Frame B242
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 21:09:58 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 15 May 2023 21:09:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
increment
id5-sync.com/api/esp/ 		0
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.visiontimes.com
date
Mon, 15 May 2023 21:09:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
ecm3
s.amazon-adsystem.com/ Frame 4E07
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?id=AADMEU7IxT8AACDhhe5xzg&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AADMEU7IxT8AACDhhe5xzg&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
69C2J7AB2X45GS5CEDQQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AADMEU7IxT8AACDhhe5xzg&ex=beeswax.com
Date
Mon, 15 May 2023 21:09:58 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 4E07
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=aa474415
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=aa474415
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z16WAKDPRBYF6X145GWT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 15 May 2023 21:09:58 GMT
via
1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=aa474415
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
OamqYOgrltGS2Zqdt7tT2bnnHib_C7AwDEE8xLvqCWv_i2HzzQWgUg==
/
onetag-sys.com/match/ Frame 4E07 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 4E07
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=358D9F46F8F14121BAA67F8549D18ECF&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=358D9F46F8F14121BAA67F8549D18ECF&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EWEPFQ1BHXP9B68CWN54
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 15 May 2023 21:09:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=358D9F46F8F14121BAA67F8549D18ECF&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 14 May 2023 21:09:58 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1EF5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
9baf4c49bd2ac08ccd48029aa180fb92caee5de5567cc5a3da8067aab41693f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1666
Content-Type
text/html
Date
Mon, 15 May 2023 21:09:58 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 15 May 2023 21:09:58 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
ecm3
s.amazon-adsystem.com/ Frame 33E4
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8778593393162565071&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8778593393162565071&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 21:09:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
P2DCFS0AG2565N1HQEJX

Redirect headers

content-length
0
date
Mon, 15 May 2023 21:09:57 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8778593393162565071&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame AE34
Redirect Chain
  • https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-1571LgcBfWAjtqRTUXQOp0bpw6uCuvL2hG6fO3P7-g
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-1571LgcBfWAjtqRTUXQOp0bpw6uCuvL2hG6fO3P7-g
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 21:09:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
3KTVZ02FXZXSJDCXXJ2E

Redirect headers

date
Mon, 15 May 2023 21:09:58 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-1571LgcBfWAjtqRTUXQOp0bpw6uCuvL2hG6fO3P7-g
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
ecm3
s.amazon-adsystem.com/ Frame 86B4
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=65b1f1cc72ea21f2&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFxqoaVdU35AMTCD3XAAAAAAA&expiration=1684271398&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFxqoaVdU35AMTCD3XAAAAAAA&expiration=1684271398&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 21:09:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JCBYPK3HEVMZ21S21F4N

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Mon, 15 May 2023 21:09:58 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFxqoaVdU35AMTCD3XAAAAAAA&expiration=1684271398&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
/
match.sharethrough.com/jwumXNuB/v1/ Frame 2DC4 		427 B
940 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.116.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-116-223.compute-1.amazonaws.com
Software
/
Resource Hash
c63de8fecbe5b788de57dc9ead8085578cad3775075fefb4e959cdafcd8ffefd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
427
date
Mon, 15 May 2023 21:09:58 GMT
tamptsync
sync-amz.ads.yieldmo.com/ Frame 2CE6 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.178.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-178-10.compute-1.amazonaws.com
Software
/
Resource Hash
ad8d48f020b6745b5fc89c2b8a1b03b8ca051c8170aa9b17a8d1927b9fb6dafe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 15 May 2023 21:09:58 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame B2EA 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 15 May 2023 21:09:58 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 8FCF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1MRmMzV2w1RTJ1SldQQ3ZjaWJLY2hkbWhtYlRPaldUWX5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1MRmMzV2w1RTJ1SldQQ3ZjaWJLY2hkbWhtYlRPaldUWX5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 21:09:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
JBCFD9NKSCFRYCQN912N

Redirect headers

age
0
content-length
0
date
Mon, 15 May 2023 21:09:58 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1MRmMzV2w1RTJ1SldQQ3ZjaWJLY2hkbWhtYlRPaldUWX5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.57
strict-transport-security
max-age=31536000
amazon
ce.lijit.com/beacon/ Frame 631E
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
5a6c5364b2c56001882058cbcd15372469fd9fd7c86d373a0047271d0c415063

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
436
Content-Type
text/html
Date
Mon, 15 May 2023 21:09:58 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap3dca1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Mon, 15 May 2023 21:09:58 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3dca1
ecm3
s.amazon-adsystem.com/ Frame 01EA
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4448101507711343862130
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4448101507711343862130
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 15 May 2023 21:09:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZN1X3ZFV02SFZS7EDD0S

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 15 May 2023 21:09:58 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4448101507711343862130
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
init
gw.geoedge.be/api/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:d400:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 21:09:58 GMT
via
1.1 8726e9cde2774d888ce72f8ebf7f8d30.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-length
0
x-amz-cf-id
pRGdGfwW39Sy40BpuFQ8qQ_7E0ei58SFV_XJxBU0OdJpBf5P_eXFBA==
x-cache
Miss from cloudfront
view
securepubads.g.doubleclick.net/pcs/ Frame C375 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyAc-5bc__pMTePX0m-DvyiLMqTSl7kynHgkHRiSZAOkPFKQpII6JnJjI0ihM9SJNGq56e7b_njCRyVQD9vs6F8XiFQaxszaR2KEEjx7R4MEf-BBAdVxc0YW1BRt_d1zFaAkdydDy6gh5YBjY8cdl2EOgYT3q-Hulv92YJXPIn4OvAAUD10KBvf8F2YsLlBNQGyNZ5AjWiZEg0-9lCVbN-KaZXZb3daL0qc6PiHzqZynkSd9FLX0rN2GrQgnte55v6k2ae18ha20NJEiB35zEu1BHTFHHQTT1A4hatEc5ipp38CC8O-O85luox-ssT1Q6cOBdF7PsxBZO-WiY5VXu4Ex_jqA&sai=AMfl-YSBe3muAA0nKj9ZO59Tu99TN04Pie5Ps2YeQMB2jVBrVHDgnEcHmn1zPvC9pPibbxGDJGqQWln0LM1ACMNO-AiIB7-asXZIhgePTlztaKVqH2feYfvclM4dzO6Q0qo&sig=Cg0ArKJSzDTNSn5ybVn4EAE&uach_m=[UACH]&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame C375 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 14:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
25535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 May 2023 14:04:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame C375 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 14:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
25535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 May 2023 14:04:23 GMT
l
www.google.com/ads/measurement/ Frame C375 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQF5lHcsLBzLxBkCM2mQjJyp558K-99YTYkdxaxQ8dp5z9N0jShKW0EUcdv81q5SF_N8dmOpSg-g9Z59IIT-ryMy2m9Iw
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C375 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 21:09:58 GMT
5356390243999610093
tpc.googlesyndication.com/simgad/ Frame C375 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5356390243999610093
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0669ed123dc3ae2053bc81f1c9e2eaa7097b2a5586b5e011aa2ca78d3e8e4fdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 14 May 2023 04:02:39 GMT
x-content-type-options
nosniff
age
148039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97471
x-xss-protection
0
last-modified
Thu, 16 Mar 2023 20:38:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 13 May 2024 04:02:39 GMT
syncframe
gum.criteo.com/ Frame 2FB0 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.visiontimes.com&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 21:09:57 GMT
server
Kestrel
server-processing-duration-in-ticks
382287
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 2FB0
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=visiontimes.com&sn=ChromeSyncframe&so=3&topUrl=www.visiontimes.com&bundle=qV3ANV9kTTZsTUR4cjZqWnF3dTE4RVNzN1A5QTBZVDVpVWt5YkhDYXklMkJGT...
  • https://mug.criteo.com/sid?cpp=0_Vzt3xqdmFJeDBzMUJRN2o3YWpkZno2dnBMc2JlbHgwSWwzc1ZyeFFqWlVmdG1NeVhEQjR6aHYxZEUrUkpQRXdZcm1uQjVPZ3dXSGNsK0k1aEYzLy93N2l2YndnNGZkMjY2RUFYV3NOR2h5UC9xWk42YitsYitwTHZSQy...
425 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=0_Vzt3xqdmFJeDBzMUJRN2o3YWpkZno2dnBMc2JlbHgwSWwzc1ZyeFFqWlVmdG1NeVhEQjR6aHYxZEUrUkpQRXdZcm1uQjVPZ3dXSGNsK0k1aEYzLy93N2l2YndnNGZkMjY2RUFYV3NOR2h5UC9xWk42YitsYitwTHZSQy9BVjNkdUdKNjVqVVlOaHRGa0hxeGMyOEtXTmRqZ3NFdXphZG5QMzZ0QllFek5COVZKSDlCYWYxcWVEdmNOS1BwTjlkckg1bzYrcFdjYWRuTndUT24rL2IvMWxwNThtL1Q1dldMeEhURk5lelBYT1dpVGNzaU9wTlRnVW41cHFDOUgxZVdyM2hlVjRMdjdna1RGdnkvbDBBUFc5YVpKNUlnUkxWdHZSa3FSM0lQSTQ0cEJpYz18&cppv=2
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f1dcec97e9d00c93ff79f0d5bcacc8b4e69c44c22324cb2194aad4ab093a5f2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:58 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1680041
expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=0_Vzt3xqdmFJeDBzMUJRN2o3YWpkZno2dnBMc2JlbHgwSWwzc1ZyeFFqWlVmdG1NeVhEQjR6aHYxZEUrUkpQRXdZcm1uQjVPZ3dXSGNsK0k1aEYzLy93N2l2YndnNGZkMjY2RUFYV3NOR2h5UC9xWk42YitsYitwTHZSQy9BVjNkdUdKNjVqVVlOaHRGa0hxeGMyOEtXTmRqZ3NFdXphZG5QMzZ0QllFek5COVZKSDlCYWYxcWVEdmNOS1BwTjlkckg1bzYrcFdjYWRuTndUT24rL2IvMWxwNThtL1Q1dldMeEhURk5lelBYT1dpVGNzaU9wTlRnVW41cHFDOUgxZVdyM2hlVjRMdjdna1RGdnkvbDBBUFc5YVpKNUlnUkxWdHZSa3FSM0lQSTQ0cEJpYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
705099
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame 2DC4 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=590ffbe1-f0be-4281-9f1f-c706b119a1cc
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5KH6VEGC9WH84QGJ439A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 2DC4
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8499&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3Dk1jJghvBi79yX1NZ2sM5fXrm%26source_user_id%3D%24SPOTX_USER_ID&__user_chec...
  • https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=d9452230-f364-11ed-bcac-1424bc380103
68 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=d9452230-f364-11ed-bcac-1424bc380103
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.192.116.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-116-223.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:59 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Mon, 15 May 2023 21:09:58 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
https://match.sharethrough.com/sync/v1?source_id=k1jJghvBi79yX1NZ2sM5fXrm&source_user_id=d9452230-f364-11ed-bcac-1424bc380103
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
201
content-length
0
v1
match.sharethrough.com/sync/ Frame 2DC4
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=57e90848-2bba-4bbe-a9e5-84854c75a2a1&gdpr=0&gdpr_consent=
68 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=57e90848-2bba-4bbe-a9e5-84854c75a2a1&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.192.116.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-116-223.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=57e90848-2bba-4bbe-a9e5-84854c75a2a1&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 2DC4
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18694&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LHPC9HXG-L-AICT&gdpr=0
68 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LHPC9HXG-L-AICT&gdpr=0
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.192.116.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-116-223.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LHPC9HXG-L-AICT&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
v1
match.sharethrough.com/sync/ Frame 2DC4
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=
68 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
34.192.116.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-116-223.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:57 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ecm3
s.amazon-adsystem.com/ Frame 2CE6 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=g657f9e07bcad1747107
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6KRQYAP5AF3N1WGEY1T6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2CE6 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=ZzY1N2Y5ZTA3YmNhZDE3NDcxMDc=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.98 Milwaukee, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 2CE6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEKpwF4HYwFLV4s8MPTLl0I0&google_cver=1
43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEKpwF4HYwFLV4s8MPTLl0I0&google_cver=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.160.44.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-44-156.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:58 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEKpwF4HYwFLV4s8MPTLl0I0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 2CE6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g657f9e07bcad1747107
  • https://ads.yieldmo.com/v000/sync?tdid=57e90848-2bba-4bbe-a9e5-84854c75a2a1
43 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=57e90848-2bba-4bbe-a9e5-84854c75a2a1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.160.44.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-44-156.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:58 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=57e90848-2bba-4bbe-a9e5-84854c75a2a1
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
receive
pixel.tapad.com/idsync/ex/ Frame 2CE6
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=g657f9e07bcad1747107
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Ddd686dd4-1c65-4e82-9116-5abc5618c496%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1878449818340226898&pt=dd686dd4-1c65-4e82-9116-5abc5618c496%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1878449818340226898&pt=dd686dd4-1c65-4e82-9116-5abc5618c496%2C%2C
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Date
Mon, 15 May 2023 21:09:58 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a5ce1bae-36d4-4796-a870-67182c2dbd02
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=1878449818340226898&pt=dd686dd4-1c65-4e82-9116-5abc5618c496%2C%2C
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 2CE6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1684184998490
  • https://ad.turn.com/r/cs?pid=45&rndcb=1167756536
  • https://sync.1rx.io/usersync/turn/4201811658813377110?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-09448689-6b54-47c0-8409-ce635edd6016-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-09448689-6b54-47c0-8409-ce635edd60...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-09448689-6b54-47c0-8409-ce635edd6016-005
43 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-09448689-6b54-47c0-8409-ce635edd6016-005
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
54.160.44.156 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-44-156.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:59 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Mon, 15 May 2023 21:09:59 GMT
Server
Tengine
ETag
RX094486896b5447c08409ce635edd6016005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-09448689-6b54-47c0-8409-ce635edd6016-005
Content-Type
text/html
Connection
keep-alive
usync.js
eus.rubiconproject.com/ Frame B2EA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
72f6dba4450382b8579a6fe007825673805fbd8009fd37004a446b36b2c63ca1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
content-encoding
gzip
last-modified
Mon, 15 May 2023 01:05:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=14057
content-length
10021
expires
Tue, 16 May 2023 01:04:15 GMT
usync.js
eus.rubiconproject.com/ Frame B242 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.31.127 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-31-127.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
72f6dba4450382b8579a6fe007825673805fbd8009fd37004a446b36b2c63ca1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
content-encoding
gzip
last-modified
Mon, 15 May 2023 01:05:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=14057
content-length
10021
expires
Tue, 16 May 2023 01:04:15 GMT
truncated
/ Frame C375 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6037c23e37946dfca70369797077de0f10e1b145ece98c84105a5d1edd35954

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
crum
dsum-sec.casalemedia.com/ Frame 1EF5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZGKfpoLWRQ5M6Qb4PSjtAQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH_JWXUka_t3T8Pl3L8unKQ&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH_JWXUka_t3T8Pl3L8unKQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEH_JWXUka_t3T8Pl3L8unKQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 1EF5 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGKfpoLWRQ5M6Qb4PSjtAQAADtoAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3F1NARFHSPZ19S65WFER
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 1EF5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGKfpoLWRQ5M6Qb4PSjtAQAADtoAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELGtbZNibPOhX5hjGRFeOW0&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELGtbZNibPOhX5hjGRFeOW0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELGtbZNibPOhX5hjGRFeOW0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1EF5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=57e90848-2bba-4bbe-a9e5-84854c75a2a1&expiration=1686776998&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=57e90848-2bba-4bbe-a9e5-84854c75a2a1&expiration=1686776998&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:58 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=57e90848-2bba-4bbe-a9e5-84854c75a2a1&expiration=1686776998&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum.casalemedia.com/ Frame 1EF5
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=650496af-54c7-1eda-a7e0e7c9
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=650496af-54c7-1eda-a7e0e7c9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Mon, 15 May 2023 21:09:59 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=650496af-54c7-1eda-a7e0e7c9
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
r.casalemedia.com/ Frame 1EF5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Mon, 15 May 2023 21:09:59 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 1EF5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADMEU7IxT8AACDhhe5xzg&expiration=1685394598
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADMEU7IxT8AACDhhe5xzg&expiration=1685394598
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADMEU7IxT8AACDhhe5xzg&expiration=1685394598
Date
Mon, 15 May 2023 21:09:58 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum.casalemedia.com/ Frame 1EF5
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=50f4a04d-f0d7-447b-9d8a-7bb12363bf88
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=50f4a04d-f0d7-447b-9d8a-7bb12363bf88
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Mon, 15 May 2023 21:09:24 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=50f4a04d-f0d7-447b-9d8a-7bb12363bf88
cache-control
private,no-cache
content-length
222
expires
-1
ecm3
s.amazon-adsystem.com/ Frame 1EF5 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZGKfpoLWRQ5M6Qb4PSjtAQAADtoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J7P003FQPX08FSJX44MW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C375 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk-Dcx6JouyXb5xftj5upFutsGqBgqb48ZPa9u_Vp2FlMOtNKO9iYnJZ3aj2MEMTJhcdA2tfjjeuTF729IC7OfvbLg16fN3vHAuK8jUC2eL1emFl4-bkcNucM8CVpE_kw4b95BzaKZPp35TPnnjErhj_qiFTT2NaVDUCIL7-lK3fNXTlDw-fnX0DSYS-UlK8sNFUGy8stg-H7SZki_RRCkaE2-CHUyx4H-fmeSAL929LVmGbEgYmGsTo0otL7LtISotrtBCNUtMJhlaM5cpBPylAXb1JlJDf5FHjqwsiH6Zjn7gUBvc72nzdblHhAOKOSRAw_rAtdgJDqSDk7AedNK8Q7JCdTw&sai=AMfl-YSGyOhIZQurFy93tkdVuPWjr6Sb4PzsI6HM61nH82OgAood9VyOKyc3aBfLcrL_sp5Q-tWuygxvsDBEJWX8GAD97_znx0LFikY6utl1qNIHjELPOIly7kuKINByTPo&sig=Cg0ArKJSzNYLGnDJ1ZrPEAE&uach_m=[UACH]&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 15 May 2023 21:09:58 GMT
grumi.js
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ Frame 4B21 		241 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:5e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d1803dffa6f20435a88c9eb3122be063901b00b95839fee0e8f67a6244b4b69

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 20:50:48 GMT
x-amz-version-id
K6PC6L7rBfTKoQcxojQryxVNxPG0tETg
content-encoding
br
last-modified
Mon, 15 May 2023 20:38:35 GMT
server
AmazonS3
via
1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"53e158c7a15dfcce97fdeb0b0560f65a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1151
x-amz-cf-id
WJM-fFcIUDoU12D2A20IRdi1-q4Oqmd9HRB1eMnF4XbUn-4DV6Rbcg==
ecm3
s.amazon-adsystem.com/ Frame 631E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=Gps1jPZHzDs783eiSjyikP_e&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YDXQ5S95JW5CAHRFEWFN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
RX-09448689-6b54-47c0-8409-ce635edd6016-005
sync.targeting.unrulymedia.com/csync/ Frame 631E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=7611985188
  • https://sync.1rx.io/usersync/turn/4201811658813377110?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-09448689-6b54-47c0-8409-ce635edd6016-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-09448689-6b54-47c0-8409-ce635edd6016-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Mon, 15 May 2023 21:09:59 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:59 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-09448689-6b54-47c0-8409-ce635edd6016-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
merge
ce.lijit.com/ Frame 631E
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1684184998519&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=358D9F46F8F14121BAA67F8549D18ECF
43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=358D9F46F8F14121BAA67F8549D18ECF
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:59 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 15 May 2023 21:09:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=358D9F46F8F14121BAA67F8549D18ECF
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 14 May 2023 21:09:58 GMT
merge
ce.lijit.com/ Frame 631E
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=993e8912-b5e5-4f51-bb41-2a21ddeb8326
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=993e8912-b5e5-4f51-bb41-2a21ddeb8326
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:59 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=993e8912-b5e5-4f51-bb41-2a21ddeb8326
date
Mon, 15 May 2023 21:09:59 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 631E
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LHPC9IAG-1H-L9UI&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LHPC9IAG-1H-L9UI&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Server
63.251.86.51 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:59 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3dca1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LHPC9IAG-1H-L9UI&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
sovrn
tr.blismedia.com/v1/api/sync/ Frame 631E 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=5.8496151915659675
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q6p9s7QRAaxir1avZDXspg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
content-security-policy
script-src 'report-sample' 'nonce-q6p9s7QRAaxir1avZDXspg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=2.9528006686103905
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-1jFyerjli--rm0pNyJSyww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-1jFyerjli--rm0pNyJSyww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZGKfpoLWRQ5M6Qb4PSjtAQAADtoAAAIB
0
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZGKfpoLWRQ5M6Qb4PSjtAQAADtoAAAIB
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:59 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZGKfpoLWRQ5M6Qb4PSjtAQAADtoAAAIB
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
0
Expires
0
ecm3
s.amazon-adsystem.com/ Frame B2EA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LHPC9HXG-L-AICT
  • https://s.amazon-adsystem.com/ecm3?id=LHPC9HXG-L-AICT&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LHPC9HXG-L-AICT&ex=d-rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G8QZKK5GS0EME67RYXQR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LHPC9HXG-L-AICT&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
Expires
0
init
gw.geoedge.be/api/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:d400:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 21:09:59 GMT
via
1.1 8726e9cde2774d888ce72f8ebf7f8d30.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-length
0
x-amz-cf-id
7fMAacNv4UzW6uRQ-F0pLAng8pHlp5u4Zt2JyMRZ6KDhPOCvFQChWQ==
x-cache
Miss from cloudfront
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305051745000/ Frame 4B21 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:12 GMT
age
16847
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61874
x-xss-protection
0
server
sffe
etag
"1f10ad03381c56f5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:12 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 4B21 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:11 GMT
age
16848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5227
x-xss-protection
0
server
sffe
etag
"c5726c99a9d8e9d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 4B21 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-analytics-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:11 GMT
age
16848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28894
x-xss-protection
0
server
sffe
etag
"e449c041a52d1404"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:11 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 4B21 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-fit-text-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:11 GMT
age
16848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1910
x-xss-protection
0
server
sffe
etag
"40d60bfa9b2b96dd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:11 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 4B21 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-form-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:11 GMT
age
16848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12944
x-xss-protection
0
server
sffe
etag
"8267429d1a59707e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:11 GMT
truncated
/ Frame 4B21 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fc56334c5ebbb73e6f2bc540f9b5ba8ff369bfe615fb9b83da9c62ad78b16053

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
7217899787056176088
tpc.googlesyndication.com/simgad/ Frame 4B21 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7217899787056176088?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnyYR4Cs2_eJstGb6DJqnqHJudxAg
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c318c3c82fa05b6cd464505a36addd257d9a0c5c7c3c17990d5228c57469411b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 12:08:57 GMT
x-content-type-options
nosniff
age
32462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27203
x-xss-protection
0
last-modified
Tue, 23 Mar 2021 15:07:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 14 May 2024 12:08:57 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4B21 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 09:24:46 GMT
x-content-type-options
nosniff
server
cafe
age
42313
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 16 May 2023 09:24:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4B21 		295 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 09:24:46 GMT
x-content-type-options
nosniff
server
cafe
age
42313
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 16 May 2023 09:24:46 GMT
l
www.google.com/ads/measurement/ Frame 4B21 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6rH17-su16kd-cXUNN--e0Cl8xJB0kPAKB-2L4XimMlGUnaLR5G1zJBvdMwu56q4XFwUCiH3x3ALtcOYmKovdLa9PdQ
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 4B21 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CweNZpZ9iZKXRLc7G_gTe_xf71cPVZty7hYj6DtzZHhABINDLo48BYMmGgIDco8QQoAGbkqzvAsgBAuACAKgDAcgDCKoEnANP0Fd1Zjr0jBkO4zS0BX6JWquGrPfGI_mq4kPF63ig5qobTJQRIaZY8fSH-DjMbovDXCW9mXjzColbwkrmpmB_8kSJI7zzcor2x3P68HLreOKiouuLL08a2gXwi1xiarEw8zSVOUWV1LxAy1QKpl-tZp8OJvufFHLioiIXzqYwmQe3QBaMuE4Wncw7jR9_6GW4vRNewbsYv9IXLwuKItc1PQNaTwFXMouzgv2utjMY9qX7M7K2KAnbZjY7bCG8vJo4nmYOgbuGZGY_e9TqDta5ZhT8bhCg7ARS80QNIKlMtEbXIl3M88bOo0eDcIFsezJjDoH9-KSRKgQN0xFDy6i4c0mgkjy6DUlz55HWSFMZfPx87Y7avY9mPWb-7WGif1RAQ3N5bx3NppQsnsLMME4r1dh3j4INuckjWHIDHEqP3L3A1fxe_JQJmWNQo794l9r5C0UccC8nG2flNkrFvYUbqJlBemMbD15b38vA5VDBBA5qnU5Pc-TKfBbf4nWEoDNvXYY8uOg1Ncnqz4cGovgzr6VXVV8nWPryx77OwASJwLvRtgPgBAGSBQQIBBgBkgUECAUYBKAGAoAHze3TkAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCz4VLSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAdgTDNAVAYAXAbIXHwodCAASFHB1Yi0yNTU1NDM3NzQ0MDg0NDIwGIvQgQE&sigh=X3CJEzKPxiA&uach_m=[UACH]&cid=CAQSPABygQiDqG1hpj0qTblsHlvgOvJVlvCclh_ATjHyaNmK6T_lCFJlDz13Z9L2A3ZHrtdVja25N-TwoTSfTRgB
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
setuid
u.4dex.io/ Frame B242
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LHPC9HXG-L-AICT
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LHPC9HXG-L-AICT
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LHPC9HXG-L-AICT
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:59 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LHPC9HXG-L-AICT
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b2a5c63b17f16a8024ffc6259157eaa8
Expires
0
AGSKWxWEfWWVDHD_GVq7ke9voyJe54JF0wZtkx2w1sRH-zP3kKfP8u-o8iiAaHm6zawOCO_pcyomx_Lq0NP28hKt_rXEN0lTes5iOBrSxnrptttpicDAc4oELM1aDjEgm93KoD1OxjaY
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWEfWWVDHD_GVq7ke9voyJe54JF0wZtkx2w1sRH-zP3kKfP8u-o8iiAaHm6zawOCO_pcyomx_Lq0NP28hKt_rXEN0lTes5iOBrSxnrptttpicDAc4oELM1aDjEgm93KoD1OxjaY
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.OFZEGr8iWK0.es5.O/d=1/rs=AJlcJMxsxcSdpCr8VY5raTwbKK74i17g8w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lcL9-64W9_2WmfPcdXc5xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 21:09:59 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lcL9-64W9_2WmfPcdXc5xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.visiontimes.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B2EA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=57e90848-2bba-4bbe-a9e5-84854c75a2a1&gdpr=0&gdpr_consent=&expires=30
42 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=57e90848-2bba-4bbe-a9e5-84854c75a2a1&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:59 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=57e90848-2bba-4bbe-a9e5-84854c75a2a1&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame B2EA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHPC9HXG-L-AICT
0
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHPC9HXG-L-AICT
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 5FD71586DA3F4A9EAAF58A348CFE21C4 Ref B: MIAEDGE2308 Ref C: 2023-05-15T21:09:59Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX7weChizaSlzD5i6KEiQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHPC9HXG-L-AICT
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame B2EA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhQQzlIWEctTC1BSUNU
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDKpN2K_le0iEjbe_fnTuSI&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQQzlJQUctMUgtTDlVSQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQQzlJQUctMUgtTDlVSQ==&google_push=
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H3
Server
142.251.32.98 Milwaukee, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQQzlJQUctMUgtTDlVSQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
Expires
0
pixel
cm.g.doubleclick.net/ Frame B2EA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2JlZDIxMTdiNmJhOWVkZjE3YWRjOGYzYzhhMzU2MDgyOGJmZTljMQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2JlZDIxMTdiNmJhOWVkZjE3YWRjOGYzYzhhMzU2MDgyOGJmZTljMQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
142.251.32.98 Milwaukee, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:59 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2JlZDIxMTdiNmJhOWVkZjE3YWRjOGYzYzhhMzU2MDgyOGJmZTljMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c52bde874ac36e8646ae455e9e84952e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame B2EA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V5X3HGAH3KBKE4YMZ06C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame B2EA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC2_T9p5OYFrCHTgPBvBrxU&google_cver=1
42 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC2_T9p5OYFrCHTgPBvBrxU&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEC2_T9p5OYFrCHTgPBvBrxU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame B2EA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ndUtDxgbS62lVTEH0cWqvQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ndUtDxgbS62lVTEH0cWqvQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ndUtDxgbS62lVTEH0cWqvQ
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 15 May 2023 21:09:59 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
5YS7NC618MZH0NDZPES9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ndUtDxgbS62lVTEH0cWqvQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B2EA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/CgDx-hx8p9en1EaeJx97EQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-b_jxRIZE2oKoiX9J.W5Tz8fyC8jx7znhy85HKA--~A
42 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-b_jxRIZE2oKoiX9J.W5Tz8fyC8jx7znhy85HKA--~A
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_n-Beeswax_smrt_n-inmobi_cnv_n-smaato_n-sharethrough_n-onetag_n-simpli.fi_ym_rbd_n-vmg_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 15 May 2023 21:09:59 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-b_jxRIZE2oKoiX9J.W5Tz8fyC8jx7znhy85HKA--~A
content-length
0
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:400,600,700
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
466798fae129eb3899a28dc6cd8aaab04bfbad6e4a9f51d598a225041ea64165
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 15 May 2023 21:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 15 May 2023 19:59:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 May 2023 21:09:59 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame C132 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4B21
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Mon, 15 May 2023 21:09:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ Frame 75C5 		241 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:5e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d1803dffa6f20435a88c9eb3122be063901b00b95839fee0e8f67a6244b4b69

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 20:50:48 GMT
x-amz-version-id
K6PC6L7rBfTKoQcxojQryxVNxPG0tETg
content-encoding
br
last-modified
Mon, 15 May 2023 20:38:35 GMT
server
AmazonS3
via
1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"53e158c7a15dfcce97fdeb0b0560f65a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1152
x-amz-cf-id
yMx3q9BiKKjE6k4soxy4sQNbd4-7cE5fQC5mD1zmyvhFcEl7u8L8Jg==
grumi.js
rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/ Frame 4401 		241 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:5e00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2d1803dffa6f20435a88c9eb3122be063901b00b95839fee0e8f67a6244b4b69

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 20:50:48 GMT
x-amz-version-id
K6PC6L7rBfTKoQcxojQryxVNxPG0tETg
content-encoding
br
last-modified
Mon, 15 May 2023 20:38:35 GMT
server
AmazonS3
via
1.1 931eba134e92940e6c080405fee84c64.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"53e158c7a15dfcce97fdeb0b0560f65a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1152
x-amz-cf-id
gl7t9-ep8AC0KKif-vbBDQrWa0-wlZeRm0kLmttpBobXsIjkCGf6qA==
activeview
pagead2.googlesyndication.com/pcs/ Frame C375 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgxaUXc_swYloB_A3RosQBhHfP5dtqQ7SgE4Ij_UtgPZ3C9E8fNRG2gdSdLSE_ZBtOpi1rblXpzot2gCw3UGIT5OUXbyakLBUP2u2tR_Z8H-a9tWEi&sig=Cg0ArKJSzLGEuE6gkuLmEAE&id=lidar2&mcvt=1020&p=30,436,120,1164&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2296131749&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684184997862&rpt=741&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:09:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init
gw.geoedge.be/api/ 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:d400:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 21:09:59 GMT
via
1.1 8726e9cde2774d888ce72f8ebf7f8d30.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-length
0
x-amz-cf-id
X1cRgD-YDEUUWlxxkopERd2O5tUx4olI4k_rUfWmvwf5zyWETGOAbQ==
x-cache
Miss from cloudfront
view
securepubads.g.doubleclick.net/pcs/ Frame 75C5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstpppgfi4aYNtCD7MDnaMhagCyjL5688GLu6PfrhEYxlid02SOMmm_JwoU9Yuo1IZfStmbdaBwM3s3AzViGlZkr2thjA28hWx03dpyjKP_A3jtb3W5twL9o0aFlo2S_Ml0MVWLCGm4zId0i3mZI0rAJYYahaXsVoRpMm5MM5IDq8bRXvz9Qqdw4sG80JMZ3Ya_eydo36Ri1Qhq_3C-CTW7Lm7IEhUqP-uxRcaKHlQmbTz6sdm4Kpil2ssz2WL4Dnyr18DD9Ra7KPPnKHi6xb6gcoMdPJ-xISa_hFCdl7uj3B5BlwqETQUR6ACxbVTs8CjAtp00jVf5bfZZIQvEtejYhp2W6r2P6PKb-a2s&sai=AMfl-YTIJT89o1i3NnkoSi2bfcK_u2iZ9zSr2VXtWPIKhFLZnNEYRvrqyjAfVKXZw80e18BEaH13pual4g83tOr2Wk3-EQwrUBB1qjXMtr-6-9xjeERmpsEDaa7QXb7nLQ&sig=Cg0ArKJSzOzacXFTaisxEAE&uach_m=[UACH]&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 75C5 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 14:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
25536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8754
x-xss-protection
0
server
cafe
etag
1905752258753453817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 May 2023 14:04:23 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 75C5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 14:04:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
25536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 29 May 2023 14:04:23 GMT
l
www.google.com/ads/measurement/ Frame 75C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRtW_f2ntBBeC90rIqwQ40MTZHobUDgfUvxnKucejmSF_1VLWpibOJMjzNjdcV2ontDW8PK2pezQyOAqbMih0fgXy3MIQ
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 75C5 		169 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53545
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683718549123860"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 15 May 2023 21:09:59 GMT
15553136177080229858
tpc.googlesyndication.com/simgad/ Frame 75C5 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15553136177080229858
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02d3ed522826ea7593c553e235a86b94eb65703d5e7a53ce3b87fc9ae51b7975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 11 May 2023 03:57:23 GMT
x-content-type-options
nosniff
age
407556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110391
x-xss-protection
0
last-modified
Fri, 03 Mar 2023 19:09:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 10 May 2024 03:57:23 GMT
init
gw.geoedge.be/api/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:d400:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 15 May 2023 21:09:59 GMT
via
1.1 8726e9cde2774d888ce72f8ebf7f8d30.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-length
0
x-amz-cf-id
O3Q2AB0-e3I66SmRQ15AvmvqiYW2DZzZjTDzgdrwaEgPyCrzL7yL-A==
x-cache
Miss from cloudfront
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012305051745000/ Frame 4401 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/amp4ads-v0.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:12 GMT
age
16847
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61874
x-xss-protection
0
server
sffe
etag
"1f10ad03381c56f5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:12 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 4401 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:11 GMT
age
16848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5227
x-xss-protection
0
server
sffe
etag
"c5726c99a9d8e9d1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 4401 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-analytics-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:11 GMT
age
16848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28894
x-xss-protection
0
server
sffe
etag
"e449c041a52d1404"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:11 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 4401 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-fit-text-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:11 GMT
age
16848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1910
x-xss-protection
0
server
sffe
etag
"40d60bfa9b2b96dd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:11 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012305051745000/v0/ Frame 4401 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012305051745000/v0/amp-form-0.1.mjs
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 15 May 2023 16:29:11 GMT
age
16848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12944
x-xss-protection
0
server
sffe
etag
"8267429d1a59707e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 May 2024 16:29:11 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4401 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 09:24:46 GMT
x-content-type-options
nosniff
server
cafe
age
42313
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 16 May 2023 09:24:46 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4401 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 09:24:46 GMT
x-content-type-options
nosniff
server
cafe
age
42313
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 16 May 2023 09:24:46 GMT
truncated
/ Frame 4401 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
198ae8726876d22cc491bf17b6af7ddffb71c4d91e5d241ffc791f704dd79090

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
7580679185940586313
tpc.googlesyndication.com/daca_images/simgad/ Frame 4401 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/7580679185940586313
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0123a21cd35122011d6d16f9591264edcd3f53b42d944a842abf665f10f4ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 16:08:49 GMT
x-content-type-options
nosniff
age
190870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82547
x-xss-protection
0
last-modified
Thu, 24 Mar 2022 18:32:31 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 12 May 2024 16:08:49 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4401 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CT27npp9iZM3uFo6RxAPz-YWYCvHLlL5wgdnh0cYRFBABINDLo48BYMmGgIDco8QQoAHavp35A8gBAuACAKgDAcgDCKoEjwNP0LdTLQMsHjzcLdSt0bmjzmtqgW7qd6qIXIcyctGQD7UVqlyEtmeHRYa4gv_UWJCKfATjkCYDPQsDedtlYBnSuP3_FLg3oTpDmjCc8stHCgBXkEkQT33ugVGbgmsjAXK4brDGj-3h4_4404imNLt2xQ-NTzFXfMWROUizL-wAdwT909SWmwiHLN1s4q7PQb21qgSIl4ip2bnJQRGqiHohFEbGodrYVM6MNiNFWq9reNgBDwjeG__S9_9bHsEEHnh8Ckr5yXnRqrYnDeA2EW924IuedwWvxsfGjlt4VcSH5q-44W5ZKoZ26NK-4VkgR9I5yJtDugpGlKD8PGDz_-6mLQhrzYvxrATEL9Y7HN-61Jr5srWuWtiCapbIWyXe47GdqVnSF7ZZZWk8S91seykaGltb_D3rqghN5hp5zQ_0uKJucZvi0CpS8zcMOvcqLs_k1kVJG9mhpL8AT6kiUIvlXJ01YT6F3_Qxse36I7FyeeKTFf-3_imrm3wFlNmAoD6cj4sRLCm_w96i8KOJ1n3ABLqq7KW0BOAEAZIFBAgEGAGSBQQIBRgEoAYCgAeOweIGqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ4oIx0ggUCIBhEAEYHTICigI6AoBASL39wTqACgPICwHYEwLQFQGYFgGAFwGyFx8KHQgAEhRwdWItMjU1NTQzNzc0NDA4NDQyMBiL0IEB&sigh=gqsqaRyN8p0&uach_m=[UACH]&cid=CAQSOwBygQiDi7ekV9hxfi29tnfC0aWnMAHXsIRykrUSVkzfYzj-vIfMlJSlz5118Zw7vVFHyqNxHST2E3FoGAE
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
affiliationcash.
fundingchoicesmessages.google.com/f/AGSKWxV3yNlQYnoS0-7lwVQ0-1hKjnjJIEixabGyecclu2is00E_Gik-ZzuVrcYo2E6xex4WVLnxMufUzSZblIJyYUqytfRzmQxDmpH9ODDg8lF-9yi91-WOsbwVGI8XcAeAP8I3lHlIsIw6D5UlFwAR8lVmc6uyp... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV3yNlQYnoS0-7lwVQ0-1hKjnjJIEixabGyecclu2is00E_Gik-ZzuVrcYo2E6xex4WVLnxMufUzSZblIJyYUqytfRzmQxDmpH9ODDg8lF-9yi91-WOsbwVGI8XcAeAP8I3lHlIsIw6D5UlFwAR8lVmc6uyp6vyWbeABQ40Pn6AvpgLRUMa2Kxl6ng=/_/adition.-peel-ads--120x600_/adframe728homebh./affiliationcash.
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bad3e11b9a89e04027ef99119dd6034a3a5ce83e3bb81b9190911a2b5cb3d3d5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AnKk954MpsQzehn4xAytGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-AnKk954MpsQzehn4xAytGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3719e33cd745e11292495508fe2b7528b65e0c891139d474048f5ffaf2e94e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 20:30:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2365
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29782
x-xss-protection
0
server
cafe
etag
10665759206076846777
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 15 May 2023 21:30:34 GMT
AGSKWxWEfWWVDHD_GVq7ke9voyJe54JF0wZtkx2w1sRH-zP3kKfP8u-o8iiAaHm6zawOCO_pcyomx_Lq0NP28hKt_rXEN0lTes5iOBrSxnrptttpicDAc4oELM1aDjEgm93KoD1OxjaY
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWEfWWVDHD_GVq7ke9voyJe54JF0wZtkx2w1sRH-zP3kKfP8u-o8iiAaHm6zawOCO_pcyomx_Lq0NP28hKt_rXEN0lTes5iOBrSxnrptttpicDAc4oELM1aDjEgm93KoD1OxjaY
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.OFZEGr8iWK0.es5.O/d=1/rs=AJlcJMxsxcSdpCr8VY5raTwbKK74i17g8w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kK8_NXJUZdps1E6JBLx2Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 21:09:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-kK8_NXJUZdps1E6JBLx2Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.visiontimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 75C5 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b09cadea555c63dab3cf370335f106960cec132c0c225b612ffc295cfd008ccd

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 75C5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssvOpQetxKdAaO4Dnw2bA4Cl3sunhOaqfvPUmmeq9eOqXHGpkVEF0hUvrj1n0y_ZsmwvqmQ70p6u17Qpe8pt221NJ4R36vLnZVR_p1RBg4GsBb3GA-K6_U-4QKTAxYzxJ2RZapisqngs8pWVewkbmjpm2kSntlHnm5X8kAbN-KOe8ZOl74cPCbUe2VYQAnNshwjZc-UX93ZMDCEa9f96KCQ0JNxxSWeu_ypCNaOb5Opj-Giwb_LTrhb3rxBYYhL9AXdr5ZcBCmhn08Ee-YgaZrkRaZDfWIau5hqBYjlep1G30asUBKOSKxHMn32UsextCCMsrI81pI5QZNwydRiSJeYd4xiJCpvGLZNIF5MQ&sai=AMfl-YSir5andO7Z0dP4H4cmcRcsEqFj34uJxnoyGDf7lZs_C-gna3VfezWnI8SUEEH0r2hFdDKeKztfMr8NaUEl0kY_NBmueQ4eIf8fqd3C6hrMOzZO3pvSiP7ndFEwcw&sig=Cg0ArKJSzG6I4LreVOHhEAE&uach_m=[UACH]&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:09:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 15 May 2023 21:09:59 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4401
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.visiontimes.com
URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Protocol
H3
Server
2607:f8b0:4006:80a::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Mon, 15 May 2023 21:09:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
AGSKWxWEfWWVDHD_GVq7ke9voyJe54JF0wZtkx2w1sRH-zP3kKfP8u-o8iiAaHm6zawOCO_pcyomx_Lq0NP28hKt_rXEN0lTes5iOBrSxnrptttpicDAc4oELM1aDjEgm93KoD1OxjaY
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWEfWWVDHD_GVq7ke9voyJe54JF0wZtkx2w1sRH-zP3kKfP8u-o8iiAaHm6zawOCO_pcyomx_Lq0NP28hKt_rXEN0lTes5iOBrSxnrptttpicDAc4oELM1aDjEgm93KoD1OxjaY
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.OFZEGr8iWK0.es5.O/d=1/rs=AJlcJMxsxcSdpCr8VY5raTwbKK74i17g8w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qz6t8CID1Aip4DJdo_6AIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 21:10:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-Qz6t8CID1Aip4DJdo_6AIA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.visiontimes.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWEfWWVDHD_GVq7ke9voyJe54JF0wZtkx2w1sRH-zP3kKfP8u-o8iiAaHm6zawOCO_pcyomx_Lq0NP28hKt_rXEN0lTes5iOBrSxnrptttpicDAc4oELM1aDjEgm93KoD1OxjaY
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWEfWWVDHD_GVq7ke9voyJe54JF0wZtkx2w1sRH-zP3kKfP8u-o8iiAaHm6zawOCO_pcyomx_Lq0NP28hKt_rXEN0lTes5iOBrSxnrptttpicDAc4oELM1aDjEgm93KoD1OxjaY
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.OFZEGr8iWK0.es5.O/d=1/rs=AJlcJMxsxcSdpCr8VY5raTwbKK74i17g8w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lLw7yYkotH_oIg14oMZVNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 21:10:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-lLw7yYkotH_oIg14oMZVNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.visiontimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWEfWWVDHD_GVq7ke9voyJe54JF0wZtkx2w1sRH-zP3kKfP8u-o8iiAaHm6zawOCO_pcyomx_Lq0NP28hKt_rXEN0lTes5iOBrSxnrptttpicDAc4oELM1aDjEgm93KoD1OxjaY
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWEfWWVDHD_GVq7ke9voyJe54JF0wZtkx2w1sRH-zP3kKfP8u-o8iiAaHm6zawOCO_pcyomx_Lq0NP28hKt_rXEN0lTes5iOBrSxnrptttpicDAc4oELM1aDjEgm93KoD1OxjaY
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.OFZEGr8iWK0.es5.O/d=1/rs=AJlcJMxsxcSdpCr8VY5raTwbKK74i17g8w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9CBHqrlQrEsDvq0p-IhFXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 21:10:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-9CBHqrlQrEsDvq0p-IhFXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.visiontimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWp5d-RHilwG06Hcne1aHFsej7Sw3xs3GOQNNoAa7iX_SfCA01UZLedJCIhA2LVytu-TUhYrSnqrAYI9BEJbTiCzYd19-LSt5LEbJ-pWqQ_1HVzk6z0jEAQQoLBJHYOxVcgu5fS
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWp5d-RHilwG06Hcne1aHFsej7Sw3xs3GOQNNoAa7iX_SfCA01UZLedJCIhA2LVytu-TUhYrSnqrAYI9BEJbTiCzYd19-LSt5LEbJ-pWqQ_1HVzk6z0jEAQQoLBJHYOxVcgu5fS?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0MTg1MDAwLDE1MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cudmlzaW9udGltZXMuY29tLzIwMjMvMDUvMTUvbWFjaGluZS1sZWFybmluZy1hbmFseXNpcy1yZXZlYWxzLW1vc3QtY292aWQtMTktZGVhdGhzLW1heS1oYXZlLWJlZW4tZHVlLXRvLXNlY29uZGFyeS1pbmZlY3Rpb24uaHRtbCIsbnVsbCxbWzgsIk9GWkVHcjhpV0swIl0sWzksImVuLVVTIl0sWzE3LCJbMF0iXV1d
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
01b2eac182c5c4056a5b1843c599084984cc07fb792208e10eea6cf34d8f1c89
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5gwqEP-EOmiQ9EgaXOboQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:10:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-5gwqEP-EOmiQ9EgaXOboQg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWj0NXKre63VlraApSoy0mPe4I3Z5dU512isLehhC-Bdoa3Dds5BCxSTTTeRLmXxZcxvHhRS7sboX_scfV1lQ4Ds2-Us4zo2GmWhEonKCnijDuafLL20KcnN63muxf4Xynl2eWH
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWj0NXKre63VlraApSoy0mPe4I3Z5dU512isLehhC-Bdoa3Dds5BCxSTTTeRLmXxZcxvHhRS7sboX_scfV1lQ4Ds2-Us4zo2GmWhEonKCnijDuafLL20KcnN63muxf4Xynl2eWH
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.OFZEGr8iWK0.es5.O/d=1/rs=AJlcJMxsxcSdpCr8VY5raTwbKK74i17g8w/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WTojKl-khldv0c5DIlFS3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 15 May 2023 21:10:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-WTojKl-khldv0c5DIlFS3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.visiontimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ff5c8a87633404e7bc0dc814761803c26e721c23c65b72cb9a5a1e49992ee75d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:10:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11247
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 15 May 2023 21:10:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F25A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
25534
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 14:04:26 GMT
expires
Tue, 14 May 2024 14:04:26 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EDAC 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0bac34e79b8e2b6350d9189d3d02771c34168555d1d61f0998e6c455888a4e15
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TIT_GOkMRg4G8-_uvA1ktg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.visiontimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-TIT_GOkMRg4G8-_uvA1ktg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 15 May 2023 21:10:00 GMT
expires
Mon, 15 May 2023 21:10:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
pagead2.googlesyndication.com/bg/ Frame F25A 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 13 May 2023 19:43:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
177972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14670
x-xss-protection
0
last-modified
Mon, 08 May 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 12 May 2024 19:43:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EDAC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305100101&jk=681262126399519&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B21 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGSUgb2KGViSGvLdl9LBSTlOwEcWn3cNCRC2Jq4xCBIy13d_TQAyjWQMkRHL35yQ4mIVdPsCrUv2-abEwjGlSM38WOQRJAUq9nLXf4KENeuDhWZmNaVMc1RbVa43jGWe3WVL0&sai=AMfl-YQb0UykB_EJviyWinnRsjA1519TOwWohFFZPLvrWhPB06wPLiJpEzifDRKMakFd8-LI4_1ZrgCtg-PcsUz3c9tHnVIX9mgY_5mQQ2kS0Gbkj23TvuTDbpAVWATG&sig=Cg0ArKJSzBTdJHEuIeheEAE&cid=CAQSPABygQiDqG1hpj0qTblsHlvgOvJVlvCclh_ATjHyaNmK6T_lCFJlDz13Z9L2A3ZHrtdVja25N-TwoTSfTRgB&id=ampim&o=436,1109&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1021&mtos=0,0,1021,1021,1021&tos=0,0,1021,0,0&tfs=1091&tls=2112&g=100&h=100&tt=2112&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:10:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame F25A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?m38pog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 15 May 2023 21:10:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 75C5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6t16pMWYMHpDHCiRNMVLMaSQ-irdN41cemf2n_r48VOYH_vrku901SP8B_NdUtU1vxmy--FpozNMzG-E2C9qO2NQFocF-wepBGHzJ2mEMLJ5vyJjT&sig=Cg0ArKJSzHyL_7H02txkEAE&id=lidar2&mcvt=1011&p=798,1069,1048,1369&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20230510&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3438327699&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684184999567&rpt=359&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 15 May 2023 21:10:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305100101&jk=681262126399519&bg=!mZqlms7NAAYldGN0BXQ7ADkAdvg8WgqY1OICKF24q2jsE5sY79lgdRvoHyHtQ9IImVxFv4Aj6c8VRpE18RZgknGO5DSx7vE-z4ECAAABAVIAAAAIaAEHCgC1KF50tJp_iE6FZbP6jz-z2E_J0IcRcv1cI1_hnUC3gSrnbcJy1fbPFUwjZHetdiNzz9-kuHkptjK-vi8qGKKmAG2HHB9GTOYElvYDW7KCB-j60zks42c1L17KfrmlvKi_NnNGO-ASvbG095pqKF5vqWtw8OAJXzvrFKEiJXeoKk_hdOFm-OkWe8F7Fwqop9TetpPe_jAKbh5M3gtrotGhNPS5a_Xz2LuExLuwDmAnOvZTrv4hzJkCpFN-kY7AgyHAVmw6YFt1FZlClZu2QX-DsSfKgheEC5KIz1MicJ39IhLTb4R1UTswW_iPOs8o8TyNo7M-661rdKCAp0Anl395XpoaRFah6wry39Ybk6BR1ew0iuM0sYH9jF57mnYeLhyNgnUPTQUSiqngvL3cqgRj8aMAGu58wJekuKFfTdAW452m81fqfABzEA7EzpCKFH5uTmy4KpaXI1l5xrLyx9nTBwV0Mr4a_2Al3xNZXt7JZ7AfPEIeyMBFgkfDAwNGiu2XHx6IqjltGDsB1CCox1B5aegfrgQe_n2ENJKd1aAp9utDdflpKDSOv5GJX1ZXVS_dDzCTelHj9cXPFbaDnKaAmsXd7pN36__HAJl6lPWEEjfsG7x-kOuV4nCoGh3675QB4fMctoFcx45UVlDuFWztdjbkPB330_nPL_GbcT-yhegUTK1ej3edvr3YBU2Qkuu5geakaEFP3jsPmooyWcS3SonePKuxdVg37-3hGX4YvS9zYGz6nGVqjJUQ_nsHeMkFrmpk1G7xFmWefpbPA3Pa24-_leb_RM5P6qYsVqRc6eiE65PBBjIyHQ2yM2PlVYt_8gzNZa4uC9IhFetmCIOWGx2JuaVxQm-XFzXO7dqZeOsZLT3v48cqkwIBiyYwxAaGW3Z4ri7UpiINx_1xoxVssdvvUxlDoXdcZWrynowb8VNZJvVbsVte-gH-p3r1jo25WOIvR8_BplZ5Zr9hf5Txobsu0WD3KD0fretAFniYhcX-oOkKcGFJFGIhIaKXjV0gLqUZjgbA9DkCsSWMxut4ma1cowtVLBqULnTh0LDYWoPGZnQjwiCHMR7SHuUI3S1foU8MNxSWcQVzjR8TSh0V0dy5h-uK2VVPbFJcFEAT8CFCxhnqqNWE17He23E
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.visiontimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
certify-js.alexametrics.com
URL
https://certify-js.alexametrics.com/atrk.js

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 boolean| credentialless string| gtm4wp_datalayer_name object| dataLayer object| VisionData object| VisionDataComment object| truepush object| _paq object| dataLayer_content object| truepushVersionInfo string| r object| HTTP string| _itbcss_1 string| _itbccs_2 number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| requestManager object| pbjs object| adUnits function| prebidBidsBack function| sendBidsToAdServer object| grumi object| apstag undefined| $ function| jQuery object| googletag function| pbjsChunk object| _pbjsGlobals object| ADAGIO object| ggeac object| google_tag_data object| google_js_reporting_queue object| lazySizesConfig object| lazySizes object| google_tag_manager object| GooglebQhCsO object| _atrk_opts function| fbq function| _fbq boolean| apstagLOADED object| apscustom object| _aps undefined| key object| browserData undefined| subscription undefined| permissionAllowed undefined| iFrameReference undefined| skipSubscriberReport undefined| subscriberIdCallback boolean| isSubscribed string| optinStatus string| host string| cdnUrl string| imgUrl string| subDomainsHost boolean| fromSubDomain string| EnableHTTPLocalTest string| version string| defaultKey boolean| fromIframe boolean| fromWordpress boolean| fromshopifyDomain boolean| forShopifyCall object| xhttp object| desktopAllowedVersions object| mobileAllowedVersions function| isNotifAllowed function| CheckBrowserCampatability function| isPrivateMode function| truepushSDK function| loadAppJs undefined| google_measure_js_timing object| sas object| apntag object| _ADAGIO function| onYouTubeIframeAPIReady object| gaGlobal function| setImmediate function| clearImmediate object| ID5 object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| ODFiNDc3NjI2ZDJmZjFlbG9hZGVyX2pz string| ODFiNDc3NjI2ZDJmZjFlY2FjaGVkX2pz object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| slotElement object| ONFOCUS object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_136 object| Criteo object| Criteo_identitytag_136 object| promise object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager boolean| 0bed8969-12b7-4353-aa12-9e43b678bbe0 number| __google_lidar_ function| __google_lidar_radf_ object| GoogleGcLKhOms object| google_image_requests

173 Cookies

Domain/Path Name / Value
www.visiontimes.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.visiontimes.com/ Name: _pubcid
Value: 42d7d4a5-8a54-41c5-8185-8ef52eb304a1
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 2e78688d7e49b18f4b91d9b1bbcea72d
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEo1tzCzsEgxTzWxTDK0SDNJsjRMAbKSkpJTE82NUhiAICVp%2FhIQDQUAYMgLXg%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBISZq%2FBEhBAQAZBAIK"
.visiontimes.com/ Name: panoramaId_expiry
Value: 1684271396560
.visiontimes.com/ Name: _cc_id
Value: 2e78688d7e49b18f4b91d9b1bbcea72d
.visiontimes.com/ Name: _gcl_au
Value: 1.1.254402097.1684184997
.adnxs.com/ Name: icu
Value: ChgIgKZ7EAoYASABKAEwpL-KowY4AUABSAEQpL-KowYYAA..
.adnxs.com/ Name: uuid2
Value: 1878449818340226898
.visiontimes.com/ Name: _ga_7LEG9MJJ0Q
Value: GS1.1.1684184996.1.0.1684184996.60.0.0
.visiontimes.com/ Name: _ga
Value: GA1.1.1535622750.1684184997
www.visiontimes.com/ Name: cto_bundle
Value: qV3ANV9kTTZsTUR4cjZqWnF3dTE4RVNzN1A5QTBZVDVpVWt5YkhDYXklMkJGTDVrSiUyQkNpRlh4bTdzVkZlNGdEJTJGRFdkJTJCaTIyZDMxVzRBWlklMkJGcFJLTVFZTXJ1cUhnc3I5Q2VUVDJyOEgyNUpXSnVKM3hPQ0FoOGpRZGZnNXRzTTFXeDFFYUY
www.visiontimes.com/ Name: cto_bidid
Value: WFFnS19WWTRYemdySiUyQkc4cVZWU2FmR1A1Q1oxOXluVlNyZW10Umx6WkVRTFMyTW5LWG1CeXAlMkZIRTI1M1ZvZ2ZIdEV0ZFMyak9xWVIlMkZMT3JmUlhKJTJGMmpVaUZRJTNEJTNE
.visiontimes.com/ Name: _fbp
Value: fb.1.1684184997310.1198975153
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3A697C57-7C9E-4D0E-A86D-0F8BE60D9039
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 159110:2
.pubmatic.com/ Name: DPSync3
Value: 1685318400%3A201_263_262%7C1684713600%3A248
.pubmatic.com/ Name: SyncRTB3
Value: 1685318400%3A104_178_250_71_233_13_55_5_7_22_3_240_56_220_234_54_8_231_48_21_166_165_249_46%7C1685404800%3A35%7C1684972800%3A63%7C1686700800%3A224%7C1684713600%3A223_15_2
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZGKfpQAKXaX7-wBa
.3lift.com/ Name: tluid
Value: 4448101507711343862130
.tapad.com/ Name: TapAd_TS
Value: 1684184997590
.tapad.com/ Name: TapAd_DID
Value: dd686dd4-1c65-4e82-9116-5abc5618c496
.mathtag.com/ Name: uuid
Value: 07bf6462-9fa5-4c00-b44d-35d8a666903a
.adsrvr.org/ Name: TDID
Value: 57e90848-2bba-4bbe-a9e5-84854c75a2a1
.adgrx.com/ Name: ADGRX_UID
Value: d8b1e020-f364-11ed-afed-79fe905fd7cd
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsrQ0NzY2MzK2tDQ1t7Q0MDI2F-Iz1PU3yE32zEqucvctsAQAEFCFxyQAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFiaGFiaWluZmgGAFwYQuIQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsrQ0NzY2MzK2tDQ1t7Q0MDI2F-Iz1PU3yE32zEqucvctsAQAEFCFxyQAAAA
.acuityplatform.com/ Name: auid
Value: 780068531250
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRAgneXiImGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUQIJ3l4iI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.deepintent.com/ Name: CDIUSER
Value: di_ba3569ac0d674833a7673
.quantserve.com/ Name: d
Value: EJcBCwH_KPijAA
.quantserve.com/ Name: mc
Value: 64629fa5-9a927-0c769-2861c
.simpli.fi/ Name: suid
Value: 358D9F46F8F14121BAA67F8549D18ECF
.yahoo.com/ Name: A3
Value: d=AQABBKWfYmQCEMPbx0dNuTbAyw4mgNk6swgFEgEBAQHxY2RsZNxH0iMA_eMAAA&S=AQAAAgL6DemrMY5URAKrjNuSxQ4
.w55c.net/ Name: wfivefivec
Value: YhYaFqPF1PYFs95
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-1878449818340226898&KRTB&23339-1878449818340226898
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:07bf6462-9fa5-4c00-b44d-35d8a666903a&KRTB&16736-uid:07bf6462-9fa5-4c00-b44d-35d8a666903a&KRTB&23019-uid:07bf6462-9fa5-4c00-b44d-35d8a666903a&KRTB&23114-uid:07bf6462-9fa5-4c00-b44d-35d8a666903a
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-ef956d8e-f409-5138-7252-8d79ad66eee1.EqkLbCY%2B08s3QUF2Eb22YzXQioMzKUuQhXa%2BwJoBT18
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A75VtjvQJUThyUo15rWbu4SaEdkQ.Ird9DESganAi2T9giD1RRWRzE8qzgZoQ4ViY%2FZ3pPww
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A75VtjvQJUThyUo15rWbu4SaEdkQ.Ird9DESganAi2T9giD1RRWRzE8qzgZoQ4ViY%2FZ3pPww
.turn.com/ Name: uid
Value: 4201811658813377110
.bidr.io/ Name: bito
Value: AADMEU7IxT8AACDhhe5xzg
.bidr.io/ Name: bitoIsSecure
Value: ok
.w55c.net/ Name: matchpubmatic
Value: 5
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-780068531250&KRTB&23428-780068531250
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&KRTB&23413-3A697C57-7C9E-4D0E-A86D-0F8BE60D9039&KRTB&23479-3A697C57-7C9E-4D0E-A86D-0F8BE60D9039
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-82a31aa6-3f4b-4bdd-91c8-ea44399a66d4&KRTB&23340-82a31aa6-3f4b-4bdd-91c8-ea44399a66d4
.thrtle.com/ Name: mc
Value: eyJpZCI6ImJkN2U3NGMxLTNiMWItNDJiZS05MjBhLTg3N2JjZjI2NzE5ZiIsImwiOjE2ODQxODQ5OTc3NTcsInQiOjF9
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-75VtjvQJUThyUo15rWbu4SaEdkQ&KRTB&23334-75VtjvQJUThyUo15rWbu4SaEdkQ&KRTB&23417-75VtjvQJUThyUo15rWbu4SaEdkQ&KRTB&23426-75VtjvQJUThyUo15rWbu4SaEdkQ
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:YhYaFqPF1PYFs95&KRTB&23421-uid:YhYaFqPF1PYFs95
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4201811658813377110&KRTB&23150-4201811658813377110
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-d8b1e020-f364-11ed-afed-79fe905fd7cd&KRTB&23275-d8b1e020-f364-11ed-afed-79fe905fd7cd
.amazon-adsystem.com/ Name: ad-id
Value: A3M7VUYv4ESwlkWMTBBnoGs
beacon.lynx.cognitivlabs.com/ Name: UID
Value: f70f9ba5-bc68-4228-9296-8acce6e5331a
beacon.lynx.cognitivlabs.com/ Name: ss
Value: KJ%2FtEwR9LToVENVkGBwPB05o2QNu3AKqfl%2FyepRH4HEscyIP%2BmHarNnVzA1zU2j4aZHZSBYXhOUv25n27wgP7Q%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:358D9F46F8F14121BAA67F8549D18ECF&KRTB&23486-uid:358D9F46F8F14121BAA67F8549D18ECF&KRTB&23489-uid:358D9F46F8F14121BAA67F8549D18ECF
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-997336239957990237
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-1ZmxGtrL5h3OlOYR0ZqqGICasRHOn78e0s6KF3iZ&KRTB&19420-1ZmxGtrL5h3OlOYR0ZqqGICasRHOn78e0s6KF3iZ&KRTB&22979-1ZmxGtrL5h3OlOYR0ZqqGICasRHOn78e0s6KF3iZ&KRTB&23462-1ZmxGtrL5h3OlOYR0ZqqGICasRHOn78e0s6KF3iZ
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEMlDkFF03ck-K2Lecj3m-RE&KRTB&22987-CAESEMlDkFF03ck-K2Lecj3m-RE&KRTB&23025-CAESEMlDkFF03ck-K2Lecj3m-RE&KRTB&23386-CAESEMlDkFF03ck-K2Lecj3m-RE
.csync.loopme.me/ Name: viewer_token
Value: bf55f408-b853-4a9f-aa4f-fea0f983e6e5
.bidswitch.net/ Name: tuuid
Value: 302793a9-b009-4a77-8b97-31881106423f
.bidswitch.net/ Name: c
Value: 1684184998
.bidswitch.net/ Name: tuuid_lu
Value: 1684184998
.ipredictive.com/ Name: cu
Value: cc614e47-c197-4019-a2e1-31bf2fab522c|1684184998019
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_d8f3d111-f364-11ed-b50a-120817463c8f
.sitescout.com/ Name: ssi
Value: addbbcc4-301e-4bbb-a320-faf61cfe43ec#1684184998060
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2bnx:18y3~2bnx"
.adform.net/ Name: C
Value: 1
.contextweb.com/ Name: V
Value: 0ODeiPTTshHh
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1kls|7dN.0.AADMEU7IxT8AACDhhe5xzg
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 5fbd6825c7d9ad4b
.smartadserver.com/ Name: pid
Value: 8778593393162565071
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-cc614e47-c197-4019-a2e1-31bf2fab522c&KRTB&23011-cc614e47-c197-4019-a2e1-31bf2fab522c&KRTB&23355-cc614e47-c197-4019-a2e1-31bf2fab522c
.adform.net/ Name: uid
Value: 7375415336311263156
.criteo.com/ Name: uid
Value: b25fe30a-9f17-4cdf-a14f-b8aa5a47bf90
.smaato.net/ Name: SCM
Value: aa474415
.smaato.net/ Name: SCMaps
Value: aa474415
.mxptint.net/ Name: mxpim
Value: R35CA9_102BA81D6_7BD4C4BC.1.000000000000000064629FA6
.sharethrough.com/ Name: stx_user_id
Value: 590ffbe1-f0be-4281-9f1f-c706b119a1cc
.yieldmo.com/ Name: yieldmo_id
Value: g657f9e07bcad1747107%7C1684184998224%7C0%7C
.ads.yieldmo.com/ Name: rptr
Value: unl%3D1170412%7Cc%3D1170412%7Ct%3D1170412%7Ctapad%3D1170412%7Cdv360%3D1170412
.dotomi.com/ Name: DotomiTest
Value: 65b1f1cc72ea21f2
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553&KRTB&23418-addbbcc4-301e-4bbb-a320-faf61cfe43ec-64629fa6-5553
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7375415336311263156&KRTB&23263-7375415336311263156&KRTB&23481-7375415336311263156
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CA9_102BA81D6_7BD4C4BC&KRTB&23092-R35CA9_102BA81D6_7BD4C4BC
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMD1VNyALQ9ANfSR0VAAAAAAA&KRTB&22713-AAAMD1VNyALQ9ANfSR0VAAAAAAA&KRTB&22715-AAAMD1VNyALQ9ANfSR0VAAAAAAA
.casalemedia.com/ Name: CMID
Value: ZGKfpoLWRQ5M6Qb4PSjtAQAA
.casalemedia.com/ Name: CMPS
Value: 3802
.casalemedia.com/ Name: CMPRO
Value: 3802
.smartadserver.com/ Name: csync
Value: 127:AADMEU7IxT8AACDhhe5xzg
.visiontimes.com/ Name: cto_bundle
Value: PweRSV9kTTZsTUR4cjZqWnF3dTE4RVNzN1B4TlhBQ1hseDFUaVNYYmpKOCUyQmRkZEJSVE5pZFBvQ09SS2luejJlTGhjMWZYZnBDZzlIdnV3ekphYlA0TktQQzhaJTJGdlVKVXZFbzNsJTJCOWRPOWwzM2tXbnFMTEFFWFNIcFlvRFdHZ2dNanhRN015V1Vyc2cydGZTTlplVWd0ZGRteWclM0QlM0Q
.www.visiontimes.com/ Name: cto_bundle
Value: PweRSV9kTTZsTUR4cjZqWnF3dTE4RVNzN1B4TlhBQ1hseDFUaVNYYmpKOCUyQmRkZEJSVE5pZFBvQ09SS2luejJlTGhjMWZYZnBDZzlIdnV3ekphYlA0TktQQzhaJTJGdlVKVXZFbzNsJTJCOWRPOWwzM2tXbnFMTEFFWFNIcFlvRFdHZ2dNanhRN015V1Vyc2cydGZTTlplVWd0ZGRteWclM0QlM0Q
.id5-sync.com/ Name: id5
Value: e9e06681-63d5-7ef6-8db7-0c105e328b01#1684184996767#3
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.lijit.com/ Name: ljt_reader
Value: Gps1jPZHzDs783eiSjyikP_e
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNLMwNbY0MbW00FGyNEflG6FyLdCkLU2Q%2BbUAmCIQhw%3D%3D
.spotxchange.com/ Name: audience
Value: d9452230-f364-11ed-bcac-1424bc380103
.ads.yieldmo.com/ Name: ptrt
Value: 57e90848-2bba-4bbe-a9e5-84854c75a2a1
.ads.yieldmo.com/ Name: ptrc
Value: CAESEKpwF4HYwFLV4s8MPTLl0I0
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY4NDE4NDk5ODE1MSwiMjQiOjE2ODQxODQ5OTg2OTMsIjM5IjoxNjg0MTg0OTk4NjkzLCI3IjoxNjg0MTg0OTk4NjkzLCI0MSI6MTY4NDE4NDk5ODQyN30
.technoratimedia.com/ Name: tads_uidp_44
Value: LHP4KUA2-18-14BU
.technoratimedia.com/ Name: tads_uidp_88
Value: 803053513956946215931
.technoratimedia.com/ Name: tads_uidp_45
Value: 144D4839-51EE-4FE1-A802-0ACE798AB7B2
.technoratimedia.com/ Name: tads_uidp_46
Value: 2776878758260007042
.technoratimedia.com/ Name: tads_uidp_48
Value: 397e919a-1685-435b-ac0c-c98003b6548f
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAHwUgMCLiW5QNdeN7xAAAAAAA
.technoratimedia.com/ Name: tads_uidp_90
Value: 50566db9-e9c6-4494-b97a-f73609fe2b18
.technoratimedia.com/ Name: tads_uidp_91
Value: 6036790348656135630brt77751645033995481903ac
.technoratimedia.com/ Name: tads_uidp_70
Value: 70a38bd4-e22c-4326-9266-6140b14ab253
.technoratimedia.com/ Name: tads_uidp_50
Value: 15a5c64d-d240-4679-bee8-fae713962c2a
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-4aac0661-0580-4530-95f6-d71ca87b432c-005
.technoratimedia.com/ Name: tads_uidp_77
Value: itjs6h3lDcD_MhO8610bzbVIuo2jNuT9In-26J-11VM
.technoratimedia.com/ Name: tads_uidp_79
Value: 4c7f95c9-6306-4a54-a22b-c60de75cf703
.technoratimedia.com/ Name: tads_uidp_58
Value: d089a0b6-1705-4e51-ad5a-b54ff427d13c
.technoratimedia.com/ Name: tads_uidp_37
Value: 6fd5f018-523e-3a50-a4e4-57cb951ff35c
.technoratimedia.com/ Name: tads_uidp_16
Value: 1550145739933
.technoratimedia.com/ Name: tads_uidp_7
Value: cbc66084-de4c-4c31-97d4-ba8f72ee2e86
.technoratimedia.com/ Name: tads_uidp_80
Value: y-PgoXAG9E2uHjFqDH6p1CsfEh0zJfwOA4~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZGDQpyM0HBW4hVOuERto9QAA&1424
.technoratimedia.com/ Name: tads_uidp_61
Value: 212161348531972
.technoratimedia.com/ Name: tads_uidp_83
Value: BzKIS13TXEMI
.technoratimedia.com/ Name: tads_uidp_62
Value: 3271736901524026000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: S8fguJxdzL9HzWGKQk5bLNwmXtDoo-dY
.technoratimedia.com/ Name: tads_uid
Value: 6D930035314F48D7A500B20415FAE3C1
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230331080845+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1680270534988
.adkernel.com/ Name: ADKUID
Value: A9164306052756289766
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!3261-2!3261
match.sharethrough.com/ Name: AWSALBCORS
Value: wsfr32h4rr5rUBzPTvjHnacblY2TnNt/R0C1+Aood9gmKoD0aU30pacawv6PYAN0bn6JDEwZAkb2XPbrGu5w7oNNUL6kmSmotxsxyTLCAc4hswgihvMGJIDAYTic
.blismedia.com/ Name: b
Value: 64629FA7C62124B73EDDC340BLIS
.lijit.com/ Name: _ljtrtb_2
Value: 358D9F46F8F14121BAA67F8549D18ECF
.marketiq.com/ Name: ADK_EX_685
Value: 1
.marketiq.com/ Name: ADKUID
Value: A9164306052756289766
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-09448689-6b54-47c0-8409-ce635edd6016-005%22%2C%22nxtrdr%22%3Afalse%7D
.brand-display.com/ Name: _knxq_
Value: 650496af-54c7-1eda-a7e0e7c9.1684184999.0.1684184999.1684184999
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwK-HZn6BXcHX1WDcXc4nQvJIrt2uEdoCPW4rfrL5hyqmnWqIGr2e3-Ov5QC4TM1
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADMEU7IxT8AACDhhe5xzg
.mfadsrvr.com/ Name: tuuid
Value: 993e8912-b5e5-4f51-bb41-2a21ddeb8326
.mfadsrvr.com/ Name: c
Value: 1684184999
.mfadsrvr.com/ Name: tuuid_lu
Value: 1684184999
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwjg7a7U2OTqOxAFEhQKBXRhcGFkEgsI6IKF1djk6jsQBRIbCgxzaGFyZXRocm91Z2gSCwiwjNra2OTqOxAFEhUKBmNhc2FsZRILCOq2ot3Y5Oo7EAUSFgoHcnViaWNvbhILCNrRmeHY5Oo7EAUYASADKAIyCwiwhN2H7-TqOxAFOAFaDHNoYXJldGhyb3VnaGAC
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-302793a9-b009-4a77-8b97-31881106423f
.pubmatic.com/ Name: PugT
Value: 1684184999
.mfadsrvr.com/ Name: ssh
Value: !sovrn,1684184999
.lijit.com/ Name: ljtrtb
Value: eJyrVjJSslIyNrVwsXQzMXOzcDM0MTQydHJ0NDN3szA1sXQxtHB1dlOqBQC4iAlD
.lijit.com/ Name: _ljtrtb_80
Value: LHPC9IAG-1H-L9UI
.lijit.com/ Name: _ljtrtb_87
Value: 993e8912-b5e5-4f51-bb41-2a21ddeb8326
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-09448689-6b54-47c0-8409-ce635edd6016-005%22%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUlm3ITxAu3PI006O1iLkcDdUav_FjRnOXEHJsAoNh1TsdokaHrLWByTp7mxqCI
.ads.yieldmo.com/ Name: ptrunl
Value: RX-09448689-6b54-47c0-8409-ce635edd6016-005
.visiontimes.com/ Name: __gads
Value: ID=1eed9ea123f01439:T=1684184997:S=ALNI_MZqDfx1tiFM0xfg8Hdgiydxpovg9A
.visiontimes.com/ Name: __gpi
Value: UID=00000bf8315ae8c5:T=1684184997:RT=1684184997:S=ALNI_MbZyMMdyzxF_qrn74z6L0ZaBBCHmw
.linkedin.com/ Name: bcookie
Value: "v=2&437e55da-1d84-4885-892a-984ece61bf3e"
.linkedin.com/ Name: lidc
Value: "b=VGST03:s=V:r=V:a=V:p=V:g=2881:u=1:x=1:i=1684184999:t=1684271399:v=2:sig=AQG8UZe3kcQBQKcis5gzbYME3m-4lKWh"
.pubmatic.com/ Name: SPugT
Value: 1684184998
.rubiconproject.com/ Name: khaos
Value: LHPC9HXG-L-AICT
.rubiconproject.com/ Name: audit
Value: 1|xLO53drzXtU81xXIwpA/p4UPJa/L+u/tVfosigpwLmY8fCYmOTvXgzYV/gRIlUA0l5+Xzkb1hMBYuqoIiPk057iLOlCEhdvdIwGg2ko3XQg42+TBlZQRq1s7PoCMm1RrjbdT8TNLlXGXu2VazvDgFQIs4X5J+Y5r
.doubleclick.net/ Name: DSID
Value: NO_DATA
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyJpbmRleGV4Y2hhbmdlIjoiMjAyMy0wNS0xNVQyMTowOTo1Ni43MDg2ODEzODRaIiwicHVibWF0aWMiOiIyMDIzLTA1LTE1VDIxOjA5OjU2LjcwODY3MjM2NFoiLCJydWJpY29uIjoiMjAyMy0wNS0xNVQyMTowOTo1Ni43MDg2Nzc2MloifSwidWlkcyI6eyJhZGFnaW8iOnsidWlkIjoiM2IyMzcwZTYtOTk1NC00YTYzLWI2NGYtMzFjYmY5NWY5ODJkIiwiZXhwaXJlcyI6IjIwMjMtMDctMTRUMjE6MDk6NTYuNzA3OTg1MjA0WiJ9LCJpbmRleGV4Y2hhbmdlIjp7InVpZCI6IlpHS2Zwb0xXUlE1TTZRYjRQU2p0QVFBQUR0b0FBQUlCIiwiZXhwaXJlcyI6IjIwMjMtMDctMTRUMjE6MDk6NTkuMDM5NzkzNjdaIn0sInB1Ym1hdGljIjp7InVpZCI6IjNBNjk3QzU3LTdDOUUtNEQwRS1BODZELTBGOEJFNjBEOTAzOSIsImV4cGlyZXMiOiIyMDIzLTA3LTE0VDIxOjA5OjU3LjY2Mzk1NDQ3NVoifSwicnViaWNvbiI6eyJ1aWQiOiJMSFBDOUhYRy1MLUFJQ1QiLCJleHBpcmVzIjoiMjAyMy0wNy0xNFQyMTowOTo1OS42ODE3ODcwNFoifX0sImJkYXkiOiIyMDIzLTA1LTE1VDIxOjA5OjU2LjcwNzgyMTIyMloifQ==
.visiontimes.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-AYSmpI2EnmFQwXfzs2cVpOBMACy57MhyzYVw-DDrpxJeoBx27OfmsA50LuyYyxsZi2VFUVgysWCDVz-N7yi_cXOC_d3y37l2l0tEjZ3cmKralX4bK8RRoPtFB5o4A-qJ8jlSaUunZJDoydO_Lr7TfXgJ5fA%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

4 Console Messages

Source Level URL
Text
network error URL: https://cdn.matomo.cloud/kreativreason.matomo.cloud/matomo.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://certify-js.alexametrics.com/atrk.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=57e90848-2bba-4bbe-a9e5-84854c75a2a1&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
javascript warning URL: https://www.visiontimes.com/2023/05/15/machine-learning-analysis-reveals-most-covid-19-deaths-may-have-been-due-to-secondary-infection.html
Message:
The resource https://rumcdn.geoedge.be/671981cb-dd2e-4e91-a65c-157f4acea4fa/grumi.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

724b151cdf99a9c97491bf65f9e2d213.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
amazon-tam-match.dotomi.com
analytics.google.com
ap.lijit.com
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.matomo.cloud
ce.lijit.com
certify-js.alexametrics.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csync.loopme.me
dis.criteo.com
dmp.brand-display.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
gw.geoedge.be
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
img.visiontimes.com
intothebid.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prg.smartadserver.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubmatic-match.dotomi.com
px.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb2-useast.marketiq.com
rumcdn.geoedge.be
s.ad.smaato.net
s.amazon-adsystem.com
script.4dex.io
sdk.truepush.com
sdki.truepush.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.gravatar.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-us.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u.4dex.io
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.visiontimes.com
x.bidswitch.net
certify-js.alexametrics.com
103.146.40.154
108.138.107.138
142.250.80.34
142.251.32.98
151.101.194.49
162.19.138.117
162.19.138.119
162.248.18.34
162.248.18.37
169.197.150.8
173.231.178.85
174.137.133.49
18.164.107.227
18.235.70.17
185.167.164.49
192.132.33.46
192.35.249.138
192.40.39.223
198.148.27.139
199.127.204.171
199.187.193.182
199.38.167.131
20.127.253.7
2001:4860:4802:34::181
207.198.113.89
216.200.232.249
216.22.16.1
23.192.31.127
23.204.76.201
2600:1f18:4e9:5a01:d0a0:257f:95e7:202f
2600:9000:210b:d400:10:43f:4352:ad61
2600:9000:2209:0:1b:5138:8a40:93a1
2600:9000:24f0:4400:c:7d55:b3c0:93a1
2600:9000:24f1:ce00:7:6b7b:1000:93a1
2600:9000:2511:5e00:4:b37b:9440:93a1
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2604:9e00:1:129::2:a01
2606:4700:10::6816:3556
2606:4700:20::681a:3c9
2606:4700:20::681a:3e4
2606:4700:20::681a:9a9
2606:4700::6812:372
2606:ae80:1451:22::760
2607:f8b0:4004:c1d::9c
2607:f8b0:4006:806::2001
2607:f8b0:4006:80a::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2002
2607:f8b0:4006:822::2001
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2008
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::485
2a04:fa87:fffe::c000:4902
3.216.88.130
3.229.46.135
3.33.220.150
34.102.163.6
34.111.113.62
34.111.151.213
34.149.40.38
34.192.116.223
34.200.65.202
34.206.243.164
34.96.105.8
35.207.24.140
35.211.178.172
35.214.153.92
35.236.220.17
35.71.139.29
38.68.201.140
51.222.239.230
52.0.159.111
52.202.56.4
52.204.157.234
52.46.143.56
52.54.178.10
54.145.158.212
54.160.44.156
54.167.181.92
54.242.205.90
63.251.86.50
63.251.86.51
67.220.228.201
68.67.160.117
68.67.181.211
69.90.254.78
74.119.119.139
74.119.119.150
8.28.7.81
8.28.7.83
8.39.36.142
8.43.72.97
004589df2911624de98351e90b6081cdd49cb81d8cbc735eaa562870e53f5e40
0123a21cd35122011d6d16f9591264edcd3f53b42d944a842abf665f10f4ed0b
01b2eac182c5c4056a5b1843c599084984cc07fb792208e10eea6cf34d8f1c89
02d3ed522826ea7593c553e235a86b94eb65703d5e7a53ce3b87fc9ae51b7975
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
0669ed123dc3ae2053bc81f1c9e2eaa7097b2a5586b5e011aa2ca78d3e8e4fdd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07b7fad6048490c6557477137ad2c678b11164d6303d07304552beb29d4aae1f
08ca7520df21a77ad6adfc790f9c1b6d76d91b7133040edf4c2769e2815dda10
0a14b62bf8b523b4158254d61d4cc0a6129c9dbaefbae6242d421f320174bcc0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bac34e79b8e2b6350d9189d3d02771c34168555d1d61f0998e6c455888a4e15
0d881e30ed60a314c07c97b31ad0678bea9a215c9d575f9ecdba2b28cb9c8fa0
110ac832aea4640f04bc676352db0f3a8353733a2e5b082308b84dfce265b895
14dc422716e3771c4842b233513bec1ac71b5174d91b1781123d3d2d1cd1790e
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c641d6ffba288e8c3aa659e344f5078e06bef643a3f70b738a107f5225d9a7
18e159d48019f540367ff0b5fe22b775481bdbb1e448367592ee9320378b3b79
198ae8726876d22cc491bf17b6af7ddffb71c4d91e5d241ffc791f704dd79090
1b5d32e056bc3ab72bddd2b3d3a1ae15ee13afae22636867109a660cfea064ad
1d034eebaa59c0d499dcbe8cbe0fba6d96b0d9abf6b0ab07942496965db4392d
255e4fddbb460e3f9eaba26eb99b813a3bb236fb10fe684ae3b58fa0fa2b29ce
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b92670afda59fa4ccc4a37cf5709f8452696eab3a58f2fc3e17a109e37c2d78
2d1803dffa6f20435a88c9eb3122be063901b00b95839fee0e8f67a6244b4b69
2d1f7551f262d76ac392303394af6b0d0ffd9e6c362e4db60de95fcbc82330a4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321aa4e48792b7db9d20e0f4686d7f0bd11b2da30eba3a5b15b7a25176ed2744
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3702e02419751db72b7b39d42ff00636aa864a120951bc4defa47780494038f4
3719e33cd745e11292495508fe2b7528b65e0c891139d474048f5ffaf2e94e87
371dedf7de0db5146a3d67d490d968951d5098b692b72a22364f0886a830b093
37ee14a863ff71490b976ec2dd4891f72aaa350cbae91ea6590fa079a17ca482
386d466b8bdd0cda283c79718d2aec07f38b9f9ed81eebe6d5266bb20cd42c10
3b4858f1ed4a3bd2f80208200acef725144d23fe8f491cda086c0759249485dd
3bcf11c15da7bcd40e1ad8cbfc48dbf8e00194f04ac8e143ca0c67b41447b6c3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
4517329a1a3efcb408a4d33f16b3b7b56ee8472ed54533efebb2627532c9ecf1
45743643f59f16035654fdd211460a86c9b3572ef7faaa109a8d41350ee624d3
466798fae129eb3899a28dc6cd8aaab04bfbad6e4a9f51d598a225041ea64165
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecf24b7db78a8e99bb3c0581cc859f5edc4ef62e682d91e963ff3e9f8763c62
5153102ce014f28b48603c723896f8ae5220957aa4f08c9d0d10c38c0844c723
543c813be0525f2c048c1c3976f9a8291df8adec2b57e6d0e6891c2670909ea1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a6c5364b2c56001882058cbcd15372469fd9fd7c86d373a0047271d0c415063
5daf3ddd0d8644eaaf32623d688bc566f5c0085f28fe8a3b9010fe243fe2343e
6003f8587c289f6264395e82066363705a416bcef667fb8294d2bfd214573afc
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62067d30a82c5fa271f263c2bca39a7091afb9fb6ebcd321190e17c489b7529c
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6dc50509c75d563ba18f32e35c8aa2ff630f46492df8dad7c66515fe6eaf34ef
6e0712306467b4b72eb281d641d0ff0add41af0c5e0172c46532cf1df67d0ab2
6f081c27e6a2edfbcfd9cc859a55d95b8eefce744c29929e2ff23328fe5896c3
70b3d660cfa369db69d2a34a66590c51ae01c59e1e5e153b8fdb5ba27c33b97f
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
72f6dba4450382b8579a6fe007825673805fbd8009fd37004a446b36b2c63ca1
753c73173aeae97b95d42e21bc6e64abccec125889f83f32573829a2392fd691
7d023f18fa0dabb2d29a1926fe8e6e0f794724f4359ceb19869a409a1e7e98a0
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
857c25b7523733b88952a25344cd212bcc6fd526837e7e35b227ee661b8f6dac
86ac8250b5282d15315516cb5ce3242096aac110ba2eba921ed84b48e78671ce
89bb96ac7b8c02fd87c0486f2a256f8ad3aa063caf3224292aceee1c50054551
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
8c7452eb88c5395b2de1b0089fbff1859e973eedf699c43cd50631e6f2b52716
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
914d7a3d15d52bae94f0dceed31f020e2c1fabebb8955e46f4dd48471e61f47c
924b00ecb2d3b22c84dfd3e73f23d8ccabba0f1810b9bc1828a0b5aa4c9e0310
93375df1e636b8fd3cc93e22e43f96f1dcaaf929824e9ced08d3da4b242902ac
973d61ffd9b8fc5464a6d8fcf39f4d518e79fa361c231c7476fd84d0c43a3990
98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9baf4c49bd2ac08ccd48029aa180fb92caee5de5567cc5a3da8067aab41693f0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a3b613a16b9c6d096b99ba07579eb4f95395e6687273f27520aca06fcb2e4cbf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5305e00f72123f81c8d7bf9016797c7c161b7d73a28cb4037425c93d5c50214
a6037c23e37946dfca70369797077de0f10e1b145ece98c84105a5d1edd35954
a95e7d0a3cb18909649c1c1cf3a03b867df399d7a68a95438700d0c250190ea5
abefa59fd4da2a604317561896c55aaec82198cbbc69d6a218a5bd5451ef9c5d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad8d48f020b6745b5fc89c2b8a1b03b8ca051c8170aa9b17a8d1927b9fb6dafe
b09cadea555c63dab3cf370335f106960cec132c0c225b612ffc295cfd008ccd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b237ef8336dce028458284093241f6a066c482fb281674593ebf5ef50b4d1170
b387a4825827f075022ca881f008355af630321ddfd3f64800c9c18b78cfb0e6
bad3e11b9a89e04027ef99119dd6034a3a5ce83e3bb81b9190911a2b5cb3d3d5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2169f17e3a11ea908bd60ead2e3a1c7b3d6482c7e4e6ed04b5960e12eeb640e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2803a6c3d48a023daf4db4bf1747ca82522ddbc951350aef12d88f1ba2a96a7
c317be5449bc22f0218b741201bf2d9ad83298e9d0a80a05105e4aace497e68b
c318c3c82fa05b6cd464505a36addd257d9a0c5c7c3c17990d5228c57469411b
c600adb1e3d6281621818ba058f98a8fa9ba43bd31a97c2cf98901400ba6f461
c63de8fecbe5b788de57dc9ead8085578cad3775075fefb4e959cdafcd8ffefd
ca654a84b46303968bd518b44c59765cbcd5f9da2e1849aaff5b04830725e3f2
cc4a24bc8d65d0fe135555f2bc27b8fcd171ae92a18f7e5153ac9e0f469e5313
d02a4d562f9543b798f83d7d07bef7d716891f86df2b7793e5d137378db16ee8
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d8229f8206a0b49a2dc74820a78380eaf807c3d0f2066a53562d2b650aa21139
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
db81b96903718193b33fb7c3556f7693ebee23327a62cbf8ded1191410b8fb69
dcd17d87223e4a3c2032ebf5197703e662d81c36f61f73e13667dacf2931d291
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dcfb32778237c4943934f45b8373ddc2dac1ff2bce0758f1206919d6b771935c
dda2940cb955e2cd2f9d18d83251dc89e571836784f0ad9faf87918cb1defbef
df52439a2eb01b5cee40d8220d544f683e176cc1bf335a3d248f0cb622b1b2b2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb84d55d0eff18a727382e14c781549b9157e06de76f7fd0fbd1ba3993ef47d3
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef207a86f8123b803cba15db0d8e6a306fe4d10e53532a080bf1349d5f0cddd5
f1dcec97e9d00c93ff79f0d5bcacc8b4e69c44c22324cb2194aad4ab093a5f2e
f5fdc70826f109d45dfe6b1bdc92453430df22e7111858cae205a6b20b714c4b
f62c6457ddefdfd96ebc104603ccc8368e73afb6085b7b8018674cf5d3974ebe
f93d7de0b18db662f7431d257739e8ab6d1b9810f892504283acbaf264c26594
fa6978820330032ed14523dbcc082cbb7c621e7061ed75192981cc22324292a2
fbaac91675e4fb73e0e243081c362535d0160dd5713886ecd67d07b563d847f7
fc56334c5ebbb73e6f2bc540f9b5ba8ff369bfe615fb9b83da9c62ad78b16053
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
ff5c8a87633404e7bc0dc814761803c26e721c23c65b72cb9a5a1e49992ee75d