urlscan.io logo urlscan.io
SecurityTrails logo

www.khaleejtimes.com Open in urlscan Pro
107.154.75.234  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Submission: On April 30 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 231 IPs in 21 countries across 216 domains to perform 1740 HTTP transactions. The main IP is 107.154.75.234, located in District Heights, United States and belongs to INCAPSULA, US. The main domain is www.khaleejtimes.com. The Cisco Umbrella rank of the primary domain is 225755.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q4 on November 18th 2022. Valid for: 6 months.
This is the only time www.khaleejtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
40 107.154.75.234 19551 (INCAPSULA)
3 2600:1400:900... 20940 (AKAMAI-ASN1)
2 69.16.175.10 20446 (STACKPATH...)
66 2607:f8b0:402... 15169 (GOOGLE)
11 18.164.124.83 16509 (AMAZON-02)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
5 88.99.215.229 24940 (HETZNER-AS)
2 2a04:4e42:400... 54113 (FASTLY)
1 184.87.173.138 20940 (AKAMAI-ASN1)
13 35.207.221.200 19527 (GOOGLE-2)
13 2600:9000:251... 16509 (AMAZON-02)
20 76.76.21.22 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
4 69.16.175.42 20446 (STACKPATH...)
2 52.74.3.27 16509 (AMAZON-02)
1 23.78.3.103 16625 (AKAMAI-AS)
13 2607:f8b0:400... 15169 (GOOGLE)
4 143.204.151.99 16509 (AMAZON-02)
2 34.107.231.31 396982 (GOOGLE-CL...)
2 15.207.134.149 16509 (AMAZON-02)
1 2600:9000:25c... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3.219.24.240 14618 (AMAZON-AES)
100 2607:f8b0:402... 15169 (GOOGLE)
8 2607:f8b0:402... 15169 (GOOGLE)
4 2607:f8b0:402... 15169 (GOOGLE)
3 2607:f8b0:402... 15169 (GOOGLE)
5 2607:f8b0:402... 15169 (GOOGLE)
5 2607:f8b0:402... 15169 (GOOGLE)
4 104.18.26.135 13335 (CLOUDFLAR...)
2 108.139.29.101 16509 (AMAZON-02)
2 2600:9000:24f... 16509 (AMAZON-02)
2 13.126.25.127 16509 (AMAZON-02)
2 162.19.138.83 16276 (OVH)
2 2600:9000:24f... 16509 (AMAZON-02)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
33 82 172.217.13.194 15169 (GOOGLE)
1 52.54.60.137 14618 (AMAZON-AES)
1 18.164.116.49 16509 (AMAZON-02)
6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 54.166.168.45 14618 (AMAZON-AES)
1 104.106.235.75 16625 (AKAMAI-AS)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
7 44.206.127.47 14618 (AMAZON-AES)
29 2a06:8640:454::2 55081 (24SHELLS)
7 216.22.16.1 30633 (LEASEWEB-...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
6 23.221.200.33 16625 (AKAMAI-AS)
14 108 34.98.64.218 396982 (GOOGLE-CL...)
24 46 68.67.160.132 29990 (ASN-APPNEX)
3 18 188.42.196.115 7979 (SERVERS-COM)
9 185.106.140.18 7979 (SERVERS-COM)
7 103.132.192.30 138552 (RTBHOUSE-...)
6 35.211.165.199 19527 (GOOGLE-2)
9 2620:100:a001... 19750 (AS-CRITEO)
24 31 72.251.238.254 32475 (SINGLEHOP...)
1 2600:1400:900... 20940 (AKAMAI-ASN1)
37 2607:f8b0:402... 15169 (GOOGLE)
1 6 2607:f8b0:402... 15169 (GOOGLE)
3 161.35.36.20 14061 (DIGITALOC...)
2 2600:141b:900... 20940 (AKAMAI-ASN1)
8 12 162.19.138.118 16276 (OVH)
1 54.160.201.168 14618 (AMAZON-AES)
1 2600:9000:21e... 16509 (AMAZON-02)
4 6 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
3 20.96.87.156 8075 (MICROSOFT...)
2 52.207.12.114 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
14 2a06:8640:799... 55081 (24SHELLS)
4 54.165.48.193 14618 (AMAZON-AES)
3 2620:100:a001::4 19750 (AS-CRITEO)
1 108.138.128.124 16509 (AMAZON-02)
1 2600:9000:251... 16509 (AMAZON-02)
1 2600:9000:23c... 16509 (AMAZON-02)
1 2a04:4e42::714 54113 (FASTLY)
5 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
9 34.224.49.215 14618 (AMAZON-AES)
2 35.154.184.55 16509 (AMAZON-02)
2 99.84.37.111 16509 (AMAZON-02)
14 76.76.21.93 16509 (AMAZON-02)
35 151.101.129.44 54113 (FASTLY)
12 151.101.130.137 54113 (FASTLY)
2 2a03:2880:f11... 32934 (FACEBOOK)
7 2400:52e0:1a0... 200325 (BUNNYCDN)
7 2607:f8b0:402... 15169 (GOOGLE)
3 8 2620:100:a005::d 19750 (AS-CRITEO)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 24 51.222.239.230 16276 (OVH)
33 23.54.68.197 16625 (AKAMAI-AS)
17 34.149.40.38 15169 (GOOGLE)
1 3 35.168.153.83 14618 (AMAZON-AES)
11 13 34.200.65.202 14618 (AMAZON-AES)
1 4 72.247.69.164 16625 (AKAMAI-AS)
4 74.119.119.139 19750 (AS-CRITEO)
11 33 104.127.172.242 16625 (AKAMAI-AS)
5 77 35.71.139.29 16509 (AMAZON-02)
30 30 67.202.105.24 32748 (STEADFAST)
7 15 67.202.105.33 32748 (STEADFAST)
4 7 199.187.193.177 47043 (SMARTADSE...)
12 15 104.36.115.113 62713 (AS-PUBMATIC)
22 23 15.197.193.217 16509 (AMAZON-02)
40 41 35.211.178.172 19527 (GOOGLE-2)
12 13 185.167.164.49 198622 (ADFORM)
1 2 2620:1ec:c11:... 8068 (MICROSOFT...)
4 10 2600:1f18:4e9... 14618 (AMAZON-AES)
5 5 64.202.112.159 23352 (SERVERCEN...)
2 7 104.76.100.229 16625 (AKAMAI-AS)
2 34.98.84.165 396982 (GOOGLE-CL...)
7 7 44.193.159.234 14618 (AMAZON-AES)
1 1 195.244.31.10 63140 (IGUANA-WO...)
1 2 146.20.132.151 27357 (RACKSPACE)
5 52 192.40.39.223 27381 (CASALE-MEDIA)
2 2 35.190.90.30 15169 (GOOGLE)
26 34.117.239.71 396982 (GOOGLE-CL...)
16 16 216.200.232.249 30419 (MEDIAMATH...)
32 32 2606:ae80:145... 25751 (VALUECLICK)
2 2620:1ec:29:1... 8075 (MICROSOFT...)
1 56 172.98.26.245 399668 (E-PLANNING-)
5 78 23.227.139.243 55081 (24SHELLS)
5 2607:4f00:958::2 55081 (24SHELLS)
7 107.151.11.90 55081 (24SHELLS)
8 2a02:6ea0:c40... 60068 (CDN77 ^_^)
9 10 35.227.252.103 15169 (GOOGLE)
36 39 199.127.204.171 26120 (RHYTHMONE)
7 8 2620:112:f002... 6336 (TURN-US-ASN)
2 52.217.118.105 16509 (AMAZON-02)
7 9 107.21.3.166 14618 (AMAZON-AES)
2 15 199.187.193.202 47043 (SMARTADSE...)
2 2 15.235.43.119 16276 (OVH)
2 2 80.77.87.166 46636 (NATCOWEB)
9 9 151.101.194.49 54113 (FASTLY)
3 23 162.248.18.37 62713 (AS-PUBMATIC)
9 9 199.38.167.130 54312 (ROCKETFUEL)
1 11 8.28.7.83 62713 (AS-PUBMATIC)
2 23 52.46.128.147 16509 (AMAZON-02)
18 18 54.145.44.246 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
19 20 198.148.27.140 19189 (PULSEPOINT)
3 4 173.231.178.82 32475 (SINGLEHOP...)
10 10 2620:116:800b... 14618 (AMAZON-AES)
6 7 169.197.150.8 398989 (DEEPINTENT)
3 3 74.119.119.150 19750 (AS-CRITEO)
8 8 34.102.163.6 396982 (GOOGLE-CL...)
5 5 34.230.250.86 14618 (AMAZON-AES)
2 3 34.204.24.233 14618 (AMAZON-AES)
5 10 35.214.153.92 15169 (GOOGLE)
5 14 2606:4700::68... 13335 (CLOUDFLAR...)
7 10 34.111.113.62 396982 (GOOGLE-CL...)
1 2 52.0.82.32 14618 (AMAZON-AES)
12 12 34.150.170.96 396982 (GOOGLE-CL...)
4 7 162.248.18.34 62713 (AS-PUBMATIC)
2 2 35.211.233.246 19527 (GOOGLE-2)
3 3 54.147.162.32 14618 (AMAZON-AES)
10 10 207.198.113.87 13768 (COGECO-PEER1)
6 34.198.183.31 14618 (AMAZON-AES)
3 4 38.98.69.175 174 (COGENT-174)
26 32 69.173.151.100 26667 (RUBICONPR...)
4 4 207.198.113.230 13768 (COGECO-PEER1)
2 2 54.159.252.56 14618 (AMAZON-AES)
6 172.98.26.242 399668 (E-PLANNING-)
8 11 69.166.1.12 27630 (AS-XFERNET)
4 4 3.233.123.219 14618 (AMAZON-AES)
5 6 54.205.236.63 14618 (AMAZON-AES)
4 34.102.143.98 396982 (GOOGLE-CL...)
4 162.247.241.14 23467 (NEWRELIC-...)
6 205.234.175.175 23352 (SERVERCEN...)
25 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 20.110.205.119 8075 (MICROSOFT...)
1 52.202.100.191 14618 (AMAZON-AES)
10 10 185.184.8.90 204995 (RTB-HOUSE...)
10 10 37.157.4.23 198622 (ADFORM)
7 15 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
1 1 34.98.67.3 396982 (GOOGLE-CL...)
1 1 2600:1f18:765... 14618 (AMAZON-AES)
1 1 8.39.36.141 26667 (RUBICONPR...)
3 3 192.132.33.46 18568 (BIDTELLECT)
10 10 35.207.24.140 15169 (GOOGLE)
8 8 68.67.179.166 29990 (ASN-APPNEX)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2600:1f18:1c9... 14618 (AMAZON-AES)
2 8 44.198.21.48 14618 (AMAZON-AES)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 34.111.131.239 396982 (GOOGLE-CL...)
7 7 199.187.193.182 47043 (SMARTADSE...)
1 1 76.13.32.147 26101 (YAHOO-BF1)
1 2 13.225.214.117 16509 (AMAZON-02)
2 35.169.95.213 14618 (AMAZON-AES)
1 1 3.93.158.96 14618 (AMAZON-AES)
1 6 67.220.228.203 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
3 4 192.35.249.138 11742 (SPOTX-IAD)
4 30 141.226.224.48 200478 (TABOOLA-AS)
3 3 34.111.151.213 396982 (GOOGLE-CL...)
1 2 35.186.193.173 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 162.55.236.225 24940 (HETZNER-AS)
5 5 52.200.115.80 14618 (AMAZON-AES)
7 2607:f8b0:400... 15169 (GOOGLE)
5 5 3.216.167.44 14618 (AMAZON-AES)
5 5 2620:112:f002... 6336 (TURN-US-ASN)
1 1 34.232.18.154 14618 (AMAZON-AES)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:1f18:61c... 14618 (AMAZON-AES)
1 1 185.184.10.30 203690 (RTB-HOUSE...)
1 17 23.200.196.24 16625 (AKAMAI-AS)
83 23.92.190.74 32475 (SINGLEHOP...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 4 54.156.92.232 14618 (AMAZON-AES)
6 6 143.244.208.184 14061 (DIGITALOC...)
3 6 54.153.252.43 16509 (AMAZON-02)
3 3.218.231.183 14618 (AMAZON-AES)
2 108.128.49.16 16509 (AMAZON-02)
2 2 18.159.153.37 16509 (AMAZON-02)
1 1 3.225.173.193 14618 (AMAZON-AES)
1 1 51.68.39.188 16276 (OVH)
8 8 69.90.254.78 13768 (COGECO-PEER1)
7 7 8.2.110.206 46636 (NATCOWEB)
4 5 8.28.7.82 62713 (AS-PUBMATIC)
3 104.21.60.205 13335 (CLOUDFLAR...)
1 8 34.96.105.8 396982 (GOOGLE-CL...)
10 10 96.16.196.205 16625 (AKAMAI-AS)
3 3 35.244.216.234 15169 (GOOGLE)
1 3 37.18.24.16 205675 (HYBRID-AS)
2 2 193.232.148.142 48061 (UMA-TECH-AS)
1 116.202.236.228 24940 (HETZNER-AS)
2 2 18.214.78.59 14618 (AMAZON-AES)
4 4 3.94.24.167 14618 (AMAZON-AES)
2 2 63.251.28.233 13789 (INTERNAP-...)
2 52.0.250.117 14618 (AMAZON-AES)
2 2 198.24.170.28 19437 (SS-ASH)
5 5 213.19.162.80 26667 (RUBICONPR...)
1 1 51.222.105.60 16276 (OVH)
2 34.195.250.234 14618 (AMAZON-AES)
6 6 35.210.239.72 19527 (GOOGLE-2)
3 18.211.225.88 14618 (AMAZON-AES)
1 1 124.146.215.51 2514 (INFOSPHER...)
2 2 3.69.35.240 16509 (AMAZON-02)
1 1 50.17.235.184 14618 (AMAZON-AES)
1 2 146.0.227.110 29066 (VELIANET-...)
3 151.101.193.44 54113 (FASTLY)
2 82.145.213.8 39832 (NO-OPERA)
1 1 172.105.199.172 63949 (AKAMAI-LI...)
1 1 20.85.134.6 8075 (MICROSOFT...)
1 157.90.40.26 24940 (HETZNER-AS)
1 195.5.165.20 44968 (IPROM-AS)
1 54.221.231.181 14618 (AMAZON-AES)
1 34.202.144.192 14618 (AMAZON-AES)
1 52.210.233.165 16509 (AMAZON-02)
1 1 64.227.64.62 14061 (DIGITALOC...)
1 151.236.127.145 204720 (CDNETWORKS)
1 8 23.198.216.24 16625 (AKAMAI-AS)
1 34.199.73.116 14618 (AMAZON-AES)
2 2 2600:1901:0:8... 15169 (GOOGLE)
1 1 2600:9000:251... 16509 (AMAZON-02)
1 18.164.96.92 16509 (AMAZON-02)
1 2 13.225.223.81 16509 (AMAZON-02)
2 2 34.204.222.159 14618 (AMAZON-AES)
1 50.19.3.76 14618 (AMAZON-AES)
2 34.160.108.227 15169 (GOOGLE)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
3 34.197.32.92 14618 (AMAZON-AES)
3 52.220.229.2 16509 (AMAZON-02)
2 13.33.60.96 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 1 8.2.110.113 46636 (NATCOWEB)
6 135.125.163.79 16276 (OVH)
2 2 35.210.53.219 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
1 18.233.2.249 14618 (AMAZON-AES)
3 3 31.172.81.159 44066 (DE-FIRSTC...)
2 2 89.108.120.68 197695 (AS-REG)
1 3 2a02:6b8::90 208722 (GLOBAL_DC)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 34.102.146.192 396982 (GOOGLE-CL...)
5 2607:f8b0:400... 15169 (GOOGLE)
2 35.190.39.111 15169 (GOOGLE)
1 34.120.107.143 396982 (GOOGLE-CL...)
4 35.244.159.8 15169 (GOOGLE)
1 34.230.119.208 14618 (AMAZON-AES)
2 199.127.204.163 26120 (RHYTHMONE)
1 5 147.28.129.37 54825 (PACKET)
2 4 174.137.133.32 27257 (WEBAIR-IN...)
4 2620:100:a001... 19750 (AS-CRITEO)
1 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
3 134.122.110.207 14061 (DIGITALOC...)
2 2400:52e0:1a0... 200325 (BUNNYCDN)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.164.94.225 16509 (AMAZON-02)
1 2602:803:c002... 26667 (RUBICONPR...)
2 2600:1400:900... 20940 (AKAMAI-ASN1)
1 2 2001:6d0:4001... 52016 (ADFACT)
2 34.117.228.201 396982 (GOOGLE-CL...)
3 3.64.80.64 16509 (AMAZON-02)
1 1 2600:9000:25c... 16509 (AMAZON-02)
1 104.117.182.27 20940 (AKAMAI-ASN1)
1 23.52.158.180 16625 (AKAMAI-AS)
1 1 31.220.27.135 39572 (ADVANCEDH...)
1 1 159.203.145.121 14061 (DIGITALOC...)
2 2 3.135.132.32 16509 (AMAZON-02)
1 103.243.202.190 45974 (NHN-AS-KR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.80.125.218 ()
1740 231
40    107.154.75.234 (District Heights, United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.75.234.ip.incapdns.net
www.khaleejtimes.com
3    2600:1400:9000::687e:74b8 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdnt.netcoresmartech.com
cdndc.netcoresmartech.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
rtbcdn.andbeyond.media
66    2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.ca
googleads.g.doubleclick.net
11    18.164.124.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-83.jfk50.r.cloudfront.net
image.khaleejtimes.com
8    2606:4700:10::6816:3ca8 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.vuukle.com
5    88.99.215.229 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.229.215.99.88.clients.your-server.de
app.playstream.media
2    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    184.87.173.138 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-87-173-138.deploy.static.akamaitechnologies.com
osjs.netcoresmartech.com
13    35.207.221.200 (Mumbai, India)

ASN19527 (GOOGLE-2, US)
PTR: 200.221.207.35.bc.googleusercontent.com
adgebra.co.in
13    2600:9000:2511:ba00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
20    76.76.21.22 (Walnut, United States)

ASN16509 (AMAZON-02, US)
io.jogo.studio
3    2606:4700:10::6816:3da8 (United States)

ASN13335 (CLOUDFLARENET, US)
vuukle.com
api.vuukle.com
publish.vuukle.com
4    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
rtbpass-us.andbeyond.media
player.avplayer.com
2    52.74.3.27 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-3-27.ap-southeast-1.compute.amazonaws.com
prebid.andbeyond.media
1    23.78.3.103 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-3-103.deploy.static.akamaitechnologies.com
akamai.tiqcdn.com
13    2607:f8b0:4006:80f::200e (New York, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
4    143.204.151.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-151-99.ewr52.r.cloudfront.net
c.amazon-adsystem.com
2    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
2    15.207.134.149 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-207-134-149.ap-south-1.compute.amazonaws.com
twa.netcoresmartech.com
1    2600:9000:25c8:f800:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    3.219.24.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-24-240.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
100    2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
adservice.google.ca
www.googletagservices.com
pagead2.googlesyndication.com
8    2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
571f75a79109ac4f392f762d2acb3a54.safeframe.googlesyndication.com
3    2607:f8b0:4020:806::200a (Montreal, Canada)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    104.18.26.135 (None, )

ASN13335 (CLOUDFLARENET, US)
rkbzwluhocwgxhhuwvjq.supabase.co
2    108.139.29.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-101.jfk50.r.cloudfront.net
cdn-sdk.hansel.io
2    2600:9000:24f1:b000:9:a948:8e80:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.boxx.ai
2    13.126.25.127 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-126-25-127.ap-south-1.compute.amazonaws.com
psegment.netcoresmartech.com
2    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    2600:9000:24f1:5c00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2600:141b:13::17d7:82bb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
82    172.217.13.194 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f2.1e100.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
1    52.54.60.137 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-60-137.compute-1.amazonaws.com
datacloud.tealiumiq.com
1    18.164.116.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-49.jfk50.r.cloudfront.net
t.contentsquare.net
6    2606:4700::6812:d841 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.izooto.com
nhwimp.izooto.com
1    2606:4700:3030::ac43:c1ca (United States)

ASN13335 (CLOUDFLARENET, US)
pahtuz.tech
3    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    54.166.168.45 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-168-45.compute-1.amazonaws.com
collect.tealiumiq.com
1    104.106.235.75 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-106-235-75.deploy.static.akamaitechnologies.com
se.monetate.net
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
7    44.206.127.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-127-47.compute-1.amazonaws.com
tlx.3lift.com
29    2a06:8640:454::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
ads62.adtelligent.com
7    216.22.16.1 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 216.22.16.1.servint.net
prg-apac.smartadserver.com
7    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
6    23.221.200.33 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-200-33.deploy.static.akamaitechnologies.com
a.teads.tv
108    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
rtbdemand-d.openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
46    68.67.160.132 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
18    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
9    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
7    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
6    35.211.165.199 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 199.165.211.35.bc.googleusercontent.com
grid.bidswitch.net
9    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
31    72.251.238.254 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    2600:1400:9000::172c:edd0 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
tg1.playstream.media
37    2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
3    161.35.36.20 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 471786.cloudwaysapps.com
coronaliveupdates.khaleejtimes.com
2    2600:141b:9000::684a:4129 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
ujm.hansel.io
12    162.19.138.118 (France)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
1    54.160.201.168 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-201-168.compute-1.amazonaws.com
visitor-service-us-east-1.tealiumiq.com
1    2600:9000:21ec:3200:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
6    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    20.96.87.156 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.az.contentsquare.net
2    52.207.12.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-12-114.compute-1.amazonaws.com
ping.chartbeat.net
1    2606:4700:3037::ac43:8a15 (United States)

ASN13335 (CLOUDFLARENET, US)
palibzh.tech
14    2a06:8640:799:0:ec4:7aff:fe6e:a48e (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb2.adtelligent.com
ads163.adtelligent.com
4    54.165.48.193 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-48-193.compute-1.amazonaws.com
f.monetate.net
3    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    108.138.128.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-124.jfk50.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2511:2a00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2600:9000:23ca:4800:c:7c62:1240:93a1 (United States)

ASN16509 (AMAZON-02, US)
ct.contentsquare.net
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
5    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4020:805::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.ca
9    34.224.49.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-49-215.compute-1.amazonaws.com
track1.aniview.com
2    35.154.184.55 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-154-184-55.ap-south-1.compute.amazonaws.com
hulk.boxx.ai
2    99.84.37.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-111.ewr52.r.cloudfront.net
upload.boxx.ai
14    76.76.21.93 (Walnut, United States)

ASN16509 (AMAZON-02, US)
play.jogo.studio
35    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
15.taboola.com
imprnjmp.taboola.com
images.taboola.com
vidstatb.taboola.com
12    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
7    2400:52e0:1a00::1069:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)
streaming.playstream.media
7    2607:f8b0:4020:807::2006 (Montreal, Canada)

ASN15169 (GOOGLE, US)
s0.2mdn.net
8    2620:100:a005::d (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    2606:4700:4400::ac40:99f6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
24    51.222.239.230 (Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-51-222-239.net
onetag-sys.com
33    23.54.68.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-197.deploy.static.akamaitechnologies.com
ads.pubmatic.com
17    34.149.40.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.40.149.34.bc.googleusercontent.com
u.4dex.io
3    35.168.153.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-153-83.compute-1.amazonaws.com
bcp.crwdcntrl.net
13    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
4    72.247.69.164 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-69-164.deploy.static.akamaitechnologies.com
t.teads.tv
sync.teads.tv
4    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
33    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
77    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
30    67.202.105.24 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
15    67.202.105.33 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
ic.tynt.com
7    199.187.193.177 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
15    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
23    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
data.adsrvr.org
41    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
13    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
10    2600:1f18:4e9:5a02:6422:e7b:c10:ea7a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
5    64.202.112.159 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
7    104.76.100.229 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-100-229.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
2    34.98.84.165 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 165.84.98.34.bc.googleusercontent.com
ox-rtb-europe-west4.openx.net
7    44.193.159.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-159-234.compute-1.amazonaws.com
ice.360yield.com
ad.360yield.com
1    195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
2    146.20.132.151 (United States)

ASN27357 (RACKSPACE, US)
cs.lkqd.net
52    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum.casalemedia.com
r.casalemedia.com
2    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
26    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
cms-xch-chicago.33across.com
16    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
32    2606:ae80:1450:16::2010 (United States)

ASN25751 (VALUECLICK, US)
33across-match.dotomi.com
pubmatic-match.dotomi.com
prebid-match.dotomi.com
triplelift-match.dotomi.com
casale-match.dotomi.com
openx2-match.dotomi.com
amazon-tam-match.dotomi.com
2    2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
56    172.98.26.245 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-iad04.e-planning.net
sync.e-planning.net
78    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.spotim.market
5    2607:4f00:958::2 (United States)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
7    107.151.11.90 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.adtelligent.com
8    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
vpaid.vidoomy.com
10    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
39    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
8    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
2    52.217.118.105 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
jogo-assets.s3.amazonaws.com
9    107.21.3.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-3-166.compute-1.amazonaws.com
sync.srv.stackadapt.com
15    199.187.193.202 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
2    15.235.43.119 (Victoria, Canada)

ASN16276 (OVH, FR)
PTR: ns5012066.ip-15-235-43.net
gu.dyntrk.com
2    80.77.87.166 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
9    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
23    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
9    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
11    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
23    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
18    54.145.44.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-44-246.compute-1.amazonaws.com
match.prod.bidr.io
1    2603:c020:400d:3000:b5b3:7157:5b47:80e4 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
20    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    173.231.178.82 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
10    2620:116:800b:21:4cb8:1820:80ca:50f7 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
7    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
8    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
5    34.230.250.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-250-86.compute-1.amazonaws.com
pm.w55c.net
3    34.204.24.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-24-233.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
10    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
14    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
cdnx.tribalfusion.com
10    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    52.0.82.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-82-32.compute-1.amazonaws.com
thrtle.com
12    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
7    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    35.211.233.246 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
3    54.147.162.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-162-32.compute-1.amazonaws.com
sync.ipredictive.com
10    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
6    34.198.183.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-183-31.compute-1.amazonaws.com
rtb.adentifi.com
4    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
oxp.mxptint.net
32    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
4    207.198.113.230 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
2    54.159.252.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-252-56.compute-1.amazonaws.com
sync.crwdcntrl.net
6    172.98.26.242 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
11    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    3.233.123.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-123-219.compute-1.amazonaws.com
ssp.disqus.com
6    54.205.236.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-236-63.compute-1.amazonaws.com
match.sharethrough.com
4    34.102.143.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.143.102.34.bc.googleusercontent.com
ox-rtb-europe-west2.openx.net
4    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
6    205.234.175.175 (Cantonment, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
25    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    20.110.205.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    52.202.100.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-100-191.compute-1.amazonaws.com
servx.playstream.media
10    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
10    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
15    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
1    34.98.67.3 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
1    2600:1f18:765:4800:7681:18d0:4c60:ba77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pxl.iqm.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
3    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
10    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
8    68.67.179.166 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    2600:1f18:6593:f608:d96:5850:6736:187e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2600:1f18:1c96:4103:85f9:b152:a5d7:cc08 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.tidaltv.com
8    44.198.21.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-21-48.compute-1.amazonaws.com
dpm.demdex.net
1    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
7    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
sync.smartadserver.com
1    76.13.32.147 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com
cms.analytics.yahoo.com
2    13.225.214.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-117.ewr50.r.cloudfront.net
aa.agkn.com
2    35.169.95.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-95-213.compute-1.amazonaws.com
beacon.krxd.net
1    3.93.158.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-93-158-96.compute-1.amazonaws.com
usermatch.krxd.net
6    67.220.228.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2600:1f18:612b:4216:bab5:2e60:d0c4:5889 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
4    192.35.249.138 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
30    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
us-trc-events.taboola.com
sync-t1.taboola.com
us-match.taboola.com
us-vid-events.taboola.com
us-wf.taboola.com
3    34.111.151.213 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
ipac.ctnsnet.com
3    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
5    52.200.115.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-115-80.compute-1.amazonaws.com
aorta.clickagy.com
7    2607:f8b0:4006:80e::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
5    3.216.167.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-167-44.compute-1.amazonaws.com
i.liadm.com
5    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    34.232.18.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-18-154.compute-1.amazonaws.com
mid.rkdms.com
1    2606:4700::6812:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    2600:1f18:61c0:2204:1ecc:f6d6:4f40:b36c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
17    23.200.196.24 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
83    23.92.190.74 (Charlotte, United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    2606:4700:3033::ac43:b4ab (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
4    54.156.92.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-92-232.compute-1.amazonaws.com
ads.avct.cloud
6    143.244.208.184 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sid.storygize.net
6    54.153.252.43 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-252-43.ap-southeast-2.compute.amazonaws.com
sasinator.realestate.com.au
3    3.218.231.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-231-183.compute-1.amazonaws.com
usersync.getpublica.com
2    108.128.49.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-49-16.eu-west-1.compute.amazonaws.com
s.cpx.to
2    18.159.153.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-153-37.eu-central-1.compute.amazonaws.com
i.w55c.net
1    3.225.173.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-173-193.compute-1.amazonaws.com
rtb.adstanding.com
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
8    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
openx-ums.acuityplatform.com
7    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
5    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
3    104.21.60.205 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
8    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
10    96.16.196.205 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-196-205.deploy.static.akamaitechnologies.com
px.owneriq.net
3    35.244.216.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.216.244.35.bc.googleusercontent.com
openx.adhaven.com
3    37.18.24.16 (Berlin, Germany)

ASN205675 (HYBRID-AS, DE)
dm-us.hybrid.ai
2    193.232.148.142 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp3.sender.ltmse.com
px.adhigh.net
1    116.202.236.228 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.228.236.202.116.clients.your-server.de
sync.dmp.otm-r.com
2    18.214.78.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-78-59.compute-1.amazonaws.com
sync.extend.tv
4    3.94.24.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-24-167.compute-1.amazonaws.com
vop.sundaysky.com
2    63.251.28.233 (United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
2    52.0.250.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-250-117.compute-1.amazonaws.com
match.justpremium.com
2    198.24.170.28 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
5    213.19.162.80 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    51.222.105.60 (Canada)

ASN16276 (OVH, FR)
PTR: ns576843.ip-51-222-105.net
sync2.resetdigital.co
2    34.195.250.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-250-234.compute-1.amazonaws.com
track1.avplayer.com
6    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
3    18.211.225.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-225-88.compute-1.amazonaws.com
prebid-server.rubiconproject.com
1    124.146.215.51 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    3.69.35.240 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-35-240.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    50.17.235.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-235-184.compute-1.amazonaws.com
rtb.gumgum.com
2    146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
3    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
wf.taboola.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    172.105.199.172 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1853-172.members.linode.com
gocm.c.appier.net
1    20.85.134.6 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    157.90.40.26 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.26.40.90.157.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    54.221.231.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-231-181.compute-1.amazonaws.com
crb.kargo.com
1    34.202.144.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-144-192.compute-1.amazonaws.com
sync.bfmio.com
1    52.210.233.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-233-165.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    151.236.127.145 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
8    23.198.216.24 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-216-24.deploy.static.akamaitechnologies.com
cs.media.net
c21lg-d.media.net
hblg.media.net
lg3.media.net
1    34.199.73.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-73-116.compute-1.amazonaws.com
dmp.adblade.com
2    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
1    2600:9000:2510:6000:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    18.164.96.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-92.jfk50.r.cloudfront.net
sync1.intentiq.com
2    13.225.223.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-223-81.jfk51.r.cloudfront.net
ads.scorecardresearch.com
2    34.204.222.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-222-159.compute-1.amazonaws.com
j.mrpdata.net
1    50.19.3.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-3-76.compute-1.amazonaws.com
bpi.rtactivate.com
2    34.160.108.227 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 227.108.160.34.bc.googleusercontent.com
cdn.adgebra.in
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
3    34.197.32.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-32-92.compute-1.amazonaws.com
cookies.nextmillmedia.com
3    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
2    13.33.60.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-96.ewr52.r.cloudfront.net
eve.boxx.ai
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    8.2.110.113 (United States)

ASN46636 (NATCOWEB, US)
as.ck-ie.com
6    135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu
user-sync.adxpremium.services
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    18.233.2.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-2-249.compute-1.amazonaws.com
optimized-by.rubiconproject.com
3    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
5    2607:f8b0:4006:816::2001 (New York, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
vuukle-d.openx.net
taboola-d.openx.net
1    34.230.119.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-119-208.compute-1.amazonaws.com
s2s.aniview.com
2    199.127.204.163 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
5    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
cpm.vuukle.net
sync.adkernel.com
4    2620:100:a001::1d (United States)

ASN19750 (AS-CRITEO, US)
ssp-sync.criteo.com
2    2606:4700:3037::ac43:9a47 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
1    2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)
c3.a-mo.net
3    134.122.110.207 (London, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 481756.cloudwaysapps.com
api.khaleejtimes.com
2    2400:52e0:1a00::845:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)
prebid.playstream.media
2    2606:4700::6812:ddb (United States)

ASN13335 (CLOUDFLARENET, US)
tags.expo9.exponential.com
1    2606:4700::6812:130d (United States)

ASN13335 (CLOUDFLARENET, US)
b9-imp-ipv6.tribalfusion.com
1    18.164.94.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-94-225.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
1    2602:803:c002:300::99 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    2600:1400:9000::687e:769a (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
2    2001:6d0:4001::226 (Russian Federation)

ASN52016 (ADFACT, RU)
www.tns-counter.ru
2    34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
3    3.64.80.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-80-64.eu-central-1.compute.amazonaws.com
a.vidoomy.com
1    2600:9000:25c8:e800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    104.117.182.27 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-117-182-27.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
1    23.52.158.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-158-180.deploy.static.akamaitechnologies.com
warp.media.net
1    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
cs.chocolateplatform.com
2    3.135.132.32 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-132-32.us-east-2.compute.amazonaws.com
sync-dmp.mobtrakk.com
1    103.243.202.190 (Korea, Republic Of)

ASN45974 (NHN-AS-KR NHN, KR)
cm-exchange.toast.com
1    2606:4700::6811:3763 (United States)

ASN13335 (CLOUDFLARENET, US)
nh.iz.do
1    54.80.125.218 (None, )

ASN- ()
ioms.bfmio.com
Apex Domain
Subdomains		 Transfer
151 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
googleads.g.doubleclick.net — Cisco Umbrella Rank: 67
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394
pubads.g.doubleclick.net — Cisco Umbrella Rank: 377
711 KB
129 openx.net
rtbdemand-d.openx.net — Cisco Umbrella Rank: 44059
u.openx.net — Cisco Umbrella Rank: 974
ox-rtb-europe-west4.openx.net — Cisco Umbrella Rank: 40163
rtb.openx.net — Cisco Umbrella Rank: 1886
us-u.openx.net — Cisco Umbrella Rank: 707
ox-rtb-europe-west2.openx.net — Cisco Umbrella Rank: 39607
eu-u.openx.net — Cisco Umbrella Rank: 3173
oajs.openx.net — Cisco Umbrella Rank: 3166
google-bidout-d.openx.net — Cisco Umbrella Rank: 3148
vuukle-d.openx.net — Cisco Umbrella Rank: 37304
taboola-d.openx.net
19 KB
119 googlesyndication.com
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
571f75a79109ac4f392f762d2acb3a54.safeframe.googlesyndication.com
993 KB
114 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
ce.lijit.com — Cisco Umbrella Rank: 1417
230 KB
104 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 7095
ghb1.adtelligent.com — Cisco Umbrella Rank: 11862
ghb2.adtelligent.com — Cisco Umbrella Rank: 14712
ads62.adtelligent.com — Cisco Umbrella Rank: 190762
ads163.adtelligent.com — Cisco Umbrella Rank: 197448
sync.adtelligent.com — Cisco Umbrella Rank: 7698
s.adtelligent.com — Cisco Umbrella Rank: 11573
138 KB
94 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 725
image6.pubmatic.com — Cisco Umbrella Rank: 1037
simage2.pubmatic.com — Cisco Umbrella Rank: 976
image2.pubmatic.com — Cisco Umbrella Rank: 1377
image4.pubmatic.com — Cisco Umbrella Rank: 1704
simage4.pubmatic.com — Cisco Umbrella Rank: 1660
image8.pubmatic.com — Cisco Umbrella Rank: 1002
224 KB
84 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 797
eb2.3lift.com — Cisco Umbrella Rank: 535
50 KB
76 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
eus.rubiconproject.com — Cisco Umbrella Rank: 798
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
token.rubiconproject.com — Cisco Umbrella Rank: 795
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 8906
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1475
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3036
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1275
optimized-by.rubiconproject.com — Cisco Umbrella Rank: 5140
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
147 KB
70 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1073
trc.taboola.com — Cisco Umbrella Rank: 839
sync.taboola.com — Cisco Umbrella Rank: 1356
vidstat.taboola.com — Cisco Umbrella Rank: 3230
15.taboola.com — Cisco Umbrella Rank: 15720
us-trc-events.taboola.com — Cisco Umbrella Rank: 7410
sync-t1.taboola.com — Cisco Umbrella Rank: 1472
match.taboola.com — Cisco Umbrella Rank: 7625
imprnjmp.taboola.com — Cisco Umbrella Rank: 10864
us-match.taboola.com — Cisco Umbrella Rank: 11393
wf.taboola.com — Cisco Umbrella Rank: 3426
us-vid-events.taboola.com — Cisco Umbrella Rank: 10373
pips.taboola.com — Cisco Umbrella Rank: 1900
cds.taboola.com — Cisco Umbrella Rank: 2362
images.taboola.com — Cisco Umbrella Rank: 2116
us-wf.taboola.com — Cisco Umbrella Rank: 12002
vidstatb.taboola.com — Cisco Umbrella Rank: 8495
730 KB
68 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 7307
u-iad04.e-planning.net — Cisco Umbrella Rank: 22816
s.e-planning.net — Cisco Umbrella Rank: 24286
sync.e-planning.net — Cisco Umbrella Rank: 10582
i.e-planning.net — Cisco Umbrella Rank: 19164
21 KB
57 khaleejtimes.com
www.khaleejtimes.com — Cisco Umbrella Rank: 225755
image.khaleejtimes.com — Cisco Umbrella Rank: 196958
coronaliveupdates.khaleejtimes.com
api.khaleejtimes.com — Cisco Umbrella Rank: 710993
2 MB
56 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1678
events-ssc.33across.com — Cisco Umbrella Rank: 4327
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 12043
20 KB
54 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 319
secure.adnxs.com — Cisco Umbrella Rank: 604
54 KB
52 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
ssum.casalemedia.com — Cisco Umbrella Rank: 1999
dsum.casalemedia.com — Cisco Umbrella Rank: 2284
r.casalemedia.com — Cisco Umbrella Rank: 1838
42 KB
47 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1416
x.bidswitch.net — Cisco Umbrella Rank: 427
20 KB
36 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 12101
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 774
sync.smartadserver.com — Cisco Umbrella Rank: 2242
22 KB
34 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
76 KB
34 jogo.studio
io.jogo.studio — Cisco Umbrella Rank: 910263
play.jogo.studio
569 KB
32 dotomi.com
33across-match.dotomi.com — Cisco Umbrella Rank: 7205
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4856
prebid-match.dotomi.com — Cisco Umbrella Rank: 3783
triplelift-match.dotomi.com — Cisco Umbrella Rank: 7368
casale-match.dotomi.com — Cisco Umbrella Rank: 4976
openx2-match.dotomi.com — Cisco Umbrella Rank: 8502
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 8170
10 KB
32 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2078
adservice.google.com — Cisco Umbrella Rank: 130
www.google.com — Cisco Umbrella Rank: 16
analytics.google.com — Cisco Umbrella Rank: 406
58 KB
28 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 803
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 1686
dis.criteo.com — Cisco Umbrella Rank: 941
ssp-sync.criteo.com — Cisco Umbrella Rank: 1388
22 KB
27 media.net
prebid.media.net — Cisco Umbrella Rank: 1912
contextual.media.net — Cisco Umbrella Rank: 838
cs.media.net — Cisco Umbrella Rank: 2272
c21lg-d.media.net — Cisco Umbrella Rank: 3606
hblg.media.net — Cisco Umbrella Rank: 2773
warp.media.net — Cisco Umbrella Rank: 3286
lg3.media.net — Cisco Umbrella Rank: 6861
153 KB
26 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
16 KB
26 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2474
mp.4dex.io — Cisco Umbrella Rank: 2960
u.4dex.io — Cisco Umbrella Rank: 5135
35 KB
25 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 4380
mwzeom.zeotap.com — Cisco Umbrella Rank: 3683
8 KB
24 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1606
11 KB
24 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
18 KB
23 adform.net
c1.adform.net — Cisco Umbrella Rank: 908
cm.adform.net — Cisco Umbrella Rank: 1622
dmp.adform.net — Cisco Umbrella Rank: 3752
9 KB
23 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
data.adsrvr.org — Cisco Umbrella Rank: 6643
14 KB
22 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 38533
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 30178
13 KB
20 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 866
16 KB
20 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
969 KB
19 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 17264
creativecdn.com — Cisco Umbrella Rank: 682
us.creativecdn.com — Cisco Umbrella Rank: 3557
invstatic101.creativecdn.com — Cisco Umbrella Rank: 4083
7 KB
19 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2547
cache.betweendigital.com — Cisco Umbrella Rank: 18848
10 KB
18 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
8 KB
16 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
9 KB
16 playstream.media
app.playstream.media — Cisco Umbrella Rank: 502914
tg1.playstream.media — Cisco Umbrella Rank: 67824
streaming.playstream.media — Cisco Umbrella Rank: 77749
servx.playstream.media — Cisco Umbrella Rank: 104095
prebid.playstream.media — Cisco Umbrella Rank: 669312
2 MB
15 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 1007
idsync.rlcdn.com — Cisco Umbrella Rank: 621
2 KB
15 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1248
s.tribalfusion.com — Cisco Umbrella Rank: 2774
b9-imp-ipv6.tribalfusion.com — Cisco Umbrella Rank: 527132
cdnx.tribalfusion.com — Cisco Umbrella Rank: 26119
54 KB
15 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955
targeting.unrulymedia.com — Cisco Umbrella Rank: 1142
8 KB
15 tynt.com
de.tynt.com — Cisco Umbrella Rank: 2690
hde.tynt.com — Cisco Umbrella Rank: 6065
ic.tynt.com — Cisco Umbrella Rank: 9073
24 KB
15 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 12302
user-sync.adxpremium.services — Cisco Umbrella Rank: 16995
24 KB
14 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 985
pixel.sitescout.com — Cisco Umbrella Rank: 5223
10 KB
14 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1319
id5-sync.com — Cisco Umbrella Rank: 612
50 KB
14 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1219
akamai.tiqcdn.com — Cisco Umbrella Rank: 19372
65 KB
13 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
d.turn.com — Cisco Umbrella Rank: 1830
r.turn.com — Cisco Umbrella Rank: 4617
6 KB
13 adgebra.co.in
adgebra.co.in — Cisco Umbrella Rank: 36573
31 KB
12 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
5 KB
12 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 776
34 KB
11 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1456
8 KB
11 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 3108
vpaid.vidoomy.com — Cisco Umbrella Rank: 4059
a.vidoomy.com — Cisco Umbrella Rank: 3519
19 KB
11 vuukle.com
cdn.vuukle.com — Cisco Umbrella Rank: 24901
vuukle.com — Cisco Umbrella Rank: 14345
api.vuukle.com — Cisco Umbrella Rank: 40607
publish.vuukle.com — Cisco Umbrella Rank: 29125
268 KB
10 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 2809
7 KB
10 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1505
3 KB
10 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 695
2 KB
10 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1427
2 KB
10 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1063
4 KB
10 aniview.com
track1.aniview.com — Cisco Umbrella Rank: 2704
s2s.aniview.com — Cisco Umbrella Rank: 4789
706 B
10 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1617
t.teads.tv — Cisco Umbrella Rank: 2876
sync.teads.tv — Cisco Umbrella Rank: 1703
134 KB
9 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1325
7 KB
9 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
2 KB
9 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009
3 KB
9 google.ca
adservice.google.ca — Cisco Umbrella Rank: 14238
www.google.ca — Cisco Umbrella Rank: 8003
2 KB
8 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2823
1 KB
8 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2235
openx-ums.acuityplatform.com — Cisco Umbrella Rank: 12426
6 KB
8 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277
8 KB
8 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 4054
582 B
8 boxx.ai
js.boxx.ai — Cisco Umbrella Rank: 91433
hulk.boxx.ai
upload.boxx.ai — Cisco Umbrella Rank: 230313
eve.boxx.ai — Cisco Umbrella Rank: 201662
49 KB
8 netcoresmartech.com
cdnt.netcoresmartech.com — Cisco Umbrella Rank: 32555
osjs.netcoresmartech.com — Cisco Umbrella Rank: 47490
twa.netcoresmartech.com — Cisco Umbrella Rank: 31860
psegment.netcoresmartech.com — Cisco Umbrella Rank: 55658
cdndc.netcoresmartech.com — Cisco Umbrella Rank: 42200
72 KB
7 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 6688
4 KB
7 spotim.market
sync.spotim.market — Cisco Umbrella Rank: 3824
2 KB
7 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1332
i.w55c.net — Cisco Umbrella Rank: 3045
5 KB
7 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1528
2 KB
7 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2389
ad.360yield.com — Cisco Umbrella Rank: 812
2 KB
7 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 842
tags.bluekai.com — Cisco Umbrella Rank: 822
2 KB
7 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
78 KB
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
www.linkedin.com — Cisco Umbrella Rank: 779
px4.ads.linkedin.com — Cisco Umbrella Rank: 6554
4 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1379
c3.a-mo.net — Cisco Umbrella Rank: 11953
2 KB
6 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 8870
2 KB
6 realestate.com.au
sasinator.realestate.com.au — Cisco Umbrella Rank: 8441
3 KB
6 storygize.net
sid.storygize.net — Cisco Umbrella Rank: 3570
2 KB
6 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
3 KB
6 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1948
206 B
6 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1550
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
14 KB
6 izooto.com
cdn.izooto.com — Cisco Umbrella Rank: 14585
nhwimp.izooto.com — Cisco Umbrella Rank: 49877
91 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 322
110 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 891
3 KB
5 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 3152
2 KB
5 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 813
3 KB
5 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 14855
track1.avplayer.com — Cisco Umbrella Rank: 18300
347 KB
5 monetate.net
se.monetate.net — Cisco Umbrella Rank: 5273
f.monetate.net — Cisco Umbrella Rank: 6837
62 KB
5 contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3624
c.az.contentsquare.net — Cisco Umbrella Rank: 9936
ct.contentsquare.net — Cisco Umbrella Rank: 31999
104 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
41 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
368 KB
5 andbeyond.media
rtbcdn.andbeyond.media — Cisco Umbrella Rank: 25241
rtbpass-us.andbeyond.media — Cisco Umbrella Rank: 30104
prebid.andbeyond.media — Cisco Umbrella Rank: 17929
cookies.andbeyond.media Failed
195 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 672
rtb0.doubleverify.com — Cisco Umbrella Rank: 1069
rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 3418
21 KB
4 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 4331
2 KB
4 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 5438
2 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 1061
2 KB
4 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 477
2 KB
4 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2228
803 B
4 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 8064
oxp.mxptint.net — Cisco Umbrella Rank: 11064
2 KB
4 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1873
2 KB
4 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1265
c.clarity.ms — Cisco Umbrella Rank: 1901
21 KB
4 hansel.io
cdn-sdk.hansel.io — Cisco Umbrella Rank: 118938
ujm.hansel.io — Cisco Umbrella Rank: 78064
75 KB
4 supabase.co
rkbzwluhocwgxhhuwvjq.supabase.co
2 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 4140
820 B
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 5978
2 KB
3 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 4262
3 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 7523
3 hybrid.ai
dm-us.hybrid.ai — Cisco Umbrella Rank: 8782
1000 B
3 adhaven.com
openx.adhaven.com — Cisco Umbrella Rank: 13557 Failed
622 B
3 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 4619
3 getpublica.com
usersync.getpublica.com — Cisco Umbrella Rank: 6703
1 KB
3 gstatic.com
csi.gstatic.com
305 B
3 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2579
388 B
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 807
usermatch.krxd.net — Cisco Umbrella Rank: 2085
937 B
3 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1329
966 B
3 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1318
1 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 2452
1 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
71 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
157 KB
3 tealiumiq.com
datacloud.tealiumiq.com — Cisco Umbrella Rank: 8125
collect.tealiumiq.com — Cisco Umbrella Rank: 2958
visitor-service-us-east-1.tealiumiq.com — Cisco Umbrella Rank: 9067
2 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 2090
mab.chartbeat.com — Cisco Umbrella Rank: 3436
25 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 520
468 KB
2 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 3342
789 B
2 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1939
1 KB
2 tns-counter.ru
www.tns-counter.ru — Cisco Umbrella Rank: 8225
703 B
2 exponential.com
tags.expo9.exponential.com — Cisco Umbrella Rank: 20492
28 KB
2 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 5148
1 KB
2 vuukle.net
cpm.vuukle.net — Cisco Umbrella Rank: 27342
826 B
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4649
380 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 13273
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6677
745 B
2 adgebra.in
cdn.adgebra.in — Cisco Umbrella Rank: 397352
30 KB
2 mrpdata.net
j.mrpdata.net — Cisco Umbrella Rank: 5763
1 KB
2 scorecardresearch.com
ads.scorecardresearch.com — Cisco Umbrella Rank: 4456
693 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1887
sync1.intentiq.com — Cisco Umbrella Rank: 3404
2 KB
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 3452
852 B
2 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 2570
ioms.bfmio.com
796 B
2 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 3365
842 B
2 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 3435
704 B
2 adscale.de
ih.adscale.de — Cisco Umbrella Rank: 3033
633 B
2 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 7828
1 KB
2 justpremium.com
match.justpremium.com — Cisco Umbrella Rank: 6119
647 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 829
1 KB
2 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 4626
1 KB
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 13391
824 B
2 cpx.to
s.cpx.to — Cisco Umbrella Rank: 3832
1 KB
2 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 6632
ipac.ctnsnet.com — Cisco Umbrella Rank: 6709
758 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 775
1 KB
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 30620
913 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 2638
751 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 1156
882 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3496
967 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 2147
685 B
2 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1531
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 3200
1 KB
2 amazonaws.com
jogo-assets.s3.amazonaws.com
67 KB
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1646
1 KB
2 lkqd.net
cs.lkqd.net — Cisco Umbrella Rank: 4185
912 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 413
974 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1925
92 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
261 B
2 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1521
402 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1293
814 B
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 1019
453 B
2 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 21068
8 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 474
4 KB
1 iz.do
nh.iz.do — Cisco Umbrella Rank: 68721
713 B
1 toast.com
cm-exchange.toast.com — Cisco Umbrella Rank: 5917
623 B
1 chocolateplatform.com
cs.chocolateplatform.com — Cisco Umbrella Rank: 5771
463 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11316
321 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 3074
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1005
531 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 3353
8 KB
1 ck-ie.com
as.ck-ie.com — Cisco Umbrella Rank: 12266
484 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3483
423 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 2733
109 B
1 adblade.com
dmp.adblade.com — Cisco Umbrella Rank: 13131
229 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3241
555 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 4014
397 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 2477
504 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7413
282 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 9122
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 5362
348 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 3678
395 B
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 2335
275 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1266
859 B
1 resetdigital.co
sync2.resetdigital.co — Cisco Umbrella Rank: 9555
455 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 16445
70 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 4146
562 B
1 adstanding.com
rtb.adstanding.com — Cisco Umbrella Rank: 8886
356 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 18737
3 KB
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1979
181 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 2696
557 B
1 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 1848
552 B
1 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2933
178 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1698
175 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2062
596 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 16853
411 B
1 iqm.com
pxl.iqm.com — Cisco Umbrella Rank: 15452
526 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 6011
392 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 2037
3 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1151
349 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
27 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991
2 KB
1 palibzh.tech
palibzh.tech — Cisco Umbrella Rank: 43588
88 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604
378 B
1 pahtuz.tech
pahtuz.tech — Cisco Umbrella Rank: 421016
3 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1365
5 KB
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 28067
3 KB
0 playground.xyz Failed
ads.playground.xyz Failed
0 mediago.io Failed
trace.mediago.io Failed
0 smadex.com Failed
cm.smadex.com Failed
0 trafficroots.com Failed
demand.trafficroots.com Failed
1740 216
Domain Requested by
88 us-u.openx.net 10 redirects de.tynt.com
us-u.openx.net
googleads.g.doubleclick.net
www.khaleejtimes.com
rtbpass-us.andbeyond.media
ads.us.e-planning.net
ce.lijit.com
cdn.vuukle.com
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
83 ce.lijit.com rtbpass-us.andbeyond.media
us-u.openx.net
ce.lijit.com
www.khaleejtimes.com
ads.pubmatic.com
s.amazon-adsystem.com
78 pagead2.googlesyndication.com www.googletagservices.com
ads163.adtelligent.com
pagead2.googlesyndication.com
ads62.adtelligent.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.khaleejtimes.com
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
77 eb2.3lift.com 5 redirects www.khaleejtimes.com
eb2.3lift.com
ads.us.e-planning.net
rtbpass-us.andbeyond.media
70 cm.g.doubleclick.net 33 redirects eb2.3lift.com
googleads.g.doubleclick.net
us-u.openx.net
spl.zeotap.com
eus.rubiconproject.com
ce.lijit.com
www.khaleejtimes.com
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
54 sync.adtelligent.com ads163.adtelligent.com
www.khaleejtimes.com
s.console.adtarget.com.tr
s.adtelligent.com
ads.us.e-planning.net
rtbpass-us.andbeyond.media
us-u.openx.net
ads.pubmatic.com
47 securepubads.g.doubleclick.net www.khaleejtimes.com
securepubads.g.doubleclick.net
cdn.vuukle.com
www.googletagservices.com
adgebra.co.in
prebid.playstream.media
46 ib.adnxs.com 24 redirects rtbpass-us.andbeyond.media
googleads.g.doubleclick.net
spl.zeotap.com
eb2.3lift.com
cdn.vuukle.com
prebid.playstream.media
41 x.bidswitch.net 40 redirects us-u.openx.net
40 www.khaleejtimes.com www.khaleejtimes.com
ads163.adtelligent.com
ads62.adtelligent.com
38 u-iad04.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
37 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.khaleejtimes.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
cdn.ampproject.org
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
33 ads.pubmatic.com www.khaleejtimes.com
ads163.adtelligent.com
de.tynt.com
ads.us.e-planning.net
s.adtelligent.com
ads62.adtelligent.com
ce.lijit.com
adxbid.info
vid.vidoomy.com
31 ap.lijit.com 24 redirects rtbpass-us.andbeyond.media
30 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum.casalemedia.com
30 ssc-cms.33across.com 30 redirects
26 sync.1rx.io 25 redirects contextual.media.net
25 events-ssc.33across.com hde.tynt.com
de.tynt.com
us-u.openx.net
eus.rubiconproject.com
ads.pubmatic.com
24 ads62.adtelligent.com www.khaleejtimes.com
ads62.adtelligent.com
24 onetag-sys.com 1 redirects rtbpass-us.andbeyond.media
www.khaleejtimes.com
ads163.adtelligent.com
ads.us.e-planning.net
s.adtelligent.com
ads62.adtelligent.com
cache.betweendigital.com
23 s.amazon-adsystem.com 2 redirects ads.pubmatic.com
us-u.openx.net
ssum.casalemedia.com
eus.rubiconproject.com
eb2.3lift.com
ce.lijit.com
c.amazon-adsystem.com
s.amazon-adsystem.com
23 simage2.pubmatic.com 3 redirects ads.pubmatic.com
www.khaleejtimes.com
22 eus.rubiconproject.com www.khaleejtimes.com
eus.rubiconproject.com
hde.tynt.com
ads.us.e-planning.net
contextual.media.net
cache.betweendigital.com
20 bh.contextweb.com 19 redirects www.khaleejtimes.com
20 www.googletagservices.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
20 io.jogo.studio www.khaleejtimes.com
io.jogo.studio
19 mwzeom.zeotap.com spl.zeotap.com
19 pixel.rubiconproject.com 15 redirects googleads.g.doubleclick.net
eus.rubiconproject.com
19 match.adsrvr.org 18 redirects rtbpass-us.andbeyond.media
18 match.prod.bidr.io 18 redirects
18 ads.betweendigital.com 3 redirects rtbpass-us.andbeyond.media
ads.betweendigital.com
www.khaleejtimes.com
eus.rubiconproject.com
17 contextual.media.net 1 redirects rtbpass-us.andbeyond.media
us-u.openx.net
contextual.media.net
eus.rubiconproject.com
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
17 sync.console.adtarget.com.tr 5 redirects s.console.adtarget.com.tr
17 u.4dex.io www.khaleejtimes.com
eb2.3lift.com
hde.tynt.com
ssbsync.smartadserver.com
ads.pubmatic.com
eus.rubiconproject.com
de.tynt.com
16 sync.mathtag.com 16 redirects
15 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
www.khaleejtimes.com
15 image6.pubmatic.com 12 redirects ads.pubmatic.com
14 play.jogo.studio io.jogo.studio
play.jogo.studio
www.khaleejtimes.com
13 sync.targeting.unrulymedia.com 11 redirects www.khaleejtimes.com
13 googleads.g.doubleclick.net ads163.adtelligent.com
pagead2.googlesyndication.com
ads62.adtelligent.com
www.khaleejtimes.com
13 ups.analytics.yahoo.com 11 redirects us-u.openx.net
eb2.3lift.com
13 cdn.taboola.com palibzh.tech
cdn.taboola.com
www.khaleejtimes.com
13 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
www.khaleejtimes.com
13 tags.tiqcdn.com www.khaleejtimes.com
tags.tiqcdn.com
13 adgebra.co.in www.khaleejtimes.com
adgebra.co.in
12 googleads4.g.doubleclick.net googleads.g.doubleclick.net
12 prebid-match.dotomi.com 12 redirects
12 um.simpli.fi 12 redirects
12 c1.adform.net 12 redirects
12 ads163.adtelligent.com www.khaleejtimes.com
ads163.adtelligent.com
12 js-agent.newrelic.com coronaliveupdates.khaleejtimes.com
www.khaleejtimes.com
12 id5-sync.com 8 redirects cdn.id5-sync.com
rtbpass-us.andbeyond.media
11 sync.e-planning.net ads.us.e-planning.net
eb2.3lift.com
eus.rubiconproject.com
11 sync.go.sonobi.com 8 redirects eb2.3lift.com
11 image2.pubmatic.com 1 redirects ads.pubmatic.com
www.khaleejtimes.com
googleads.g.doubleclick.net
11 secure-assets.rubiconproject.com 11 redirects
11 image.khaleejtimes.com www.khaleejtimes.com
10 px.owneriq.net 10 redirects
10 sync.taboola.com 4 redirects www.khaleejtimes.com
10 rtb.mfadsrvr.com 10 redirects
10 cm.adform.net 10 redirects
10 creativecdn.com 10 redirects
10 pixel-sync.sitescout.com 10 redirects
10 pixel.tapad.com 7 redirects www.khaleejtimes.com
us-u.openx.net
10 csync.loopme.me 5 redirects us-u.openx.net
www.khaleejtimes.com
10 cms.quantserve.com 10 redirects
10 rtb.openx.net 9 redirects us-u.openx.net
10 pr-bh.ybp.yahoo.com 4 redirects www.khaleejtimes.com
us-u.openx.net
ssum.casalemedia.com
10 u.openx.net 3 redirects us-u.openx.net
www.khaleejtimes.com
9 idsync.rlcdn.com 4 redirects us-u.openx.net
eb2.3lift.com
www.khaleejtimes.com
9 p.rfihub.com 9 redirects
9 sync-tm.everesttech.net 9 redirects
9 sync.srv.stackadapt.com 7 redirects eb2.3lift.com
9 track1.aniview.com www.khaleejtimes.com
imasdk.googleapis.com
9 bidder.criteo.com rtbpass-us.andbeyond.media
cdn.vuukle.com
static.criteo.net
9 rtb.adxpremium.services rtbpass-us.andbeyond.media
adxbid.info
8 openx2-match.dotomi.com 8 redirects
8 tr.blismedia.com 1 redirects us-u.openx.net
ce.lijit.com
8 dpm.demdex.net 2 redirects googleads.g.doubleclick.net
eb2.3lift.com
us-u.openx.net
ssum.casalemedia.com
8 secure.adnxs.com 8 redirects
8 dsum.casalemedia.com ssum.casalemedia.com
8 ad.mrtnsvr.com 8 redirects
8 de.tynt.com 1 redirects ads163.adtelligent.com
www.khaleejtimes.com
ads62.adtelligent.com
8 gum.criteo.com 3 redirects static.criteo.net
cdn.taboola.com
contextual.media.net
8 adservice.google.com securepubads.g.doubleclick.net
8 adservice.google.ca securepubads.g.doubleclick.net
8 cdn.vuukle.com www.khaleejtimes.com
cdn.vuukle.com
7 cs.mobfox.com 7 redirects
7 pubads.g.doubleclick.net imasdk.googleapis.com
7 us-trc-events.taboola.com www.khaleejtimes.com
7 sync.smartadserver.com 7 redirects
7 sync.spotim.market s.adtelligent.com
7 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
7 trc.taboola.com cdn.taboola.com
spl.zeotap.com
www.khaleejtimes.com
7 token.rubiconproject.com 5 redirects eus.rubiconproject.com
7 match.deepintent.com 6 redirects ads.pubmatic.com
7 ad.turn.com 7 redirects
7 vid.vidoomy.com www.khaleejtimes.com
ads163.adtelligent.com
ads62.adtelligent.com
adxbid.info
7 s.adtelligent.com ads163.adtelligent.com
ads62.adtelligent.com
rtbpass-us.andbeyond.media
7 ads.us.e-planning.net 1 redirects ads163.adtelligent.com
ads62.adtelligent.com
rtbpass-us.andbeyond.media
7 ssbsync.smartadserver.com 4 redirects www.khaleejtimes.com
7 s0.2mdn.net imasdk.googleapis.com
www.khaleejtimes.com
googleads.g.doubleclick.net
7 streaming.playstream.media app.playstream.media
player.avplayer.com
7 prebid-asia.creativecdn.com rtbpass-us.andbeyond.media
7 rtbdemand-d.openx.net rtbpass-us.andbeyond.media
7 mp.4dex.io rtbpass-us.andbeyond.media
7 prg-apac.smartadserver.com rtbpass-us.andbeyond.media
7 tlx.3lift.com rtbpass-us.andbeyond.media
6 images.taboola.com
6 user-sync.adxpremium.services adxbid.info
ads.pubmatic.com
vid.vidoomy.com
6 u.ipw.metadsp.co.uk 6 redirects
6 sasinator.realestate.com.au 3 redirects eb2.3lift.com
6 sid.storygize.net 6 redirects
6 pixel-us-east.rubiconproject.com 6 redirects
6 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
eus.rubiconproject.com
eb2.3lift.com
6 id.rlcdn.com 3 redirects us-u.openx.net
eb2.3lift.com
6 spl.zeotap.com ads.us.e-planning.net
6 i.e-planning.net ads.us.e-planning.net
6 match.sharethrough.com 5 redirects www.khaleejtimes.com
6 s.e-planning.net ads.us.e-planning.net
6 ssum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
6 rtb.adentifi.com www.khaleejtimes.com
eb2.3lift.com
us-u.openx.net
6 a.tribalfusion.com 5 redirects 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
6 ic.tynt.com 6 redirects
6 www.google.com 1 redirects securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.khaleejtimes.com
6 grid.bidswitch.net rtbpass-us.andbeyond.media
6 a.teads.tv rtbpass-us.andbeyond.media
securepubads.g.doubleclick.net
a.teads.tv
prebid.playstream.media
5 prebid.a-mo.net 1 redirects cdn.vuukle.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 pixel-eu.rubiconproject.com 5 redirects
5 image8.pubmatic.com 4 redirects ads.us.e-planning.net
5 d.turn.com 5 redirects
5 i.liadm.com 5 redirects
5 aorta.clickagy.com 5 redirects
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 image4.pubmatic.com 4 redirects www.khaleejtimes.com
5 pm.w55c.net 5 redirects
5 ad.360yield.com 5 redirects
5 s.console.adtarget.com.tr ads163.adtelligent.com
ads62.adtelligent.com
5 b1sync.zemanta.com 5 redirects
5 analytics.google.com www.googletagmanager.com
5 px.ads.linkedin.com 3 redirects eb2.3lift.com
eus.rubiconproject.com
5 cdn.izooto.com tags.tiqcdn.com
cdn.izooto.com
www.khaleejtimes.com
5 www.google-analytics.com io.jogo.studio
www.googletagmanager.com
www.khaleejtimes.com
www.google-analytics.com
5 www.googletagmanager.com io.jogo.studio
tags.tiqcdn.com
www.googletagmanager.com
5 app.playstream.media www.khaleejtimes.com
app.playstream.media
imasdk.googleapis.com
4 us-wf.taboola.com vidstat.taboola.com
4 cdnx.tribalfusion.com www.khaleejtimes.com
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
4 ssp-sync.criteo.com static.criteo.net
www.khaleejtimes.com
4 us-match.taboola.com vidstat.taboola.com
4 data.adsrvr.org 4 redirects
4 vop.sundaysky.com 4 redirects
4 openx-ums.acuityplatform.com 4 redirects
4 ums.acuityplatform.com 4 redirects
4 ads.avct.cloud 4 redirects
4 casale-match.dotomi.com 4 redirects
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 tags.bluekai.com spl.zeotap.com
eb2.3lift.com
4 bam.nr-data.net js-agent.newrelic.com
4 ox-rtb-europe-west2.openx.net ads62.adtelligent.com
4 ssp.disqus.com 4 redirects
4 pixel.sitescout.com 4 redirects
4 s.tribalfusion.com ads.pubmatic.com
tags.expo9.exponential.com
4 cm.adgrx.com 3 redirects ssum.casalemedia.com
4 mug.criteo.com www.khaleejtimes.com
4 f.monetate.net se.monetate.net
www.khaleejtimes.com
4 rkbzwluhocwgxhhuwvjq.supabase.co io.jogo.studio
4 c.amazon-adsystem.com rtbcdn.andbeyond.media
c.amazon-adsystem.com
3 a.vidoomy.com ads.pubmatic.com
3 api.khaleejtimes.com www.khaleejtimes.com
api.khaleejtimes.com
3 an.yandex.ru 1 redirects
3 sync.bumlam.com 3 redirects
3 cm-supply-web.gammaplatform.com us-u.openx.net
3 cookies.nextmillmedia.com us-u.openx.net
3 cs.media.net 1 redirects contextual.media.net
3 sync-t1.taboola.com www.khaleejtimes.com
3 prebid-server.rubiconproject.com eb2.3lift.com
3 dm-us.hybrid.ai 1 redirects eb2.3lift.com
3 openx.adhaven.com us-u.openx.net
3 p.adsymptotic.com eb2.3lift.com
3 usersync.getpublica.com eb2.3lift.com
3 eu-u.openx.net 1 redirects us-u.openx.net
3 csi.gstatic.com imasdk.googleapis.com
3 dmp.brand-display.com 3 redirects
3 bttrack.com 3 redirects
3 sync.ipredictive.com 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 dis.criteo.com 3 redirects
3 stags.bluekai.com 2 redirects us-u.openx.net
3 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
www.khaleejtimes.com
3 player.avplayer.com tg1.playstream.media
player.avplayer.com
www.khaleejtimes.com
3 static.criteo.net securepubads.g.doubleclick.net
rtbpass-us.andbeyond.media
static.criteo.net
3 c.az.contentsquare.net www.khaleejtimes.com
3 coronaliveupdates.khaleejtimes.com securepubads.g.doubleclick.net
coronaliveupdates.khaleejtimes.com
3 ghb.adtelligent.com rtbpass-us.andbeyond.media
3 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
3 imasdk.googleapis.com app.playstream.media
io.jogo.studio
imasdk.googleapis.com
3 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 taboola-d.openx.net vidstat.taboola.com
2 sync-dmp.mobtrakk.com 2 redirects
2 sync.adkernel.com 2 redirects
2 lg3.media.net 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
contextual.media.net
2 hblg.media.net www.khaleejtimes.com
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
2 amazon-tam-match.dotomi.com 2 redirects
2 www.tns-counter.ru 1 redirects
2 cdn.doubleverify.com tags.expo9.exponential.com
cdn.doubleverify.com
2 tags.expo9.exponential.com 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
cdn.doubleverify.com
2 prebid.playstream.media www.khaleejtimes.com
prebid.playstream.media
2 id.a-mx.com 1 redirects www.khaleejtimes.com
2 cpm.vuukle.net cdn.vuukle.com
2 targeting.unrulymedia.com cdn.vuukle.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 x01.aidata.io 2 redirects
2 pool.admedo.com 2 redirects
2 eve.boxx.ai js.boxx.ai
2 cdn.adgebra.in adgebra.co.in
2 us-vid-events.taboola.com www.khaleejtimes.com
2 wf.taboola.com vidstat.taboola.com
2 imprnjmp.taboola.com vidstat.taboola.com
2 j.mrpdata.net 2 redirects
2 ads.scorecardresearch.com 1 redirects us-u.openx.net
2 fei.pro-market.net 2 redirects
2 t.adx.opera.com www.khaleejtimes.com
2 inv-nets.admixer.net 1 redirects
2 ih.adscale.de 2 redirects
2 track1.avplayer.com player.avplayer.com
2 server.cpmstar.com 2 redirects
2 match.justpremium.com us-u.openx.net
2 ads.stickyadstv.com 2 redirects
2 sync.extend.tv 2 redirects
2 px.adhigh.net 2 redirects
2 i.w55c.net 2 redirects
2 s.cpx.to us-u.openx.net
2 oxp.mxptint.net 2 redirects
2 triplelift-match.dotomi.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 beacon.krxd.net spl.zeotap.com
2 aa.agkn.com 1 redirects us-u.openx.net
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 pippio.com 2 redirects
2 c.clarity.ms 1 redirects www.khaleejtimes.com
2 sync.crwdcntrl.net 2 redirects
2 pmp.mxptint.net 1 redirects www.khaleejtimes.com
2 a.sportradarserving.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 thrtle.com 1 redirects www.khaleejtimes.com
2 cs.admanmedia.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 jogo-assets.s3.amazonaws.com play.jogo.studio
2 www.clarity.ms www.khaleejtimes.com
www.clarity.ms
2 33across-match.dotomi.com 2 redirects
2 odr.mookie1.com 2 redirects
2 cs.lkqd.net 1 redirects googleads.g.doubleclick.net
2 ice.360yield.com 2 redirects
2 ox-rtb-europe-west4.openx.net ads163.adtelligent.com
2 c.bing.com 1 redirects eb2.3lift.com
2 t.teads.tv www.khaleejtimes.com
2 cdn.confiant-integrations.net cdn.vuukle.com
cdn.confiant-integrations.net
2 www.facebook.com www.khaleejtimes.com
2 upload.boxx.ai js.boxx.ai
2 hulk.boxx.ai js.boxx.ai
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 ghb2.adtelligent.com rtbpass-us.andbeyond.media
2 ping.chartbeat.net www.khaleejtimes.com
2 ujm.hansel.io cdn-sdk.hansel.io
2 ghb1.adtelligent.com rtbpass-us.andbeyond.media
2 script.4dex.io rtbpass-us.andbeyond.media
script.4dex.io
2 static.chartbeat.com tags.tiqcdn.com
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
rtbpass-us.andbeyond.media
2 cdndc.netcoresmartech.com osjs.netcoresmartech.com
2 psegment.netcoresmartech.com osjs.netcoresmartech.com
2 js.boxx.ai osjs.netcoresmartech.com
js.boxx.ai
2 cdn-sdk.hansel.io osjs.netcoresmartech.com
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 cdn.id5-sync.com www.khaleejtimes.com
securepubads.g.doubleclick.net
2 twa.netcoresmartech.com osjs.netcoresmartech.com
2 p.adlooxtracking.com rtbcdn.andbeyond.media
p.adlooxtracking.com
2 prebid.andbeyond.media rtbcdn.andbeyond.media
www.khaleejtimes.com
2 cdn.jsdelivr.net www.khaleejtimes.com
securepubads.g.doubleclick.net
2 rtbcdn.andbeyond.media www.khaleejtimes.com
1 ioms.bfmio.com vidstat.taboola.com
1 nhwimp.izooto.com cdn.izooto.com
1 nh.iz.do cdn.izooto.com
1 cm-exchange.toast.com
1 cs.chocolateplatform.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 r.turn.com
1 warp.media.net 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
1 qsearch-a.akamaihd.net www.khaleejtimes.com
1 rtbc-ue1.doubleverify.com cdn.doubleverify.com
1 vidstatb.taboola.com
1 s.ad.smaato.net 1 redirects
1 rtb0.doubleverify.com cdn.doubleverify.com
1 fastlane.rubiconproject.com prebid.playstream.media
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 b9-imp-ipv6.tribalfusion.com 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
1 c3.a-mo.net 1 redirects
1 vuukle-d.openx.net cdn.vuukle.com
1 vpaid.vidoomy.com vid.vidoomy.com
1 s2s.aniview.com imasdk.googleapis.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 oajs.openx.net oa.openxcdn.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 571f75a79109ac4f392f762d2acb3a54.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 optimized-by.rubiconproject.com imasdk.googleapis.com
1 cds.taboola.com cdn.taboola.com
1 as.ck-ie.com 1 redirects
1 pips.taboola.com cdn.taboola.com
1 c21lg-d.media.net contextual.media.net
1 s.company-target.com 1 redirects
1 r.casalemedia.com ssum.casalemedia.com
1 bpi.rtactivate.com www.khaleejtimes.com
1 sync1.intentiq.com contextual.media.net
1 sync.intentiq.com 1 redirects
1 dmp.adblade.com contextual.media.net
1 cache.betweendigital.com ads.betweendigital.com
1 match.adsby.bidtheatre.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com ads.us.e-planning.net
1 sync.bfmio.com ads.us.e-planning.net
1 crb.kargo.com ads.us.e-planning.net
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 match.taboola.com www.khaleejtimes.com
1 rtb.gumgum.com 1 redirects
1 tg.socdm.com 1 redirects
1 sync2.resetdigital.co 1 redirects
1 sync.dmp.otm-r.com ads.betweendigital.com
1 dsp.nrich.ai 1 redirects
1 rtb.adstanding.com 1 redirects
1 adxbid.info rtbpass-us.andbeyond.media
1 us.creativecdn.com 1 redirects
1 d.adroll.com ssum.casalemedia.com
1 idpix.media6degrees.com 1 redirects
1 mid.rkdms.com 1 redirects
1 sync.richaudience.com www.khaleejtimes.com
1 15.taboola.com cdn.taboola.com
1 cm.ctnsnet.com 1 redirects
1 partners.tremorhub.com googleads.g.doubleclick.net
1 usermatch.krxd.net 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dmp.v.fwmrm.net spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 pixel-us-west.rubiconproject.com 1 redirects
1 pxl.iqm.com 1 redirects
1 tags.rd.linksynergy.com 1 redirects
1 servx.playstream.media imasdk.googleapis.com
1 cms-xch-chicago.33across.com de.tynt.com
1 sync.technoratimedia.com 1 redirects
1 visitor.omnitagjs.com 1 redirects
1 hde.tynt.com www.khaleejtimes.com
1 prebid.media.net rtbpass-us.andbeyond.media
1 cdnjs.cloudflare.com play.jogo.studio
1 www.google.ca www.khaleejtimes.com
1 mab.chartbeat.com static.chartbeat.com
1 ct.contentsquare.net tags.tiqcdn.com
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 palibzh.tech pahtuz.tech
1 px4.ads.linkedin.com www.khaleejtimes.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 visitor-service-us-east-1.tealiumiq.com tags.tiqcdn.com
1 tg1.playstream.media securepubads.g.doubleclick.net
1 se.monetate.net tags.tiqcdn.com
1 collect.tealiumiq.com tags.tiqcdn.com
1 pahtuz.tech tags.tiqcdn.com
1 t.contentsquare.net tags.tiqcdn.com
1 datacloud.tealiumiq.com www.khaleejtimes.com
1 snap.licdn.com tags.tiqcdn.com
1 publish.vuukle.com cdn.vuukle.com
1 api.vuukle.com cdn.vuukle.com
1 wrappers.geoedge.be rtbpass-us.andbeyond.media
1 akamai.tiqcdn.com tags.tiqcdn.com
1 rtbpass-us.andbeyond.media rtbcdn.andbeyond.media
1 vuukle.com cdn.vuukle.com
1 osjs.netcoresmartech.com cdnt.netcoresmartech.com
1 cdnt.netcoresmartech.com www.khaleejtimes.com
0 cookies.andbeyond.media Failed
0 ads.playground.xyz Failed ads.us.e-planning.net
0 trace.mediago.io Failed www.khaleejtimes.com
0 cm.smadex.com Failed eb2.3lift.com
0 demand.trafficroots.com Failed ssbsync.smartadserver.com
1740 389
Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-18 -
2023-05-17		 6 months crt.sh
cdnt.netcoresmartech.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-04-09		 a year crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2023-02-14 -
2024-03-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
image.khaleejtimes.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-10-25		 8 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-05 -
2023-06-04		 a year crt.sh
*.playstream.media
AlphaSSL CA - SHA256 - G2		 2022-05-07 -
2023-06-08		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
www.adgebra.co.in
Go Daddy Secure Certificate Authority - G2		 2022-12-18 -
2024-01-07		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.jogo.studio
R3		 2023-02-25 -
2023-05-26		 3 months crt.sh
*.tiqcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-14		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-03-25 -
2023-06-23		 3 months crt.sh
*.netcorecloud.net
GlobalSign RSA OV SSL CA 2018		 2022-12-26 -
2024-01-27		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-10		 8 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.google.ca
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.hansel.io
Amazon RSA 2048 M01		 2023-01-03 -
2024-02-01		 a year crt.sh
*.boxx.ai
Amazon RSA 2048 M01		 2023-02-13 -
2024-03-13		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
t.contentsquare.net
Amazon RSA 2048 M01		 2023-02-21 -
2023-11-11		 9 months crt.sh
pahtuz.tech
GTS CA 1P5		 2023-04-29 -
2023-07-28		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-06 -
2023-05-07		 3 months crt.sh
*.tealiumiq.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-09-23		 7 months crt.sh
www.monetate.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-02 -
2023-07-06		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-02 -
2023-07-01		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-05 -
2023-07-04		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
wl.aniview.com
R3		 2023-04-29 -
2023-07-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
coronaliveupdates.khaleejtimes.com
R3		 2023-03-06 -
2023-06-04		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh
dep.af.contentsquare.net
R3		 2023-03-06 -
2023-06-04		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
palibzh.tech
GTS CA 1P5		 2023-04-20 -
2023-07-19		 3 months crt.sh
ghb2.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-05 -
2023-07-04		 3 months crt.sh
*.monetate.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-01 -
2023-10-02		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-02-25 -
2023-05-26		 3 months crt.sh
ct-tag.clicktale.net
Amazon RSA 2048 M02		 2023-04-26 -
2024-05-25		 a year crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-09-08		 a year crt.sh
*.aniview.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-04		 10 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
streaming.playstream.media
R3		 2023-03-29 -
2023-06-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.confiant-integrations.net
GTS CA 1P5		 2023-03-27 -
2023-06-25		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
ads62.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-03-26 -
2023-06-24		 3 months crt.sh
ads163.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-09 -
2023-07-08		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-03-07 -
2023-09-07		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
u.4dex.io
GTS CA 1D4		 2023-03-05 -
2023-06-03		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
ads.us.e-planning.net
R3		 2023-02-26 -
2023-05-27		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-03-25 -
2023-06-23		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2023-03-24 -
2023-06-22		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-03-28 -
2023-06-26		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
adentifi.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-09-03		 6 months crt.sh
*.e-planning.net
R3		 2023-02-26 -
2023-05-27		 3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-02-09		 a year crt.sh
*.avideotech.com
Amazon RSA 2048 M01		 2023-03-17 -
2023-06-02		 3 months crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2023-03-23 -
2023-06-21		 3 months crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-03-08 -
2023-06-06		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
adxbid.info
E1		 2023-04-12 -
2023-07-11		 3 months crt.sh
*.getpublica.com
Amazon RSA 2048 M01		 2023-02-27 -
2023-06-30		 4 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-17		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-04-12 -
2023-07-11		 3 months crt.sh
*.kcc0.com
R3		 2023-03-31 -
2023-06-29		 3 months crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2		 2022-05-27 -
2023-06-28		 a year crt.sh
tracking.justpremium.com
Amazon RSA 2048 M01		 2023-01-26 -
2024-02-24		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-18		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
truffle.bid
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
*.iprom.net
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-16 -
2024-03-18		 a year crt.sh
dmp.adblade.com
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
cdn.adgebra.in
GTS CA 1D4		 2023-03-31 -
2023-06-29		 3 months crt.sh
cookies.nextmillmedia.com
Amazon RSA 2048 M02		 2023-02-22 -
2023-08-11		 6 months crt.sh
*.gammaplatform.com
Go Daddy Secure Certificate Authority - G2		 2022-06-15 -
2023-07-17		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-03-30 -
2023-06-28		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-03-20 -
2023-06-18		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.a-mo.net
R3		 2023-03-23 -
2023-06-21		 3 months crt.sh
vuukle.net
R3		 2023-04-07 -
2023-07-06		 3 months crt.sh
api.khaleejtimes.com
R3		 2023-03-28 -
2023-06-26		 3 months crt.sh
prebid.playstream.media
R3		 2023-04-20 -
2023-07-19		 3 months crt.sh
exponential.com
Cloudflare Inc ECC CA-3		 2023-02-19 -
2024-02-19		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.toast.com
Sectigo RSA Organization Validation Secure Server CA		 2022-06-30 -
2023-07-31		 a year crt.sh

This page contains 308 frames:

Primary Page: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Frame ID: D5871B327054F56F0887CB1285301807
Requests: 444 HTTP requests in this frame

Frame: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Frame ID: 11ECAB9EF69E0BBACD4C174CFBA35BE5
Requests: 30 HTTP requests in this frame

Frame: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C0CAB7AA144168F6CA6DE2CB127B95E8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.vuukle.com/widgets/sharebar.html?version=2.18.0
Frame ID: 0297AEF2B860532277974926BE1881DF
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4akf_dK062mUlOYGWPY30snI224eYE0JbMB-zyF2x6Bax_QNgWEyBTa6xLb-LAVP6AZEK_hHVZHeiJKiLiPKrKIZuH412oWpTMJ1ok5rps9ept_zVEH1rtf-XQ2PbkvaA4b1cwtwX1XLKTI3xUg3boh5qt68GMPxcBorllEY4k0G9ClF-UR_6GATUciNfysSB4V3ir8IKB61LHvhGuJQMq80JkMFlP9xTfizlJN1Xd6u4r60e6rnmYchqTS758gyXS9BFuLfje4YgraZ8lF9iNQPsl1KcC0xgqSD98dV2eScbl6bsF-JcvEyWPtx3D5Dedubz5oKrOasL5MxI5FWFaDxtHLlVUjfC7xMYm_HC&sai=AMfl-YRyNdw3XjjieeS-zJ9HkgG5zuPFRpxiCtcFwe1rt1G64YNqcg_A8nIa4boLK0GIxwp8A3QcV45Uz7FR-EozXqyN3gTBlkcdsKepqCGpq8JFhIvyZSsv1gkzbj6ZwJUWu4pD1i-fe2bXcy0aaR9FKczb1g&sig=Cg0ArKJSzG9m1ICoB2A0EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3ED19B341C0177F6C61E1F128A6A0DAF
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbQt6AEoCVXE_9N9ZTvqzfR1MdVnUi2cG3MvzunmMdd7mr1BpVgDINyIEJwJ2-YHOz0eqjQOu1ZaGUTR_8VD4XOaqAzS5EftT56e1nPZFwWe4EujP_kaJ7Lr8KI5WlXInYx55sx9I9DzFovsZXe5KlHPav_rVRfjEpB5_4IK-PZbOKQQhqJ-EUC2zOKqfYf0pRbrKTlF9whG9aFPkmtSyFV3V_uSL65OdIqv-R1PPpZSB4twAjs6185WJBolCrdgAEcXmUMye8JoPb2c42p71Zuq1_ncED_hWh88Lch88uQyDjtJ_ocqLpw6NxDAQWLPhgaJTjpKiRj9jIgVA&sai=AMfl-YS6Ggfr05Zmn7MIZYWJnGVGv-yW8F4X57ZWYXHrb8clWhUDDCoxInmuzvLISpNHrbr4efZ_lanqelTW905FCz5Q0Rt24AQsKmgNjha62sUNxR-Xnx0pDk9_Ed8A0tEtb0RiF8PZVt9aqzTujHC3_eRELg&sig=Cg0ArKJSzMVqn_pHgysAEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AA6C6F231307F98AFE5C825719931A7F
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVAhFSSOvusg0L5iuVxFeu9Z7GmetKNevUL4IPkrb2J0ZHeUsFOv9STTvb7i8FHBEXpQFW-_Wum4AZ6x2YOECmoHLtk41O0_nZXguT2_hob1K6pDSGabX0smIn067qRlTx1mWyvmxD2FDkNjVWPwqTiFCGkRGWTPp7L8xp8w7rubFZmDWS8Afn0Ka_kO3EXbFEq5YdiX3HOmF0EhOSE5Vw77OyZnFnwXK8GbgzX9DtmHGV4ZNZBdlFF9gU0YN1hms4JBdhAu2earSuVBCunkwZ7lvNKAWuCLBaxjlDrHj-gqb4JtGKxhyP5EWQWSkJKn8QFUxfjH1h4L2L2Hk0OqM&sai=AMfl-YQIP-2MM4HIL5_vlH_-PCz2n8Un6lq2lNHm8xna7w_MFDNuEriTJDBTWByxsLXDglzM5QewtrH_LpUQ5b-Wl8PiXTneK2uQOUxWi7XiUjU9YGBswSOUZgoyvNJwRZa4BMoNuwcZjUch1nkz48RyT7Y6pA&sig=Cg0ArKJSzBHH8rH09yCeEAE&uach_m=[UACH]&adurl=
Frame ID: 41CFE685434B36D32F41B7ADD88D7CAF
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzgsSXCldQR4nmOVbI1FPnM4c_UhV8lksVYNMX1Doz-8hGGxnhLWSi3TywJRpi4PlQFYMWY_iy0fwQyZlFnbQ3aBi-bFUSVfHc6vBzlajik_kPypegllmo6Dv3rAUZABnjWEEmckX9j8-nW-bXZlG5nTntKvcD2Vlz4jyQnImLsQVHujlgNGDd9keOGiwguMKxNO7EhQ_rsNNr5-1hd300iCtznlBYpUqsIRNg5FzDRyOpixy52MzxFGIWw8iarJ1O9iGl_0kpsoOcJyRyIhSVZVYe7fCUJ1CLK-27UYaTXsf6cIUbz3h157bbW_AS1wsgpwhzkyFa-mTkX6od5uCw&sai=AMfl-YRdD-2jsYAygLc2Q7U6ro_vI1V3EHUTpDo9oL33eUYQL0HcxUN52umODMw2_iVyUTn3W-jHLYpis8iz-XGtahCR5brYKTXY6WHWtY4l2NmcqQKfpu1vhAhVzk4dsoeJH8StxXW9wiBkaa4KLtGQ2xXu6g&sig=Cg0ArKJSzJLZDHpjhVeFEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 94729E0D493C1C8D5A153E90D1BF2300
Requests: 5 HTTP requests in this frame

Frame: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Frame ID: 00AFE120BC0E76DDDF12118232B5A032
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7hvXYUddxEpJ0m9SQEgNqC0i8ZdRonM5BSZ2vs39-PEgIgkhW6sSXEEomr-lo9V0RbuCXzqnTRfYvy9ea7juKMXIXY8GaXmBSLyG9JRuNCre8NjYgNdz_fG_Hns_eBtrcy49JG3b9U7HRnBTwTtBli3S2Ei9Mnnm0NJ9RzmBmA7TFnzaX2Y43Hu6ih7K44KAeA2_2SpJKyZABuXil5eAGdIRGAsiqK8JC0DU23UWqTsi9wN-q_hL5Xhk_hoSAi05nlkmmUGVzaeK6IK8vk5Bd85sX0bXI-rtv0Vi22oQ0mqBrP4e00yAc10y2oGXz74odFJyfhU39GJl9GpwJphpEiVuK4ovyTg&sai=AMfl-YTxtTw2YWj-k_gdxf4hvLStqWl7MabEsu17-ompwI2SsV28oyfbQQ-mW_VunOYT7sRyoaaAaDFE4LgiCnJoa2K8UUPeDMRk_nAdCP0XYKz7tjraKWwn9tdQd4UXDw&sig=Cg0ArKJSzLVy4SzOwz-bEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 32E731656C67A3BA47A8310043365E3E
Requests: 5 HTTP requests in this frame

Frame: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Frame ID: E88F34D59DB8E49A1B97FA47291EFC5E
Requests: 20 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Frame ID: FB23689CCAAD421FD2912991B625253C
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Frame ID: 89BFE95E33F320652F390FFED3749921
Requests: 24 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.khaleejtimes.com
Frame ID: 47F1C7D3492BC23CA1717B8F6623F0F1
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsug-YDHRPVrSv39k2C66LI4NyWi5ZpLmngxtZTdBeeBoG39mviNZMS11PJ-4vK8nFMBGgnPc55IzmDOA3_peAht8UxmQxguctnZ0FtdgexiQlfL9BF9t47d2MsmgMIqZpEpTjuSB-9O4OLRWEVEgujB57PkVEjC7P9LgCn-dipBT-uXLKlXHgcASTTj3AUTN4gNOQEd5Yi4RdbIdtB5Ib7e4_AoUKX6wZ-Q4bvfk9usFhKRlzWosGwwulLWIukmUioD5p2uy2U8KXDbRnpi9JP0WinZSX8Rxta24EREdo0JQELkNflfE0AYvCAI6iOQCxGgAg6UzyXEd297voU&sai=AMfl-YQyq-SJJQXT0YoDqM4N42zVW0xaWKQISOXNI_S8Y_7y0SJY-s9pbRIMCHRUVhk-0f2K3wDAwngc5C1FTGDjH69pDxd3H9UhLUyP5TXKlHP4N84c8PvWpb0bM-bllQ&sig=Cg0ArKJSzAfAR1n91ilLEAE&uach_m=[UACH]&adurl=
Frame ID: B681B514DB8774188C0C73D9FBE0C0D5
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: FA0E382D042C1184A6A2DD4FAE69073A
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Frame ID: CFD0589FC3CC705A701EF190290DF459
Requests: 21 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=6b859b96c564fbe
Frame ID: 16DC7C80D29A7F990A102CB90694B063
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvI1q1edCqbSkDriuBBqx233rphJddHuIQkMS22-eGcivTKIpAMOtRMaRChbgdFCLMErNhWCukPanuM6B90gGA2e3hT_M7K_4sv-ZveKlthyXNlBWZKSjEuKhoY0KT4DymJtPcFZDIyPb9eGT4FcIVO_NkIQ_sVTExuRxY3JYnQ-vAYABSIR1i9ePWbWVT24OgKdoiIIDtg9hLmvfxymhEhZ5qE_EFy6tjPN9tR6oeyDbtWuhUpLpBT2vbcOzKj62xQmgxxowc1a7li1L3tCmqir9YpMpc17iTm4YGLNNRy9WDRCOOQNMzgNBlhdJ7gprVQX4UIW8DSCaOdX84C&sai=AMfl-YQz7bHvVeDd80OIY1iHW7uqGaX2EGQkZOErDvO5lckpt_qgDEG9OTxQimllWcGLbbV-4VPNGiWFhPu_GA7hC_dJioddff9GDt-aoch-b2yHjhxP7BO3UeSZcuMLww&sig=Cg0ArKJSzO6hYJ7WMsvVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A3635CA3A29BF1972F4506B73B6484B8
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZbuawVPwDD3bZoMW-LGuxKcZj6vAlY_ygDF2weUTLhWS2ttq0lxVy8ddiD98SkkqOlApc-BZGv3FSTcou6TbvTP9hp5yjj-zLdBu6RyUSY_fLaBI4lY4TtYTXA_vmxJlRFAqENNkXBlsOjtZxq60R61s_xNiI4MbdBzEZnPXwtbRcfu31QV6CS0PG9YVQK86hLB2ZbFzrZxYEYNVyn-a6X9bhJbwU-4s0S95H94SZndo_GMtNevthSoLzWcIB2L7J-xonfrJluevoxUu8QqAzwGOFRwgCkCd4VJ5Xm4Q5ldpMZnRg4bawXRoLzUqvsWfc54HL2_AzMWy5g4Rf&sai=AMfl-YRDL8I38HNeO5EaAuCx5eUGGsUj1TU3-EcihNptnqCSo7hfXde-IsZHi7VDkia2ZeZBZvPrXQasXKiUah6Cq2NTXfy7SIIShxDUY8YO0Dxv8rLIraCMkqXWhGdDzA&sig=Cg0ArKJSzNpBwXn8m_69EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 3D76D21778D9B11E862869DA49D1F03C
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVVZ3eC9GqAITnTkjGIJpYmqofmaU5kAkzWExtsN93gl2EXtWLIRqsvIcbrHfoKWgioG3-BF7ZE1K5zAxqhoebtsyyIHLsqo_XQA2I9AbkZptmMnVjTvc0IKcfScG8T3cVLsMWua6-rnD8E8dNZCd_koj4wTQhtO4RIJXyftkgqwBGz7d2HSEE8hu2BBJT9ahFJ8vmSmMj-EofTVpvWykIWusYpVbbnhIk3L0lbBboS8jC4R3GOlNh_ZLF7kl4cC_nL1Dsug3pV2rQtS6d2zMzOXUF_aoExelyt-moJ02fpkHqIbnURnQgTMOfRljjzrjIpsvPLQ5eY_HPENEv&sai=AMfl-YTdzeoMaf3B7anctyOEn4iQZkcPXlljGEzJb082oqlC4LnfyTXadPscVsryhYVMD9q7-t4HYrLFJwY-Dmy0UDr-1D3sHVi7PUtlVrv2oIGhzcZVeQWzT79GrhPoGw&sig=Cg0ArKJSzDJcEZBcE_hCEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6693A704B073D3BDC9631C341EAB1152
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 174C57CFBA49F76182D662139C7A8CEC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHfjumxRvucDziNLpasW-PczkxeQ8hXIl1kvd4eb1TZPIKmu5rV91P_CO0i9orT5684Q4GnHgbpKAj9Y9pnBdbg1naZwR2Bla-c-cHFZSVRHkAgmnLo_8_4tvpN8PBj8897H8bSuI6yrt0195b6hpnXVcOjWgRfjIgw5ymJjPNAhvC5kw4tKTt0-i6_1AS1zFZjcOLHslooenGvXeQKhJM8Pjw6vKoS1g6aVSDL69JB4BpmrJ42dESyqcQ3R38Sozvb4HgQicwRREx_QEWZXfua7O95tZnVYKnz6tERn6q7OqSWEreJl1k1j744JogVV8m9MwZv7eTNncB5k4&sai=AMfl-YQtPmZNbAG1m0FDyJkC9VUUOgjWDVsVno5AgHRmT3bHa0teH13tpoyMRIUCv3Tsgz1uuHmiGCCsal6S0YDv-QAyQ03l3LLOLfTaKi7lzM_WGAoGVP7Qqc6yGzSOJA&sig=Cg0ArKJSzOhRvKC1AAM6EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 5EEF55BF505F0FCEC667C6B645D4EDA4
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: C9BB03A2F3DB0598C79A159495D58EF8
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Frame ID: B799DAF58A6DA1A73D6386A3E067E6E6
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Frame ID: 594D9BE6902385FAAD30C7759A661BCC
Requests: 12 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Frame ID: 5465CFBBDAC401A82720D0C0D521B109
Requests: 7 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 0832EDB928D532B65029476B45B3895E
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjO6uffATAB&v=APEucNXnJ_7-svDcRg08i0QLofm7Kd0ozcle9I0iGYcQA1IpDucbhSp0gogEHzfLwYGuTeJz5aImNU90I5FJk61aoR4_QO62HxAsw7KCBaqo4hPGlW8-vgA
Frame ID: CC15FD20977574E559B19E92505014EE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4CC566F1F664C6A3916C4F52D5EB9BA5
Requests: 15 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=adyoulike&uid=18983ad2ee7bdd870b91633e3e36f3f6
Frame ID: D4A538C02D74DC9F41F3CC56D2E65A11
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvklouswPh4TqdF4mstySgkBHjQESD3WFVlsFlUEL6PFpnekKha9GIi2WOwBlwx-zWAs8gofcrGSvivujL7wZgA6i6aoP4tOV8ocHNg48xb4v75Msz1Axuz3IPIAaAUwFvlwWMcwqfaLsj7t_s2NhwmmIdifKizC5Ip-BSkgYd1885_FYaz82Cz9w_uWYXhkfWNYdQTrlcURTZwbliU5eOoJuL14v4mm2yHpo_nrcjThWdctS1jWFYNnYRHPuVa6XiUEErGGpPdqp26z8mGwjsj7rTi_IyK6K3rTAW4eDMOmMsJFTvfEpE0FQjjtbejWsrJNT4-FecWCzHvRdg&sai=AMfl-YQP_vY37CAhv9p7PboMpCUMiuX8zuGyJLhl3lGDDb8_UIIukyRHtjoN5Zz6xvwXJ5YYeZ4-Z-Q7SCI00wZLLps49hb3e4SsnNulYh8W3_x_3e2habK19I_60DRp5A&sig=Cg0ArKJSzHGNuq4aGQOYEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F6C8B5888E109811EE13653FD60E2B2C
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: AEE7AC34F4155F0C90C84882D4F45DF2
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiW5OffATAB&v=APEucNWE0auP0P3y1Z8hjyzyRtlUBAeIwou0opLFpnb2ubxwHI3sy3zsdBX5bzi6RjXOttkf9SohKn7aPUTzTt5wKCqPQaRYD-ByBOW6Pb_6ZAQIQuAq4BA
Frame ID: 96C4F03A3A48704E9E26A5A39E997CA0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: E255C646400F86BF9B3AE149240D8F93
Requests: 15 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: BEC6460B1C780B7E7506C17B893D3A61
Requests: 9 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
Frame ID: B639D9A3EA54081956D72AC8B8886DFE
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: C330B7A9709C8103BCCA5DFB4C7C2CEF
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 9387055DB2BE38DA6A1657D007E231D4
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 3B3B8870E09552B579D0DEBE37048887
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: C0603828F035948C5AF8C909663CA9C6
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: ECD3DB081899369CDCA01F484CA6AF64
Requests: 1 HTTP requests in this frame

Frame: https://adgebra.co.in/afpf/segment.html?p1=5823&p2=&p3=&p4=&p5=&p6=1&p7=%20%20&p8=24553&p9=23043002&p10=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems
Frame ID: 4697E9C18CDC4C5C75BB52AA9E58EBEE
Requests: 2 HTTP requests in this frame

Frame: https://adgebra.co.in/AdServing/EcgProcess.html?p1=5823&p2=24553&p3=UAE%20news%2C%20Dubai%20news%2C%20coronavirus%2C%20Microsoft%2C%20SolarWind%2C%20malicious%20software!Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%20%20Khaleej%20Times%20Microsoft%20Corp%20said%20on%20Thursday%20it%20found%20malicious%20software%20in%20its%20systems%20related%20to%20a%20massive%20hacking%20campaign%20disclosed%20by%20US%20officials%20this%20week%2C%20addin..%20&p4=23043002&flytxt=313&preferurl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&neg=0
Frame ID: FBC8CDEC8DFCC78C7D95A6C12D7AD137
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZE3QSAAGdt3yhgA9&gdpr=1&gdpr_consent=&_test=ZE3QSAAGdt3yhgA9
Frame ID: 5BE3FFC36D4D75226A0B5F38B42AA3EA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477414437337801
Frame ID: DC3324F0395EA09B65E36974F666D482
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D25146A7-FA5A-44E2-8074-F1A3074DE67C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 467984BAA1D943CD071AA579D88E6352
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Frame ID: 703B8D3A0D848076ED088D789923DE20
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1d73644d-d048-4a00-afcb-6c18b71cf71f&gdpr=0&gdpr_consent=
Frame ID: 2FC5239DFEC4065B98D7E40B05D4D286
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7db5d42e-e6fd-11ed-a34e-d15af96d51e0
Frame ID: 6E5D321CBB2D16727FD24EFB0BF1C0D3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7906230784814628655&gdpr=0&gdpr_consent=
Frame ID: B3E90545E1AE02F9063CD67C722EDDE8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uSkp4ustKb6ifirjuC4wt-skeOKiJS3nu3yz6CBt
Frame ID: F9F6248517C7EE8A8E47816BB9470D5E
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 9C54DA5B0995CD4C3DB25CBA383807D1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 48E826C2B58BC12FDDB0862B15DE81E8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
Frame ID: B0B0028A7F58A6AC8E2FCC396080CB7B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:fYpSPiDn1PSWFi5&gdpr=0&gdpr_consent=
Frame ID: 195E1D5A40B59251343B1B66AFD5B153
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: AA8D01982DCE97AE5FC4C2C0699C287C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Go1CAQPvWv5mMcBHozEv_5U4mb0&gdpr=0&gdpr_consent=
Frame ID: 82271EB7F24C6E4C1B252752EEF32036
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: E3E88E02565A17CCB397ACDF9D75CF9C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 703F5AD10B48F9C582F74857ACD87B8E
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: EDD3BC763A531610112501CFCC7629C3
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Frame ID: 1B1508805F6E54113A90E3CADBD55591
Requests: 6 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: C42765D994420980B835DF695F6582F5
Requests: 9 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 8483BB5A45CD1E9F44E11D6D14826149
Requests: 3 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 85C8FB8034F3D8E3A1F14A4205238798
Requests: 2 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 2D88EA1C6EF5AB8692ADA38C2368F13D
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 568FC3E61844A5045B5BFFC41B622743
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: C9C6A67C79AACFB035969B7AB7BBC95F
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
Frame ID: C2233BB419FE092003674DB369170057
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Frame ID: 2FB8CB23013DE0947F1EED9CAF37D723
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 3C60DF348493DD0A1D4E665D4B9F6150
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 58F1DA2051241C3679407DF48B942215
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNWBHTfwVNx6jBnFICfPZmL4JzFNz2xIeDRBopatM57aNXybojpsslhhmcDUdrFMMM6j3BSKSZETJRwx0_SB-b0oajFucikwlR_gupJ6-xwSkhtyEa4
Frame ID: F63D5ADEE78A1F6C06985DD3785C126F
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 766CDC009CC2E0A51F40948E72D50ECE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNUEMhDMjaa1REa9rnstxyxyBwTD_4jp3qQ-ycSOymFy9n0U-mAV9hSN93wuecKTUV6ED1mSFvmnuzAS-bl2HVgAQYG1jkoM0OBQetHf_vWjR_HF8zs
Frame ID: 5EEBCB84F654415FABF8B0DB094BB795
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: EBD5CD82C5A6736AD39999678BB15801
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: F08973F668ADBABF8200C239CEEBBB6A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4e1bf7541f976ee9%26uid%3D
Frame ID: 7BD191E26258AEEEF21F862964406168
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e1bf7541f976ee9%26uid%3D
Frame ID: 1A615D343F59D4223D59F6BD1E623252
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 4C8CC4DEA0832FE8C351F3ECAABED68A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: B94FB2F3D2B5996E6848E9E1358EC38E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 949952898CF5CF5F885442E93E617D04
Requests: 24 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDD3SkmZHMDUliGAmH7Xf1Nhhu97pc55o-RRsTNmvSgDaeEG83l8G8peDqILbOwM1yjPnkcVftjzPzz9xXH84xc3jfM3H_2dL-vuw4MIp4C4eNPn56g97_8EmKxkTbNtwFZchri0q-56zeBmlvRoDjLfmoXovqHqkyEWh8LYpy0eBcLpF8MVXe6WFs1W9RQyisManDSAK3g3XZsFmlz0wkUkjCdXPvzf2gwvWNDWoTkWNd-RpMsYKF-KkW_TZqQYv_KGvIpsmuuCxhqOu5SC1I_cNfR4GsuQyeMDNfNbmS5NwgjTI3uvzjp4QXwqlqRxaJTphRRVo-FTo1L7M&sai=AMfl-YS2YI4YBqPlgBrxrwKqmMocx8QxwCXw-PA_2gA2jjijt1LWGduc6RDDZPtW590i2XP-t_Ke8Vwa43AANr3x7jhpPUkplg1LPO6ko0q6iBW1HTZ1M8ZUtsljVlqiAQ&sig=Cg0ArKJSzC6gJTIURfTDEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2F323712F2C1AB962C0C94044225386E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiW5OffATAB&v=APEucNWEe5qU9mw_plYD3CBPaom5J_UQLIGoQnk9pRJwmsDwR820hYLNLnDujTTkDi8I6sEcPv0QXwsYPqyXKwH3XEcBUaa89g0G-GL0j2q_xN9XNC5mSVE
Frame ID: EFD4CE06F2CC918BD9C917DBF91AAD83
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: BA8EE80B707B41BAFE8FB42BB54DF08A
Requests: 15 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic&tc=1
Frame ID: 5BA4049780F7A97B273BB11661DDAFB1
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
Frame ID: AB40CE8F1F1ED91BACCDC45EA427B8B3
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
Frame ID: 37C814C431B0378254DB607EFFB64E5F
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic&tc=1
Frame ID: CD9976BA61095B56A7028B20CFD3D918
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
Frame ID: 4388B81C1AE5D3BCE652C8490057E00F
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
Frame ID: 3415820A47CC1EB9403E8053F9775C3E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: 8462B9D5AA8BB9DBF5C3AFB9D0FED3EB
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Frame ID: 78A2E697DCEB0B40C23813E9C63AE188
Requests: 9 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Frame ID: 60160D551951C06A9E9E48A6DACB4E6E
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: F2C837465A7A2D7BA3DE23EB69BC234F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: C3DA2A5882B3BECD327E42F21B64647D
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 39E026F9DF7E5FA53DF250214AA29A8E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: EAE9C68640385784423FB4EF17F2B875
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: C51301595D9F2FA6747731C249D281F0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 2E338A2C820E047D6109FE0C04F16F8C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: C3019D39D5AE07FB93B6D3CD7D033302
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: E1A4EE7C48F179DB1F726C8A2780C092
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 1CC94C89C81738CA18435F1EDBA7AE4E
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: B6E64C8BCD4DBC1060A8E3FAB754BA43
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 708946D59F8978C7759D64B0F61CD80B
Requests: 3 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 9FDD0388D68CABDBAE1D02DCB2B2588A
Requests: 9 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 04D1C474DBCC5068AE6BF9F353A6636D
Requests: 2 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: 556F1133665265E4ACCDD1473970C6EF
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: E8C066F11A9FD157CD5E06180C432700
Requests: 9 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: B676E63568A100DAF363CA43FA46FBE0
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 0EF2D23A3438A4FE0C8BF17495E1B063
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 307D3309A5CF5AFC7CE80A1F0DE982D7
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: D69819D34E010AE866929021F944AB31
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Frame ID: 879B585299A7A322C07D5A64DDA22373
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 27393F339246866553AE8DA61F2C8741
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 5371A8F0DD76027B3A2F6B6F19C55725
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 13ADC8D226D649B7AC85ACF58FD468AA
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 710C78E9606460CFB5357E3A464A8E28
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: B6B04BAA758E77C33098C734721F1586
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 6524F4A33832D15196781779B9F2D3F3
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?p=1BTOoaD22a&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Drichaudience%26uid%3D[PDID]
Frame ID: 4A1CF6BA07DAD250BBB1815DF5129006
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: A93487FE334C981504E1DDC84987D59F
Requests: 12 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJGsunjaG4FJPvmH
Frame ID: C2B9E776D4FD58CA24B8F0E248A65518
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Frame ID: 38CB9F3FD9C8195DBB3D5C4452F442C4
Requests: 7 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic
Frame ID: 964C877C2EB66F344F6B50FB209D2FFE
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
Frame ID: 48A893126CDCDDF12CBF4B59DBFAE716
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
Frame ID: 85C93E2BB8AD0B084765942C454DF241
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 9D9474F790BFAF390F038BE787F7F111
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 60FA241A06FA68FDC68F690A97EE0722
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: 107EC74183EDD7F648B674238B185A0E
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Frame ID: 79194AEDB434CA894186E20035CFFC79
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Frame ID: BF1AE63C4288D2F55EE6BA828CFACA4E
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 2E157388F5DAD12D57CBABBD31139C92
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 5091CEFC004B003EFE5D9BF702E70BE2
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 8DE8A96A06636628C9A25AB4A614FF93
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: F6665069B53A7EB066C1C802CA73ADBA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 49CDB2E825DAFF3B24F7950914660186
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic
Frame ID: 84206C6CA159FB77643014F6A1DE273B
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
Frame ID: 91EE9C65DC1C7E7EA9D993D0688A3F9A
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
Frame ID: DD25B96562BD907492AE91FC09EA50D8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: A8EE7C036852E03C3D4156D647CD1E61
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Frame ID: 8DF42E0383F219A4FDCABEBC4B97CA5C
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Frame ID: 88BEE459DA8E89F813C7F5DC3966392E
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: CAB3BAB51BD57A91D229AD038202B0CA
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 2A1EF700E9D067A2AD9E719117AD52A2
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 41E8A8980B05AC3388791F13837969A7
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: E9AD0D8B5DDCDCCDE39C20467615C4B2
Requests: 12 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJGsunjaG4FJPvmH
Frame ID: 24899312706E347B15DEADBABCFF1EFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNWioxqoE4qSG_vn1zvIW40H-dRLpVNOyl3fLmLS0UgDQ0x49vYEqztvFdkOTVsIB-Ef6v0-76YTxFrHgh4fxzwMXhzwgH38YzTt9uslrmnZzwF-ANI
Frame ID: D221A4ED8845EADC92608B67FCB017F3
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A2D489694506C13F49D44BA9452C1766
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: A1CEB8CB4D6F0FADA3EC238E7615A79F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 2B409844638869B93A2704CA131AFF88
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: EAC6B5D11968015EFB67E0AC2222710B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5c6c647b53171dd3%26uid%3D
Frame ID: 5BC6304CFB9A538AD350E29A84373ECE
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D5c6c647b53171dd3%26uid%3D
Frame ID: 227ECE576A452BBA211B25C580769418
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 9157016432A791F4782EAED2DE83FDED
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 7D26FAE9BE889AF09FB47ED2CAE39B8E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 95889A628442553D79929323D3847C84
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8BB874C22F4475EFE7AC3D0E6EED8C93
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 95F478BEEFA9AFA7B53C96EA2518B8CB
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Frame ID: 7F4E52EA96D915B757749758561FBEBB
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 976FBAD02CC7761FD66A7F66680FE923
Requests: 15 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 8432D868EFD75736DB2CC66037E4B670
Requests: 3 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13413210
Frame ID: 9CE85D39C369E41F8CDE9605C235CC91
Requests: 19 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 2FCF8F7B66CFFA655904C9719049FD22
Requests: 5 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 791265355BFB9A948F355C841C4A13A9
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A0883372B36C25638A553BDB0E860078
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Frame ID: 7CC84C9FE2C7F9E6F0CD0A60579A6280
Requests: 11 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13413210
Frame ID: E4937A36DA318BEEAFCE6E3559A1518D
Requests: 19 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: FC840C461E38A918B41D41451B64D753
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 222ED9F17DBB1D492BFB9C05A6ED2008
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1682821191911
Frame ID: 244E0B437D3AC7900BCAC3B41CA12364
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 82660DE386A39E80926CC0C075263151
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 4251AF8E24AC136C20ACA2517BEBADFE
Requests: 11 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
Frame ID: 6010808E8600A736EAED2563DD05DA30
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Frame ID: 8F6F2B068C1278BF938935079220A101
Requests: 11 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13413210
Frame ID: 079B31616CBEBF9E603A187A6E1C35E0
Requests: 19 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Frame ID: 89B318A0A2CF1F1A8B8D5740FF8B9C80
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Frame ID: 341BAC2CC8222D4E3178D22145BAF0C7
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Frame ID: BBCE0E2EDB1079F342BCCBACE4619D42
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 34DD94F69BAE666DF08667704456F5AE
Requests: 11 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 0CA12955665BB76AAF06E51779753EC2
Requests: 3 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=13413210
Frame ID: 6A4DC3DFC9261AB616D3B4784F65F0BF
Requests: 19 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 94A5A33C0CB8B175848965EBD31075F9
Requests: 11 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Frame ID: 0494117AF97FF3360C2FFF43D7CD7EC5
Requests: 7 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Frame ID: 271D03EF6EDEF99BF11A95108F57DDC1
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6E02CFA7353513FEEB5B9455E0CEDB83
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 193930016389505F1E764070CA5B38E7
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: F96685C7D9BFC4390090841402D4B5CF
Requests: 3 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: C2A21D7863C1BE18BFD9BF5C03D46561
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: F5CBC096B5EC34A02C12C814BD1361DA
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: D83BE1BF1C2736910EAF37D938DA7E0D
Requests: 6 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJGsunjaG4FJPvmH
Frame ID: 186F87412AB3FBBAEE6FDCDCD66819A5
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 7796BE5FC8F09970601F9C8B087F1A18
Requests: 6 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJGsunjaG4FJPvmH
Frame ID: F0274044F9B89C58D8550F037BF8EE40
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 844A6342FD5B3705732E2D7F51F86FEE
Requests: 6 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJGsunjaG4FJPvmH
Frame ID: D7647259C6A071BD79EB8D574FB3459C
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Frame ID: BBF0124EB08AF50DC961FE1B8280948D
Requests: 7 HTTP requests in this frame

Frame: https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZE3QTcCo8YAAABK4Jd4AAAAA
Frame ID: 7C9A47AEE8C732A0BBD35B7017C6B47E
Requests: 23 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=773702722627
Frame ID: ED4391C0AE3DEF8FF29F66AF16B831B2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Frame ID: E5D2E9D7154A8B1F20DB2868E151F9C2
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=c0257981-db57-443e-8ca1-0cec51969887&id=efb06353-be47-4147-a543-e86722547092
Frame ID: AD896DA74AB9092C42C802F0A32EB9B7
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 33A59C00D80D8E6B8BB185146C3E602F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d5f7c002-8957-43c7-9ab5-8ad286266848
Frame ID: DF647D78134530E930376E4396007FB7
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 3EFC4C9747689F45A62D6A652B5635A3
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 4DE1FB5EB9F80C609F1A27601BFB75F1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7361075961644224999
Frame ID: B2563F6B7074EDE853D6B674F613F2ED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:429FA571C8024762B89F507D54B48C58&gdpr=0&gdpr_consent=
Frame ID: F461A696ABF4DE45485F1C874608636D
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=ab9c2de71df9c853&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 55B1B7D44A3F54ED22C57817B9F00A40
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 6CC964E36620094874662BBB716893F6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: D23FD945B7A36480E5ACFBD14F1F7B45
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: 6D837AEAD798608DCC29CB2EEEA80AD5
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0855814426be387e%26uid%3D
Frame ID: D388E319B6A6D96C4FE0E834C3B88A92
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0855814426be387e%26uid%3D
Frame ID: 41CDDA4B7E8C9E68F8E06A7B047B2939
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: CAE1780E4F4DC67FF5D7BAADD7B52E55
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 37BD7A6C5F216293374055D817DCB106
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: 4AAE0FCE153895B544DB7EEE8B308931
Requests: 2 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=caa4e1f7-081e-5278-9695-c2ccf2d81289&CACHEBUSTER=220831
Frame ID: 6A1082E4E39016D0F4A09E595EBCA3C8
Requests: 9 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 72A0075DB345AD0EBA6B8CC087080E46
Requests: 5 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
Frame ID: A5F88599DB7BC52EF525C4E10FE8AB54
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 09E360D56ECEF63E3B233541F96EE687
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 60F6E3E9A95481AAB2C632EDC830940C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 8850D74A5BD3FD912921BA9BEFD616D2
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
Frame ID: 5C4AD374BD5316658A098B63902781C3
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 9D84FA719F9DD8C7925DC16F01D923BE
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: E9FA4D65F1EE2B007AA1B5B4551DBF77
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 724DEF851DCF84F3B781B919BF3133A5
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 8FF020443245A48E6C26094DDF4AC518
Requests: 5 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
Frame ID: E584BDFEEE1032F8CA021C6DCC3F51D1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 2BB0512C01D2E71899DE511CE2B75B34
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: C4202BA7DAE1C468A1654D6433C5AC6A
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3258227951455735000V10&type=rkt&refUrl=&vid=28211970093258227951455735000V10&ovsid=978477414437337801
Frame ID: 8097D8B898C65E3B6167B4A36183CD65
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 03A9A295E91CB8D492E53251495DBA58
Requests: 2 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
Frame ID: 08C8DF00288F62736BBF56876B9F01F2
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: F2A238047E38FCDAC6339475C4E604C8
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Frame ID: 481FAE363BD9F61E69F480E0B8A1796A
Requests: 1 HTTP requests in this frame

Frame: https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 1C8BB60F986EA27086EED7B0507E44DF
Requests: 1 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8xvoCLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMmNPJORw2NYi3Yr11o0XG7WEodz5hbtVsPZYjJxrja2ISC5kWcycngMa9Fu5VqLhsvNWuJwztyi3Wo4W0wmztXGNgUVU_jbPX_Ly2RQO01uheX09JhdbrCFptPhc93rdb_fXWt0mF0uq-npdnnuGr_bL3p5jH6102P5e_4201vzcH7eStNb5nfdTW61w-z0OP2uz1vzt5l-D8vLrbS7labPW_P8nF5uzx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAYLJBIDrkgNB-u-nycpj9AQAAAAAEAAAAAAkABNugEgAxBocn_v________9jDNBn3sj4____v6HQA-DBB8CDEAAAgIshpjI6RiPtl5VECDyLMAIAAABQiZPZe2SSTlCxqPL__99vBeAKAEDA4XO9518W3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEI1dQPpxGeRLFX8wsIALDmFxAAgI26AQB4EwAn6BC0YjBYnYCYHQAAAIA7_____3pAxuVyDnazjWM3Wy1cxsVitVhYRg6Ta2TYzCwzh_eYDoBXTTHOjvSpmMLf7vlbXiaD2mlyKyynp8fssp8JW4xWk8lmOZwtF5PBcDQcjfZnIBaTAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDA1sw0WzpVrLdgNV27RxuNbS4yD2VowXC1mNstuZZwt3KLXx3Qx7VarjXOLBAPI9iJ5WqQT2WI2cmxsvtlisbBMnCvPzLeZLGbGhc2wsIxGrolYojlZpBPZZd9xuZyD3Wzj2M1WC5dxsVgtFpaRw-QaGTYzy8zhb81sg4Vz5VoLdsOVW7Tx-NYS42C2FgxXi5nNslsZZwu36PUxXUy71Wrj3Ddmw8lwslgsN_vGbDgZThaL5WbfoTN8V5-zUbSTbDwmw7iY_YtrDoPCZbB4V6rTSluQHLTZq8jp0syURZ3R7_f7_X6_3-_3-w1az8FsUPi-Q-twHLl-nNnF9yA2KBSxRHCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiNF2kE73o5TH61U6P5e_520xvzcP5eStNb5nfdTe51Q6z0-P0uz5vzd9m-j0sL7fS7laaPm_N83N6uT0XsURwukgnopfxdFH_kUOMlnPVbK5YbeaK4XKVAAAAAAAAAAAswSTTTQAAAACcDGo3WI5W63Qwk8VkuVktF0DEGqGuH-vOPVagK6FijT2msUaH2eWymp5ul-ftsjvcgsdmshkulrspA4hYs2O22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAgI4ceAACA-D6gKtXwI1eKPX4FsVgMNvsHoEKs1Wp1u7FWqwU!&cmcv=&pix=undefined&cb=1682821197096&uv=3270&tms=1682821197096&abt=dpxrv0_vB!lvlstst-in2_vA!lvlstst1_vA!nonrv_vA!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=7d32dac0-47e5-4893-ba9f-4758612b95c6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: FD21DF40833A247B7AED56F0466E31B4
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V8xvoCLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMmNPJORw2NYi3Yr11o0XG7WEodz5hbtVsPZYjJxrja2ISC5kWcycngMa9Fu5VqLhsvNWuJwztyi3Wo4W0wmztXGNgUVU_jbPX_Ly2RQO01uheX09JhdbrCFptPhc93rdb_fXWt0mF0uq-npdnnuGr_bL3p5jH6102P5e_4201vzcH7eStNb5nfdTW61w-z0OP2uz1vzt5l-D8vLrbS7labPW_P8nF5uzx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAYLJBIDrkgNB-u-nycpj9AQAAAAAEAAAAAAkABNugEgAxBocn_v________9jDNBn3sj4____v6HQA-DBB8CDEAAAgIshpjI6RiPtl5VECDyLMAIAAABQiZPZe2SSTlCxqPL__99vBeAKAEDA4XO9518W3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEI1dQPpxGeRLFX8wsIALDmFxAAgI26AQB4EwAn6BC0YjBYnYCYHQAAAIA7_____3pAxuVyDnazjWM3Wy1cxsVitVhYRg6Ta2TYzCwzh_eYDoBXTTHOjvSpmMLf7vlbXiaD2mlyKyynp8fssp8JW4xWk8lmOZwtF5PBcDQcjfZnIBaTAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDA1sw0WzpVrLdgNV27RxuNbS4yD2VowXC1mNstuZZwt3KLXx3Qx7VarjXOLBAPI9iJ5WqQT2WI2cmxsvtlisbBMnCvPzLeZLGbGhc2wsIxGrolYojlZpBPZZd9xuZyD3Wzj2M1WC5dxsVgtFpaRw-QaGTYzy8zhb81sg4Vz5VoLdsOVW7Tx-NYS42C2FgxXi5nNslsZZwu36PUxXUy71Wrj3Ddmw8lwslgsN_vGbDgZThaL5WbfoTN8V5-zUbSTbDwmw7iY_YtrDoPCZbB4V6rTSluQHLTZq8jp0syURZ3R7_f7_X6_3-_3-w1az8FsUPi-Q-twHLl-nNnF9yA2KBSxRHCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiNF2kE73o5TH61U6P5e_520xvzcP5eStNb5nfdTe51Q6z0-P0uz5vzd9m-j0sL7fS7laaPm_N83N6uT0XsURwukgnopfxdFH_kUOMlnPVbK5YbeaK4XKVAAAAAAAAAAAswSTTTQAAAACcDGo3WI5W63Qwk8VkuVktF0DEGqGuH-vOPVagK6FijT2msUaH2eWymp5ul-ftsjvcgsdmshkulrspA4hYs2O22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAgI4ceAACA-D6gKtXwI1eKPX4FsVgMNvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: F2440B7F88A7BF325713E55C374DCD9A
Requests: 1 HTTP requests in this frame

Frame: https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66607125&crid=6831575&dast=V81BACLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMlNTLbJzDlaC0cml1s0WwzWwpHLsBYsRqbVaLQcuWazISCZ2cTmmCxMa43NtnGLVrvRWrlymdaCwWBkmTlmI5vHNAUXU_jbPX_Ly2SQsMx-30FBOT09ZpcbbKHpdPhc93rd73fXGh1ml8tqerpdnrvG7_aLXh6jX-30WP6ev8301jycn7fS9Jb5XXeTW-0wOz1Ov-vz1vxtpt_D8nIr7W6l6fPWPD-nl9tzBwAAAAAPANB6riH8AAIARAAAAACQAAAAAEAhoMK_BYELAAAAABgAFgpTNACYbBCIDjkgtN9uurwcZn8AAHiAAAEAIIBBAgDBNqgEQIzB4QkAAAAAAAAAABb_____MQbwsSpkEAhMZ_YAePAB8ECE4K4IIwAAAACVOJm9RybpBBWLKgAABOlWAK4AAAQcPteLMoQBAAAQGLNAD4vfb3bYNX63ywAAAAAAAAAAmPk_849GqKZ-OI3wJIq9ml9AAIA1v4AAAGzUDQDAmwA4QYegFYPB6gTE7AAAAADc-f___9cDMi6Xc7CbbRy72WrhMi4Wq8XCMnKYXCPDZmaZObzHdAC8aopxdqTPxRT-ds_f8jIZJCyz33dQUE5Pj9llPxO2GK0mk81yOFsuJoPhaDga7c9ALCYDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGpmGyycK9dasBuu3KKNx7eWGAeztWC4Wsxslt3KOFu4Ra-P6WLarVYb5xYJBpDtRXCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiOVmkE9ll33G5nIPdbOPYzVYLl3GxWC0WlpHD5BoZNjPLzOFvzWyDhXPlWgt2w5VbtPH41hLjYLYWDFeLmc2yWxlnC7fo9TFdTLvVauPcN2bDyXCyWCw3-8ZsOBlOFovlZt-hM3xXn7NRtJNsPCbDuJj9i2sOg8JlsHhXqtNKW5ActNmryOnSzJRFndHv9_v9fr_f7_f7DVrPwWxQ-L5D63AcuX6c2cX3IDYoFLFEcLpIJ6KX8XQRSyRPi3SiHA4Wvs3MuTJNRpOZc7VcmAyr2cixMq42y5VxORFLlKaLdKIXvTxGv9rpsfw9f5vprXk4P2-l6S3zu-4mt9phdnqcftfnrfnbTL-H5eVW2t1K0-eteX5OL7fnov4jhxgt56rZXLHazBXD5SoBAAAAAAAAAFiCSaabAAAAADgZ1G6wHK2WCyBijVDXj3XnHivQlVCxxh7TWKPD7HJZTU-3y_N22R1uwWMz2QwXy92UAUSs2THbzDOCWKvVsgYAACCADQAAIICbbrwJRIfk7AOiysnMzMzU5FcQi8Vgs38AKsRarZbPF2u1Wg!&cmcv=&pix=undefined&cb=1682821197111&uv=3270&tms=1682821197111&abt=dpxrv0_vB!lvlstst-in2_vA!lvlstst1_vA!nonrv_vA!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=7bd62f94-8dde-4610-8de0-01d45449d566&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 163859CF918AA31B51DF803E81676B6E
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V81BACLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMlNTLbJzDlaC0cml1s0WwzWwpHLsBYsRqbVaLQcuWazISCZ2cTmmCxMa43NtnGLVrvRWrlymdaCwWBkmTlmI5vHNAUXU_jbPX_Ly2SQsMx-30FBOT09ZpcbbKHpdPhc93rd73fXGh1ml8tqerpdnrvG7_aLXh6jX-30WP6ev8301jycn7fS9Jb5XXeTW-0wOz1Ov-vz1vxtpt_D8nIr7W6l6fPWPD-nl9tzBwAAAAAPANB6riH8AAIARAAAAACQAAAAAEAhoMK_BYELAAAAABgAFgpTNACYbBCIDjkgtN9uurwcZn8AAHiAAAEAIIBBAgDBNqgEQIzB4QkAAAAAAAAAABb_____MQbwsSpkEAhMZ_YAePAB8ECE4K4IIwAAAACVOJm9RybpBBWLKgAABOlWAK4AAAQcPteLMoQBAAAQGLNAD4vfb3bYNX63ywAAAAAAAAAAmPk_849GqKZ-OI3wJIq9ml9AAIA1v4AAAGzUDQDAmwA4QYegFYPB6gTE7AAAAADc-f___9cDMi6Xc7CbbRy72WrhMi4Wq8XCMnKYXCPDZmaZObzHdAC8aopxdqTPxRT-ds_f8jIZJCyz33dQUE5Pj9llPxO2GK0mk81yOFsuJoPhaDga7c9ALCYDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGpmGyycK9dasBuu3KKNx7eWGAeztWC4Wsxslt3KOFu4Ra-P6WLarVYb5xYJBpDtRXCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiOVmkE9ll33G5nIPdbOPYzVYLl3GxWC0WlpHD5BoZNjPLzOFvzWyDhXPlWgt2w5VbtPH41hLjYLYWDFeLmc2yWxlnC7fo9TFdTLvVauPcN2bDyXCyWCw3-8ZsOBlOFovlZt-hM3xXn7NRtJNsPCbDuJj9i2sOg8JlsHhXqtNKW5ActNmryOnSzJRFndHv9_v9fr_f7_f7DVrPwWxQ-L5D63AcuX6c2cX3IDYoFLFEcLpIJ6KX8XQRSyRPi3SiHA4Wvs3MuTJNRpOZc7VcmAyr2cixMq42y5VxORFLlKaLdKIXvTxGv9rpsfw9f5vprXk4P2-l6S3zu-4mt9phdnqcftfnrfnbTL-H5eVW2t1K0-eteX5OL7fnov4jhxgt56rZXLHazBXD5SoBAAAAAAAAAFiCSaabAAAAADgZ1G6wHK2WCyBijVDXj3XnHivQlVCxxh7TWKPD7HJZTU-3y_N22R1uwWMz2QwXy92UAUSs2THbzDOCWKvVsgYAACCADQAAIICbbrwJRIfk7AOiysnMzMzU5FcQi8Vgs38AKsRarZbPF2u1Wg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 16D3EAD038541002041BF6190B4AAA54
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 0F7C239CA02EF2C1C9CD4642665FC806
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=5c6c647b53171dd3&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 6E13452384196436E2D36D08B880B24A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.adgebra.in/generic/js/jquery-2.1.3.min.js
Frame ID: E3C0524EE40E11E915040A3C70CE8047
Requests: 15 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 01AB26224B657C52F8FDF96B2153F684
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 37BB7EB1871F14F927528415D8158878
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: CEF860B7BCFD0BEE7E4C6949C88B3858
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 61A25663F6C5DA3685DA84FBF4E301ED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4F8324AD38DD1424E7FE13DB7E55F998
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: 81109FD2B48EE309D6EFCA8336BE4F3E
Requests: 2 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJGsunjaG4FJPvmH
Frame ID: 6341842C16FFA42D57F1621041D2916A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FE2AA7EFA900E2B3B38EE9187E6784C6
Requests: 3 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 7D33B7B0875D9292B93D624B07EDC538
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 5E7010CC5EDEA16119537CEDB585918D
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Frame ID: A0F75225F331ED7AD5EEB8CB6EC3DC6D
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 6019A8E2D6A87CEA51246683BD9D4B83
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=4e1bf7541f976ee9&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 6D6E19FB11CD47AAE9DB537D7E513CB7
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 895B15D11965C767559FD71214A163CD
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 95BEBCC9A41C2072229001C905B1BFE2
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 924278387231AE145F3848358F2AA5FE
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=0855814426be387e&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 9AF22DE8DD7FFAE08C12BF93A4BD2A84
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 57B2EBB5D76CFB7A9760708D07C3B2F7
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 6B32035D07B599E58CEC98D2FA95DB8C
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 64C456DB2A735ABA897C6D48A4BDE5FC
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 0FDB791DC40CA344D530B689332D80D3
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 1E8D49D8B81F14CF71AED018F49C099C
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 3590010FEA7A0BEC57503EA99F80F5FD
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 59B0D2BB1EFAF33FADF34F386219A8AD
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 521419D98697DC751EEB7B76B43A7706
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 3AFF2DE92633A3CE22936ECBA3A39AE0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E0B0D2D4CD4447DB9F3144F5CF7F4F04
Requests: 3 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: DBE275AA32F5905E6C07E81EE5072149
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 1FDF92057291FA9C56748093B18CA355
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Frame ID: DABC2AB078CC5216331DC2FD271B92FB
Requests: 5 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 8405834C15CC4F92710BADD2FC6D4ECD
Requests: 1 HTTP requests in this frame

Frame: https://571f75a79109ac4f392f762d2acb3a54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 16A8DAFC76127F7ABFE43D01A7550432
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 6BC3B3653B2052BB48188AAE8E8901A3
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=ab9c2de71df9c853&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 0EAC654E8F94A125C3D2B86EC05DA40B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D96CD0AEC066FD44F88976B35BEE4612
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 43D4EAC423C0655507CCF3E0FEC8F3E2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032304241924000/amp4ads-v0.mjs
Frame ID: C0076EC4FE858E58E519D3CF1356877A
Requests: 15 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: CEB98D87EE323639B96D1EAC8D28A9C7
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=ab9c2de71df9c853&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: 76BA6F9FD6154D61672107CD5BC26B9D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 9754FB922E5BC6B5A37CD2D528189301
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Frame ID: D5749FEFC653384C79B677F02BB74227
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 2C8E3D3CE02DE554DAD6DB68AC892118
Requests: 1 HTTP requests in this frame

Frame: https://api.khaleejtimes.com/cross/iframe.html
Frame ID: 73C166E208CF1CD149C00128DEFC299D
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.khaleejtimes.com
Frame ID: BFD550106320346BE32525FCA953941C
Requests: 2 HTTP requests in this frame

Frame: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D163205E38250BD7D8294FF752B8B68F
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EB984FC55E2DA269A5F205F19ECD4F33
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 65BCE48BC814E3875DEAE2D361865481
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 5C040A6293C25016F68FA81555B576B9
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-simpli.fi_n-MediaNet_n-Beeswax_cnv_sovrn_n-Outbrain
Frame ID: CD88331B6879BCED19D3F69A3CA75DB5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dpubmatic
Frame ID: 5CE4184D5322CCB7F4244EAA3E38711A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-simpli.fi_n-MediaNet_n-Beeswax_cnv_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 3E790DBD06ED3CD68B634F3D0A9C8B91
Requests: 6 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&vid=a6f37f0123013099a595be2217fc435a&dspid=pubmatic
Frame ID: 58CA43579778480FB270500494896451
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAL7N8vOLFDtQMf438WAAAAAAA&expiration=1682907602&is_secure=true
Frame ID: 6C9E3BBAA6786810565639BED95898D2
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: 06DDD62A8216FD8334F86968C3DDB76B
Requests: 3 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V81BACLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMlNTLbJzDlaC0cml1s0WwzWwpHLsBYsRqbVaLQcuWazISCZ2cTmmCxMa43NtnGLVrvRWrlymdaCwWBkmTlmI5vHNAUXU_jbPX_Ly2SQsMx-30FBOT09ZpcbbKHpdPhc93rd73fXGh1ml8tqerpdnrvG7_aLXh6jX-30WP6ev8301jycn7fS9Jb5XXeTW-0wOz1Ov-vz1vxtpt_D8nIr7W6l6fPWPD-nl9tzBwAAAAAPANB6riH8AAIARAAAAACQAAAAAEAhoMK_BYELAAAAABgAFgpTNACYbBCIDjkgtN9uurwcZn8AAHiAAAEAIIBBAgDBNqgEQIzB4QkAAAAAAAAAABb_____MQbwsSpkEAhMZ_YAePAB8ECE4K4IIwAAAACVOJm9RybpBBWLKgAABOlWAK4AAAQcPteLMoQBAAAQGLNAD4vfb3bYNX63ywAAAAAAAAAAmPk_849GqKZ-OI3wJIq9ml9AAIA1v4AAAGzUDQDAmwA4QYegFYPB6gTE7AAAAADc-f___9cDMi6Xc7CbbRy72WrhMi4Wq8XCMnKYXCPDZmaZObzHdAC8aopxdqTPxRT-ds_f8jIZJCyz33dQUE5Pj9llPxO2GK0mk81yOFsuJoPhaDga7c9ALCYDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGpmGyycK9dasBuu3KKNx7eWGAeztWC4Wsxslt3KOFu4Ra-P6WLarVYb5xYJBpDtRXCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiOVmkE9ll33G5nIPdbOPYzVYLl3GxWC0WlpHD5BoZNjPLzOFvzWyDhXPlWgt2w5VbtPH41hLjYLYWDFeLmc2yWxlnC7fo9TFdTLvVauPcN2bDyXCyWCw3-8ZsOBlOFovlZt-hM3xXn7NRtJNsPCbDuJj9i2sOg8JlsHhXqtNKW5ActNmryOnSzJRFndHv9_v9fr_f7_f7DVrPwWxQ-L5D63AcuX6c2cX3IDYoFLFEcLpIJ6KX8XQRSyRPi3SiHA4Wvs3MuTJNRpOZc7VcmAyr2cixMq42y5VxORFLlKaLdKIXvTxGv9rpsfw9f5vprXk4P2-l6S3zu-4mt9phdnqcftfnrfnbTL-H5eVW2t1K0-eteX5OL7fnov4jhxgt56rZXLHazBXD5SoBAAAAAAAAAFiCSaabAAAAADgZ1G6wHK2WCyBijVDXj3XnHivQlVCxxh7TWKPD7HJZTU-3y_N22R1uwWMz2QwXy92UAUSs2THbzDOCWKvVsgYAACCADQAAIICbbrwJRIfk7AOiysnMzMzU5FcQi8Vgs38AKsRarZbPF2u1Wg!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 4B3DC71D4B3BE4F485F75CC9DA02090C
Requests: 1 HTTP requests in this frame

Frame: https://us-match.taboola.com/sync?dast=V8xvoCLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMmNPJORw2NYi3Yr11o0XG7WEodz5hbtVsPZYjJxrja2ISC5kWcycngMa9Fu5VqLhsvNWuJwztyi3Wo4W0wmztXGNgUVU_jbPX_Ly2RQO01uheX09JhdbrCFptPhc93rdb_fXWt0mF0uq-npdnnuGr_bL3p5jH6102P5e_4201vzcH7eStNb5nfdTW61w-z0OP2uz1vzt5l-D8vLrbS7labPW_P8nF5uzx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAYLJBIDrkgNB-u-nycpj9AQAAAAAEAAAAAAkABNugEgAxBocn_v________9jDNBn3sj4____v6HQA-DBB8CDEAAAgIshpjI6RiPtl5VECDyLMAIAAABQiZPZe2SSTlCxqPL__99vBeAKAEDA4XO9518W3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEI1dQPpxGeRLFX8wsIALDmFxAAgI26AQB4EwAn6BC0YjBYnYCYHQAAAIA7_____3pAxuVyDnazjWM3Wy1cxsVitVhYRg6Ta2TYzCwzh_eYDoBXTTHOjvSpmMLf7vlbXiaD2mlyKyynp8fssp8JW4xWk8lmOZwtF5PBcDQcjfZnIBaTAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDA1sw0WzpVrLdgNV27RxuNbS4yD2VowXC1mNstuZZwt3KLXx3Qx7VarjXOLBAPI9iJ5WqQT2WI2cmxsvtlisbBMnCvPzLeZLGbGhc2wsIxGrolYojlZpBPZZd9xuZyD3Wzj2M1WC5dxsVgtFpaRw-QaGTYzy8zhb81sg4Vz5VoLdsOVW7Tx-NYS42C2FgxXi5nNslsZZwu36PUxXUy71Wrj3Ddmw8lwslgsN_vGbDgZThaL5WbfoTN8V5-zUbSTbDwmw7iY_YtrDoPCZbB4V6rTSluQHLTZq8jp0syURZ3R7_f7_X6_3-_3-w1az8FsUPi-Q-twHLl-nNnF9yA2KBSxRHCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiNF2kE73o5TH61U6P5e_520xvzcP5eStNb5nfdTe51Q6z0-P0uz5vzd9m-j0sL7fS7laaPm_N83N6uT0XsURwukgnopfxdFH_kUOMlnPVbK5YbeaK4XKVAAAAAAAAAAAswSTTTQAAAACcDGo3WI5W63Qwk8VkuVktF0DEGqGuH-vOPVagK6FijT2msUaH2eWymp5ul-ftsjvcgsdmshkulrspA4hYs2O22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAgI4ceAACA-D6gKtXwI1eKPX4FsVgMNvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: FEEA3D8FB1F9B4471EB80915456D0E1F
Requests: 1 HTTP requests in this frame

Frame: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C8CE5A1DE0D724370CB0D7730BFF4E4A
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1682821202282270336&gdpr=0&tsce=L119&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=893548617&size=336x280&cc=CA&sc=QC&chnm=HARMONY&pid=8POJ4N28G&tpid=T1T5TFO&https=1&vif=2&requrl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&nse=5&lw=1&ugd=4&adt1=8CUF4235B&adt2=442254163&itid=17&bae=B4qgqgBqeg&bcpf=B4q8fOnRrolnfOur8gqgBqeg&bdrId=294&bid=337994&ntv=0&matchstring=hr%3D0%7Cbcat%3Dod%7Ccsh%3D1&sff=0&kttle=SafeFrame%20Container&mcf=98963&katpre=1&katbid=-102&ydspr=1&pgid=p1565584308t202304300220&essld=fF9h%3AXA99%3A99F9%3A9999%3A9999%3A9999%3A9999%3A9999~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&isid=21&allsc=QC
Frame ID: 0468B52A66D1D906DA968680186CC0D4
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUF4235B&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: B7B44CB90CC027FBB26F951F3804464D
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=ba430829-be5d-493e-af16-818347460a1d&gdpr=0&us_privacy=1---
Frame ID: F5805762D9376566A75D394A7A7E5ECB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 080483734089A6254A1A34AD59462C1D
Requests: 9 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Frame ID: 7181516F3D588B152D4C5CDE5FC4CFD8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FA53C8A571032E2D37AC8F81E093C9E5
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 8839664F74F78C9DFB06CBCA15B4706A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft says it found malicious software in its systems - News | Khaleej TimesGroup 3Group 3Group 3Group 3

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • cdn\.izooto\.\w+
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1740
Requests

71 %
HTTPS

27 %
IPv6

216
Domains

389
Subdomains

231
IPs

21
Countries

12149 kB
Transfer

31015 kB
Size

441
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 127
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&tealium_account=khaleejtimes&tealium_profile=khaleejtimes HTTP 302
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&tealium_account=khaleejtimes&tealium_profile=khaleejtimes&google_tc= HTTP 302
  • https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&tealium_account=khaleejtimes&tealium_profile=khaleejtimes&google_gid=CAESEEijc2XO9z2b9xQwmYoHSBw&google_cver=1
Request Chain 191
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1008731&time=1682821189780&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1008731&time=1682821189780&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1008731%26time%3D1682821189780%26url%3Dhttps%253A%252F%252Fwww.khaleejtimes.com%252Ftechnology%252Fmicrosoft-says-it-found-malicious-software-in-its-systems%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1008731&time=1682821189780&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1008731&time=1682821189780&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&cookiesTest=true&liSync=true&e_ipv6=AQIlzmAr5KItyQAAAYfP9ZOsQintUjNbXPs57OCea1zdoGBa-2hkhmS77n65y52L6dQNc9gvDQ
Request Chain 361
  • https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=openx&uid=8f191100-b819-0451-17b1-71095a0e0e2e
Request Chain 387
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://u.4dex.io/setuid?bidder=appnexus&uid=7906230784814628655
Request Chain 388
  • https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://u.4dex.io/setuid?bidder=yahoo&uid=y-8DjIHPVE2uFR2uOKsW4OC9XCm9FhSq2QU9djzEU-~A&gdpr=0
Request Chain 393
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=khaleejtimes.com&sn=ChromeSyncframe&so=0&topUrl=www.khaleejtimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=SF-LsXxFQWZjZGhmTmVhQmJTRTYwZFlTbUZTUVZpOXpvbnNYVk5WMXFFWU1rN0tRWVIzWlNob3BOWEp6RHc2bXpSZU5HRjM0OGlUR0g4dkdpSDZoQUNBaUxlV0wxT0M2djNaOVlrTXhENDNqZUZZMHEvdGZuZml6QldpaWFDeGc2MjNmZ3lhMy8zS2IvZlg1bnJtY1VUMmxKZGlzL2lxcVVnT3pEWWFsYVdGbFpRNXRPQjUwS0ZuUDJ6QURmQjhoOGxMT3ozNnkwRUJTL042L2FLL1U5cG9zZURyVlJLVnkxa1ZqUW11ZXRDOG9sSVJWU0MyK1FkSEswMEpud0VLQnU2eXB3T3plZUtnMTI5WWVSRXRldytsNWJUZz09fA&cppv=2
Request Chain 402
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 403
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Request Chain 404
  • https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Request Chain 405
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Request Chain 422
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=abb0385f-fb71-4da5-be13-d1ca93d34856&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 423
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg3NzgyMTE0MzQ3MjA3ODE1NzQ1Mg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 424
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECFypAg-D5nxlfhpLhsDb9E&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 425
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg3NzgyMTE0MzQ3MjA3ODE1NzQ1Mg%3D%3D
Request Chain 427
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3877821143472078157452&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=3877821143472078157452&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4139660057828765566&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 429
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3877821143472078157452?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-9ycs8n9E2oQdEmVnnk_Xxqneje0j8O7X_uyzHf_ktg--~A&dongle=0883
Request Chain 430
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=kuIAmsv1By4MDjailSBd&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NN2USQLNON3DCQTZGRGUI2TBNFWFGQTE&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NN2USQLNON3DCQTZGRGUI2TBNFWFGQTE HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=kuIAmsv1By4MDjailSBd
Request Chain 431
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7906230784814628655&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 446
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
Request Chain 447
  • https://visitor.omnitagjs.com/visitor/bsync?uid=bc65ac468bfc90e6260132832a3bc684&name=ADAGIO&url=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dadyoulike%26uid%3D%24UID HTTP 307
  • https://u.4dex.io/setuid?bidder=adyoulike&uid=18983ad2ee7bdd870b91633e3e36f3f6
Request Chain 466
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&gdpr=0 HTTP 302
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJl831r89Wwikx1tbSuuOgU&gdpr=0&google_cver=1
Request Chain 467
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=TGp3dHZVRm9fZ0k
Request Chain 468
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7mH2ixPLok72pMKq6TY1o&google_cver=1&gdpr=0
Request Chain 469
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE3QSKiBZz7mrFv9ttLKygAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7mH2ixPLok72pMKq6TY1o&google_cver=1
Request Chain 472
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 473
  • https://ssc-cms.33across.com/ps/?_=1682821192120.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://u.4dex.io/setuid?bidder=33across&uid=212153202608429
Request Chain 474
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10595844029665553908&ssp=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&ts=1682821193&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 475
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682821192120.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D1%2526external_user_id%253D%255BMM_UUID%255D HTTP 302
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7
Request Chain 476
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-9pkoB6lE2uF0USXS5HDiujwTTlbmoUWS~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-9pkoB6lE2uF0USXS5HDiujwTTlbmoUWS%7EA&ts=1682821192&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 477
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=55e137c5e57c2191&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAL7N8vOLFCmgMQT54MAAAAAAA&expiration=1682907593&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAL7N8vOLFCmgMQT54MAAAAAAA&ts=1682821193&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 478
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=3877821143472078157452 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3877821143472078157452&ts=1682821192&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 487
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 488
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
Request Chain 492
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Request Chain 495
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Request Chain 496
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1682821192717 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2348982698 HTTP 302
  • https://sync.1rx.io/usersync/turn/3464934303237790935?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Request Chain 497
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=GkJrZBZH2ygXJcZOSOi_0W40
Request Chain 498
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7906230784814628655
Request Chain 499
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
Request Chain 500
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7906230784814628655
Request Chain 508
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=smartadserver HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=Go1CAQPvWv5mMcBHozEv_5U4mb0&user_group=1&ssp=smartadserver&gdpr=0 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&gdpr_consent=
Request Chain 509
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=04010023_644dd048f02af&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=04010023_644dd048f02af&gdpr=0&gdpr_consent=
Request Chain 510
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=611927c9-b19d-413e-a399-edc6a02241e2&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Request Chain 511
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=5ded644d-d048-4900-9db9-f4be5bd2dfb7&gdpr=0&gdpr_consent=
Request Chain 513
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZE3QSAAGdt3yhgA9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZE3QSAAGdt3yhgA9&gdpr=1&gdpr_consent=&_test=ZE3QSAAGdt3yhgA9
Request Chain 514
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477414437337801
Request Chain 515
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D25146A7-FA5A-44E2-8074-F1A3074DE67C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D25146A7-FA5A-44E2-8074-F1A3074DE67C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 516
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBak9VN0ltNkVBQUNCdWQxZl85UQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAjOU7Im6EAACBud1f_9Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2403475317176069061&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAAjOU7Im6EAACBud1f_9Q&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2403475317176069061%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2403475317176069061&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAjOU7Im6EAACBud1f_9Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2403475317176069061%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2403475317176069061&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAAjOU7Im6EAACBud1f_9Q&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Request Chain 517
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1d73644d-d048-4a00-afcb-6c18b71cf71f&gdpr=0&gdpr_consent=
Request Chain 518
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7db5d42e-e6fd-11ed-a34e-d15af96d51e0
Request Chain 519
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7906230784814628655&gdpr=0&gdpr_consent=
Request Chain 520
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uSkp4ustKb6ifirjuC4wt-skeOKiJS3nu3yz6CBt
Request Chain 522
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 523
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
Request Chain 524
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:fYpSPiDn1PSWFi5&gdpr=0&gdpr_consent=
Request Chain 525
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=8dec9353-583e-4c52-8dc5-83aeb3620aef&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Request Chain 526
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Go1CAQPvWv5mMcBHozEv_5U4mb0&gdpr=0&gdpr_consent=
Request Chain 527
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 528
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 530
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0lFGp_paROKAdPGjB03mfA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 531
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=D25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=68afccab-c100-4461-a445-3890741431f3%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=abb0385f-fb71-4da5-be13-d1ca93d34856&ttd_puid=68afccab-c100-4461-a445-3890741431f3%2C%2C
Request Chain 533
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=d68d4bc9-9884-49f3-a2b0-a3d71e6d872e
Request Chain 534
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDI1MTQ2QTctRkE1QS00NEUyLTgwNzQtRjFBMzA3NERFNjdD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 535
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIuCokoupdqAG3MACwWQAUg&google_cver=1
Request Chain 536
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:429FA571C8024762B89F507D54B48C58
Request Chain 537
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3464934303237790935&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 538
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
Request Chain 539
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-H53MDO5E2uUaA2EJEL3QGGZxZhU9Cb0-~A&gdpr=0
Request Chain 541
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=29dad5f5b6062163&is_secure=true&networkId=17100&version=1&nuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMERwH02NBawN4yMlgAAAAAAA&expiration=1682907593&nuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 542
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c4dd86a7-5678-49a7-ae61-326910133e40&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 543
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=275eb785-370e-447e-879f-7fd6dba0d1e9&gdpr=0&gdpr_consent=
Request Chain 544
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Request Chain 546
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_101EA6830_8FA46364&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 547
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4139660057828765566
Request Chain 554
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEOFVp5148LgsuloCqR4cb60&google_cver=1
Request Chain 555
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkwNjIzMDc4NDgxNDYyODY1NQ%3D%3D
Request Chain 556
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHiZ2yv1UAn_tghjpA4RL9I&google_cver=1
Request Chain 557
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=0
Request Chain 560
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D HTTP 302
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
Request Chain 561
  • https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D HTTP 302
  • https://u.4dex.io/setuid?bidder=openx&uid=8f191100-b819-0451-17b1-71095a0e0e2e
Request Chain 565
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7906230784814628655
Request Chain 568
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=GkJrZBZH2ygXJcZOSOi_0W40
Request Chain 570
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Request Chain 572
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Request Chain 574
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7906230784814628655
Request Chain 575
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
Request Chain 577
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7312875239 HTTP 302
  • https://sync.1rx.io/usersync/turn/3464934303237790935?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Request Chain 578
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
Request Chain 583
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4e1bf7541f976ee9 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341%26partner_url%3Dhttps%253A%252F%252Fu-iad04.e-planning.net%252Fum%253Fuid%253D8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341%2526dc%253D0abbcb4eba840e59%2526fi%253D4e1bf7541f976ee9 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&partner_url=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341%26dc%3D0abbcb4eba840e59%26fi%3D4e1bf7541f976ee9 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=4e1bf7541f976ee9
Request Chain 584
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4e1bf7541f976ee9%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4e1bf7541f976ee9&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Request Chain 586
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D4e1bf7541f976ee9%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=2e55a5a9982621f7&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D4e1bf7541f976ee9%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=4e1bf7541f976ee9&uid=AAAL7N8vOLFCrANMlvPvAAAAAAA&expiration=1682907593&is_secure=true
Request Chain 587
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4e1bf7541f976ee9%26uid%3D%24UID HTTP 302
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=4e1bf7541f976ee9&uid=7906230784814628655
Request Chain 588
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D4e1bf7541f976ee9%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=4e1bf7541f976ee9&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Request Chain 589
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D4e1bf7541f976ee9%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=4e1bf7541f976ee9&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
Request Chain 590
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
Request Chain 596
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Request Chain 598
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682821192682.1&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 599
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682821192682.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 600
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1685413193%26external_user_id%3Dabb0385f-fb71-4da5-be13-d1ca93d34856 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1685413193&external_user_id=abb0385f-fb71-4da5-be13-d1ca93d34856
Request Chain 601
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682821192682.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=ZE3QSKiBZz7mrFv9ttLKygAA%261459
Request Chain 602
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341%26partner_url%3Dhttps%253A%252F%252Fssc-cms.33across.com%252Fps%252F%253Fus_privacy%253D%2526xi%253D45%2526xu%253D8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341 HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 603
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=Go1CAQPvWv5mMcBHozEv_5U4mb0 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=Go1CAQPvWv5mMcBHozEv_5U4mb0&ts=1682821193&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 623
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZE3QSAAGdt3yhgA9&gdpr=0&gdpr_consent=
Request Chain 624
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=1b9b14f4-3cf0-4810-acfb-20126d2da168&gdpr=0
Request Chain 626
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=MqGfLmCln3Ip9pwvM6aGe2Cszi4prZsrMPRJgkA5
Request Chain 627
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 633
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dab9c2de71df9c853 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=ab9c2de71df9c853
Request Chain 634
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dab9c2de71df9c853%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ab9c2de71df9c853&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Request Chain 636
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Dab9c2de71df9c853%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=1daea7639bb821f7&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Dab9c2de71df9c853%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ab9c2de71df9c853&uid=AAAMERwH02NBjQNjeAUjAAAAAAA&expiration=1682907594&is_secure=true
Request Chain 637
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dab9c2de71df9c853%26uid%3D%24UID HTTP 302
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ab9c2de71df9c853&uid=7906230784814628655
Request Chain 638
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dab9c2de71df9c853%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ab9c2de71df9c853&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Request Chain 639
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dab9c2de71df9c853%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ab9c2de71df9c853&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
Request Chain 640
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
Request Chain 652
  • https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://u.4dex.io/setuid?bidder=yahoo&uid=y-8DjIHPVE2uFR2uOKsW4OC9XCm9FhSq2QU9djzEU-~A&gdpr=0
Request Chain 653
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://u.4dex.io/setuid?bidder=sovrn&uid=GkJrZBZH2ygXJcZOSOi_0W40
Request Chain 655
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=08CFC161E8804E15B43BC8D2AFA59F8F&RedC=c.clarity.ms&MXFR=34648C04CB6463E411599F07CF646DCC HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=08CFC161E8804E15B43BC8D2AFA59F8F&MUID=34776753A8676F3A3F9E7450A9B16EC5
Request Chain 668
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic&tc=1
Request Chain 669
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
Request Chain 670
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
Request Chain 671
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Request Chain 675
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=56d56af3-a236-00f9-0461-ccddb817661e HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokNTZkNTZhZjMtYTIzNi0wMGY5LTA0NjEtY2NkZGI4MTc2NjFlEAAaDQjKoLeiBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=24a4fb8b72005d282611f8cdeb48f936f2cece8cc3013da3bef2c0ba49c69b1c791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyNGE0ZmI4YjcyMDA1ZDI4MjYxMWY4Y2RlYjQ4ZjkzNmYyY2VjZThjYzMwMTNkYTNiZWYyYzBiYTQ5YzY5YjFjNzkxNDI2YjU0MTdkY2UyMRAAGgwIy6C3ogYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyNGE0ZmI4YjcyMDA1ZDI4MjYxMWY4Y2RlYjQ4ZjkzNmYyY2VjZThjYzMwMTNkYTNiZWYyYzBiYTQ5YzY5YjFjNzkxNDI2YjU0MTdkY2UyMRAAGgwIy6C3ogYSBAgCEABCAEoA&google_gid=CAESEDxW6-G3pVQPqhxqmYW_f0g&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c627d1eb-5899-4018-b4dc-df80b3747a69
Request Chain 676
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7906230784814628655
Request Chain 677
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3464934303237790935&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 678
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE3QSAAGdt3yhgA9
Request Chain 681
  • https://match.adsrvr.org/track/cmf/openx?oxid=03131595-6f71-3699-5b18-4c2e818c07c6&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=abb0385f-fb71-4da5-be13-d1ca93d34856&ttd_puid=03131595-6f71-3699-5b18-4c2e818c07c6&gdpr=0&gdpr_consent=
Request Chain 683
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDy8ChPshv8dJEi20QG_8b8&google_cver=1
Request Chain 684
  • https://x.bidswitch.net/syncd?dsp_id=16&user_group=1&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbidswitch_dbm%26google_hm%3D%24%7BBSW_UID_ENCODED%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=NGU4OGJhZjktNjBkMi00YjdhLTk4MGMtNWMxYzdjNjJkMjdj
Request Chain 685
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDy8ChPshv8dJEi20QG_8b8&google_cver=1&gdpr=0
Request Chain 686
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmY3Y2M2NWYtYTYwNi02ODNkLTRlZjgtMTY5NzRiNmVjOWE2
Request Chain 687
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&piggybackCookie=CAESEIuCokoupdqAG3MACwWQAUg&google_cver=1
Request Chain 688
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&gdpr=0&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDI1MTQ2QTctRkE1QS00NEUyLTgwNzQtRjFBMzA3NERFNjdD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 689
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEHxKKXFT3JOcmWrvBDwcI_8&google_cver=1&gdpr=0
Request Chain 690
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDJjYjg2MTctZGZhOS00YmVkLTgxMmUtZDViZWE2NTE1MDQ5
Request Chain 691
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic&tc=1
Request Chain 692
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
Request Chain 693
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
Request Chain 694
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Request Chain 695
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 704
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Request Chain 706
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682821193045.1&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=7906230784814628655
Request Chain 707
  • https://cs.admanmedia.com/ad78321e103d19bf85068e7bf407c77f.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D121%26us_privacy%3D%26xu%3D%5BUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=121&us_privacy=&xu=611927c9-b19d-413e-a399-edc6a02241e2 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=121&external_user_id=611927c9-b19d-413e-a399-edc6a02241e2&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 708
  • https://sync.1rx.io/usersync2/33across?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=43&external_user_id=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 709
  • https://csync.loopme.me/?pubid=11575&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D122%26us_privacy%3D%26xu%3D%7Bviewer_token%7D HTTP 307
  • https://ssc-cms.33across.com/ps/?xi=122&us_privacy=&xu=92e3d4d5-9716-4f5e-b708-bda9da8c9680&gdpr_consent=null&gdpr=0 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=122&external_user_id=92e3d4d5-9716-4f5e-b708-bda9da8c9680&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 710
  • https://pxl.iqm.com/i/ck/ttacross?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D123%26ts%3D1682821193045.5%26us_privacy%3D%26xu%3D%5BPUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=123&ts=1682821193045.5&us_privacy=&xu=b5b970f6-4794-4043-a6b9-526dc1551fab HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=123&external_user_id=b5b970f6-4794-4043-a6b9-526dc1551fab&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 711
  • https://match.deepintent.com/usersync/149?us_privacy= HTTP 303
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=75&xu=di_bb7fe3469a6e4f3c81420 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=75&external_user_id=di_bb7fe3469a6e4f3c81420&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 714
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Request Chain 718
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LH2SAEWK-1A-5ERB HTTP 302
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LH2SAEWK-1A-5ERB
Request Chain 725
  • https://ssc-cms.33across.com/ps/?_=1682821193226.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X HTTP 302
  • https://u.4dex.io/setuid?bidder=33across&uid=212153202608429
Request Chain 726
  • https://ads.betweendigital.com/match?bidder_id=43963&callback_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D124%26ts%3D1682821193226.2%26us_privacy%3D%26xu%3D%24%7BUSER_ID%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=124&ts=1682821193226.2&us_privacy=&xu=caa4e1f7-081e-5278-9695-c2ccf2d81289 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=124&external_user_id=caa4e1f7-081e-5278-9695-c2ccf2d81289&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 727
  • https://ssbsync.smartadserver.com/api/sync?callerId=78&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D125%26ts%3D1682821193226.3%26us_privacy%3D%26xu%3D%5Bssb_sync_pid%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=125&ts=1682821193226.3&us_privacy=&xu=2403475317176069061 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=125&external_user_id=2403475317176069061&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 728
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1682821193226.4 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=7fd7cc0b-465c-4695-8bfe-08207b90870e HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=66&external_user_id=7fd7cc0b-465c-4695-8bfe-08207b90870e&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 729
  • https://p.rfihub.com/cm?pub=35686&in=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=93&xu=978477414437337801&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=93&external_user_id=978477414437337801&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 730
  • https://rtb.mfadsrvr.com/sync?ssp=the33across&ssp_user_id=&_=1682821193226.6&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=the33across&ssp_user_id=&_=1682821193226.6&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?&xi=112&xu=5fc738f9-8cf6-4ead-96c1-1c7828490792&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=112&external_user_id=5fc738f9-8cf6-4ead-96c1-1c7828490792&ts=1682821195&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 731
  • https://bh.contextweb.com/bh/rtset?pid=561516&ev=1&us_privacy=&rurl=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D5%26xu%3D%25%25VGUID%25%25 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=5&xu=n0h9TTaSFk0n&ev=1&us_privacy=&pid=561516 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=5&external_user_id=n0h9TTaSFk0n&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 733
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=abb0385f-fb71-4da5-be13-d1ca93d34856&expiration=1685413193&gdpr=0&gdpr_consent=
Request Chain 734
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
Request Chain 736
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=429FA571C8024762B89F507D54B48C58
Request Chain 737
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477414437337801
Request Chain 738
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7906230784814628655
Request Chain 739
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3464934303237790935
Request Chain 743
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df3802262-1e01-41c2-7c52-ea2294ef5952%26reqId%3D605f4901-6642-41d3-7f8d-0647fd7cfd0e%26zdid%3D1361 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D68afccab-c100-4461-a445-3890741431f3%252Chttps%25253A%25252F%25252Fmwzeom.zeotap.com%25252Fmw%25253Fcid%25253D68afccab-c100-4461-a445-3890741431f3%252526zpartnerid%25253D5%252526env%25253DmWeb%252526eventType%25253Dmap%252526gdpr%25253D1%252526gdpr_consent%25253D%252526id_mid_4%25253Df3802262-1e01-41c2-7c52-ea2294ef5952%252526reqId%25253D605f4901-6642-41d3-7f8d-0647fd7cfd0e%252526zdid%25253D1361%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7906230784814628655&pt=68afccab-c100-4461-a445-3890741431f3%2Chttps%253A%252F%252Fmwzeom.zeotap.com%252Fmw%253Fcid%253D68afccab-c100-4461-a445-3890741431f3%2526zpartnerid%253D5%2526env%253DmWeb%2526eventType%253Dmap%2526gdpr%253D1%2526gdpr_consent%253D%2526id_mid_4%253Df3802262-1e01-41c2-7c52-ea2294ef5952%2526reqId%253D605f4901-6642-41d3-7f8d-0647fd7cfd0e%2526zdid%253D1361%2C HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=68afccab-c100-4461-a445-3890741431f3&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Request Chain 745
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df3802262-1e01-41c2-7c52-ea2294ef5952%26reqId%3D605f4901-6642-41d3-7f8d-0647fd7cfd0e%26zdid%3D1361&gdpr=0&gdpr_consent= HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=abb0385f-fb71-4da5-be13-d1ca93d34856&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Request Chain 748
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df3802262-1e01-41c2-7c52-ea2294ef5952%26reqId%3D605f4901-6642-41d3-7f8d-0647fd7cfd0e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Request Chain 749
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f16a5e4b-bacc-4f83-9ca9-55ee06a547a4&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 750
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f3802262-1e01-41c2-7c52-ea2294ef5952&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df3802262-1e01-41c2-7c52-ea2294ef5952%26reqId%3D605f4901-6642-41d3-7f8d-0647fd7cfd0e%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f3802262-1e01-41c2-7c52-ea2294ef5952&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df3802262-1e01-41c2-7c52-ea2294ef5952%26reqId%3D605f4901-6642-41d3-7f8d-0647fd7cfd0e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=74528481465111208781197755918741327382&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Request Chain 751
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df3802262-1e01-41c2-7c52-ea2294ef5952%26reqId%3D605f4901-6642-41d3-7f8d-0647fd7cfd0e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7227661993255565453&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Request Chain 752
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f3802262-1e01-41c2-7c52-ea2294ef5952&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df3802262-1e01-41c2-7c52-ea2294ef5952%26reqId%3D605f4901-6642-41d3-7f8d-0647fd7cfd0e%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f3802262-1e01-41c2-7c52-ea2294ef5952&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df3802262-1e01-41c2-7c52-ea2294ef5952%26reqId%3D605f4901-6642-41d3-7f8d-0647fd7cfd0e%26zdid%3D1361&bounce=1&random=4150006340 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=RznXt1RCwDOmgdA5Q1EmNO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Request Chain 753
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df3802262-1e01-41c2-7c52-ea2294ef5952%26reqId%3D605f4901-6642-41d3-7f8d-0647fd7cfd0e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=2403475317176069061&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Request Chain 754
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f3802262-1e01-41c2-7c52-ea2294ef5952?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=8d29ae9cdc157d778c92c0c52e27883a&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Request Chain 755
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-.JwtF3FE2opwFMYrQvML4eQUUWdLyflWdw--~A&zpartnerid=570&env=mWeb
Request Chain 756
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=CAN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CAN&zdid=1361&cid=U6BFRsCULOfJCqkgAvwlMTgGeB7%2B6jTN%2BS41iYitP1U%3D
Request Chain 757
  • https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=f3802262-1e01-41c2-7c52-ea2294ef5952&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=993&env=mWeb&cid=10595844029665553908&zdid=1361&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&w_k=${w_k}&user_zi=${user_zi}&optin=${optin}&uc=${uc}&z_p=${z_p}&gdpr=0&gdpr_consent=
Request Chain 759
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df3802262-1e01-41c2-7c52-ea2294ef5952%26reqId%3D605f4901-6642-41d3-7f8d-0647fd7cfd0e%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZE3QSAAGdt3yhgA9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Request Chain 760
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Request Chain 761
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f3802262-1e01-41c2-7c52-ea2294ef5952&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f3802262-1e01-41c2-7c52-ea2294ef5952&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361&dcc=t
Request Chain 765
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6930189154 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/abb0385f-fb71-4da5-be13-d1ca93d34856 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Request Chain 766
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
Request Chain 770
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Request Chain 772
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Request Chain 775
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
Request Chain 781
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Request Chain 783
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4275550696 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/abb0385f-fb71-4da5-be13-d1ca93d34856 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Request Chain 785
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEBta2DlDtcRhR0N3_YAM6TU&google_cver=1&gdpr=0
Request Chain 786
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEGT3xmMi4zuACO-HmI4thzM&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEGT3xmMi4zuACO-HmI4thzM&google_cver=1&__user_check__=1&sync_id=7eb8be00-e6fd-11ed-8934-101e43450403
Request Chain 787
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=7eb8c168-e6fd-11ed-84e1-1ba7fdf00103 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=N2ViOGJkYjAtZTZmZC0xMWVkLTg5MzQtMTAxZTQzNDUwNDAz
Request Chain 788
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LH2SAEWK-1A-5ERB HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LH2SAEWK-1A-5ERB HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LH2SAEWK-1A-5ERB&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 797
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
Request Chain 798
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=abb0385f-fb71-4da5-be13-d1ca93d34856&expiration=1685413194&gdpr=0&gdpr_consent=
Request Chain 800
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZE3QSKiBZz7mrFv9ttLKygAA%261459&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
Request Chain 801
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9392106e-c708-905c-1a29a45f
Request Chain 802
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7906230784814628655
Request Chain 803
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e7b476299e03423b876156b73e369518&expiration=1685413197
Request Chain 822
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Request Chain 824
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3790831835 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/abb0385f-fb71-4da5-be13-d1ca93d34856 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Request Chain 825
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
Request Chain 830
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dab9c2de71df9c853 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=ab9c2de71df9c853
Request Chain 831
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dab9c2de71df9c853%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ab9c2de71df9c853&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Request Chain 833
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Dab9c2de71df9c853%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=364109cfab360fe8&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Dab9c2de71df9c853%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ab9c2de71df9c853&uid=AAAMERwH02NBqANzpj3zAAAAAAA&expiration=1682907595&is_secure=true
Request Chain 834
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dab9c2de71df9c853%26uid%3D%24UID HTTP 302
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ab9c2de71df9c853&uid=7906230784814628655
Request Chain 835
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dab9c2de71df9c853%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ab9c2de71df9c853&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Request Chain 836
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dab9c2de71df9c853%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ab9c2de71df9c853&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
Request Chain 837
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
Request Chain 838
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEgyU0FFV0stMUEtNUVSQg== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOk91bNr3-eHr2em6AAzZZA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyU0FFV0stMUEtNUVSQg==&google_push=
Request Chain 839
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2SAEWK-1A-5ERB
Request Chain 840
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DM19KBtVQMGAX9tcsFoNdQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DM19KBtVQMGAX9tcsFoNdQ
Request Chain 841
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/AuEfNLX9FeAR5vBeNw1mPcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uASBihJE2oJXi8CVW2j.qKdouufS9OojEWjnvw--~A
Request Chain 842
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=&expires=30
Request Chain 843
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjFjZjdhNjVmYjIxNDQ2Yjg1ZmIwMmYyZGE2NmMyZDgwYWFhOGM0NQ
Request Chain 845
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHiZ2yv1UAn_tghjpA4RL9I&google_cver=1
Request Chain 846
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dab9c2de71df9c853 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=ab9c2de71df9c853
Request Chain 847
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dab9c2de71df9c853%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ab9c2de71df9c853&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Request Chain 849
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Dab9c2de71df9c853%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=3a4bdc102ddb2163&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Dab9c2de71df9c853%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ab9c2de71df9c853&uid=AAAL7N8vOLFC1gMkrmI6AAAAAAA&expiration=1682907595&is_secure=true
Request Chain 850
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dab9c2de71df9c853%26uid%3D%24UID HTTP 302
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ab9c2de71df9c853&uid=7906230784814628655
Request Chain 851
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dab9c2de71df9c853%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ab9c2de71df9c853&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Request Chain 852
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dab9c2de71df9c853%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ab9c2de71df9c853&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
Request Chain 853
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
Request Chain 864
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=1c9d2170-3d0b-0ad7-2d8d-d76f65be09f7&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:0493722afcf1b6c27b31a620a7601a82
Request Chain 865
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=3EWfqcb3j7e9bACZUpU9fA==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 866
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=5ded644d-d048-4900-9db9-f4be5bd2dfb7
Request Chain 867
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=275eb785-370e-447e-879f-7fd6dba0d1e9
Request Chain 868
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Request Chain 875
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic
Request Chain 876
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
Request Chain 877
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
Request Chain 878
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Request Chain 880
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D5c6c647b53171dd3%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=2a03ec88ea5b21f7&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D5c6c647b53171dd3%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=5c6c647b53171dd3&uid=AAAL3IeCRjuM5gN-iFHxAAAAAAA&expiration=1682907595&is_secure=true
Request Chain 882
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Request Chain 885
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 893
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Request Chain 895
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic
Request Chain 896
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
Request Chain 897
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
Request Chain 898
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Request Chain 899
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 905
  • https://um.simpli.fi/33across?us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=41&xu=429FA571C8024762B89F507D54B48C58&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=41&external_user_id=429FA571C8024762B89F507D54B48C58&ts=1682821195&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 906
  • https://um.simpli.fi/33across?us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=41&xu=429FA571C8024762B89F507D54B48C58&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=41&external_user_id=429FA571C8024762B89F507D54B48C58&ts=1682821195&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 911
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=275eb785-370e-447e-879f-7fd6dba0d1e9&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 912
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 913
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-1a8d4201-03ef-5afe-6631-c047a3312fff$ip$149.56.153.189&dongle=4430
Request Chain 916
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3464934303237790935&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 918
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAAjOU7Im6EAACBud1f_9Q&dongle=bzwx&gdpr=0
Request Chain 934
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=eplanning_east&khaos=LH2SAEWK-1A-5ERB HTTP 302
  • https://sync.e-planning.net/um?uid=LH2SAEWK-1A-5ERB&dc=9bcc91305985f0db&iss=1
Request Chain 943
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=429FA571C8024762B89F507D54B48C58
Request Chain 944
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=03a5c911-58ab-0ce8-199e-b0280b1ac629 HTTP 303
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=03a5c911-58ab-0ce8-199e-b0280b1ac629&_li_chk=true&previous_uuid=d79cd71aba534911984773f2b8e35abe HTTP 303
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=03a5c911-58ab-0ce8-199e-b0280b1ac629&previous_uuid=556886489cee4d4e88c8b0e772037a6d HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3464934303237790935 HTTP 303
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=d79cd71a-ba53-4911-9847-73f2b8e35abe&liid=&_ct=im HTTP 302
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=1e31fd452a4dbee872c2ba525ab42958 HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
Request Chain 948
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=afbe801f-77e9-13af-ac31-07dda4414704 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=01dsag5e7kpm2
Request Chain 951
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Request Chain 954
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Request Chain 955
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 963
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7906230784814628655
Request Chain 964
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7
Request Chain 965
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAjOU7Im6EAACBud1f_9Q&expiration=1684030795
Request Chain 966
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
Request Chain 967
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2403475317176069061&gdpr=0&gdpr_consent=
Request Chain 968
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=fYpSPiDn1PSWFi5
Request Chain 969
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=7db5d42e-e6fd-11ed-a34e-d15af96d51e0
Request Chain 974
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=ghbE4tASxL6ZQcfjgxHdt9AbleKZGsDngEO1fHVZ
Request Chain 975
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=6b296f0a127b0fe8&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAFprChOVJ8PwNWbWKJAAAAAAA&expiration=1682907595&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 976
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=5ded644d-d048-4900-9db9-f4be5bd2dfb7&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 977
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=5fc738f9-8cf6-4ead-96c1-1c7828490792&dongle=31ac
Request Chain 978
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZE3QSAAGdt3yhgA9&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 979
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6547&xuid=LK5U8UAZo2GVgnyxkra5&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Request Chain 980
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=fYpSPiDn1PSWFi5&dongle=465e&gdpr=0&gdpr_consent=
Request Chain 981
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=429FA571C8024762B89F507D54B48C58&dongle=yf3
Request Chain 985
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7906230784814628655
Request Chain 986
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
Request Chain 987
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAjOU7Im6EAACBud1f_9Q&expiration=1684030795
Request Chain 988
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3QSAAGdt3yhgA9
Request Chain 989
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4139660057828765566&expiration=1684030795
Request Chain 990
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
Request Chain 992
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=703fc64aca350fe8&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAL3IeCRjuNEwNV2RE5AAAAAAA&expiration=1682907596&is_secure=true
Request Chain 1007
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1rYTFRczZCRTJ1SFBHZmxMSWhSNF9hSGlhbHVpbG8uX35B&gdpr=0
Request Chain 1008
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIMXXLl8B62eBmdsI6ji_DM&google_cver=1?gdpr=0
Request Chain 1009
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7906230784814628655
Request Chain 1010
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAjOU7Im6EAACBud1f_9Q&expiration=1684030795
Request Chain 1011
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3QSAAGdt3yhgA9
Request Chain 1012
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7
Request Chain 1013
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4139660057828765566&expiration=1684030796
Request Chain 1014
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=7fd7cc0b-465c-4695-8bfe-08207b90870e
Request Chain 1015
  • https://match.deepintent.com/usersync/113 HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_bb7fe3469a6e4f3c81420
Request Chain 1016
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=63a13001-1751-4eb2-a70a-aa6ea39a6000&expiration=1714443596
Request Chain 1025
  • https://ap.lijit.com/beacon?informer=13413210 HTTP 301
  • https://ce.lijit.com/beacon?informer=13413210
Request Chain 1030
  • https://ap.lijit.com/beacon?informer=13413210 HTTP 301
  • https://ce.lijit.com/beacon?informer=13413210
Request Chain 1036
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
Request Chain 1038
  • https://ap.lijit.com/beacon?informer=13413210 HTTP 301
  • https://ce.lijit.com/beacon?informer=13413210
Request Chain 1044
  • https://ap.lijit.com/beacon?informer=13413210 HTTP 301
  • https://ce.lijit.com/beacon?informer=13413210
Request Chain 1046
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=109c1fce-ad74-46c0-b5d3-0584821c0883&ssp=smartadserver HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Request Chain 1047
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=169a826d-feb3-09f5-1c8a-f212a79fdc00
Request Chain 1048
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
Request Chain 1049
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2403475317176069061&gdpr=0&gdpr_consent=
Request Chain 1050
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4139660057828765566&gdpr=0&gdpr_consent=
Request Chain 1051
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
Request Chain 1061
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Request Chain 1063
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.44%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=1186132776 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2069.44/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Request Chain 1076
  • https://csync.loopme.me/?pubid=11002&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=0%26gdpr_consent= HTTP 307
  • https://eb2.3lift.com/xuid?mid=6126&xuid=92e3d4d5-9716-4f5e-b708-bda9da8c9680&dongle=9e4f&gdpr
Request Chain 1077
  • https://c1.adform.net/serving/cookie/match?party=1245&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7354&xuid=4139660057828765566&dongle=AD20&gdpr=0&gdpr_consent=
Request Chain 1078
  • https://sid.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab HTTP 302
  • https://sid.storygize.net/csr?r=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3396%26xuid%3D42fd1fa5-c3cb-473b-9b63-c44b55682ec7%26dongle%3Dc7e1 HTTP 302
  • https://eb2.3lift.com/xuid?mid=3396&xuid=42fd1fa5-c3cb-473b-9b63-c44b55682ec7&dongle=c7e1
Request Chain 1079
  • https://p.rfihub.com/cm?pub=36497&in=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7414&xuid=978477414437337801&dongle=U48
Request Chain 1080
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dn0h9TTaSFk0n%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
Request Chain 1082
  • https://match.deepintent.com/usersync/140?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7596&xuid=di_bb7fe3469a6e4f3c81420&dongle=fg7
Request Chain 1084
  • https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=3877821143472078157452 HTTP 302
  • https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3877821143472078157452
Request Chain 1086
  • https://sync.1rx.io/usersync/openx/902505f7-14c4-04f2-0bf5-15c627344bba HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Request Chain 1087
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAjOU7Im6EAACBud1f_9Q
Request Chain 1089
  • https://oxp.mxptint.net/OpenX.ashx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33645_101EA6830_8FA46364
Request Chain 1091
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=fYpSPiDn1PSWFi5
Request Chain 1092
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4139660057828765566
Request Chain 1093
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=uB3sZ-oZ7DujSu9muRr1MuoQvWejEehiukiIRTEq
Request Chain 1094
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=openx&bidswitch_custom_parameter=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=13a9ab20ca47528906189634db924386&expires=30&ssp=openx&bsw_param=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1095
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=978477414437337801
Request Chain 1096
  • https://csync.loopme.me/?pubid=11002&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=0%26gdpr_consent= HTTP 307
  • https://eb2.3lift.com/xuid?mid=6126&xuid=92e3d4d5-9716-4f5e-b708-bda9da8c9680&dongle=9e4f&gdpr
Request Chain 1097
  • https://c1.adform.net/serving/cookie/match?party=1245&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7354&xuid=4139660057828765566&dongle=AD20&gdpr=0&gdpr_consent=
Request Chain 1098
  • https://sid.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab HTTP 302
  • https://sid.storygize.net/csr?r=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3396%26xuid%3Dc46b7bec-929d-4934-b270-6a180796d2f4%26dongle%3Dc7e1 HTTP 302
  • https://eb2.3lift.com/xuid?mid=3396&xuid=c46b7bec-929d-4934-b270-6a180796d2f4&dongle=c7e1
Request Chain 1099
  • https://p.rfihub.com/cm?pub=36497&in=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7414&xuid=978477414437337801&dongle=U48
Request Chain 1100
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dn0h9TTaSFk0n%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
Request Chain 1102
  • https://match.deepintent.com/usersync/140?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7596&xuid=di_bb7fe3469a6e4f3c81420&dongle=fg7
Request Chain 1104
  • https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=3877821143472078157452 HTTP 302
  • https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3877821143472078157452
Request Chain 1106
  • https://sync.1rx.io/usersync/openx/902505f7-14c4-04f2-0bf5-15c627344bba HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Request Chain 1107
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAjOU7Im6EAACBud1f_9Q
Request Chain 1109
  • https://oxp.mxptint.net/OpenX.ashx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33645_101EA6830_8FA46364
Request Chain 1111
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=fYpSPiDn1PSWFi5
Request Chain 1112
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4139660057828765566
Request Chain 1113
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=uB3sZ-oZ7DujSu9muRr1MuoQvWejEehiukiIRTEq
Request Chain 1114
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=ea2faf13-0f1d-45a8-830a-a62f4301fb57&expires=1&user_group=5&ssp=openx&bsw_param=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1115
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=978477414437337801
Request Chain 1116
  • https://csync.loopme.me/?pubid=11002&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=0%26gdpr_consent= HTTP 307
  • https://eb2.3lift.com/xuid?mid=6126&xuid=92e3d4d5-9716-4f5e-b708-bda9da8c9680&dongle=9e4f&gdpr
Request Chain 1117
  • https://c1.adform.net/serving/cookie/match?party=1245&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7354&xuid=4139660057828765566&dongle=AD20&gdpr=0&gdpr_consent=
Request Chain 1118
  • https://sid.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab HTTP 302
  • https://sid.storygize.net/csr?r=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3396%26xuid%3D89e7d06b-ceed-4d9e-8877-857c93b04dbc%26dongle%3Dc7e1 HTTP 302
  • https://eb2.3lift.com/xuid?mid=3396&xuid=89e7d06b-ceed-4d9e-8877-857c93b04dbc&dongle=c7e1
Request Chain 1119
  • https://p.rfihub.com/cm?pub=36497&in=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7414&xuid=978477414437337801&dongle=U48
Request Chain 1120
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dn0h9TTaSFk0n%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
Request Chain 1122
  • https://match.deepintent.com/usersync/140?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7596&xuid=di_bb7fe3469a6e4f3c81420&dongle=fg7
Request Chain 1124
  • https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=3877821143472078157452 HTTP 302
  • https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3877821143472078157452
Request Chain 1126
  • https://ums.acuityplatform.com/tum?umid=23&uid=3877821143472078157452&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3391&xuid=773702615066&dongle=6f30
Request Chain 1127
  • https://sync.1rx.io/usersync2/triplelift HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2047%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7965400686 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2047/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4070%26xuid%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005%26dongle%3D2dcc HTTP 302
  • https://eb2.3lift.com/xuid?mid=4070&xuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&dongle=2dcc
Request Chain 1128
  • https://ad.mrtnsvr.com/sync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7976%26xuid%3D%23PM_USER_ID%26dongle%3Du6nf%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7976&xuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&dongle=u6nf&gdpr=0&gdpr_consent=
Request Chain 1129
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4557%26xuid%3D[sas_uid]%26dongle%3D7044%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4557&xuid=2403475317176069061&dongle=7044&gdpr=0&gdpr_consent=
Request Chain 1131
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dn0h9TTaSFk0n%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
Request Chain 1132
  • https://cs.mobfox.com/716e10ddd83b1d85fd9cf6dad49829dd.gif?puid=[UID] HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156451&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156451%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcs.mobfox.com%252Fffdab1eda43dfa0004e011a7d40b5fd7.gif%253Fpuid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr_consent=%5BGDPR_CONSENT%5D&partnerID=156451&pmc=1&pr=https%3A%2F%2Fcs.mobfox.com%2Fffdab1eda43dfa0004e011a7d40b5fd7.gif%3Fpuid%3DD25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 302
  • https://cs.mobfox.com/ffdab1eda43dfa0004e011a7d40b5fd7.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=c0257981-db57-443e-8ca1-0cec51969887&id=71618fec-dbef-41c1-8812-fbb7225e4849
Request Chain 1136
  • https://ad.mrtnsvr.com/sync/openx HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540245193%26val%3D%23PM_USER_ID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Request Chain 1138
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=7df35828-c3f6-0083-01d6-a6b331283fc1&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687623
Request Chain 1141
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=1f62b228ed2b0fe8&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAFprChOVJ8egMxxzO2AAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
Request Chain 1142
  • https://px.owneriq.net/eox HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7361075961987999054&uid=Q7361075961987999054&ref=%2Feox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075961987999054
Request Chain 1145
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=0a286428-fa0e-0f07-2c43-f2c97352fffa HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
Request Chain 1146
  • https://ad.mrtnsvr.com/sync/openx HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540245193%26val%3D%23PM_USER_ID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Request Chain 1148
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=7df35828-c3f6-0083-01d6-a6b331283fc1&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687624
Request Chain 1149
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_9f2773ac-eb15-4bab-a1a1-5f7d27750bb9
Request Chain 1151
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=7938789621ec21f7&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAL3IeCRjuNNwNODAdYAAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
Request Chain 1152
  • https://px.owneriq.net/eox HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7361075961319417013&uid=Q7361075961319417013&ref=%2Feox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075961319417013
Request Chain 1155
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=0a286428-fa0e-0f07-2c43-f2c97352fffa HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
Request Chain 1156
  • https://ad.mrtnsvr.com/sync/openx HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540245193%26val%3D%23PM_USER_ID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Request Chain 1158
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=7df35828-c3f6-0083-01d6-a6b331283fc1&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687624
Request Chain 1159
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_857b88dc-1703-4115-bae2-68327285501f
Request Chain 1161
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=3dba5dedf9a72163&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAMERwH02NB8QNh3Qt0AAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
Request Chain 1162
  • https://px.owneriq.net/eox HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7361075971225854608&uid=Q7361075971225854608&ref=%2Feox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075971225854608
Request Chain 1165
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=0a286428-fa0e-0f07-2c43-f2c97352fffa HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
Request Chain 1166
  • https://ad.mrtnsvr.com/sync/openx HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540245193%26val%3D%23PM_USER_ID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Request Chain 1168
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=7df35828-c3f6-0083-01d6-a6b331283fc1&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687624
Request Chain 1169
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_8ee4fae7-01e7-4502-8997-210ac70b1164
Request Chain 1171
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=3c1b993ab8092191&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAL7N8vOLFDJANrWAFSAAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
Request Chain 1172
  • https://px.owneriq.net/eox HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7361075971502906703&uid=Q7361075971502906703&ref=%2Feox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075971502906703
Request Chain 1175
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=0a286428-fa0e-0f07-2c43-f2c97352fffa HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
Request Chain 1176
  • https://ums.acuityplatform.com/tum?umid=23&uid=3877821143472078157452&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3391&xuid=773702615066&dongle=6f30
Request Chain 1177
  • https://sync.1rx.io/usersync2/triplelift HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2047%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7465388568 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2047/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4070%26xuid%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005%26dongle%3D2dcc HTTP 302
  • https://eb2.3lift.com/xuid?mid=4070&xuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&dongle=2dcc
Request Chain 1178
  • https://ad.mrtnsvr.com/sync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7976%26xuid%3D%23PM_USER_ID%26dongle%3Du6nf%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7976&xuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&dongle=u6nf&gdpr=0&gdpr_consent=
Request Chain 1179
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4557%26xuid%3D[sas_uid]%26dongle%3D7044%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4557&xuid=2403475317176069061&dongle=7044&gdpr=0&gdpr_consent=
Request Chain 1181
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dn0h9TTaSFk0n%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
Request Chain 1182
  • https://cs.mobfox.com/716e10ddd83b1d85fd9cf6dad49829dd.gif?puid=[UID] HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156451&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156451%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcs.mobfox.com%252Fffdab1eda43dfa0004e011a7d40b5fd7.gif%253Fpuid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr_consent=%5BGDPR_CONSENT%5D&partnerID=156451&pmc=1&pr=https%3A%2F%2Fcs.mobfox.com%2Fffdab1eda43dfa0004e011a7d40b5fd7.gif%3Fpuid%3DD25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 302
  • https://cs.mobfox.com/ffdab1eda43dfa0004e011a7d40b5fd7.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 302
  • https://dm-us.hybrid.ai/match?id=9c1c6b90-f51a-4f3f-9fb1-96ff1fe02e31
Request Chain 1186
  • https://ums.acuityplatform.com/tum?umid=23&uid=3877821143472078157452&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3391&xuid=773702615066&dongle=6f30
Request Chain 1187
  • https://sync.1rx.io/usersync2/triplelift HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2047%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=3464501808 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2047/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4070%26xuid%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005%26dongle%3D2dcc HTTP 302
  • https://eb2.3lift.com/xuid?mid=4070&xuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&dongle=2dcc
Request Chain 1188
  • https://ad.mrtnsvr.com/sync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7976%26xuid%3D%23PM_USER_ID%26dongle%3Du6nf%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7976&xuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&dongle=u6nf&gdpr=0&gdpr_consent=
Request Chain 1189
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4557%26xuid%3D[sas_uid]%26dongle%3D7044%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4557&xuid=2403475317176069061&dongle=7044&gdpr=0&gdpr_consent=
Request Chain 1191
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dn0h9TTaSFk0n%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
Request Chain 1192
  • https://cs.mobfox.com/716e10ddd83b1d85fd9cf6dad49829dd.gif?puid=[UID] HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156451&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156451%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fcs.mobfox.com%252Fffdab1eda43dfa0004e011a7d40b5fd7.gif%253Fpuid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr_consent=%5BGDPR_CONSENT%5D&partnerID=156451&pmc=1&pr=https%3A%2F%2Fcs.mobfox.com%2Fffdab1eda43dfa0004e011a7d40b5fd7.gif%3Fpuid%3DD25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 302
  • https://cs.mobfox.com/ffdab1eda43dfa0004e011a7d40b5fd7.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 302
  • https://dm-us.hybrid.ai/match?id=2fafe7fb-d2de-4764-aaa8-146875d9c194
Request Chain 1197
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D0855814426be387e%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=57784bd674392191&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D0855814426be387e%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=0855814426be387e&uid=AAAL7N8vOLFDEQNYVSH4AAAAAAA&expiration=1682907597&is_secure=true
Request Chain 1204
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7&expires=30&ssp=between&bsw_param=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
Request Chain 1205
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS04RGpJSFBWRTJ1RlIydU9Lc1c0T0M5WENtOUZoU3EyUVU5ZGp6RVUtfkE%3D&gdpr=0
Request Chain 1206
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uL4sb4hLhO5f.AikABlGHz_WuLA
Request Chain 1208
  • https://sync.extend.tv/r.gif?exchange=openx&id= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537115685&val=4c3cb01c-affc-4fba-af00-9ec746d0cd13
Request Chain 1209
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.cbc68e875474459db9e07fb79c8b8c8b
Request Chain 1210
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=7f8fb08a-14bb-0269-0da6-4f2231ed20a0&redirectId=2257 HTTP 302
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Request Chain 1211
  • https://dmp.brand-display.com/cm/api/openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=9392106e-c708-905c-1a29a45f
Request Chain 1213
  • https://ssbsync.smartadserver.com/api/sync?callerId=81&gdpr=0 HTTP 302
  • https://u.openx.net/w/1.0/sd?id=540394477&val=2403475317176069061&gdpr=0&gdpr_consent=
Request Chain 1214
  • https://sync.extend.tv/r.gif?exchange=openx&id= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537115685&val=4ef494e1-05e1-4826-89a2-aa70cfed2e73
Request Chain 1215
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.cbc68e875474459db9e07fb79c8b8c8b
Request Chain 1216
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=7f8fb08a-14bb-0269-0da6-4f2231ed20a0&redirectId=2257 HTTP 302
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Request Chain 1217
  • https://dmp.brand-display.com/cm/api/openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=9392106e-c708-905c-1a29a45f
Request Chain 1219
  • https://ssbsync.smartadserver.com/api/sync?callerId=81&gdpr=0 HTTP 302
  • https://u.openx.net/w/1.0/sd?id=540394477&val=2403475317176069061&gdpr=0&gdpr_consent=
Request Chain 1220
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 1221
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Request Chain 1222
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Request Chain 1223
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GkJrZBZH2ygXJcZOSOi_0W40&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
Request Chain 1224
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Request Chain 1225
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
Request Chain 1226
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dfmx%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=fmx&user_id=tTTWnTvsS_zNFxrKtjKs0 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Request Chain 1229
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
Request Chain 1230
  • https://um.simpli.fi/lj_match?r=1682821195955&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
Request Chain 1231
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 1232
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Request Chain 1233
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Request Chain 1234
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Request Chain 1235
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Request Chain 1236
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Request Chain 1237
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
Request Chain 1239
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Request Chain 1241
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
Request Chain 1242
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GkJrZBZH2ygXJcZOSOi_0W40&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
Request Chain 1243
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Request Chain 1244
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Request Chain 1245
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
Request Chain 1246
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 1247
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Request Chain 1248
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Request Chain 1249
  • https://um.simpli.fi/lj_match?r=1682821195962&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
Request Chain 1250
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 1252
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Request Chain 1253
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Request Chain 1254
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dfmx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=109c1fce-ad74-46c0-b5d3-0584821c0883&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Request Chain 1255
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Request Chain 1256
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
Request Chain 1257
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 1258
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Request Chain 1260
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
Request Chain 1261
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dfmx%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=fmx&user_id=7gdhscOA_00W-A7bUGlR0 HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Request Chain 1263
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Request Chain 1264
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
Request Chain 1265
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Request Chain 1266
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Request Chain 1267
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Request Chain 1268
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GkJrZBZH2ygXJcZOSOi_0W40&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
Request Chain 1269
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Request Chain 1270
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Request Chain 1271
  • https://um.simpli.fi/lj_match?r=1682821195962&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
Request Chain 1272
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Request Chain 1273
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
Request Chain 1274
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 1276
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Request Chain 1277
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Request Chain 1278
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Request Chain 1279
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent= HTTP 307
  • https://ap.lijit.com/merge?pid=94&3pid=644DD04C543276FDC4E871C8BLIS&gdpr=0&gdpr_consent= HTTP 301
  • https://ce.lijit.com/merge?pid=94&3pid=644DD04C543276FDC4E871C8BLIS&gdpr=0&gdpr_consent=
Request Chain 1280
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GkJrZBZH2ygXJcZOSOi_0W40&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
Request Chain 1281
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Request Chain 1282
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
Request Chain 1283
  • https://um.simpli.fi/lj_match?r=1682821195987&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
Request Chain 1284
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Request Chain 1285
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Request Chain 1286
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
Request Chain 1287
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Request Chain 1288
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Request Chain 1289
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent= HTTP 302
  • https://sync2.resetdigital.co/csync/bs?type=d&bidswitch_ssp_id=fmx&gdpr=0&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=447&user_id=000000F4716E956B&expires=15&ssp=fmx HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Request Chain 1290
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
Request Chain 1291
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
Request Chain 1293
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
Request Chain 1296
  • https://idsync.rlcdn.com/420416.gif?partner_uid=3877821143472078157452&cv=&ct=4 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=56d56af3-a236-00f9-0461-ccddb817661e
Request Chain 1297
  • https://id.rlcdn.com/712307.gif?ct=4&cv= HTTP 307
  • https://eb2.3lift.com/xuid?idenv=
Request Chain 1298
  • https://u.ipw.metadsp.co.uk/sync?ssp=common&caller=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=common&caller=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3421&xuid=d7e185a3ce25d0125a383b6e61b25b60b17a4342cc67b4a30bf6acaba41ec9a1df3402079f2738cf6bb35e3b4e4f90ad&dongle=acfc
Request Chain 1301
  • https://idsync.rlcdn.com/420416.gif?partner_uid=3877821143472078157452&cv=&ct=4 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJd5WaYK_8SAv1bECwgogKE&google_cver=1
Request Chain 1303
  • https://u.ipw.metadsp.co.uk/sync?ssp=common&caller=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=common&caller=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3421&xuid=d7e185a3ce25d0125a383b6e61b25b60b17a4342cc67b4a30bf6acaba41ec9a1df3402079f2738cf6bb35e3b4e4f90ad&dongle=acfc
Request Chain 1306
  • https://idsync.rlcdn.com/420416.gif?partner_uid=3877821143472078157452&cv=&ct=4 HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=abb0385f-fb71-4da5-be13-d1ca93d34856
Request Chain 1308
  • https://u.ipw.metadsp.co.uk/sync?ssp=common&caller=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=common&caller=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3421&xuid=d7e185a3ce25d0125a383b6e61b25b60b17a4342cc67b4a30bf6acaba41ec9a1df3402079f2738cf6bb35e3b4e4f90ad&dongle=acfc
Request Chain 1311
  • https://tg.socdm.com/aux/idsync?proto=taboola HTTP 302
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZE3QTcCo8YAAABK4Jd4AAAAA
Request Chain 1312
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__ HTTP 302
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=90b806a7b13541588c42d5fba50371ae HTTP 302
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=90b806a7b13541588c42d5fba50371ae
Request Chain 1314
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698 HTTP 302
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LH2SAEWK-1A-5ERB
Request Chain 1315
  • https://pr-bh.ybp.yahoo.com/sync/taboola/5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-M5nbIvhE2oTbwv4QToxgzcTaytUTesnz8OKlSg--~A
Request Chain 1317
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEA8XRd3QR2twpUMlJtnWbWY&google_cver=1
Request Chain 1319
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
Request Chain 1320
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=abb0385f-fb71-4da5-be13-d1ca93d34856
Request Chain 1324
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4cba3614-0a55-4029-9bf6-6fae57427e17
Request Chain 1325
  • https://id5-sync.com/s/464/9.gif?puid=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-a541koBAxj5TsLRkAj2aQp2_M0XF0fSceceXZow3zw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F6%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/3/6/2.gif?puid=5ded644d-d048-4900-9db9-f4be5bd2dfb7&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F5%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/464/429/5/3.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/464/434/4/4.gif?puid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/3/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/2/3/5.gif?puid=7906230784814628655&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=abb0385f-fb71-4da5-be13-d1ca93d34856&ttl=%%TTL%% HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/441/1/7.gif?puid=u_d4b52a6b-cc18-4416-b0d4-1071372d77a7&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F0%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/108/0/8.gif?puid=68afccab-c100-4461-a445-3890741431f3&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-a541koBAxj5TsLRkAj2aQp2_M0XF0fSceceXZow3zw
Request Chain 1326
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtaboola%26bsw_param%3D4e88baf9-60d2-4b7a-980c-5c1c7c62d27c%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=c487552ba4ca418fa215f37369d81dac&ssp=taboola&bsw_param=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
Request Chain 1327
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5fc738f9-8cf6-4ead-96c1-1c7828490792 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5fc738f9-8cf6-4ead-96c1-1c7828490792&tbid=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&query=taboola_hm%3D5fc738f9-8cf6-4ead-96c1-1c7828490792&isDirect=0
Request Chain 1330
  • https://sync.srv.stackadapt.com/sync?nid=140 HTTP 302
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=Go1CAQPvWv5mMcBHozEv_5U4mb0
Request Chain 1331
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://csync.loopme.me/?partner_id=1196&uid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&vt=&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
Request Chain 1333
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D0%26us_privacy%3D1---%26orig%3Dvideo%26taboola_hm%3D HTTP 302
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8429f6b6-8570-07ce-29b6-4da820f1a372
Request Chain 1337
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=773702722627
Request Chain 1338
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=837744659 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/1508/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Request Chain 1339
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=zLYuFxOhBf6LtVVeTdBNZA HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=156451&pmc=1&pr=https%3A%2F%2Fcs.mobfox.com%2Fffdab1eda43dfa0004e011a7d40b5fd7.gif%3Fpuid%3DD25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 302
  • https://cs.mobfox.com/ffdab1eda43dfa0004e011a7d40b5fd7.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=c0257981-db57-443e-8ca1-0cec51969887&id=efb06353-be47-4147-a543-e86722547092
Request Chain 1341
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d5f7c002-8957-43c7-9ab5-8ad286266848
Request Chain 1344
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7361075961644224999&uid=Q7361075961644224999&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7361075961644224999
Request Chain 1345
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:429FA571C8024762B89F507D54B48C58&gdpr=0&gdpr_consent=
Request Chain 1352
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9d4122d2-c10e-4adb-a621-a8dfffb23968&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 1354
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Request Chain 1359
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 1369
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
Request Chain 1373
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
Request Chain 1378
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
Request Chain 1381
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 1382
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3258227951455735000V10%26type%3Drkt%26refUrl%3D%26vid%3D28211970093258227951455735000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3258227951455735000V10&type=rkt&refUrl=&vid=28211970093258227951455735000V10&ovsid=978477414437337801
Request Chain 1383
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=son&refUrl=&vid=28211970093258227951455735000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=son&refUrl=&vid=28211970093258227951455735000V10&ovsid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Request Chain 1384
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258227951455735000V10%26type%3Dmma%26refUrl%3D%26vid%3D28211970093258227951455735000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=mma&refUrl=&vid=28211970093258227951455735000V10&ovsid=5ded644d-d048-4900-9db9-f4be5bd2dfb7
Request Chain 1385
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258227951455735000V10%26type%3Dr1%26refUrl%3D%26vid%3D28211970093258227951455735000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2057.4%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=1526684955 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2057.4/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1
Request Chain 1386
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI1ODIyNzk1MTQ1NTczNTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEMmLBoV6bqltIyU-ScOHw7M&google_cver=1
Request Chain 1387
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258227951455735000V10%26type%3Ddxu%26refUrl%3D%26vid%3D28211970093258227951455735000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=dxu&refUrl=&vid=28211970093258227951455735000V10&ovsid=fYpSPiDn1PSWFi5
Request Chain 1388
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4cba3614-0a55-4029-9bf6-6fae57427e17
Request Chain 1389
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=medianet HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=151&user_id=7fd7cc0b-465c-4695-8bfe-08207b90870e&expires=30&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 1390
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258227951455735000V10%26type%3Dzem%26refUrl%3D%26vid%3D28211970093258227951455735000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=kuIAmsv1By4MDjailSBd&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLLOVEUC3LTOYYUE6JUJVCGUYLJNRJUEZDIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDQMRRGE4TOMBQHEZTENJYGIZDOOJVGE2DKNJXGM2TAMBQKYYTAJTWONUWIPJTGI2TQMRSG44TKMJUGU2TOMZVGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLLOVEUC3LTOYYUE6JUJVCGUYLJNRJUEZDIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBYEZXXM43JMQ6V6X22KVEUIX27EZZGKZSVOJWD2JTUPFYGKPL2MVWSM5DZOBST26TFNUTHM2LEHUZDQMRRGE4TOMBQHEZTENJYGIZDOOJVGE2DKNJXGM2TAMBQKYYTAJTWONUWIPJTGI2TQMRSG44TKMJUGU2TOMZVGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=kuIAmsv1By4MDjailSBdhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=28211970093258227951455735000V10&vsid=3258227951455735000V10
Request Chain 1392
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3258227951455735000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=5fc738f9-8cf6-4ead-96c1-1c7828490792&cs=1
Request Chain 1393
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=abb0385f-fb71-4da5-be13-d1ca93d34856
Request Chain 1394
  • https://contextual.media.net/cksync.php?cs=1&type=dat&ovsid=setstatuscode&redirect=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D159195%3Bsize%3D1x1%3Bmimetype%3Dimg%3Bdu%3D15%3Bcsync%3D%24%7Bmnetid%7D HTTP 302
  • https://fei.pro-market.net/engine?site=159195;size=1x1;mimetype=img;du=15;csync=3258227951455735000V10 HTTP 302
  • https://fei.pro-market.net/engine?site=159195;size=1x1;mimetype=img;du=15;csync=3258227951455735000V10;sr HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=3290999186394139616 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=3290999186394139616&ckls=true&ci=4lwEUiOObA&nc=false&trid=1978584866
Request Chain 1395
  • https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=3877821143472078157452
Request Chain 1396
  • https://bh.contextweb.com/bh/rtset?pid=562539&ev=f64165fb-0ae8-02f2-13ff-64262894019e&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D545637763%26val%3D%%VGUID%% HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=545637763&val=n0h9TTaSFk0n&ev=f64165fb-0ae8-02f2-13ff-64262894019e&pid=562539
Request Chain 1397
  • https://dm-us.hybrid.ai/match?id=184&gdpr=0&burl=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D544034803%26val%3D${VID} HTTP 302
  • https://u.openx.net/w/1.0/sd?id=544034803&val=17ecc634317215966543
Request Chain 1398
  • https://us-u.openx.net/w/1.0/cm?id=2b29b5e1-7836-48c4-a896-43668f76f459&r=https://dpm.demdex.net/ibs:dpid=302767&dpuuid={OPENX_ID} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=302767&dpuuid=98f41617-07ce-0f0f-3e53-84b46c1330c8
Request Chain 1399
  • https://us-u.openx.net/w/1.0/cm?id=16b43347-54eb-4af6-9a28-e449f503d935&r=https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1682821196&cs_xi= HTTP 302
  • https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1682821196&cs_xi=a56990b1-2b13-0d3d-0ced-239b16661da4 HTTP 302
  • https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1682821196&cs_xi=a56990b1-2b13-0d3d-0ced-239b16661da4
Request Chain 1400
  • https://j.mrpdata.net/c.gif?ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID HTTP 302
  • https://j.mrpdata.net/c.gif?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID HTTP 301
  • https://us-u.openx.net/w/1.0/sd?id=537144753&val=66861d9d-8365-f634-5470-103da54f3d73
Request Chain 1401
  • https://match.deepintent.com/usersync/108/ HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_bb7fe3469a6e4f3c81420
Request Chain 1403
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
Request Chain 1407
  • https://idsync.rlcdn.com/712188.gif?partner_uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent= HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=56d56af3-a236-00f9-0461-ccddb817661e
Request Chain 1433
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Request Chain 1439
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Request Chain 1440
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=YtPWYjDX1j55hNVjY9TPNzDeh2J539JnYIbckCau
Request Chain 1441
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Go1CAQPvWv5mMcBHozEv_5U4mb0
Request Chain 1442
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1698632398&external_user_id=e0c09700-8f76-46de-8d0c-5ca610b6bb40
Request Chain 1443
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
Request Chain 1445
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=1d309ee99c152191&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAL7N8vOLFDNwNqCtukAAAAAAA&expiration=1682907598&is_secure=true
Request Chain 1446
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=109c1fce-ad74-46c0-b5d3-0584821c0883&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1452
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid] HTTP 302
  • https://u.openx.net/w/1.0/sd?id=537106470&val=2403475317176069061
Request Chain 1456
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid] HTTP 302
  • https://u.openx.net/w/1.0/sd?id=537106470&val=2403475317176069061
Request Chain 1460
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid] HTTP 302
  • https://u.openx.net/w/1.0/sd?id=537106470&val=2403475317176069061
Request Chain 1485
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=d2d93d1c602e460dc29ae395475bcaabc2c75da919be976e4baa4ae8b11c19f1
Request Chain 1487
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a26ce991-3c2e-42bd-8480-75de3d4f19e3&user_group=1&ssp=between&bsw_param=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
Request Chain 1489
  • https://ap.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 301
  • https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Request Chain 1490
  • https://ap.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 301
  • https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Request Chain 1494
  • https://ap.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 301
  • https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Request Chain 1497
  • https://ap.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C HTTP 301
  • https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Request Chain 1501
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LH2SAEWK-1A-5ERB HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LH2SAEWK-1A-5ERB
Request Chain 1529
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZE3QSKiBZz7mrFv9ttLKygAA%261459
Request Chain 1531
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARjQoLeiBqIBEIH59-Dm_RHthuAAJZDAZHw* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=81f9f7e0-e6fd-11ed-86e0-002590c0647c HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=81f9f7e0-e6fd-11ed-86e0-002590c0647c&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=zVmPme1APYRgJ8ax%2FzMZcg& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/81f9f7e0-e6fd-11ed-86e0-002590c0647c HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/81f9f7e0-e6fd-11ed-86e0-002590c0647c?redir-setuniq=1
Request Chain 1569
  • https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=GkJrZBZH2ygXJcZOSOi_0W40
Request Chain 1575
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 1582
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50 HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LH2SAEWK-1A-5ERB
Request Chain 1585
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=4139660057828765566
Request Chain 1598
  • https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems&v=7.40.0&vg=vuuklehb&us_privacy=1---&gdpr=0&gdpr_consent= HTTP 302
  • https://c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D HTTP 302
  • https://id.a-mx.com/set?uid=3e6191e7-d58b-4571-a351-da0aa1ff9f5d&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 1599
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.khaleejtimes.com%2F&domain=www.khaleejtimes.com&bundle=eFemS181RHJ3bXFIZUF3OFVPR3lGWG44QXZNZzJxMkFWb2VaZDlYSWJENWQ5JTJGJTJGMTJzaktIYTJ4OEZRSk44R0FqRklRSUlDUzN6TmwxYzZDNzVKN3JDeEd1UjVySURLcHBMMWI5WVJTT3hRcnREU05JOHB2M08wdEl6T0czeGY5N2NjS2VmY0oxR3dsN0d4dzltdHY0dlVyYW5lYWVXZ2RqTURvRzFPVjBVaCUyQkN6dVElM0Q&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=VQ70s3xhdzlRUmdnMVo0dk9nZ0hTUjM4VjVkcGZMbnBITmkrb1JDbTQzc3ZUTGpPVUQzeGk2U2xuT2NxOElxdmtlNUVuZDBnejBFSlJTVGliZ09DWEorQWxnM3hJa1prcnh1M0t6UCtyWGF5SWJmcklrRmpjUjFhVHREbTZ5cTRURWIzNEp4cVR4NDM4dGtjMzFuMWN4TE8zMkozNEJwM1FLZjk1cmQrYkZqdEx3QitPcnZIYXIxemFuRjBBWWdBTzJjNkpQSkoyb09QbmNScXpxMHlnK2dFVG9PRkFQNUhjVXliNFJ3M0FZZGo1SFNhZjUzQUJWd1lJTGNueUIzdmIxaUphTVMxdXdBZUJBOTFPOFRmc3VRRVUzQ29ITmdEdS9RSUJEYlBUbDVIM2JIMD18&cppv=2
Request Chain 1602
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dNdI4nl9UeGw3WXJRelVxWTVMT2RzZFR6TkpoRVFXbHhvYTdIVmswY0J2bnFiR3p3JTNE%26u%3d%24%7bUSER_ID%7d&gdpr=&consent=&us_privacy=1--- HTTP 303
  • https://ssp-sync.criteo.com/user-sync/match?p=NdI4nl9UeGw3WXJRelVxWTVMT2RzZFR6TkpoRVFXbHhvYTdIVmswY0J2bnFiR3p3JTNE&u=AAAjOU7Im6EAACBud1f_9Q&us_privacy=1---
Request Chain 1603
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=L5BZPF9TRDBFVHIxJTJGWEExam1Daks4dFhPRDdYV2I5Njh5dEwyYzV4TWd4RWtsM2clM0Q&gdpr=&gdpr_consent=&us_privacy=1---&cr_user_id=k-yo84qxX6rbx8fMTGNpMac5k6PjE7Nq1tLvXUdA HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=5fc738f9-8cf6-4ead-96c1-1c7828490792&ssp=criteo&us_privacy=1--- HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=L5BZPF9TRDBFVHIxJTJGWEExam1Daks4dFhPRDdYV2I5Njh5dEwyYzV4TWd4RWtsM2clM0Q&u=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
Request Chain 1604
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dpKoPs19ublpVZkdvRyUyQkVhTDkzTXlBN01TTEV4OGxQSTlYVGNwJTJCSzh6S3d0Nlp5ayUzRA%26u%3d%3cTUID%3e&gdpr=&consent=&ccpa=1--- HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=pKoPs19ublpVZkdvRyUyQkVhTDkzTXlBN01TTEV4OGxQSTlYVGNwJTJCSzh6S3d0Nlp5ayUzRA&u=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
Request Chain 1624
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=khaleejtimes.com&sn=ChromeSyncframe&so=3&topUrl=www.khaleejtimes.com&bundle=eFemS181RHJ3bXFIZUF3OFVPR3lGWG44QXZNZzJxMkFWb2VaZDlYSWJENWQ5JTJGJTJGMTJzaktIYTJ4OEZRSk44R0FqRklRSUlDUzN6TmwxYzZDNzVKN3JDeEd1UjVySURLcHBMMWI5WVJTT3hRcnREU05JOHB2M08wdEl6T0czeGY5N2NjS2VmY0oxR3dsN0d4dzltdHY0dlVyYW5lYWVXZ2RqTURvRzFPVjBVaCUyQkN6dVElM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=mryto3xDUmxCQkorQW1lYUZ2KzFZOURYNk5kUW82a3EyRHlYS3gvWklkSE1KK0ZqRFBhdnM2bm9KQXZDUnNadFV0cmFtSmhHQUlQRXdMVDJYODJINFpJblkyVUszTWIyd252dmEyMTkxNVg5RXVTN1FxSGpOVTJnMDFvMzBuNWFCdGVIdHl3U3VHQVdxMVdxczJyVTRFalQ2aDRlaG8xUnlrdlJBaG8xSVg1bkpVaFA4NnBtZXBJNWxscXFNS2lRT1Nvemx0bW8zaXJMRlM4Vm9ZVjVPNUxpUm0xamtxSmZNQ0lMQnhQK2tSdW5KZFBRd3dIQy9hZjZtQ0J4Z1dFQUFUbDRKYjA3KzFxNzNBazZMb3dHdDBwdXdDUjdTRzR1SDJ0MHNYaUM5NlkvUDhNST18&cppv=2
Request Chain 1643
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 1651
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&us_privacy=1---&khaos=LH2SAEWK-1A-5ERB HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LH2SAEWK-1A-5ERB&us_privacy=1---
Request Chain 1655
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/220831 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/220831
Request Chain 1663
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LH2SAEWK-1A-5ERB&gdpr=0
Request Chain 1664
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf HTTP 303
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=4139660057828765566&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
Request Chain 1669
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=57a77c9
Request Chain 1670
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=429FA571C8024762B89F507D54B48C58&ex=simpli.fi&status=ok
Request Chain 1671
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258227951455735000V10
Request Chain 1672
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AAAjOU7Im6EAACBud1f_9Q&ex=beeswax.com
Request Chain 1673
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=kuIAmsv1By4MDjailSBd
Request Chain 1674
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=14affde8e1320fe8&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAL7N8vOLFDtQMf438WAAAAAAA&expiration=1682907602&is_secure=true
Request Chain 1675
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Request Chain 1679
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Request Chain 1698
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=caa4e1f7-081e-5278-9695-c2ccf2d81289&expires=60 HTTP 302
  • https://inv-nets.admixer.net/bs/cm.aspx?id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&consent=&gdpr_pd=
Request Chain 1705
  • https://sync.adkernel.com/user-sync?zone=180530&t=image&us_privacy=1---&r=%2F%2Fcpm.vuukle.net%2Fuser-synced%3Fzone%3D180530%26uid%3D%7BUID%7D HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D180530%26dsp%3D575919%26t%3Dimage%26uid%3D%5BUID%5D%26us_privacy%3D1--- HTTP 302
  • https://sync.adkernel.com/user-sync?zone=180530&dsp=575919&t=image&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6&us_privacy=1--- HTTP 302
  • https://cpm.vuukle.net/user-synced?zone=180530&uid=A917653340294673149
Request Chain 1706
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Daad1d103-06ed-424a-b3a3-632bce6d6d8f&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F193%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Daad1d103-06ed-424a-b3a3-632bce6d6d8f%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1hYWQxZDEwMy0wNmVkLTQyNGEtYjNhMy02MzJiY2U2ZDZkOGY%253D%26uid%3D%24UID
Request Chain 1707
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=aad1d103-06ed-424a-b3a3-632bce6d6d8f HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-8DjIHPVE2uFR2uOKsW4OC9XCm9FhSq2QU9djzEU-~A&gdpr=0
Request Chain 1708
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=aad1d103-06ed-424a-b3a3-632bce6d6d8f&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=caa4e1f7-081e-5278-9695-c2ccf2d81289&ssp=adaptmx&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1709
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LH2SAEWK-1A-5ERB&gdpr=0&us_privacy=1---
Request Chain 1715
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKUIWFgauWEiXcSA9d7A_Sc&google_cver=1&google_push=ATf1kGNupEabVXCydKfLHpq7NMyhe9m1yV2zMHIvzEC73qlPqQXasiJQ-8OOEyf3Ec_ck-oWjfE5lJjsBDhl-OWsv2Te_3ohPnTg8D9h3FSnUfb6PunyGP-ueJEAnwJe_XngFZgUaEQT024C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ2NDkzNDMwMzIzNzc5MDkzNQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEKUIWFgauWEiXcSA9d7A_Sc&google_cver=1
Request Chain 1716
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJ87cC72XEJ73aMFE4XnbrU&c_param1=ATf1kGMe596RhgtzHOlktxjAwAyckL-Wz0G9W7kd7i7L7IZuLMbSEQwgIq8gRmta0e-_eO643RG80BTcmGA7AuvKlvRgSRmbo6jW_wUpORcUzhpl7KFeikHE8_uHXUExKMtZnrfsgbIFJho&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGMe596RhgtzHOlktxjAwAyckL-Wz0G9W7kd7i7L7IZuLMbSEQwgIq8gRmta0e-_eO643RG80BTcmGA7AuvKlvRgSRmbo6jW_wUpORcUzhpl7KFeikHE8_uHXUExKMtZnrfsgbIFJho
Request Chain 1717
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF2SuVdY6WJCTUg9gdBwR8o&google_cver=1&google_push=ATf1kGOBeSkHYhLFZavoAS2G2aO_GCiOywZeJyM7ETxn84myqcDoGxz4aRWgno611CYcTplZjFpdAEdgXsZlWTDoqNrG3ei7OCGP5g740pg1hLAaQiy0mjNbKlQ27O3tVIfN9UMhlEk7XpSn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEzOTY2MDA1NzgyODc2NTU2Ng&google_push=ATf1kGOBeSkHYhLFZavoAS2G2aO_GCiOywZeJyM7ETxn84myqcDoGxz4aRWgno611CYcTplZjFpdAEdgXsZlWTDoqNrG3ei7OCGP5g740pg1hLAaQiy0mjNbKlQ27O3tVIfN9UMhlEk7XpSn
Request Chain 1718
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFpQtio_oZuMueWTbbS10lk&google_cver=1&google_push=ATf1kGOAh4qU2tYHBeAiT5PQK2jeNr7hmYjfHrDySnqRAbdc2IseI0fw3X15OzY5pNzZKIIbJnx5RkWrkFI9tMi3WWkd5t6yThZowRbiA56PjJKd716MW5Px2WAZ_7IYpE_2YN1AYuq2-k1t HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGOAh4qU2tYHBeAiT5PQK2jeNr7hmYjfHrDySnqRAbdc2IseI0fw3X15OzY5pNzZKIIbJnx5RkWrkFI9tMi3WWkd5t6yThZowRbiA56PjJKd716MW5Px2WAZ_7IYpE_2YN1AYuq2-k1t&google_hm=3EWfqcb3j7e9bACZUpU9fA==
Request Chain 1719
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGMnta8aQ8Ss8suRQERmPzl2EmOdpoj9UfbHQdHCo3h_2E4J44XfAJFLQTG0R4dQMcqNTxJcnc1UPigNmkVHIcSJhWfPm5gXXfAtf_ifWZNjTyh6Q5xiN5lNjZco_LIWX0PBeOoF6_lK%26google_hm%3D%5BUID%5D&google_gid=CAESEPIjkvZ_PzEJeCTUGOsIBtE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGMnta8aQ8Ss8suRQERmPzl2EmOdpoj9UfbHQdHCo3h_2E4J44XfAJFLQTG0R4dQMcqNTxJcnc1UPigNmkVHIcSJhWfPm5gXXfAtf_ifWZNjTyh6Q5xiN5lNjZco_LIWX0PBeOoF6_lK&google_hm=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Request Chain 1720
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMabAgwbGO54ITU1jIFZ1lA&google_cver=1&google_push=ATf1kGOLFDiBsHrspusPFPMRmfrg4CFhgBo15DtBGb_Y4V_5GP36JaM4HPpmeXzIMepquJurX9m2fNBUleBH4xks2GpKm1mCWZ2z9PpWo4iNVb4gEab-2iNlGvjvkFTFwQ0LXDG5gGwZiizb HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOLFDiBsHrspusPFPMRmfrg4CFhgBo15DtBGb_Y4V_5GP36JaM4HPpmeXzIMepquJurX9m2fNBUleBH4xks2GpKm1mCWZ2z9PpWo4iNVb4gEab-2iNlGvjvkFTFwQ0LXDG5gGwZiizb&google_hm=GkJrZBZH2ygXJcZOSOi_0W40
Request Chain 1721
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOFNm7sFurskBwH6z5x_0XY&google_cver=1&google_push=ATf1kGNmrth7LXUFWtFeUl6Ex9F5Bt8lNrYSt8sgZ-crCm5u8wCH3kTjGq7Z907fr1a2mKu37JRHQrTDrlWZ0rNhkP8UBPEgjfycMVMGGzoNvRb82ukrXuWef9wP-bg86WD7cByM8tgG-LQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNmrth7LXUFWtFeUl6Ex9F5Bt8lNrYSt8sgZ-crCm5u8wCH3kTjGq7Z907fr1a2mKu37JRHQrTDrlWZ0rNhkP8UBPEgjfycMVMGGzoNvRb82ukrXuWef9wP-bg86WD7cByM8tgG-LQ
Request Chain 1726
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENGQvfa46LSCyBwBkXlqOgU&google_cver=1&google_push=ATf1kGNQaufM5iVdrGHOWxeVoREBbqTdBV6SJ5U1hsz67LSLXkxTB0LereqxWOwckKRI4YeZuM4iHd9lS58IWAnTii27zMJktvg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkUzUVNBQUdkdDN5aGdBOQ==&google_gid=CAESENGQvfa46LSCyBwBkXlqOgU&google_cver=1&google_push=ATf1kGNQaufM5iVdrGHOWxeVoREBbqTdBV6SJ5U1hsz67LSLXkxTB0LereqxWOwckKRI4YeZuM4iHd9lS58IWAnTii27zMJktvg
Request Chain 1727
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL0e9WPaZ3ue2PPiHIfKMYE&google_cver=1&google_push=ATf1kGODzFZl-9v0WPG3jK8niJtpMifpt_McqeCllAz2mOnRf-iKnIEg-2nFJpPYTz2ZEO629FraU8sJ0845tZmi_4hIaw3TlA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGODzFZl-9v0WPG3jK8niJtpMifpt_McqeCllAz2mOnRf-iKnIEg-2nFJpPYTz2ZEO629FraU8sJ0845tZmi_4hIaw3TlA&google_hm=eS13SzhRcER4RTJwR2ZrekdJN3lRUmVFWUF0QnYudmpfWH5B
Request Chain 1728
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEL2DAKsrrqpECehg1EOmFjw&google_cver=1&google_push=ATf1kGMdKCYt5C5wF_c15zHu3BYPK1BPbVb55p-JqcEDD2xaAG-el9Zy2MakahanBY8q5GgnV9VxKZiKXmyphVJVBdaRRPCbc4Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Go1CAQPvWv5mMcBHozEv_5U4mb0&google_push=ATf1kGMdKCYt5C5wF_c15zHu3BYPK1BPbVb55p-JqcEDD2xaAG-el9Zy2MakahanBY8q5GgnV9VxKZiKXmyphVJVBdaRRPCbc4Q
Request Chain 1729
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOk91bNr3-eHr2em6AAzZZA&google_cver=1&google_push=ATf1kGNpXgAxYpWnvYt6VXWU27nEYFOOpi-Z-IPQ_CI0sDDHVzRjAp-gcGNNA5J8Co-u6-XQ6-c8U_vdSs8qakBO_wUBLU-kbYc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyU0FFV0stMUEtNUVSQg==&google_push=ATf1kGNpXgAxYpWnvYt6VXWU27nEYFOOpi-Z-IPQ_CI0sDDHVzRjAp-gcGNNA5J8Co-u6-XQ6-c8U_vdSs8qakBO_wUBLU-kbYc
Request Chain 1730
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBHhLuFYog0rhgN19mRBv0o&google_cver=1&google_push=ATf1kGNp0N8t72HbgB94NIv5DZPwABFGd9j03-C-nzPECwfXHjVymJpIExIG75De38XS3JMeM-jkTw3wey_h8zzGnY_wFgCxjA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=ATf1kGNp0N8t72HbgB94NIv5DZPwABFGd9j03-C-nzPECwfXHjVymJpIExIG75De38XS3JMeM-jkTw3wey_h8zzGnY_wFgCxjA
Request Chain 1731
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEEGvav11YAipihD1ENV_n8g&google_cver=1&google_push=ATf1kGPhGqajMHRTPvOP5ZteyBGuj0lXigM0Pm1RxmT5gz43M0kh8hIgkjoy9oWrQFXZszHzBA20R6GKnrH3aJhoIFSFvUkf5SAj HTTP 302
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEEGvav11YAipihD1ENV_n8g&google_cver=1&google_push=ATf1kGPhGqajMHRTPvOP5ZteyBGuj0lXigM0Pm1RxmT5gz43M0kh8hIgkjoy9oWrQFXZszHzBA20R6GKnrH3aJhoIFSFvUkf5SAj&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=ZGNjMTFmMTExNTFlYTEz&google_push=ATf1kGPhGqajMHRTPvOP5ZteyBGuj0lXigM0Pm1RxmT5gz43M0kh8hIgkjoy9oWrQFXZszHzBA20R6GKnrH3aJhoIFSFvUkf5SAj
Request Chain 1733
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fcaa4e1f7-081e-5278-9695-c2ccf2d81289 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/caa4e1f7-081e-5278-9695-c2ccf2d81289

1740 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request microsoft-says-it-found-malicious-software-in-its-systems
www.khaleejtimes.com/technology/ 		166 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
0f7ab069921694807aaf3f108b5eb4f14895e9bc7fdedaeb23c5d0bb97d50f78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:47 GMT
expires
60
link
<https://www.khaleejtimes.com/wp-json/>; rel="https://api.w.org/" <https://www.khaleejtimes.com/?p=137997>; rel=shortlink
refresh
600;URL=?_refresh=true
server
imio
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
x-amz-cf-id
JkkHhQOUIz_pc37U6OA9DOcDjFWZJbk2odC_J3HObdvMQ7JC47_OIQ==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
x-cdn
Imperva
x-iinfo
14-30756958-30756963 NNNN CT(2 5 0) RT(1682821186601 23) q(0 0 0 1) r(0 9) U24
bootstrap.min.css
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/bootstrap/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/bootstrap/bootstrap.min.css
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
3cb5b7ae5053d743996378c35733560214d3d896ade5c0de0d8b13a97f43039e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 17 Apr 2023 21:24:17 GMT
content-encoding
gzip
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
1054531
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30756963 PNNN RT(1682821186601 1049) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 14 Apr 2023 05:07:29 GMT
server
imio
etag
W/"6438df91-2725b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
0yqa972hEqkq7QARvNl7tNhLbIN4G64tK-H-rkOHLVNCgooFslSCcQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
fonts.css
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
7c4514ee1b4d1222477d7f5310c0f048f14407d40fb76379f8dc71f46061b4d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 12:43:22 GMT
content-encoding
gzip
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2122586
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757065 NNNN CT(4 12 0) RT(1682821186601 1052) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 05 Apr 2023 05:50:38 GMT
server
imio
etag
W/"642d0c2e-28cb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
1xKx9DZbc2WfUJartF9n5j-XcMq0Hi5XYLYN_iH77T7KO2uzFG1aeg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
style-2-18-2021.css
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/ 		204 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/style-2-18-2021.css?v=1.8.5
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
e414cf6ad9c6d6a1540185a5f54ef2f6d69ee6e3cc591306f8c233b02116a535
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 11:41:06 GMT
content-encoding
gzip
via
1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2299122
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757068 NNNY CT(1 2 0) RT(1682821186601 1056) q(0 0 0 -1) r(0 0) U24
last-modified
Mon, 03 Apr 2023 07:15:08 GMT
server
imio
etag
W/"642a7cfc-32fb4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
HjuLRC67RJwUzWFrM7i859-UX1BUXirdp3iyQRYTiCq1ilVDqeDLag==
expires
Thu, 31 Dec 2037 23:55:55 GMT
style-2-18-2021-custom.css
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/style-2-18-2021-custom.css?v=1.6.2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
fb3149acc1a470e383c61bd190d7bf4035b374715887d3be2776a5b13cd9cd88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 21:09:26 GMT
content-encoding
gzip
via
1.1 b7d10369ae737ec35cf8d7faced56ef0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2610622
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757070 NNNN CT(3 4 0) RT(1682821186601 1058) q(0 0 0 -1) r(0 0) U24
last-modified
Thu, 30 Mar 2023 09:20:47 GMT
server
imio
etag
W/"6425546f-192a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
vzbio6XR2HYOMWPtKJNqfC6US_T3UDcVlNfiDdqWqAiEDwBqn8sC9w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
all.min.css
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fa/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fa/all.min.css
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 07:42:50 GMT
content-encoding
gzip
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2831818
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30756963 PNNN RT(1682821186601 1059) q(0 0 0 -1) r(0 0) U24
last-modified
Tue, 28 Mar 2023 06:50:48 GMT
server
imio
etag
W/"64228e48-e7d0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
ijp--wj773m76t_US4Tv-RWW0ByesOaq_U6anr3y9-gIxKZfaJo9Nw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
xdLocalStorage.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scripts/xdLocalStorage.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
218fa52eecc6f4bdc7fb2cf552d03e927747080b7a3618268efca457d8d65f5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 19 Feb 2023 09:23:16 GMT
content-encoding
gzip
via
1.1 ba636ce43f1cebcb0c172b8070a33b14.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
6022591
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757075 PNNN RT(1682821186601 1238) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 15 Feb 2023 03:42:53 GMT
server
imio
etag
W/"63ec54bd-1040"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
omdpbcGXHixNBfLH35ftUpzmN7rcLkrFyfiCWZ_ZroS5ocWDsCzHGQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
xd-utils.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scripts/services/ 		406 B
445 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scripts/services/xd-utils.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
f9773eb5c89a03f79cd489b64a2950d9cc28ec6e967685c2778a1c1b3bc7bca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 11:41:26 GMT
via
1.1 b7d10369ae737ec35cf8d7faced56ef0.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2299102
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757070 PNYN RT(1682821186601 1245) q(0 0 0 -1) r(0 0) U24
last-modified
Mon, 03 Apr 2023 07:15:09 GMT
server
imio
etag
"642a7cfd-196"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
DJy02TBr4M1khgJDec_Nm1vcvw1C7LaHqRPOWYelS2jnetk9ASDu_w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
device.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scripts/services/ 		1 KB
776 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scripts/services/device.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
7baf7cf2143a1207d050c9703c84f21c569532124537094951ba10c77f1527c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 09:04:55 GMT
content-encoding
gzip
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
6801293
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757065 PNNN RT(1682821186601 1254) q(0 0 0 -1) r(0 0) U24
last-modified
Thu, 09 Feb 2023 06:43:44 GMT
server
imio
etag
W/"63e49620-556"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
-HXgxVEvH7_mipP8CQJVU8awAdD6plDfV0ubtw3B6jv6PD2OrUEFGQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
prayer_script.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/prayer_script.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
7cb60ba2dca27f07f3a69364b2f08081e9c4be2daff3989c945a2bdd7c84df6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 11:41:26 GMT
content-encoding
gzip
via
1.1 bcc31f3e5b9e78f99a5a01aa529f6c94.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2299102
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757073 NNNY CT(1 6 0) RT(1682821186601 1061) q(0 0 0 -1) r(0 0) U24
last-modified
Mon, 03 Apr 2023 07:15:09 GMT
server
imio
etag
W/"642a7cfd-19d4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
Tdt6BeOhjsxjg9kKX55i9tzs8St8UYds-MSDb11pSPwivJE3vnoDZQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.6.0.min.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/jquery-3.6.0.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:45:03 GMT
content-encoding
gzip
via
1.1 ba636ce43f1cebcb0c172b8070a33b14.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2084
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757075 NNNN CT(6 4 0) RT(1682821186601 1062) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 28 Apr 2023 05:57:28 GMT
server
imio
etag
W/"644b6048-15d9d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
JdVrxtZnCVUoRBLumNBLg6WYVJSW2SaUcvFgozNN0luPnv3XqxXhpg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
smartechclient.js
cdnt.netcoresmartech.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnt.netcoresmartech.com/smartechclient.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06d1b3964e194f89543606f078e05c53d6b15e4dd2ba177b03c2d01fc3485012

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
gzip
last-modified
Wed, 25 Jan 2023 16:31:56 GMT
server
AmazonS3
x-amz-request-id
N1BGGHQ95NRA6V37
etag
"04ad8e816f76434405b913fe1b6f1a9f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=316101
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467450_1753117876_230403589_19_756_17_0";dur=1
accept-ranges
bytes
content-length
990
x-amz-id-2
J3jEAv+HoYJQhlXdrgiUe86TwE06SVVSQInaefmwutga90ec8VCxalS/VUjZEfXjj/fzD+PQPcY=
expires
Wed, 03 May 2023 18:08:09 GMT
swiper-bundle.min.css
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/swiper-bundle.min.css
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
1deed0f64c455d72ee8dc287ab7c57babec224e5da09332343fcbe1e49d74c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 06 Mar 2023 02:29:54 GMT
content-encoding
gzip
via
1.1 bcc31f3e5b9e78f99a5a01aa529f6c94.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
4751394
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757073 PNNy RT(1682821186601 1064) q(0 0 0 -1) r(0 0) U24
last-modified
Sat, 04 Mar 2023 17:45:31 GMT
server
imio
etag
W/"640383bb-3660"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
jI8umgzzwF14SAScy2l9YTY3WIlwFM0gJFnSTFTEuxU4E80CKsBSZg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
prodprebidheader-107957.js
rtbcdn.andbeyond.media/ 		496 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.andbeyond.media/prodprebidheader-107957.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
ae39c4374da7134b517cede6ab258386d4e05bac1bc3b6b60ee774f41ad56710

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 21 Apr 2023 00:51:33 GMT
ETag
"1682038293"
X-HW
1682821188.dop052.dc2.t,1682821188.cds173.dc2.shn,1682821188.dop052.dc2.t,1682821188.cds091.dc2.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2331
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
14827
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fab9f4d23b765cf8285509954519a71ad449c700342201c673be2ece0facdc56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24756
x-xss-protection
0
server
cafe
etag
449 / 19477 / m202304250101 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:48 GMT
khaleej-times-logo.svg
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/images/khaleej-times-logo.svg
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
3ba702043ac26644d0046b531417c7dfd1651410568f0169b896d47445391676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 25 Mar 2023 06:52:06 GMT
content-encoding
gzip
via
1.1 b7d10369ae737ec35cf8d7faced56ef0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
3094061
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757070 PNNN RT(1682821186601 1262) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 22 Mar 2023 10:20:34 GMT
server
imio
etag
W/"641ad672-16c3"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
x-amz-cf-id
rjWqmXNi7WfFR1DRpvEnMXszL_O38dyWxOm2gRZM_Sm5whOcsPUJow==
expires
Thu, 31 Dec 2037 23:55:55 GMT
masjid-small-nf.svg
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/images/masjid-small-nf.svg
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
1215453532c8277607195fd7583b94417cf70354434f243aae86fec1ec275046
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 06:44:46 GMT
content-encoding
gzip
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2835302
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757065 PNNN RT(1682821186601 1269) q(0 0 0 -1) r(0 0) U24
last-modified
Tue, 28 Mar 2023 03:31:05 GMT
server
imio
etag
W/"64225f79-aa1"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
x-amz-cf-id
3ZO2h4OoMm7KHe00ItM2DJxGwmXaoOJ7wYDpL-NkuLTXyqTbyQu7gA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
masjid-small-hover-nf.svg
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/images/masjid-small-hover-nf.svg
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
b456bc8a4c5bcd3530b11f6c0c7a768275e7576fa357bba54dbe52d997c9cc07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 02:29:12 GMT
content-encoding
gzip
via
1.1 b7d10369ae737ec35cf8d7faced56ef0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2245836
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757070 PNNN RT(1682821186601 1276) q(0 0 0 -1) r(0 0) U24
last-modified
Mon, 03 Apr 2023 07:15:09 GMT
server
imio
etag
W/"642a7cfd-ac4"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
x-amz-cf-id
jxUun7E68lbFEWD6IDMrLeK-YUSGe-qQYFDvwVteyGzC0uyX2_se-g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
image.khaleejtimes.com/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.khaleejtimes.com/?uuid=2f9d37be-b15e-5b80-8cfb-f79067b050c4&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.8521&x=0&y=0&width=1500&height=844
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-83.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
aa43a53b8356156377ad8f6805d9724793592b9f69b232a68449db95f122002a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 02:19:49 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Sun, 30 Apr 2023 02:19:49 +0000
server
nginx
x-amz-cf-pop
JFK50-P7
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
rA0P-btVS9wS5BGU7ylctJdlMuXrHwHWVcI6F47Xwh7kns5ltm2Pyg==
expires
Fri, 27 Oct 2023 02:19:49 GMT
prod-global-537953.js
rtbcdn.andbeyond.media/ 		602 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.andbeyond.media/prod-global-537953.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
3265096bf69a02b0ca8ee7695b3ef2985027792b8522e36ae1905084e71e7e52

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:48 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Apr 2023 10:16:19 GMT
ETag
"1682590579"
X-HW
1682821188.dop054.dc2.t,1682821188.cds095.dc2.shn,1682821188.cds095.dc2.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3502
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
37392
platform.js
cdn.vuukle.com/ 		203 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/platform.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ad7099d333f71904333aa2ae7dd8813c05dd0ce2507e5b3e1f7a6ac8a835e5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
cf-cache-status
HIT
age
130759
cf-polished
origSize=208221
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 28 Apr 2023 13:57:32 GMT
server
cloudflare
etag
W/"644bd0cc-32d5d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1800
cf-ray
7bfc4d4a7ae5548b-YYZ
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
vod.js
app.playstream.media/js/ 		272 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.playstream.media/js/vod.js?fluid=false&height=250&id=39a202cd-b451-40ea-861c-74fa4cca20f3&width=300&powered_by=&powered_by_url=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.99.215.229 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.229.215.99.88.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
f9937055a3e5f4869a849e96f1feeab3ae50c5ed77f9a583e39df26b78dab0a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
last-modified
Fri, 06 Nov 2020 10:30:42 GMT
server
nginx/1.17.10
etag
W/"5fa525d2-43e7d"
content-type
application/javascript; charset=utf-8
intersection-observer.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/intersection-observer.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
5da1b7de6689ca5f3bd142b9810450d30f13ff29781ae85e91dc34603762d34c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 12:43:23 GMT
content-encoding
gzip
via
1.1 ba636ce43f1cebcb0c172b8070a33b14.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2122585
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757075 PNNN RT(1682821186601 1211) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 05 Apr 2023 05:50:38 GMT
server
imio
etag
W/"642d0c2e-1b4f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
Ob8FODGWN3Oyx2uaNQsf1ma3S-nASDXlRC_SxbHr8YJC2GJVkq-ZJw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
lazyload.min.js
cdn.jsdelivr.net/npm/vanilla-lazyload@17.4.0/dist/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vanilla-lazyload@17.4.0/dist/lazyload.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
52e933f3e16543bf2d538de2c76a0a0dc2bce2c269298cee53c5f0790d43694d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 30 Apr 2023 02:19:48 GMT
x-content-type-options
nosniff
content-encoding
br
age
2164455
x-jsd-version
17.4.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2821
x-served-by
cache-fra-eddf8230072-FRA, cache-yul12830-YUL
x-jsd-version-type
version
etag
W/"1d99-sBjYQg767ak4wapTiZ59CfMr0g0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.validate.min.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/form-validation/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/form-validation/jquery.validate.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 06:52:29 GMT
content-encoding
gzip
via
1.1 ba636ce43f1cebcb0c172b8070a33b14.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
6377239
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757075 PNNN RT(1682821186601 1220) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 15 Feb 2023 03:42:53 GMT
server
imio
etag
W/"63ec54bd-5f30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
1S8PhOn4OO41njFFd-MSDtxPBk6RyeBGKZ1QzY272zjw2O6a7_SwHw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
formfunction.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/form-validation/ 		847 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/form-validation/formfunction.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
48b8498b15716ab0b4ca2b3e6b7a8acc89b3eeb3f6058c45d9fd43329b7a8af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 10 Jan 2023 07:12:55 GMT
via
1.1 ba636ce43f1cebcb0c172b8070a33b14.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
9486413
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757075 PNYN RT(1682821186601 1227) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 04 Jan 2023 11:22:49 GMT
server
imio
etag
"63b56189-34f"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
MUDQ7d4euHSV-xwiQwqDcBKvW7G7lMtSLPPNMXjM_V8T1Iac0WegxA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/main.js?7222022
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
bb72cf9c29ae62c1145975ceebd315a18bc83fccb4e39adbfc44bc71e28efe55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 10:15:26 GMT
content-encoding
gzip
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2045062
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757065 PNNN RT(1682821186601 1228) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 05 Apr 2023 05:50:38 GMT
server
imio
etag
W/"642d0c2e-24b1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
mxzEKQ8oe4tpvCXqg_d5nfFWEZNLHNjF8vgi6jDulwUeBJIyFoQIgQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/bootstrap/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/bootstrap/bootstrap.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 07:16:19 GMT
content-encoding
gzip
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
10263809
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30756963 PNNN RT(1682821186601 1229) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 30 Dec 2022 08:24:35 GMT
server
imio
etag
W/"63aea043-f708"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
9NfdC-TJxGAIZoDBmYKU0MGtVP-8qmwLPIDnrrSusf_r_SmZjju5gw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
countdown.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		1 KB
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/countdown.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
dee87b4a75183197a54a48a0a995f89e2e44ae20f33b2e2d245c2a3deefcda03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 06:07:58 GMT
content-encoding
gzip
via
1.1 bcc31f3e5b9e78f99a5a01aa529f6c94.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
5861510
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757073 PNNy RT(1682821186601 1230) q(0 0 0 -1) r(0 0) U24
last-modified
Tue, 21 Feb 2023 05:53:12 GMT
server
imio
etag
W/"63f45c48-5dc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
ZZFU3KoQRLnD2nl_PrWEPhn4JBcC5THEGUGyQXFSl6By92HwjSNrXQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ScrollTrigger.min.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ScrollTrigger.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
94c9f2122880fde270b44d4bba545263bc7def5525addea1eed2a90311e4c10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 24 Mar 2023 02:09:23 GMT
content-encoding
gzip
via
1.1 b7d10369ae737ec35cf8d7faced56ef0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
3197425
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757070 PNNN RT(1682821186601 1231) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 22 Mar 2023 10:20:34 GMT
server
imio
etag
W/"641ad672-3180"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
fsI1PnL1eGz9nnY3FeR8tsF2PID4-RJbJNPruW8yv9Oof0-IgjeZMA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
swiper-bundle.min.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/swiper-bundle.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
54f1223587f76b8ec455590fb65770a1b2e1c4a03cf06c376662c87d622950ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 11:41:27 GMT
content-encoding
gzip
via
1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2299101
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757068 PNNy RT(1682821186601 1232) q(0 0 0 -1) r(0 0) U24
last-modified
Mon, 03 Apr 2023 07:15:09 GMT
server
imio
etag
W/"642a7cfd-223f0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
rIpxbhX7b8TZyE4qbI2zABu9WxjtF-oS3-Y1tehQtHOpKt2DMPk31Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
article.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/article.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
0f415a865638ea539dda8b006a7d0a66cd015d3ef230d3f291ce5be917ced7ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 03:04:26 GMT
content-encoding
gzip
via
1.1 ba636ce43f1cebcb0c172b8070a33b14.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
6477322
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757075 PNNN RT(1682821186601 1233) q(0 0 0 -1) r(0 0) U24
last-modified
Thu, 09 Feb 2023 06:43:44 GMT
server
imio
etag
W/"63e49620-117d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
WqxsdoNY19ZnJGO4-_etWYPW4QfI5y2zXJNdJOO4Ful9_GlkRYXWdQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
scroll-load-more.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scroll-load-more.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
1f3f3c7a291fd5b55f7c2c28d69447c45bfd2d3854f83d619914a4362f925344
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 21:09:28 GMT
content-encoding
gzip
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2610620
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30756963 PNNN RT(1682821186601 1236) q(0 0 0 -1) r(0 0) U24
last-modified
Thu, 30 Mar 2023 09:20:47 GMT
server
imio
etag
W/"6425546f-1163"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
80l9EteA_N7YkLx1LmRKyia0CFh5r2KV7ePRBCQhakUK-5A5J7AWtA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
_Incapsula_Resource
www.khaleejtimes.com/ 		135 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=73822819
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
/
Resource Hash
ad29eb66606acc4f07dcccc95a8303fff89c45df13559a789595602f0d34b029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
19667
content-type
application/javascript
js-versioning
osjs.netcoresmartech.com/v1/ 		230 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&siteid=cdf05e30364b953ee8f1b09e48d0473e&rc=s
Requested by
Host: cdnt.netcoresmartech.com
URL: https://cdnt.netcoresmartech.com/smartechclient.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.87.173.138 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-173-138.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cb64a4dc2a1d2a274cafa8d21ed85bee7f88dfed0230fb0bd1b9c21a2b80b03f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
gzip
last-modified
Tue, 25 Apr 2023 19:57:42 GMT
x-amzn-requestid
2aa6cb26-aeb8-4d29-85fe-8ac911eef0a8
x-amzn-trace-id
Root=1-64483106-39269855075218227a3dbdc9;Sampled=0;lineage=8d157353:0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=236359
content-disposition
inline; filename=smartech-sdk.js
server-timing
cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="467450_3092753798_238673307_295_752_17_0";dur=1
x-amz-apigw-id
D8yZBG-EhcwFmNg=
content-length
69097
afph.js
adgebra.co.in/afph/ 		677 B
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/afph/afph.js?p1=5823&p2=&p3=0
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
599f45a18de02b55e6232b832d95ff9c82089aad4c4cc155f653e59e9a84dc85

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:47 GMT
via
1.1 google
last-modified
Mon, 09 Jan 2023 16:39:10 GMT
accept-ranges
bytes
content-length
677
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/javascript
utag.js
tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/ 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ba00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d12c53f7b9e48765ff13f9048d9907d820d3cad0a55d0e3b636833c6934fa167

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
XwSxdIxFS92opJhhhQHpjlF5qWAnUJsy
content-encoding
br
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 02:19:46 GMT
last-modified
Thu, 20 Apr 2023 07:28:38 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
3
x-amz-server-side-encryption
AES256
etag
W/"03b1fa5dc18234738f2c0a750be27093"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
-JO1_9xElX6ZXC3Jx15cReUBPHSr2KExxoPy0nwXqwVcIX3oHGTLtA==
fa-solid-900.woff2
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/webfonts/fa-solid-900.woff2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fa/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fa/all.min.css
Origin
https://www.khaleejtimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 05:13:51 GMT
via
1.1 4b5889b0a8c8c6a870b430f05a4e162c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2063157
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757065 PNNN RT(1682821186601 1290) q(0 0 0 -1) r(0 0) U24
content-length
80300
last-modified
Wed, 05 Apr 2023 05:50:38 GMT
server
imio
etag
"642d0c2e-139ac"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
bm9nAMHvDMZnJExbbJV4qE5aufUvTUMa-ljqF6ygOXZaQAbK25XAwg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanova-regular-webfont.woff2
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/proxima-regular/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/proxima-regular/proximanova-regular-webfont.woff2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
c2ad3b2ad1c100ebb196165df8a0bfad3941024d991dcbef5c92437283e17b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Origin
https://www.khaleejtimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 09 Jan 2023 08:02:39 GMT
via
1.1 b7d10369ae737ec35cf8d7faced56ef0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
9569829
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757070 PNNN RT(1682821186601 1294) q(0 0 0 -1) r(1 1) U24
content-length
19964
last-modified
Wed, 04 Jan 2023 11:22:49 GMT
server
imio
etag
"63b56189-4dfc"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
biNYeDNKbADkJjwPBzsTrQS8NWTzNR4bSX8-aOXM9Jtm9u4cVusNFA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proxima-nova-bold-webfont.woff2
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/proxima-bold/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/proxima-bold/proxima-nova-bold-webfont.woff2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
cc3513d258074fbe7209d263fe3acdd0a05ed0bee513af79907f6f4e00b8074e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Origin
https://www.khaleejtimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 21 Feb 2023 06:25:33 GMT
via
1.1 081adfb0526af4d4162283117d917418.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
5860455
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757068 PNNy RT(1682821186601 1297) q(0 0 0 -1) r(1 1) U24
content-length
20500
last-modified
Tue, 21 Feb 2023 05:53:12 GMT
server
imio
etag
"63f45c48-5014"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
y93MW4copquIc5PgdewNgjceDg2IJivhAEWUmfvV58CKTNcJpeVvFA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
LyonDisplay-Bold.woff2
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/lyon/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/lyon/LyonDisplay-Bold.woff2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
d856729773804572ae4ff08581b1a3f4915e719100a524d8cfdab5a94a286f38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Origin
https://www.khaleejtimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 07:11:07 GMT
via
1.1 ba636ce43f1cebcb0c172b8070a33b14.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2228921
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757075 PNNN RT(1682821186601 1300) q(0 0 0 -1) r(0 0) U24
content-length
47860
last-modified
Mon, 03 Apr 2023 07:15:08 GMT
server
imio
etag
"642a7cfc-baf4"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
uD7AZKlecekII-CQfKgjjYUNHM-xxLDFyTlM1WNsyDSUgEog9NnfDA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
LyonDisplay-Medium.woff2
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/lyon/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/lyon/LyonDisplay-Medium.woff2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
e81ac04c60ab7220aa9cd87532645df3973ce19485be6a013e3b6d937a5683bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Origin
https://www.khaleejtimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 07:11:07 GMT
via
1.1 b7d10369ae737ec35cf8d7faced56ef0.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2228921
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30757070 PNNN RT(1682821186601 1305) q(0 0 0 -1) r(0 0) U24
content-length
47856
last-modified
Mon, 03 Apr 2023 07:15:08 GMT
server
imio
etag
"642a7cfc-baf0"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
ZxWyTE6reCEW5ovQ0WFqD1Cf5m_aYplkb2CarnjH48NVSiGM8oOx3A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
LyonDisplay-Regular.woff2
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/lyon/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/lyon/LyonDisplay-Regular.woff2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
a88ba17ef2dba59fbd83de0a0c2e4cc9943f59a4aa02697aa1b7b63d8de576cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Origin
https://www.khaleejtimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 04 Apr 2023 07:11:07 GMT
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
2228921
x-cache
Hit from cloudfront
x-iinfo
14-30756958-30756963 PNNN RT(1682821186601 1311) q(0 0 0 -1) r(0 0) U24
content-length
47240
last-modified
Mon, 03 Apr 2023 07:15:08 GMT
server
imio
etag
"642a7cfc-b888"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
559-_ezSJDs7WifFI_Zi6AkyJ2bH91m2jEaVW_u1Kf3KjEwmxhy2IQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
889ab751-64e1-48d1-b311-5e03be70a349
io.jogo.studio/render/ Frame 11EC 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Next.js
Resource Hash
e737c93d0718df4c3fcc74861661deca1aae83c17e58c5858f93c57828c9bc70
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
0
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:48 GMT
server
Vercel
strict-transport-security
max-age=63072000
x-matched-path
/render/[id]
x-powered-by
Next.js
x-vercel-cache
MISS
x-vercel-id
iad1::iad1::lvpd8-1682821188293-9a1f5c57b939
getGeo
vuukle.com/ 		90 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vuukle.com/getGeo
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
751ec40f43d9bf623dfdd7428af5bc9de1fe5a69ad13476fb4d1c83fbe2a4ef7

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
accept-ch
sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-viewport-width
server
cloudflare
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
content-type
application/json;charset=UTF-8
cf-ray
7bfc4d4ba9715407-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 13:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
47621
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126109
x-xss-protection
0
server
cafe
etag
6695821980177688499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 28 Apr 2024 13:06:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		6 KB
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de006225f894ea65b2f9498bd46930a894b18bc0ba0ba73218cd60b448b7d0d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
907
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:48 GMT
prebid_KT_7.19.0.js
rtbpass-us.andbeyond.media/ 		457 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prodprebidheader-107957.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
630f2c32737f299f4fb2d92f4a739cf70a82ba38805ee48474f1aef3275f3919

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Nov 2022 10:32:16 GMT
ETag
"1668767536"
X-HW
1682821188.dop002.dc2.t,1682821188.cds185.dc2.shn,1682821188.dop002.dc2.t,1682821188.cds182.dc2.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=29479092
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
145622
maxmind.php
prebid.andbeyond.media/ 		212 B
442 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/maxmind.php
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-537953.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.3.27 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-3-27.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
bdc0823ede609427284c29470a9d64c866e78bfd1f5f9efc8d626cda5a198419

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 Apr 2023 02:19:49 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Content-Length
212
Content-Type
text/html; charset=UTF-8
location.js
akamai.tiqcdn.com/location/ 		18 B
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://akamai.tiqcdn.com/location/location.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.3.103 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-3-103.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:48 GMT
Last-Modified
Mon, 30 Apr 2018 23:09:19 GMT
Server
AkamaiNetStorage
ETag
"6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-EdgeScape-Location
Cache-Control
max-age=1296000
X-EdgeScape-Location
country_code=CA,region_code=QC,city=MONTREAL,areacode=0,zip=H1A+H1B+H1C+H1E+H1G+H1H+H1K+H1L+H1M+H1N+H1R+H1S+H1T+H1V+H1W+H1X+H1Y+H1Z+H2A+H2B+H2C+H2E+H2G+H2H+H2J+H2K+H2L+H2M+H2N+H2P+H2R+H2S+H2T+H2V+H2W+H2X+H2Y+H2Z+H3A+H3B+H3C+H3G+H3H+H3J+H3K+H3L+H3M+H3N+H3P+H3R+H3S+H3T+H3V+H3W+H3X+H3Y+H3Z+H4A+H4B+H4C+H4E+H4J+H4K+H4N+H4P+H4V+H4W+H4Z+H5A+H5B,bandwidth=5000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18
Expires
Mon, 15 May 2023 02:19:48 GMT
213794966
fundingchoicesmessages.google.com/i/ 		132 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/213794966?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4ad9cafb9b199d49b8c29323919b18b8b3b738b21d487022aef65c2e3f2b59cf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-gOgbr_urNyRc2GmtP1gp9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-gOgbr_urNyRc2GmtP1gp9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
cnsnt.platform.js
cdn.vuukle.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/cnsnt.platform.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee54185d227b97546b9516a4930f7e72a810488ab8bf9c9ba7f897a782bd0437

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
cf-cache-status
HIT
age
1071
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 28 Apr 2023 13:57:49 GMT
server
cloudflare
etag
W/"644bd0dd-f2c"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=7200
cf-ray
7bfc4d4c2d7c548b-YYZ
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
apstag.js
c.amazon-adsystem.com/aax2/ 		227 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-537953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:00:20 GMT
content-encoding
gzip
via
1.1 4e6e9c8ad6e40529a0e7659f2f4c5f28.cloudfront.net (CloudFront), 1.1 360031d112e5d98f967632ba717f6cfe.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 19:15:18 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, EWR52-C2
age
1169
x-amz-server-side-encryption
AES256
etag
W/"644915d59292b7496ff86a0d2c460fce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
UI11mzd3XIpP6NB2GR5VRbV80WHPQYYXuOaI6wraqWULe93nSN8f9A==
a.js
p.adlooxtracking.com/gpt/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-537953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:23:50 GMT
via
1.1 google
x-content-type-options
nosniff
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
server
nginx
age
3358
etag
"81c857a6c52da1ca7444f198bd33b2ea"
content-type
text/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8327
df
twa.netcoresmartech.com/ 		57 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://twa.netcoresmartech.com/df?user_key=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&siteid=cdf05e30364b953ee8f1b09e48d0473e&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.134.149 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-134-149.ap-south-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
9f878be7310ae8c9cb0334970d5a3ae14b0b4418374b8e73316756fc6abd1feb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:49 GMT
server
awselb/2.0
content-length
57
content-type
application/json
1429b362a1e7b6b1.p.ttf
io.jogo.studio/_next/static/media/ Frame 11EC 		54 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/media/1429b362a1e7b6b1.p.ttf
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a745a6b4cbef6176b15bd0553b45a0f975ea4553149c589918b8bd67a8f95ed9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Origin
https://io.jogo.studio
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::9qkd9-1682821188604-1feb49d1834b
age
59955
x-matched-path
/_next/static/media/1429b362a1e7b6b1.p.ttf
etag
W/"55d82c9b8b89f02f2da5fb94f4417403"
x-vercel-cache
HIT
content-type
font/ttf
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="1429b362a1e7b6b1.p.ttf"
68ed24b5501f589a.p.woff2
io.jogo.studio/_next/static/media/ Frame 11EC 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/media/68ed24b5501f589a.p.woff2
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6f6b9d913bd2f8037f3532e5b0b96a40de775af5eb2630b9657cf6630aa0405a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Origin
https://io.jogo.studio
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::lvpd8-1682821188610-42312bcd031b
age
90921
x-matched-path
/_next/static/media/68ed24b5501f589a.p.woff2
etag
"685a54ef9c9ccc5f1d6d535c877e0bb0"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="68ed24b5501f589a.p.woff2"
accept-ranges
bytes
content-length
21072
3b556990c95b5e34.p.woff2
io.jogo.studio/_next/static/media/ Frame 11EC 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/media/3b556990c95b5e34.p.woff2
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4578d75a057e082ecae9ea9f2a90258999c97515975f4757ec1287736c8fec86
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Origin
https://io.jogo.studio
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::ldcvg-1682821188610-626def12cf2e
age
106404
x-matched-path
/_next/static/media/3b556990c95b5e34.p.woff2
etag
"d490252e9e1d1260412e9f318f371e00"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="3b556990c95b5e34.p.woff2"
accept-ranges
bytes
content-length
20900
3bbf0494f424c443.p.woff2
io.jogo.studio/_next/static/media/ Frame 11EC 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/media/3bbf0494f424c443.p.woff2
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
85cc5f4c151a72239700ae6445649fa0188d91a652829f39fb6fb84a85a9d1cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Origin
https://io.jogo.studio
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::8v58q-1682821188610-55e80fcd79fc
age
106404
x-matched-path
/_next/static/media/3bbf0494f424c443.p.woff2
etag
"b19299ae5365b79d126ea8b355313e24"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="3bbf0494f424c443.p.woff2"
accept-ranges
bytes
content-length
20960
4a1b5bf8fc72ed9c.p.woff2
io.jogo.studio/_next/static/media/ Frame 11EC 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/media/4a1b5bf8fc72ed9c.p.woff2
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a9cea7e92a9aaae8c3e42e6f69d902afbfe6780097d12dd44749884a3f13b65b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Origin
https://io.jogo.studio
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::ftzdt-1682821188611-fef8aa6d8cf9
age
28976
x-matched-path
/_next/static/media/4a1b5bf8fc72ed9c.p.woff2
etag
"1d37f5b1683be2ee7f054f4c74e84884"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="4a1b5bf8fc72ed9c.p.woff2"
accept-ranges
bytes
content-length
20840
19c713ca84b418c8.css
io.jogo.studio/_next/static/css/ Frame 11EC 		100 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/css/19c713ca84b418c8.css
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0b3e6447d0735009434a44eaa13b9c205202e3f0375b8fcf953fc7731753877d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::9qkd9-1682821188610-62bab36f8f95
age
106404
x-matched-path
/_next/static/css/19c713ca84b418c8.css
etag
W/"8c9656b2c56ede53415262fc30c7550a"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="19c713ca84b418c8.css"
webpack-62c02dad1a6a4cb4.js
io.jogo.studio/_next/static/chunks/ Frame 11EC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/webpack-62c02dad1a6a4cb4.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8fbe1923790a7655daa154224f16e1f63c6c3f0e4859c55014f967be3c9674f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::nr565-1682821188625-08f8b175be6f
age
81048
x-matched-path
/_next/static/chunks/webpack-62c02dad1a6a4cb4.js
etag
W/"4464e7705b8026eb02de108de0824e27"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="webpack-62c02dad1a6a4cb4.js"
framework-50116e63224baba2.js
io.jogo.studio/_next/static/chunks/ Frame 11EC 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/framework-50116e63224baba2.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
7b1cfbaa380e6ccce30d4c8d933184d0fd4afa99f723635ab435f27ac1357fb9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::nr565-1682821188613-74c68e638507
age
106404
x-matched-path
/_next/static/chunks/framework-50116e63224baba2.js
etag
W/"1f8dc7acca8ac40c9d1b631a02b51606"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="framework-50116e63224baba2.js"
main-d74d6543f6afb019.js
io.jogo.studio/_next/static/chunks/ Frame 11EC 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/main-d74d6543f6afb019.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
2cf01fd4307a23f4e7029322521366ba0763c3295a089eecb90effb3095bf068
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::ss2v4-1682821188634-814c21f9fcb4
age
106404
x-matched-path
/_next/static/chunks/main-d74d6543f6afb019.js
etag
W/"c06c77e86efc482c38232a3fcabfe8d0"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="main-d74d6543f6afb019.js"
_app-f796fb38e2985f0d.js
io.jogo.studio/_next/static/chunks/pages/ Frame 11EC 		877 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/pages/_app-f796fb38e2985f0d.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
181fb45c225b4951f4f869a0f07baa426e41debbf1875bf1e0c0ca30ab4de62d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::2fz6b-1682821188614-f09f71ccf2d3
age
89275
x-matched-path
/_next/static/chunks/pages/_app-f796fb38e2985f0d.js
etag
W/"56df4d631eba7c11c33fe9b35d150908"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_app-f796fb38e2985f0d.js"
75fc9c18-4d59f40a6e1b3add.js
io.jogo.studio/_next/static/chunks/ Frame 11EC 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/75fc9c18-4d59f40a6e1b3add.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
cebb34e81bc214a1167c7b197711c4775740f59316797d2ad5d94bf563e5ee89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::zqtwx-1682821188615-65c2c9bf3fad
age
41164
x-matched-path
/_next/static/chunks/75fc9c18-4d59f40a6e1b3add.js
etag
W/"a41257b5a74c564fc5cc5e798d348f54"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="75fc9c18-4d59f40a6e1b3add.js"
655-37feed5c70f3e038.js
io.jogo.studio/_next/static/chunks/ Frame 11EC 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/655-37feed5c70f3e038.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8cd0b8f671e4015a53491d4fe83f0c4e4109bcdeaf69cdb6721bd22f345dcf59
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::8kkns-1682821188614-8eec4e01faca
age
106404
x-matched-path
/_next/static/chunks/655-37feed5c70f3e038.js
etag
W/"23de39095a84eb4f4dd6c9223aa54540"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="655-37feed5c70f3e038.js"
675-3171fbb66937b3d3.js
io.jogo.studio/_next/static/chunks/ Frame 11EC 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/675-3171fbb66937b3d3.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
940d08b3f6673b6c0056f581b7df738545a15bc8d6ab2e5e659bfc21e966ffee
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::6wscd-1682821188614-f4e7a6499e24
age
71070
x-matched-path
/_next/static/chunks/675-3171fbb66937b3d3.js
etag
W/"98a41e7879d255bad601f4cf773121b0"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="675-3171fbb66937b3d3.js"
916-5e6e015eaa148fdd.js
io.jogo.studio/_next/static/chunks/ Frame 11EC 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/916-5e6e015eaa148fdd.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b72cfac8cb0b77c7cf8c883323be0d0645e774b064eed4a86bdf6ac3456b095c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::ldcvg-1682821188615-8a797de62f9c
age
106404
x-matched-path
/_next/static/chunks/916-5e6e015eaa148fdd.js
etag
W/"2453cd1eaea7f1ec3ed6a2782125b78d"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="916-5e6e015eaa148fdd.js"
992-edac0bf94384bd72.js
io.jogo.studio/_next/static/chunks/ Frame 11EC 		29 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/992-edac0bf94384bd72.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d47ab5ceda04e9b910cb37c3df5ad1df8e2a0a5a532c05adf2cfb390884a7fcb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::tsvwn-1682821188615-731bece62ed9
age
106404
x-matched-path
/_next/static/chunks/992-edac0bf94384bd72.js
etag
W/"46a3d3c0cfee3b568f27e6392cb5af59"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="992-edac0bf94384bd72.js"
%5Bid%5D-036984abbb89b952.js
io.jogo.studio/_next/static/chunks/pages/render/ Frame 11EC 		46 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/pages/render/%5Bid%5D-036984abbb89b952.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
9e0c301fb1573fcaa0d27fdb9ab483fd85413a16d820260a5bb05c3770ae6846
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::fmqbc-1682821188615-72542415a796
age
86667
x-matched-path
/_next/static/chunks/pages/render/%5Bid%5D-036984abbb89b952.js
etag
W/"9437b115f0874f6bac9d572a4f49549b"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="[id]-036984abbb89b952.js"
_buildManifest.js
io.jogo.studio/_next/static/9c88GrcKOXV6eElzqvmd9/ Frame 11EC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/9c88GrcKOXV6eElzqvmd9/_buildManifest.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
ec40d0769e35f1cd7d4e746d86b659093bc6db07fe53f89d0b57013dca192539
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::szqgt-1682821188615-7ed88bf72dab
age
106404
x-matched-path
/_next/static/9c88GrcKOXV6eElzqvmd9/_buildManifest.js
etag
W/"15eb4d9f24e62deebe466668b562a03e"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_buildManifest.js"
_ssgManifest.js
io.jogo.studio/_next/static/9c88GrcKOXV6eElzqvmd9/ Frame 11EC 		77 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/9c88GrcKOXV6eElzqvmd9/_ssgManifest.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::vwl6g-1682821188615-51c20d9aeeb9
age
106404
x-matched-path
/_next/static/9c88GrcKOXV6eElzqvmd9/_ssgManifest.js
etag
"b6652df95db52feb4daf4eca35380933"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_ssgManifest.js"
accept-ranges
bytes
content-length
77
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25c8:f800:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 29 Apr 2023 02:34:36 GMT
x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
via
1.1 b88fda0ef7fc0be68ec5692fdd8f97ec.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
PHL51-P1
age
85513
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
QC_p3oH7RxmK6sm54jackHGCsIakMaN3yFb5SIwm5ofHrr8xvDIa0A==
config
c.amazon-adsystem.com/cdn/prod/ 		469 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.khaleejtimes.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:29:52 GMT
via
1.1 360031d112e5d98f967632ba717f6cfe.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
age
2996
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
469
x-amz-cf-id
LeDP_0W3_zCrXOwpIIWP6Gs1dPJ6sIjg8xgdJIBcXkPae_Q0b3hqtQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 21:37:38 GMT
x-amz-version-id
ZtsI5FMPcYjgnUSe6fFwOoK3szNfqbqS
content-encoding
gzip
via
1.1 ac664c0310f2b9554aba4708107d094c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
age
16930
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Apr 2023 23:46:51 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
5iBcheUHbcPRDlvVfK9ilng9vvTWr_erVRcb_zHmSxbvfn1BmY_aTg==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
HBY88C4X7SB2GNAZ
age
808
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7bfc4d4dbf805419-YYZ
x-amz-id-2
9tt3h7NuTeNjVVhhEBuGXDokEH+gO8nJ2ojvBPx5trT+ssPar23U+0x6ZYHI6SCwab9u8mDoRvA=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.24.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-24-240.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:48 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.24.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-219-24-240.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.khaleejtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 30 Apr 2023 02:19:48 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
impstats.php
prebid.andbeyond.media/ 		69 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/impstats.php?aff=537953&type=pv
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/jquery-3.6.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.3.27 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-3-27.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d0b516970f3856be4ffdcecab31460e16739338bb8f45ce453cbdccfcb992c6c

Request headers

Accept
*/*
Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 Apr 2023 02:19:49 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Content-Length
69
Content-Type
text/html; charset=UTF-8
AGSKWxUQ7D05hC-wWpSzEBfgCuTUAJ4vTEgOAVuyI48pIb4EY3QTjcTisLaQO3kam4IWHSE36LuVXilg-CFecMYMBik=
fundingchoicesmessages.google.com/f/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUQ7D05hC-wWpSzEBfgCuTUAJ4vTEgOAVuyI48pIb4EY3QTjcTisLaQO3kam4IWHSE36LuVXilg-CFecMYMBik=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgyODIxMTg4LDc1NDAwMDAwMF0sIkUzOUVFRDE1LUNCMzUtNDlBMC04NDZFLTUyRjMxQkEzQzA4NCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LmtoYWxlZWp0aW1lcy5jb20vdGVjaG5vbG9neS9taWNyb3NvZnQtc2F5cy1pdC1mb3VuZC1tYWxpY2lvdXMtc29mdHdhcmUtaW4taXRzLXN5c3RlbXMiLG51bGwsW1s4LCJ5YnpUVklJWFBlayJdLFs5LCJlbi1VUyJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ybzTVIIXPek.es5.O/d=1/rs=AJlcJMxGJKR7-eRVxpV_hdobY36eeJz3Dw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d1d87072102cb71dd691db5ec1a789271e1d32b146ce23d1c1e61ce35b8d3f96
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9Od6pyhAlr0OFnIX7FUDmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-9Od6pyhAlr0OFnIX7FUDmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		110 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=240672733659405&correlator=2495683433307270&eid=44777629&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=78059622%2CResponsive-Article-Leaderboard%2CResponsive-Article-Leaderboard-footer%2CResponsive-Article-MPU-1%2CResponsive-Article-MPU-2%2CResponsive-Article-1x1%2CResponsive-Desktop-Expandable-1x1%2CResponsive-Article-2%2CResponsive-Article-1x1-3%2CResponsive-InfiniteArticle-1x1%2CArticle-Ear-Pannel-Left%2CArticle-Ear-Pannel-Right&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11&prev_iu_szs=970x250%2C970x250%2C300x250%2C300x250%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C200x90%2C200x90&ifi=1&adks=2487631899%2C1679779604%2C1730754477%2C1148906708%2C1669407057%2C305519743%2C3176091703%2C2620213831%2C2241084736%2C2312031536%2C124803191&sfv=1-0-40&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684&ppid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&sc=1&cookie_enabled=1&abxe=1&dt=1682821188773&lmt=1682821188&dlt=1682821187973&idt=472&adxs=315%2C-9%2C1160%2C-9%2C0%2C0%2C0%2C0%2C-9%2C126%2C1274&adys=367%2C-9%2C569%2C-9%2C0%2C3%2C1%2C2%2C-9%2C47%2C47&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C0%7C-1%7C0%7C0%7C0%7C0%7C-1%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=1010x295%7C0x-1%7C314x290%7C0x-1%7C1600x4163%7C1600x4163%7C1600x4163%7C1600x4163%7C0x-1%7C337x90%7C200x90&msz=970x0%7C0x-1%7C314x0%7C0x-1%7C1x-1%7C1600x-1%7C1x-1%7C1x-1%7C0x-1%7C337x90%7C200x90&fws=4%2C2%2C516%2C2%2C4%2C4%2C4%2C4%2C2%2C4%2C4&ohw=1600%2C0%2C314%2C0%2C1600%2C1600%2C1600%2C1600%2C0%2C1600%2C1600&ga_vid=2080641419.1682821189&ga_sid=1682821189&ga_hid=1749126243&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75faa4940e0719596e0f76f9bfbd86187f3d18c3f8a694d5ea7787fc37a6f87c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22285
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,6273353276,-2,6106059726,-2,-2,6020109098,6018178041
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,138429131523,-2,138404537902,-2,-2,138398957916,138392066579
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C0CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:48 GMT
expires
Mon, 29 Apr 2024 02:19:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/vod.js?fluid=false&height=250&id=39a202cd-b451-40ea-861c-74fa4cca20f3&width=300&powered_by=&powered_by_url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e5b6d68ab32f145ca17f333ff43a2644b69887fbec215cb00a09cfc5ecc806b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123415
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:48 GMT
fa-brands-400.woff2
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/webfonts/ 		77 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/webfonts/fa-brands-400.woff2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fa/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fa/all.min.css
Origin
https://www.khaleejtimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
x-iinfo
14-30756958-30756963 PNNN RT(1682821186601 1966) q(0 0 0 -1) r(1 1) U24
content-length
78460
last-modified
Fri, 28 Apr 2023 05:57:27 GMT
server
imio
etag
"644b6047-1327c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
aJVYkxu2YI0gLvYBfjey8wUfia23tpPiD734ebqP7LVirySUQKPo_A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ Frame 11EC 		236 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2VVVMDVFQ8
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/main-d74d6543f6afb019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c603e6c8ea6b3bb4227d342496a3a2f17623545b0011e1e6e649934eaaa237b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82506
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Apr 2023 02:19:49 GMT
js
www.googletagmanager.com/gtag/ Frame 11EC 		237 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-51FKX7T04F
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/main-d74d6543f6afb019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5f565becff747d2959be8ed75ebf7806a8bf39365e47bca31d7620fb8ab4479d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82796
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Apr 2023 02:19:49 GMT
analytics.js
www.google-analytics.com/ Frame 11EC 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/916-5e6e015eaa148fdd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Apr 2023 01:54:31 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1518
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 30 Apr 2023 03:54:31 GMT
user
io.jogo.studio/api/auth/ Frame 11EC 		59 B
266 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/api/auth/user
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/pages/_app-f796fb38e2985f0d.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
68f5a3044f06ca2b26041d8c42d2648237cb44f42f9b4d845c7d5a2176e51893
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1::iad1::ss2v4-1682821188970-6c7635c4b74b
age
0
x-matched-path
/api/auth/[...supabase]
etag
"2iiee1tedj1n"
x-vercel-cache
MISS
content-type
application/json; charset=utf-8
cache-control
public, max-age=0, must-revalidate
content-length
59
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 11EC 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/main-d74d6543f6afb019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e5b6d68ab32f145ca17f333ff43a2644b69887fbec215cb00a09cfc5ecc806b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123415
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:48 GMT
games
rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/games?select=*&id=eq.8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
accept-profile,apikey,authorization,x-client-info
Access-Control-Request-Method
GET
Origin
https://io.jogo.studio
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
accept-profile,apikey,authorization,x-client-info
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
7bfc4d4febc94003-YYZ
content-length
0
date
Sun, 30 Apr 2023 02:19:49 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
games
rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/ Frame 11EC 		535 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/games?select=*&id=eq.8d47f80f-e65a-4571-95db-6d9e11238e90
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/pages/_app-f796fb38e2985f0d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bbb45c861f27816c52989a1e248d3310b9695fa67f138c13ce9f83a65968000
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

x-client-info
supabase-js/1.30.2
accept-language
en-CA,en;q=0.9
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InJrYnp3bHVob2N3Z3hoaHV3dmpxIiwicm9sZSI6ImFub24iLCJpYXQiOjE2NjIyMDU5MjksImV4cCI6MTk3Nzc4MTkyOX0.RlyNAaJcDlAb27v8fXazW8vgdGilu-Cy-CWWV0-br6I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept
application/vnd.pgrst.object+json
accept-profile
public
Referer
https://io.jogo.studio/
apikey
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InJrYnp3bHVob2N3Z3hoaHV3dmpxIiwicm9sZSI6ImFub24iLCJpYXQiOjE2NjIyMDU5MjksImV4cCI6MTk3Nzc4MTkyOX0.RlyNAaJcDlAb27v8fXazW8vgdGilu-Cy-CWWV0-br6I

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
strict-transport-security
max-age=2592000; includeSubDomains
via
kong/2.8.1
cf-cache-status
DYNAMIC
x-kong-proxy-latency
1
content-range
0-0/*
x-kong-upstream-latency
2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/vnd.pgrst.object+json; charset=utf-8
access-control-allow-origin
*
sb-gateway-version
1
access-control-expose-headers
Content-Encoding, Content-Location, Content-Range, Content-Type, Date, Location, Server, Transfer-Encoding, Range-Unit
content-profile
public
access-control-allow-credentials
true
cf-ray
7bfc4d50acd14003-YYZ
content-location
/games?id=eq.8d47f80f-e65a-4571-95db-6d9e11238e90&select=%2A
afpf.js
adgebra.co.in/afpf/ 		401 B
486 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/afpf/afpf.js?p1=5823&amp;p2=0&amp;p3=0&amp;p4=&amp;p5=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
89f3720a41e038f20df288f117212b2abafc40763263c6219c925e2d7fd37853

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
via
1.1 google
last-modified
Wed, 19 Apr 2023 16:42:42 GMT
accept-ranges
bytes
content-length
401
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/javascript
_Incapsula_Resource
www.khaleejtimes.com/ 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/_Incapsula_Resource?SWKMTFSR=1&e=0.45104319129462533
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
loadVuukle
api.vuukle.com/api/v1/Comments/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.vuukle.com/api/v1/Comments/loadVuukle?apiKey=841fb3e5-977f-4e2e-be39-fae608323cc5&articleId=28C56F03-E94D-497C-BB4D-7EED1E27547D&globalRecommendation=false&host=khaleejtimes.com&start=0&uri=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f1fe49a7edd35b3ef27a7bb2d268d542869d21746129290907f603bd5abf651
Security Headers
Name Value
X-Xss-Protection 1

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
via
1.1 varnish (Varnish/6.2)
content-encoding
br
cf-cache-status
DYNAMIC
age
0
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
x-varnish
843334586
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-store,no-cache
access-control-allow-credentials
true
access-control-allow-credentiails
true
cf-ray
7bfc4d4f98695407-YYZ
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		0
24 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24704
x-xss-protection
0
server
cafe
etag
712 / 19477 / 31074189 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:49 GMT
khaleejtimes.com.js
cdn.vuukle.com/domain-configs/ 		203 B
481 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/domain-configs/khaleejtimes.com.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c96708d126553bbe6daf64ce6d78ce6395c5624862278cf3ef0b6339d3ae79c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
cf-cache-status
HIT
age
185017
cf-polished
origSize=263
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 10:46:07 GMT
server
cloudflare
etag
W/"644a526f-107"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1800
cf-ray
7bfc4d4fbc27a1da-YYZ
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
bq-publish
publish.vuukle.com/ 		30 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://publish.vuukle.com/bq-publish?callback=&{%22action%22:%22view_page%22,%22hashed_email%22:%22$0e064f-d50f-4762-aa8c-8123546166ac%22,%22hostname%22:%22841fb3e5-977f-4e2e-be39-fae608323cc5%22,%22pubdomain%22:%22khaleejtimes.com%22,%22refDomain%22:%22%22,%22sessionId%22:%22f7455e03-24fb-4552-9af8-593cdabac1bf%22,%22version%22:%224.20%22,%22articleImg%22:%22%22,%22articleTitle%22:%22Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%22,%22article_id%22:%2228C56F03-E94D-497C-BB4D-7EED1E27547D%22,%22hashed_article_url%22:%22khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems%22,%22referrer%22:%22%22,%22tags%22:%22%22,%22browser%22:%22Chrome%22,%22device%22:%22Desktop%22,%22os%22:%22Windows%22}&_=1489139930741
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911212cd9043a8f325996d22c4222885c25aee27777f77c060caadf4407576c9
Security Headers
Name Value
X-Xss-Protection 1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cf-ray
7bfc4d4fe8f55407-YYZ
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1
utag.7.js
tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.7.js?utv=ut4.47.202301240529
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ba00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc3a9f57d170277a873f982ef82f03618eddc165f93927fa1208a52ee9420772

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
d8kJDOog25xk6rT9JcWMVOxwoo3NYNDV
content-encoding
br
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 02:19:46 GMT
last-modified
Thu, 20 Apr 2023 07:28:38 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4
x-amz-server-side-encryption
AES256
etag
W/"71486a7bb1530c1737838fb3b162de63"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
WMiiUdZH5Ypv382xWouZXj8GqdYjEgN2gV8qGbnf8w1Oq5CXyewwmQ==
utag.34.js
tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.34.js?utv=ut4.47.202301240529
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ba00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ed44257a362e4f9f1e6014a2f6b210dfa6454672682487c893a7a49d59caffb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
I.Zxfpr0YnjTU85NtDswiQnB15L_ckeb
content-encoding
br
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 02:19:46 GMT
last-modified
Thu, 20 Apr 2023 07:28:37 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4
x-amz-server-side-encryption
AES256
etag
W/"ccd2e8c22dccec65b83b547297587925"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
YxeRUomxabK4cEvX6jMFRzIorlkvR4Kr1j7Cq_uDdTXAffBMXmMiEw==
utag.10.js
tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.10.js?utv=ut4.47.202203231059
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ba00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad7a52eb5c60e9724d4fab21374478ca2e1b1954754e6339f0db7fcdac5d6ce9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
6mdhQZON9FNrP03XexC7Nc2kYyo.U7q4
content-encoding
br
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 02:19:46 GMT
last-modified
Thu, 20 Apr 2023 07:28:37 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4
x-amz-server-side-encryption
AES256
etag
W/"f0ec4bf865a4c4284937fc9ad347d95b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
2dgH5eZXS68IabGfttWRf1rA-78q2pQlpBaPROrTFjNY80wgLh4asw==
utag.12.js
tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.12.js?utv=ut4.47.202106161655
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ba00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9aa637751835dfd37a9a522829844b5273a8c4cecdb8acf62aebe0d9bc42fc90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
7XjJKDsgfBgtXPXi_PbobpgPc.BcfUMT
content-encoding
br
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 02:19:46 GMT
last-modified
Thu, 20 Apr 2023 07:28:38 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4
x-amz-server-side-encryption
AES256
etag
W/"cd478d7082a155041f47e9b0fbcd119b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
7c1bYx4z8jmW6aLNlSSNeyii4NzTKr_0JL-2Yi_fMx_gEC5TfkxIew==
utag.14.js
tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.14.js?utv=ut4.47.202108100536
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ba00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86fb1f94b0faa864ace933f2ba9cc72f61b7512901876b5062a44c439ca5f299

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
6MMGGTeuDjOw5dr1GW2ffr45AkeeNh4O
content-encoding
br
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 02:19:46 GMT
last-modified
Thu, 20 Apr 2023 07:28:38 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4
x-amz-server-side-encryption
AES256
etag
W/"f6de6854b4840109c6108cf8662dabe4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
OPe9sqeTETLQjpriX_USqcLyniM4_r8LnXm6YG_5mJhHwG29d-qeBw==
utag.30.js
tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.30.js?utv=ut4.47.202207250731
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ba00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
778b8c45f798b148a4a47840ba693627ed601f94a0ae7310519d343622cea4f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
X2dy1_emzvBbyahhoISvZU3GkwLdet3v
content-encoding
br
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 02:19:46 GMT
last-modified
Thu, 20 Apr 2023 07:28:37 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4
x-amz-server-side-encryption
AES256
etag
W/"cfea2fa712dae61f0f4416cad8c62427"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
NqZ88YhcHNTM3Xb5bv7gdHvU_oYHjF0aOJp8ofq48NDxG3gXMHGnkw==
utag.37.js
tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.37.js?utv=ut4.47.202204120926
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ba00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf958149641d7f9e2b1d88d52a27e67b85beb6dd537f7aeefb504bd15ed55423

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
2tiOVFBf4YtpM10h6Jy5mnzm.wnhURZn
content-encoding
br
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 02:19:46 GMT
last-modified
Thu, 20 Apr 2023 07:28:38 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4
x-amz-server-side-encryption
AES256
etag
W/"76c5359419ab754394c7c16e78b86a4f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
hB1PhioS4jU70lNkKgkcJjUfEsRMvskO0KdDMjedXK4MTZ0PLL9rmQ==
utag.38.js
tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.38.js?utv=ut4.47.202302280805
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ba00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2deff8a9de0a8e8dc950e382c5382ade805ad576973e31ed01ba683e80bf9416

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
ZkeAhFe3oH6F6hSXgLfWuI0MdWgfG1RM
content-encoding
br
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 02:19:46 GMT
last-modified
Thu, 20 Apr 2023 07:28:36 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4
x-amz-server-side-encryption
AES256
etag
W/"cf8403ceb2dfe2f08e5fad0b5a656559"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
wwNzBXRYT_vJMup8Qhu6-twFcluuu78_kIS6bdAVwWO4qbR2jwxeOQ==
utag.48.js
tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/ 		24 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.48.js?utv=ut4.47.202212151026
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ba00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26c7ad16a785070a5ad600d8a436223c93747e3984bdc5e29a3aae8423145773

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Ak_Cvhl7ocDqnnFY57.rS9FaLidXoTJn
content-encoding
br
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 02:19:46 GMT
last-modified
Thu, 20 Apr 2023 07:28:36 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4
x-amz-server-side-encryption
AES256
etag
W/"d2f0c3c06d5d0928a32cb7c672241d26"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
7kzdtPOd8PZjB6qfvL9KAi3-WWMZ7l7AU1jvUuQq1aHc5CEQ7H64lA==
utag.50.js
tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.50.js?utv=ut4.47.202210271054
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ba00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5696db2dc829f5f619efc746a530132fde6fe453d11094e797b0472ae7f57b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Ic5.vpkLY9AcduXP5P6LSjQ_ACwaoG0K
content-encoding
br
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 02:19:46 GMT
last-modified
Thu, 20 Apr 2023 07:28:38 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4
x-amz-server-side-encryption
AES256
etag
W/"997d66e92963bf1a8b8810685689de08"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
Tz8i2goCNIhxzOUNHCp02Lm45kBNNFXqdOkrtdsh_uJFciL7uMeGnA==
utag.5.js
tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.5.js?utv=ut4.47.202302280805
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ba00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4643da5bd97b39eef5c003ceef6e2c798ddd2bb14578e6012d25270aa8414965

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
gYxH48hI1LMHWfNR3vodwoBOEhyqY.Ce
content-encoding
br
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 02:19:46 GMT
last-modified
Thu, 20 Apr 2023 07:28:37 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
4
x-amz-server-side-encryption
AES256
etag
W/"85c3456622d021b1531f1a6c445ca4c8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
NtwrKRrgox2k9bOJnJSflVgTHXmp4idOVx-k_AgNiTwZuXU3Pm2mtQ==
hansel.min.js
cdn-sdk.hansel.io/web/8.4.0/ 		229 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sdk.hansel.io/web/8.4.0/hansel.min.js
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&siteid=cdf05e30364b953ee8f1b09e48d0473e&rc=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c1f1fe9ae35f769f41e792602b476ac4cef7125bd640922550ce7a226edfe2c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 13:33:16 GMT
content-encoding
gzip
via
1.1 50670fc09f8465be7ae4adcf6e33ab7a.cloudfront.net (CloudFront)
last-modified
Tue, 25 Apr 2023 13:32:46 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
45994
x-amz-server-side-encryption
AES256
etag
W/"6f08b9eeff95926e320078e7355023b2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
7oouMJ4IV9v_AP-gzeny6upmVr8_TN8EHjWqXtwYrX9GSTH1V4c5Ng==
hansel.min.css
cdn-sdk.hansel.io/web/8.4.0/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-sdk.hansel.io/web/8.4.0/hansel.min.css
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&siteid=cdf05e30364b953ee8f1b09e48d0473e&rc=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-101.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a916ad25314a5b4bf1c03c61993459abec19acd01c81340b1fe0dbad0769d4a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 09:14:27 GMT
content-encoding
gzip
via
1.1 50670fc09f8465be7ae4adcf6e33ab7a.cloudfront.net (CloudFront)
last-modified
Tue, 25 Apr 2023 13:32:58 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
61529
x-amz-server-side-encryption
AES256
etag
W/"3e590f74f622c2bff8416f73e365588b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
fbUKBz5-DPOLjPMbpTWzLYXE9dnZhuyzoZ5drpwUklCnlKwHlI_Tkg==
/
js.boxx.ai/js_init/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.boxx.ai/js_init/?smartech=true&client_id=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&host=www.khaleejtimes.com&asset=cdf05e30364b953ee8f1b09e48d0473e
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&siteid=cdf05e30364b953ee8f1b09e48d0473e&rc=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:b000:9:a948:8e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.12.1 /
Resource Hash
282c2aa52f71affc729b0a337a619b287f795a5989732120d14926c819bea8f2
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 08:43:10 GMT
content-encoding
gzip
via
1.1 fcce23e7f4e791fa67223a305c4debb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
149799
x-cache
Hit from cloudfront
content-length
1642
last-modified
Fri, 28 Apr 2023 08:43:10 GMT
server
nginx/1.12.1
x-frame-options
SAMEORIGIN
vary
Cookie,Accept-Encoding
content-language
en
content-type
application/javascript
cache-control
public, must-revalidate, max-age=172800
x-amz-cf-id
oqYMjojHhd04ZIpxzV_MaK-mkWqmor1yjkXG8WzyXMfOyEXfroPPNw==
expires
Sun, 30 Apr 2023 08:43:10 GMT
user_exists
psegment.netcoresmartech.com/ 		126 B
236 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&uuid=c78fb433-3269-4916-aae9-76b070e74872&s=true
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&siteid=cdf05e30364b953ee8f1b09e48d0473e&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.126.25.127 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-126-25-127.ap-south-1.compute.amazonaws.com
Software
CRO SERVER /
Resource Hash
8d02a0216c7957608c5c5523fedf8350c97727d425ec89a9e2268bd836e19c76

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:49 GMT
server
CRO SERVER
content-length
126
content-type
application/json
ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG_webp.js
cdndc.netcoresmartech.com/webp/ 		58 B
452 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdndc.netcoresmartech.com/webp/ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG_webp.js
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&siteid=cdf05e30364b953ee8f1b09e48d0473e&rc=s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ade6964320289bb8e3ff358f771feaa8c5802b61ede8685d8678e11c0eacbf5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
last-modified
Mon, 04 Jul 2022 12:17:08 GMT
server
AmazonS3
x-amz-request-id
TDXXH9Y51AAWE8R5
etag
"1d4003fd2edda3d62526374c76d3049d"
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467450_1753117876_230403692_28_823_17_0";dur=1
accept-ranges
bytes
content-length
58
x-amz-id-2
o4NNQA6l6aK0vv30G6h7y/xmCKifwNWr7cXOIah3PVFFiwloNIjPgs/vQjRg6p8yqfSMknHJATU=
expires
Sun, 30 Apr 2023 02:19:49 GMT
ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG.js
cdndc.netcoresmartech.com/webactivity/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdndc.netcoresmartech.com/webactivity/ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG.js
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&siteid=cdf05e30364b953ee8f1b09e48d0473e&rc=s
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:74b8 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0edf3d4cd79f37bae847c615743e67580af8cbabae3e373460516da85a1f39a0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
x-amz-request-id
H8WCBMARR44RZQQF
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467450_1753117876_230403691_24_859_17_0";dur=1
content-length
688
x-amz-id-2
lWJ6RoXXoZA9OrC0vJM3lPQbbS9LbleGiyPLL690J9agmXyJu17lkJl5Qq3Z45F81YDy6T6jVvE=
last-modified
Tue, 21 Mar 2023 09:14:16 GMT
server
AmazonS3
etag
"9cf5156c7e20e90a1f969ae3834c86fd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
expires
Sun, 30 Apr 2023 02:19:49 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
6f7a672905063aad9356b7ef6765444c18bfce767828e2e13f58d8b7c086d62e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 30 Apr 2023 02:19:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
AGSKWxUY0lLkHNXYFq1XZYpygeEKFlg7dlBSP8oHUzHZJ_se5JNdHRUSv8i7DfAbigZYjOYRILT8NwmM0no5wkPHSBPhjApUo-F4MKRp8vZsI2VXH_N4KNCoojtIIXDD4tRviUG-32pgtg==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUY0lLkHNXYFq1XZYpygeEKFlg7dlBSP8oHUzHZJ_se5JNdHRUSv8i7DfAbigZYjOYRILT8NwmM0no5wkPHSBPhjApUo-F4MKRp8vZsI2VXH_N4KNCoojtIIXDD4tRviUG-32pgtg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgyODIxMTg5LDk2MDAwMDAwXSwiRTM5RUVEMTUtQ0IzNS00OUEwLTg0NkUtNTJGMzFCQTNDMDg0IixudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly93d3cua2hhbGVlanRpbWVzLmNvbS90ZWNobm9sb2d5L21pY3Jvc29mdC1zYXlzLWl0LWZvdW5kLW1hbGljaW91cy1zb2Z0d2FyZS1pbi1pdHMtc3lzdGVtcyIsbnVsbCxbWzgsInlielRWSUlYUGVrIl0sWzksImVuLVVTIl0sWzE2LCJbdHJ1ZSx0cnVlLHRydWVdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ybzTVIIXPek.es5.O/d=1/rs=AJlcJMxGJKR7-eRVxpV_hdobY36eeJz3Dw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3cb9af59614886ae1cd4db1b3064ba594b52f6fc96047e0cade01d6e686bd5a5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8m3_QBKRUNCqki52N3cDmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-8m3_QBKRUNCqki52N3cDmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
urlChecker
app.playstream.media/api/ 		15 B
207 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.playstream.media/api/urlChecker?url=https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/vod.js?fluid=false&height=250&id=39a202cd-b451-40ea-861c-74fa4cca20f3&width=300&powered_by=&powered_by_url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.99.215.229 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.229.215.99.88.clients.your-server.de
Software
nginx/1.17.10 / PHP/7.4.11
Resource Hash
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
server
nginx/1.17.10
x-powered-by
PHP/7.4.11
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, private
sharebar.html
cdn.vuukle.com/widgets/ Frame 0297 		161 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/widgets/sharebar.html?version=2.18.0
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
392a17debd022eb8d935dbc2b72c7a9292db73342d4e0df11d8e23e107d094de

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
age
232568
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=10800
cf-cache-status
HIT
cf-ray
7bfc4d502cfda1da-YYZ
content-encoding
br
content-type
text/html
date
Sun, 30 Apr 2023 02:19:49 GMT
last-modified
Thu, 27 Apr 2023 09:39:46 GMT
server
cloudflare
vary
Accept-Encoding
afphChild.js
adgebra.co.in/afph/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/afph/afphChild.js?hrId=2023043002
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/afph/afph.js?p1=5823&p2=&p3=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
42cdcdb769ea227cf6f8f431e83bf096848f20d824d57e3e0c1435a04f8a8943

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 09 Jan 2023 16:39:10 GMT
accept-ranges
bytes
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/javascript
prebid3.js
cdn.vuukle.com/static/ 		481 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/static/prebid3.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c11475a06543ea87c9e6f7f9931a7dcfc31b51da1d6bd666491af81ebaa57bef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
cf-cache-status
HIT
age
214293
cf-polished
origSize=641475
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 14:46:58 GMT
server
cloudflare
etag
W/"644a8ae2-9c9c3"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=7200
cf-ray
7bfc4d508db2a1da-YYZ
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
khaleejtimes.com.json
cdn.vuukle.com/ads/ 		64 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/ads/khaleejtimes.com.json
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d53987395f1d9fa218d31e1190fbc6a5e154813f5776a5584b76484993372e

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 29 Apr 2023 14:07:54 GMT
server
cloudflare
etag
W/"644d24ba-ffa6"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
7bfc4d509de2a1d8-YYZ
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		236 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2VVVMDVFQ8
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6edb7527e388f1e05e1149ef16447a5de634090134609b7f1af7bd8c628cccdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82509
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Apr 2023 02:19:49 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.10.js?utv=ut4.47.202203231059
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:5c00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 07:15:19 GMT
content-encoding
gzip
via
1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
68670
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
EUEZU-dOSMkmaIwUAoOhRx-_4G_Paj6UUsJu-q1nd74ctuKZwFV9ww==
expires
Sun, 30 Apr 2023 07:15:19 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.10.js?utv=ut4.47.202203231059
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:5c00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 11:15:05 GMT
content-encoding
gzip
via
1.1 27ca5ebac1c0f68ab48134f5b864093c.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
54284
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
l7w3OY4ZnbBMPBx4mp_RBXpezKPnJ1Ae7IJoKPtY7Pua9NmidffKEw==
expires
Sun, 30 Apr 2023 11:15:05 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82bb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=8701
accept-ranges
bytes
content-length
4777
i.gif
datacloud.tealiumiq.com/vdata/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm&tealium_vid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&tealium_account=khaleejtimes&tealium_profile=k...
  • https://cm.g.doubleclick.net/pixel?tealium_cookie_sync=true&google_nid=tealium_dmp&google_cm=&tealium_vid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&tealium_account=khaleejtimes&tealium_profile=...
  • https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&tealium_account=khaleejtimes&tealium_profile=khaleejtimes&google_gid=C...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&tealium_account=khaleejtimes&tealium_profile=khaleejtimes&google_gid=CAESEEijc2XO9z2b9xQwmYoHSBw&google_cver=1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
52.54.60.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-60-137.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
x-serverid
uconnect_i-019e64214687dcbef
x-tid
0187cff58b3d000b5ceccd3def6c03074006106c00b08
x-did
0187cff58b3d000b5ceccd3def6c03074006106c00b08
vary
Origin
content-type
image/gif
x-acc
khaleejtimes:khaleejtimes:2:vdata
x-ulver
e1a5b1c92c52c8470e28b7bf72c65f6fd49a0187-SNAPSHOT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
x-region
us-east-1
content-length
43
x-uuid
617f1ed7-7d8e-48e5-bb1c-1d3bfe0c2aaa
expires
Sun, 30 Apr 2023 02:19:49 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://datacloud.tealiumiq.com/vdata/i.gif?tealium_cookie_sync=true&tealium_vid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&tealium_account=khaleejtimes&tealium_profile=khaleejtimes&google_gid=CAESEEijc2XO9z2b9xQwmYoHSBw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
454
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
15f714af06bfb.js
t.contentsquare.net/uxa/ 		367 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.contentsquare.net/uxa/15f714af06bfb.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-49.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e6f4958b892bb333d12e76dc67b9b2a0c83ee92905dc5cec11a1d55d3cef4dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 13:59:50 GMT
content-encoding
gzip
via
1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
98643
last-modified
Thu, 27 Apr 2023 13:59:24 GMT
server
AmazonS3
etag
"186458c29fd398d0fc4af6de29380e4a"
vary
Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
aB1UuW4M152NZkkOkw2bBpPK41H1C8lukioSlf-qp-Zr36sMKUD8iw==
61e05264d81ef5830f3e62a7c70ccb5aaa9b3ae0.js
cdn.izooto.com/scripts/ 		1 KB
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/61e05264d81ef5830f3e62a7c70ccb5aaa9b3ae0.js?v=1
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7c182e95484334772fac15579416c5ee032e4d7aba4097671b75aeadaef27ee
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 05:24:25 GMT
server
cloudflare
age
247100
etag
W/"644a0709-4ac"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1382400
cf-ray
7bfc4d50c8e67157-YUL
x-xss-protection
1; mode=block
expires
Tue, 16 May 2023 02:19:49 GMT
khaleejtimes.js
pahtuz.tech/c/ 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pahtuz.tech/c/khaleejtimes.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:c1ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13b85383874008ebf8ae2c26ab30c321b617a3539f489cad96968e570b5022fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
FKYHMDNBVY9H9WEG
age
585
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
U3WoU0hzIUzDrhF19ZbTunMtLd5d2YQg1pR5xhU1L/K9AfN62+CBokz/i+BQvqDrcbkhTP+OAho=
last-modified
Mon, 10 Apr 2023 12:58:03 GMT
server
cloudflare
etag
W/"21919f001eacf4c9da8fcd59f2318904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRvAodggz1Q7uphVMHAs%2BBicDM7WqBI967PTwjq9lbjtnxvlKcC%2BjwPWDKxt49oRFsPMXjsR2TdkKvwLrNU2yRyUSFl6DAfcBkOuGEaWHPp2OFtGBeRG0pGs5Wt8NqthurT7gHdtV8%2BL0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7bfc4d511b5f17f1-EWR
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 30 Apr 2023 02:19:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
qVgQoEJwQudhR6XiUkpvc/w2Uw97gL8TjwCLi9lA/y7UJuR+R/61EKcL+bIxuaPKekanes2Tc9LxaoU9MYrhDw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
i.gif
collect.tealiumiq.com/khaleejtimes/khaleejtimes/2/ 		43 B
775 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collect.tealiumiq.com/khaleejtimes/khaleejtimes/2/i.gif
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.5.js?utv=ut4.47.202302280805
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.166.168.45 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-166-168-45.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryT4Kdk4biOaeCXTsZ

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
x-serverid
uconnect_i-03dc993b383464954
x-tid
0187cff58b3d000b5ceccd3def6c03074006106c00b08
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
x-acc
khaleejtimes:khaleejtimes:2:datacloud
x-region
us-east-1
content-length
43
pragma
no-cache
x-did
0187cff58b3d000b5ceccd3def6c03074006106c00b08
vary
Origin
content-type
image/gif
access-control-allow-origin
https://www.khaleejtimes.com
x-ulver
e1a5b1c92c52c8470e28b7bf72c65f6fd49a0187-SNAPSHOT
access-control-expose-headers
X-Region
cache-control
no-transform,private,no-cache,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
x-uuid
fff2f681-68b6-4d42-9f7d-f8ee2f3bb6b1
expires
Sun, 30 Apr 2023 02:19:49 GMT
custom.js
se.monetate.net/js/2/a-662c8ed1/p/khaleejtimes.com/ 		182 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://se.monetate.net/js/2/a-662c8ed1/p/khaleejtimes.com/custom.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.106.235.75 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-106-235-75.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4bd3aa8d5ab8a3c0e2abde914c8d98ee974a9e24aba7a885166f5ec079d9bd29

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 05:48:28 GMT
server
AkamaiNetStorage
etag
"67077b3b4e7a824128ff23efcdac92f7:1682660908.084764"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
431 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=khaleejtimes/khaleejtimes/202304190559&cb=1682821189213
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:ba00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Sun, 30 Apr 2023 02:13:13 GMT
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
age
397
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
7x4MSjlkzMN_1o16S6nZN4P6anZzYI95tf8CRgVfvbUJy_uqf2JNZA==
sharebar.css
cdn.vuukle.com/widgets/ Frame 0297 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/widgets/sharebar.css
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/widgets/sharebar.html?version=2.18.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9946dd989fc8278f046304d6a180293c702c5c00ddd110b1211c9460e8cbff38

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cdn.vuukle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
cf-cache-status
HIT
age
232568
cf-polished
origSize=13978
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 27 Apr 2023 09:39:58 GMT
server
cloudflare
etag
W/"644a42ee-369a"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=10800
cf-ray
7bfc4d50ce38a1da-YYZ
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
js
www.googletagmanager.com/gtag/ Frame 11EC 		236 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2VVVMDVFQ8&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-51FKX7T04F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
afe4d24af88d4f319c100fde452f911fe27ba4e6fddfdcbce4f3ccb18ce6cdd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82541
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Apr 2023 02:19:49 GMT
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:49 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1117926
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIuxnFybR2BY8pBfKk%2F%2FndiiO44%2BQuTaX0GLtsn7bUXHcwsz6KhhpTop3WMbX%2FCZkfa%2BW5FiJ8%2B9mXoFM%2FwXKyKd1XaWdXtCY1fQRO93whw24vsHfm%2B9rBy1WYoa%2B50oBWKvF9t%2FFDy1gBY2"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7bfc4d51be5754bb-YYZ
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=2000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.127.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-127-47.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		2 KB
1012 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b5b36e77aeaf568eadb3105f8675a55c2b11d1433eff5240435f00fe1d4e3073

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:48 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
697
v1
prg-apac.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
75c2348b29f873ab5133f2fce773d82d0c6dd3214dd38f4ba13f4326384ed29f

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		1008 B
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffa2a6b09118ed53d7c8db904843ac666fe463ed8485a6d4443360e91203ac64

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Sun, 30 Apr 2023 02:19:49 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bfc4d51c98d7138-YUL
expires
0
bid-request
a.teads.tv/hb/ 		16 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 30 Apr 2023 02:19:49 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		174 B
594 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6823ef33-5a4f-46fb-96d7-88e468a4f1d5&nocache=1682821189366&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=970x250&divids=andbeyond9702506&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3e4501841b080bb07037abf532a254949716359acfbcfbb90d8b22d3b2292c01

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:49 GMT
AN-X-Request-Uuid
470bf3d7-8651-4c15-91b5-cb74772198de
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
892 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
1b63846915a234d101da15a2951c3eba96da65786dd851082446ae056c00d943

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:49 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 30 Apr 2023 02:19:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbjson
grid.bidswitch.net/ 		24 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
aa1f69d662c7d95bfb94c5afcfefd1af59cf7a6cb15fc5bd0006a22e88e9d340

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:49 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=42295856641&lsavail=1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		19 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:49 GMT
AN-X-Request-Uuid
b2b87733-8c90-4746-b326-35f7dea1f64c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=2000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.127.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-127-47.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb1.adtelligent.com/v2/auction/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dbb85491a2a609b5e2567e742a8fa6c4ae6a8184fb7250e6c210926f6e8729b

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:49 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1186
v1
prg-apac.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
3d61c1112a762b263028c88de644e2b36cf932ad470ac342bb40048853488b28

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:48 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		1008 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f026ebea5fe71a5852e0a1d9fdca9c8e3c7bf4c280d038fbed94beff58d759ea

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Sun, 30 Apr 2023 02:19:49 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: andbeyond30016, Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bfc4d51c9937138-YUL
expires
0
arj
rtbdemand-d.openx.net/w/1.0/ 		175 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e50c2a33-59b8-464f-bc12-7b8c2ac01002&nocache=1682821189394&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C200x200&divids=andbeyond30016&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4751363e3eba4657995c6c85bc871da15bdbe7ce2910fdbc6783409697e94956

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
953 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
92e1e0ccf9255353510c7a83c4982ab57c8ccbc6dcada192d4283bc9299f1f79
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:49 GMT
AN-X-Request-Uuid
9db95d31-5fe5-40fb-ae0b-8852cc7cf055
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=28558346417&lsavail=1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
3d3c91ae3f6664324e78e6267e87f6688d6b2ac9771e78aed7ff730b9db72d80

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:49 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
bid
ap.lijit.com/rtb/ 		24 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
f26a50537389a2040f1ed6fc13fbb7bf2243b655e5ac83987ad9b3fdffad7b66

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:49 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 30 Apr 2023 02:19:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbjson
grid.bidswitch.net/ 		23 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b256b6f02bd17a546933247b7ce574c652d67d7b44271dfc82ec6978f0fd4e82

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:49 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
prebid
ib.adnxs.com/ut/v3/ 		139 B
953 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
48bb64e099a56b73f5371f39db10019abc6a96e7b7ce5d815994d3bb428fb91a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:49 GMT
AN-X-Request-Uuid
a51b614a-c518-4acb-8b75-a2123f87e041
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3ED1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4akf_dK062mUlOYGWPY30snI224eYE0JbMB-zyF2x6Bax_QNgWEyBTa6xLb-LAVP6AZEK_hHVZHeiJKiLiPKrKIZuH412oWpTMJ1ok5rps9ept_zVEH1rtf-XQ2PbkvaA4b1cwtwX1XLKTI3xUg3boh5qt68GMPxcBorllEY4k0G9ClF-UR_6GATUciNfysSB4V3ir8IKB61LHvhGuJQMq80JkMFlP9xTfizlJN1Xd6u4r60e6rnmYchqTS758gyXS9BFuLfje4YgraZ8lF9iNQPsl1KcC0xgqSD98dV2eScbl6bsF-JcvEyWPtx3D5Dedubz5oKrOasL5MxI5FWFaDxtHLlVUjfC7xMYm_HC&sai=AMfl-YRyNdw3XjjieeS-zJ9HkgG5zuPFRpxiCtcFwe1rt1G64YNqcg_A8nIa4boLK0GIxwp8A3QcV45Uz7FR-EozXqyN3gTBlkcdsKepqCGpq8JFhIvyZSsv1gkzbj6ZwJUWu4pD1i-fe2bXcy0aaR9FKczb1g&sig=Cg0ArKJSzG9m1ICoB2A0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3ED1 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AA6C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbQt6AEoCVXE_9N9ZTvqzfR1MdVnUi2cG3MvzunmMdd7mr1BpVgDINyIEJwJ2-YHOz0eqjQOu1ZaGUTR_8VD4XOaqAzS5EftT56e1nPZFwWe4EujP_kaJ7Lr8KI5WlXInYx55sx9I9DzFovsZXe5KlHPav_rVRfjEpB5_4IK-PZbOKQQhqJ-EUC2zOKqfYf0pRbrKTlF9whG9aFPkmtSyFV3V_uSL65OdIqv-R1PPpZSB4twAjs6185WJBolCrdgAEcXmUMye8JoPb2c42p71Zuq1_ncED_hWh88Lch88uQyDjtJ_ocqLpw6NxDAQWLPhgaJTjpKiRj9jIgVA&sai=AMfl-YS6Ggfr05Zmn7MIZYWJnGVGv-yW8F4X57ZWYXHrb8clWhUDDCoxInmuzvLISpNHrbr4efZ_lanqelTW905FCz5Q0Rt24AQsKmgNjha62sUNxR-Xnx0pDk9_Ed8A0tEtb0RiF8PZVt9aqzTujHC3_eRELg&sig=Cg0ArKJSzMVqn_pHgysAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:49 GMT
spt
tg1.playstream.media/api/adserver/ Frame AA6C 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.playstream.media/api/adserver/spt?AV_TAGID=631aee2ff1cefe19794600a6&AV_PUBLISHERID=631834db55e9564951409ee5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::172c:edd0 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cfec54cebb5ee1f328de0de1fcf0fa50c4470942dafd89c5dca6a615b76b1d45

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

X-Bamboo-C-SkSt
1
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
Date
Sun, 30 Apr 2023 02:19:49 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Vary
Accept-Encoding
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length
7867
Expires
Sun, 30 Apr 2023 02:24:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AA6C 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 41CF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVAhFSSOvusg0L5iuVxFeu9Z7GmetKNevUL4IPkrb2J0ZHeUsFOv9STTvb7i8FHBEXpQFW-_Wum4AZ6x2YOECmoHLtk41O0_nZXguT2_hob1K6pDSGabX0smIn067qRlTx1mWyvmxD2FDkNjVWPwqTiFCGkRGWTPp7L8xp8w7rubFZmDWS8Afn0Ka_kO3EXbFEq5YdiX3HOmF0EhOSE5Vw77OyZnFnwXK8GbgzX9DtmHGV4ZNZBdlFF9gU0YN1hms4JBdhAu2earSuVBCunkwZ7lvNKAWuCLBaxjlDrHj-gqb4JtGKxhyP5EWQWSkJKn8QFUxfjH1h4L2L2Hk0OqM&sai=AMfl-YQIP-2MM4HIL5_vlH_-PCz2n8Un6lq2lNHm8xna7w_MFDNuEriTJDBTWByxsLXDglzM5QewtrH_LpUQ5b-Wl8PiXTneK2uQOUxWi7XiUjU9YGBswSOUZgoyvNJwRZa4BMoNuwcZjUch1nkz48RyT7Y6pA&sig=Cg0ArKJSzBHH8rH09yCeEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:49 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 41CF 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:06:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
22411
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8751
x-xss-protection
0
server
cafe
etag
8024400250147624166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:06:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame 41CF 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
22477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:12 GMT
l
www.google.com/ads/measurement/ Frame 41CF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR-5xJjudWwqaarQDPlsmW0gFnYAwPEsHWXU6WivmXIdUQAzGUO2WPJXHWeiD8-UsacQS8JHVSjLMqlkcpcpO0NRcZ0MA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 41CF 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:49 GMT
15559941659952093314
tpc.googlesyndication.com/simgad/ Frame 41CF 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15559941659952093314
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60b755dec036b63178a5f98d57a943c735fd07044365b6991f3ad7c18f7ffd0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 15:30:04 GMT
x-content-type-options
nosniff
age
38985
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9850
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 04:04:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 15:30:04 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9472 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzgsSXCldQR4nmOVbI1FPnM4c_UhV8lksVYNMX1Doz-8hGGxnhLWSi3TywJRpi4PlQFYMWY_iy0fwQyZlFnbQ3aBi-bFUSVfHc6vBzlajik_kPypegllmo6Dv3rAUZABnjWEEmckX9j8-nW-bXZlG5nTntKvcD2Vlz4jyQnImLsQVHujlgNGDd9keOGiwguMKxNO7EhQ_rsNNr5-1hd300iCtznlBYpUqsIRNg5FzDRyOpixy52MzxFGIWw8iarJ1O9iGl_0kpsoOcJyRyIhSVZVYe7fCUJ1CLK-27UYaTXsf6cIUbz3h157bbW_AS1wsgpwhzkyFa-mTkX6od5uCw&sai=AMfl-YRdD-2jsYAygLc2Q7U6ro_vI1V3EHUTpDo9oL33eUYQL0HcxUN52umODMw2_iVyUTn3W-jHLYpis8iz-XGtahCR5brYKTXY6WHWtY4l2NmcqQKfpu1vhAhVzk4dsoeJH8StxXW9wiBkaa4KLtGQ2xXu6g&sig=Cg0ArKJSzJLZDHpjhVeFEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
mini.php
coronaliveupdates.khaleejtimes.com/tracker/ Frame 00AF 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.36.20 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
471786.cloudwaysapps.com
Software
nginx /
Resource Hash
67909d26d442ea7f811330675268887ef1fedc1350d49e515d2dc05af63a7f1f

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
11841
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:14:41 GMT
expires
Sun, 30 Apr 2023 02:24:41 GMT
server
nginx
vary
Accept-Encoding,User-Agent
x-cache
MISS
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9472 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:49 GMT
6301475985237276873
tpc.googlesyndication.com/simgad/ 		247 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6301475985237276873?
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7e8783dd44964affe69a07491abab9bc7a387ede7f970ddbb0d2496323a226f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
x-content-type-options
nosniff
age
0
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
253162
x-xss-protection
0
last-modified
Tue, 11 Apr 2023 09:57:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 29 Apr 2024 02:19:49 GMT
/
ujm.hansel.io/ujm/v1/data/web/BB2Z4RIGCXDC7OTCGJXG2CQSR/0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ujm.hansel.io/ujm/v1/data/web/BB2Z4RIGCXDC7OTCGJXG2CQSR/0/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::684a:4129 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.khaleejtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
OPTIONS,GET,PUT,POST,DELETE,HEAD
access-control-allow-origin
https://www.khaleejtimes.com
access-control-max-age
1800
allow
POST,OPTIONS
cache-control
max-age=0, no-cache, no-store
content-length
13
content-type
text/plain
date
Sun, 30 Apr 2023 02:19:49 GMT
expires
Sun, 30 Apr 2023 02:19:49 GMT
pragma
no-cache
server-timing
ak_p; desc="467450_1749696805_312803609_19336_995_17_0";dur=1
/
ujm.hansel.io/ujm/v1/data/web/BB2Z4RIGCXDC7OTCGJXG2CQSR/0/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ujm.hansel.io/ujm/v1/data/web/BB2Z4RIGCXDC7OTCGJXG2CQSR/0/
Requested by
Host: cdn-sdk.hansel.io
URL: https://cdn-sdk.hansel.io/web/8.4.0/hansel.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::684a:4129 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eba19c5b4ba159d5d0a8d6938322c93f0d471508572e98e26ab7199d955becf3

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
server-timing
cdn-cache; desc=MISS, edge; dur=61, origin; dur=8, ak_p; desc="467450_1749696805_312803782_6903_1385_22_0";dur=1
content-length
1054
expires
Sun, 30 Apr 2023 02:19:49 GMT
user_exists
psegment.netcoresmartech.com/ 		126 B
237 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psegment.netcoresmartech.com/user_exists?c=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&uuid=c78fb433-3269-4916-aae9-76b070e74872&s=true
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&siteid=cdf05e30364b953ee8f1b09e48d0473e&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.126.25.127 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-126-25-127.ap-south-1.compute.amazonaws.com
Software
CRO SERVER /
Resource Hash
8d02a0216c7957608c5c5523fedf8350c97727d425ec89a9e2268bd836e19c76

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:49 GMT
server
CRO SERVER
content-length
126
content-type
application/json
sdk.js
js.boxx.ai/ 		183 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.boxx.ai/sdk.js?client_id=x9vk&_rc=s&hash=467450
Requested by
Host: js.boxx.ai
URL: https://js.boxx.ai/js_init/?smartech=true&client_id=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&host=www.khaleejtimes.com&asset=cdf05e30364b953ee8f1b09e48d0473e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:b000:9:a948:8e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
350f5577ffec4a6aaf7b9ff0d2d56ae9d4faed21c37bd071c2af7c119fad601d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:30:05 GMT
content-encoding
gzip
via
1.1 fcce23e7f4e791fa67223a305c4debb8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
2984
x-cache
Hit from cloudfront
content-length
41587
last-modified
Sun, 30 Apr 2023 01:30:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
vary
Cookie,Accept-Encoding
content-language
en
content-type
application/javascript
cache-control
public, must-revalidate, max-age=172800
x-amz-cf-id
Wc5vfCfniFMjLVyJiIPnk4nwZYEuCYiFGl56gbMwE4DKYE8CtaU8eg==
expires
Tue, 02 May 2023 01:30:05 GMT
984.json
id5-sync.com/g/v2/ 		575 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
c72a3cbeb621ca971f70d9d6c01cfce6c40c4c1b3db3aad9276adc7fb4dcb355
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
integrator.js
adservice.google.ca/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=240672733659405&correlator=2084650320389413&eid=44777629&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C537953_KT_Teads_Inread_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=12&adks=4285747688&sfv=1-0-40&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&ppid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&sc=1&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&abxe=1&dt=1682821189617&lmt=1682821189&dlt=1682821187973&idt=472&adxs=0&adys=5481&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=1600x6077&msz=1600x0&fws=4&ohw=1600&ga_vid=2080641419.1682821189&ga_sid=1682821189&ga_hid=1749126243&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a36c712b92234bd72622d6641ea30cdb3b60cb3139bd7effb47b9871d2bbd17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9553
x-xss-protection
0
google-lineitem-id
6020071586
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138392156598
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
0187cff58b3d000b5ceccd3def6c03074006106c00b08
visitor-service-us-east-1.tealiumiq.com/khaleejtimes/khaleejtimes/ 		35 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://visitor-service-us-east-1.tealiumiq.com/khaleejtimes/khaleejtimes/0187cff58b3d000b5ceccd3def6c03074006106c00b08?callback=utag.ut%5B%22writevakhaleejtimes%22%5D&rnd=1682821189674
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.160.201.168 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-160-201-168.compute-1.amazonaws.com
Software
/
Resource Hash
670afa7e8e7612fddbbf0576419d7c965e0de9c0499180e436164dfc493469b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-version
e1a5b1c92c52c8470e28b7bf72c65f6fd49a0187-SNAPSHOT
date
Sun, 30 Apr 2023 02:19:49 GMT
strict-transport-security
max-age=31536000; includeSubdomains
x-region
us-east-1
content-length
35
x-nodeid
i-077f1f8e4f852fc3b
content-type
application/javascript; charset=utf-8
khaleejtimes.com.json
cdn.vuukle.com/ads/ 		64 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/ads/khaleejtimes.com.json
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d53987395f1d9fa218d31e1190fbc6a5e154813f5776a5584b76484993372e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sat, 29 Apr 2023 14:07:54 GMT
server
cloudflare
etag
W/"644d24ba-ffa6"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cf-ray
7bfc4d541cdca1d8-YYZ
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
izooto.js
cdn.izooto.com/scripts/sdk/ 		284 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sdk/izooto.js
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/61e05264d81ef5830f3e62a7c70ccb5aaa9b3ae0.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d55af606774cf1f44ef679b3b0d6547b62c3e6e9b21e15a1f564b95f61db15b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 28 Apr 2023 12:16:38 GMT
server
cloudflare
age
136927
etag
W/"644bb926-46ebc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1382400
cf-ray
7bfc4d542e867157-YUL
x-xss-protection
1; mode=block
expires
Tue, 16 May 2023 02:19:49 GMT
token
cdn.linkedin.oribi.io/partner/1008731/domain/khaleejtimes.com/ 		36 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/1008731/domain/khaleejtimes.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:3200:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 00:46:00 GMT
content-encoding
gzip
via
1.1 086617c9385713660fb060f989a2a626.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
age
5629
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=25180
x-amz-cf-id
Sx5dhITL3KOfCxK9OEuVg46adpRk5XvGahOXXQqiYAvXpwuGD3aaJQ==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1008731&time=1682821189780&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1008731&time=1682821189780&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&cookies...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1008731%26time%3D1682821189780%26url%3Dhttps%253A%252F%252Fwww.khaleejtimes.com%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1008731&time=1682821189780&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&cookies...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1008731&time=1682821189780&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&cookie...
0
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1008731&time=1682821189780&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&cookiesTest=true&liSync=true&e_ipv6=AQIlzmAr5KItyQAAAYfP9ZOsQintUjNbXPs57OCea1zdoGBa-2hkhmS77n65y52L6dQNc9gvDQ
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 2DB31B4C4D4240E7A664898C1C619C0F Ref B: YMQ01EDGE0811 Ref C: 2023-04-30T02:19:50Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6hFdN+PAU4KmPuAvjag==

Redirect headers

date
Sun, 30 Apr 2023 02:19:50 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 2F455CF08B724E50B38EBC13D4792451 Ref B: YMQ01EDGE0813 Ref C: 2023-04-30T02:19:50Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1008731&time=1682821189780&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&cookiesTest=true&liSync=true&e_ipv6=AQIlzmAr5KItyQAAAYfP9ZOsQintUjNbXPs57OCea1zdoGBa-2hkhmS77n65y52L6dQNc9gvDQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6hFdIwA8R18syjhcZCQ==
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.102
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 30 Apr 2023 02:19:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20722
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
0nPYx1yvX7SxRfmn+iUkLaTVZiatcyOoZSUptuPUFYjs0ZmHrT9ehrwJtXSCWtGcCCbcbKUJJyIYN6pLA0t5qQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
2941225452779813
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2941225452779813?v=2.9.102&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e0ce94fbc61943bee9b14d4e1ea1372697ed04c9fcb60bd0775c3fbb8a8b56a8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 30 Apr 2023 02:19:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110225
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
mBIWiplQtxjowrM8QcBRYPK91EqboSVRIc8KqxccQoK36tyS55UOmtFuUA3yn08+itNl44oWcM8AnJtpuWGivg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1512268381
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
pageview
c.az.contentsquare.net/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.az.contentsquare.net/pageview?pid=20320&uu=2ee5cbe7-2387-a7a5-c6be-3c77068b5ea8&sn=1&hd=1682821189&pn=1&dw=1600&dh=5980&ww=1600&wh=1200&sw=1600&sh=1200&dr=&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&uc=0&la=en-US&cvars=%7B%221%22%3A%5B%22page_section%22%2C%22Tech%22%5D%2C%222%22%3A%5B%22title%22%2C%22Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%7C%20Khaleej%20Times%22%5D%2C%223%22%3A%5B%22article_id%22%2C%22cb6fb1ec-4377-494d-ac0f-e5e1c9edd684%22%5D%2C%224%22%3A%5B%22Article%20%20Authors%22%2C%22Reuters%22%5D%2C%225%22%3A%5B%22Pathname%22%2C%22%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems%22%5D%7D&cvarp=%7B%221%22%3A%5B%22page_section%22%2C%22Tech%22%5D%2C%222%22%3A%5B%22title%22%2C%22Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%7C%20Khaleej%20Times%22%5D%2C%223%22%3A%5B%22article_id%22%2C%22cb6fb1ec-4377-494d-ac0f-e5e1c9edd684%22%5D%2C%224%22%3A%5B%22Article%20%20Authors%22%2C%22Reuters%22%5D%2C%225%22%3A%5B%22Pathname%22%2C%22%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems%22%5D%7D&v=13.12.0&pvt=n&dt=113&ex=&r=701216
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.96.87.156 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
truncated
/ Frame 41CF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a23bcdb46e4ffc54a9258dcf50cf432c5f7ae4ef90821da173dfeb7734328e97

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
afpfChild.js
adgebra.co.in/afpf/ 		48 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/afpf/afpfChild.js?hrId=2023043002
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/afpf.js?p1=5823&amp;p2=0&amp;p3=0&amp;p4=&amp;p5=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
e0e64c7e8fc73581213ab8a0e4eb7c0c0b3ddb44101f26c61b88082a8949067c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 19 Apr 2023 16:42:42 GMT
accept-ranges
bytes
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/javascript
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=khaleejtimes.com&p=%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&u=DLdbaSM1EkPDFRuwZ&d=khaleejtimes.com&g=66153&g0=Tech&g1=Reuters&n=1&f=00001&c=0&x=0&m=0&y=5980&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&b=3057&t=J4m6mC5uJCdB9_wtrCV-ayjsMV_P&V=139&i=Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%7C%20Khaleej%20Times&tz=0&sn=1&sv=DxEQigBfiAVditBVjBUZtVcD2LjIN&sd=1&im=06639cff&_
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.12.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-12-114.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
projectagora.min.js
palibzh.tech/libs/ 		309 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://palibzh.tech/libs/projectagora.min.js
Requested by
Host: pahtuz.tech
URL: https://pahtuz.tech/c/khaleejtimes.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:8a15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bd317fc2725d490a136af28191f1661ae331d27ac99b97659b34c1840679280

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
YZ7D2XBPH33BFVJX
age
3995
x-amz-server-side-encryption
AES256
x-amz-meta-version
3.0.4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
89072
x-amz-id-2
ELYyp/ys5zmw4EV9my9oGNT9fqnK6oZxQ/fzlPyIeLrverJbTAygNlUyCSfIHz1C7+n6hNRMe74=
last-modified
Tue, 25 Apr 2023 13:09:18 GMT
server
cloudflare
etag
"cf4ecabad56ded3e4ac92c41eab25977"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9kFNJatEIhEalZB27yL%2BQiDiPoJ66GqAuG1S%2B5G65fXVHxPjF%2BOOmGQmnKtp%2FLJlf0g4hgBqH2kxaGbSUg3T67VTY2PQhSfhAKd7Fi8Jqs1In4jeDb2HtoLgBQwDS8KItKzOvleJXDBY%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7bfc4d55888e17ed-EWR
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=4000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.127.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-127-47.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
accept-ch
sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb2.adtelligent.com/v2/auction/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e939aab8082bc5f120556c66d2031f2386d4771833d0123c235052aa47650372

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:49 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1184
v1
prg-apac.smartadserver.com/prebid/ 		895 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
afe499e3c8a9081533299439b8a7c453d3e26e37a4e998c78c6d991bcde1c0aa

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		965 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca3cabc1328372ce02da2a6ec757830942603e70b1a0f7d6f804cb8115369ca

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Sun, 30 Apr 2023 02:19:50 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bfc4d551faf7138-YUL
expires
0
arj
rtbdemand-d.openx.net/w/1.0/ 		174 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bb7ec296-daf2-4dc2-901a-c38a845afa13&nocache=1682821189925&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=160x600&divids=andbeyond16011&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
bad77dc8dc37a42884db90838f1ee7ab15e11ecd4db29f774c1abbc605055d44

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f00825326f1f1355cd8f5f89dfa670c1dde5e82e03c2f35f807565cc7fc8ab0d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:50 GMT
AN-X-Request-Uuid
7ee5bf7b-a4c6-44a1-8c89-9847cdec48d6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
d30583adc0d9b6a72d824640542b65878246b166cbefacacabf1b9970bcc6531

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:50 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 30 Apr 2023 02:19:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=33799966256&lsavail=1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bid
ap.lijit.com/rtb/ 		25 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
6a7340bd2ef99577eeb08ed304d31165d886935141f857ec3381e8cc79646073

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:49 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
ib.adnxs.com/ut/v3/ 		19 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:49 GMT
AN-X-Request-Uuid
be1c7095-aeee-4d53-82b4-a197eafa8ec7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=2000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.127.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-127-47.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
accept-ch
sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e46b256f0d3d92c425777de3e35e1b94b56b73b46ab9de2a70771a0653e5cd87

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:49 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1184
v1
prg-apac.smartadserver.com/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
2202a7d9b9ff0c4d9c78df19784da343bcac13cb0bb0615696a4bd1c3fe67a58

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17eb31ee568c54012757fffb75dfcaa54a02d363bf76a4e624f60725341824f3

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Sun, 30 Apr 2023 02:19:50 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: andbeyond30015, Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bfc4d553fef7138-YUL
expires
0
bid-request
a.teads.tv/hb/ 		16 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 30 Apr 2023 02:19:50 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		174 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=48ff03c1-5795-4ac6-879b-2d5eebdcba72&nocache=1682821189948&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C200x200&divids=andbeyond30015&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
708a0a926e9899dee2c1f6186acefa6f0e487470ec02bfade62d4d0e5feb61aa

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:49 GMT
AN-X-Request-Uuid
3bda3ba9-b8f1-46c7-9c5e-7549756abc8e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=82732825713&lsavail=1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
d115f066d16870ba630d489b6c3e867b3b9872470c952db01a7edec50f43f613

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:50 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
bid
ap.lijit.com/rtb/ 		95 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b93094b526a560578a46424c69f3f6a95cd6fa0e0236ae6e1483c92ed5c8fce3

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 30 Apr 2023 02:19:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbjson
grid.bidswitch.net/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
201e718e15a6e4334e14cadf28ba10b8797ab4df1891717908a7012d1b367b51

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:49 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
prebid
ib.adnxs.com/ut/v3/ 		140 B
954 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e2ecb4da0bda46637c085b0e9596b3ca9dd08b7719568c4f7edfb60c6825b634
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:49 GMT
AN-X-Request-Uuid
563af010-93b1-473c-842b-9775dcf7415d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
GetImageDetails
adgebra.co.in/Adg_Analytics/ 		2 B
107 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/Adg_Analytics/GetImageDetails?docurl=https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems&rand=8
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/afph/afphChild.js?hrId=2023043002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
20ef0f0c8d0eea98772412cea9b3b92612e3e53cb5e59152b5703165f56e8a53

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 30 Apr 2023 02:19:49 GMT
via
1.1 google
access-control-allow-credentials
true
content-length
2
content-type
application/json;charset=UTF-8
RFPSegmentDomainReaderServlet
adgebra.co.in/afpf/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/afpf/RFPSegmentDomainReaderServlet?sitename=khaleejtimes.com
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/afph/afphChild.js?hrId=2023043002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:50 GMT
via
1.1 google
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With,Origin, Control-Request-Method,remember-me, Access-Control-Request-Headers,Authorization, x-auth-token
content-length
0
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:50 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
257840
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bk8e9S4NexNn90AQxLx4W5jIDc7v%2FH1WAHrEeqZm%2Bq6YLIZ2MH7vd9S5IRro1ZrGTYNML1UvNoVgi8qVQ02%2FPn6EM4%2BFA8GlpGMk01btcMbYeD4UklzAJQgU57GRUKawphcZJ92dklF%2Fv11K"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7bfc4d55adb4a223-YYZ
39a202cd-b451-40ea-861c-74fa4cca20f3
app.playstream.media/api/getPlayLists/ 		1 KB
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.playstream.media/api/getPlayLists/39a202cd-b451-40ea-861c-74fa4cca20f3
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/vod.js?fluid=false&height=250&id=39a202cd-b451-40ea-861c-74fa4cca20f3&width=300&powered_by=&powered_by_url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.99.215.229 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.229.215.99.88.clients.your-server.de
Software
nginx/1.17.10 / PHP/7.4.11
Resource Hash
d25316981c0cb2e550afb18968c43e8671490a024565b79962090158e9885974

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:50 GMT
cache-control
no-cache, private
content-encoding
br
server
nginx/1.17.10
x-powered-by
PHP/7.4.11
content-type
application/json
777186468-3
f.monetate.net/trk/4/s/a-662c8ed1/p/khaleejtimes.com/ 		391 B
545 B 		Script
General
Check archive.org
Download Go to
Full URL
https://f.monetate.net/trk/4/s/a-662c8ed1/p/khaleejtimes.com/777186468-3?mr=t1640009934&mi=%272.151432051.1682821189973%27&cs=!t&e=!(viewPage,gt)&pt=article&r=%27%27&sw=1600&sh=1200&sc=24&j=!f&tg=!(!(68359,%270187cff58b3d000b5ceccd3def6c03074006106c00b08%27))&u=%27https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems%27&fl=!f&hvc=!t&eoq=!t
Requested by
Host: se.monetate.net
URL: https://se.monetate.net/js/2/a-662c8ed1/p/khaleejtimes.com/custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.48.193 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-48-193.compute-1.amazonaws.com
Software
Monetate /
Resource Hash
ab4e05f71f7fa530de21eff6f93d08d8fa2310d3334f2b96fafaff07bb51fcd8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:50 GMT
Content-Encoding
gzip
Server
Monetate
Vary
Accept-Encoding
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-cache
Server-Timing
total;dur=17.3
Timing-Allow-Origin
*
Content-Length
228
Expires
Sat, 30 Apr 2022 02:19:50 GMT
777186468-0
f.monetate.net/trk/4/i/a-662c8ed1/p/khaleejtimes.com/ 		36 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.monetate.net/trk/4/i/a-662c8ed1/p/khaleejtimes.com/777186468-0?mr=t1640009934&mi=%272.151432051.1682821189973%27&u=%27https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems%27&e=!(xx)&xx=!((entry:api,msg:%27530:+ERROR:+API+integration+failed%27,xmsg:%27API+call+undefined+failed:+Parameter+is+not+an+array%27,xname:%27ERROR:+API+integration+failed+due+to+unhandled+error.+Contact+a+developer%27))&eoq=!t
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.48.193 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-48-193.compute-1.amazonaws.com
Software
Monetate /
Resource Hash
be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:50 GMT
Server
Monetate
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache
Timing-Allow-Origin
*
Content-Length
36
Expires
Sun, 23 Apr 2023 02:19:50 GMT
777186468-1
f.monetate.net/trk/4/i/a-662c8ed1/p/khaleejtimes.com/ 		36 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.monetate.net/trk/4/i/a-662c8ed1/p/khaleejtimes.com/777186468-1?mr=t1640009934&mi=%272.151432051.1682821189973%27&u=%27https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems%27&e=!(xx)&xx=!((entry:api,msg:%27532:+ERROR:+API+integration+failed%27,xmsg:%27API+call+%5Bobject+Object%5D+failed:+Unknown+API+method:+%5Bobject+Object%5D%27,xname:%27ERROR:+API+integration+failed+due+to+invalid+parameters.+Double+check+configuration.%27))&eoq=!t
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.48.193 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-48-193.compute-1.amazonaws.com
Software
Monetate /
Resource Hash
be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:50 GMT
Server
Monetate
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache
Timing-Allow-Origin
*
Content-Length
36
Expires
Sun, 23 Apr 2023 02:19:50 GMT
777186468-2
f.monetate.net/trk/4/i/a-662c8ed1/p/khaleejtimes.com/ 		36 B
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://f.monetate.net/trk/4/i/a-662c8ed1/p/khaleejtimes.com/777186468-2?mr=t1640009934&mi=%272.151432051.1682821189973%27&u=%27https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems%27&e=!(xx)&xx=!((entry:api,msg:%27530:+ERROR:+API+integration+failed%27,xmsg:%27API+call+undefined+failed:+Parameter+is+not+an+array%27,xname:%27ERROR:+API+integration+failed+due+to+unhandled+error.+Contact+a+developer%27))&eoq=!t
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.48.193 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-48-193.compute-1.amazonaws.com
Software
Monetate /
Resource Hash
be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:50 GMT
Server
Monetate
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
no-cache
Timing-Allow-Origin
*
Content-Length
36
Expires
Sun, 23 Apr 2023 02:19:50 GMT
truncated
/ Frame 3ED1 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88bd2e8de2047c41f403372048227bd661edb58ca0ee2a116d94230bdc4290ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3ED1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvnVqLmVfCAyG1Ngtt75GUp6OLgn8sXJkJuew5ckAqxMk9xSEq6wHwPl1MZm5kBc7Jk4nKAl5qLbYEa78VvhP78PruXc8HVPUhIwcDbI_9EgF3KbLcpqQAvojEhpgj4CiSWuTN-ozi3GL8z7mRWwFfBc76UuVlFIGcZPLJ0laU1N5YOGheO1d5-ZeiG7M8AB-UJ1z1QuvBQc3NTsctebPXOy4o0SlJM_ag8shzpeNU6BCtgHirPGNgCLEOrH7uGpMZsJH75-XVWsTr-vfTng41xntyjqt8Eksszdf0JbWcuAZZ3BMb14j8D0RrKSS8GKvnaqUheZYGAflkW8h3FPbXS5TM_&sai=AMfl-YSL9pmAKxQX2C3Ww4I-68ZTgHgsnUmOBHMLvbXl-AqAWGtsyUEqguiFM7XoUiPiVglq6eQH0QNoUE0EZFdNoT9eB7O6saUQdI5N6YlQc59_oG-Lk_NCFNsz3tNCjal3PA9d4x6Qv0MGts_qLeD6BeWWcg&sig=Cg0ArKJSzAM24WQ7VRh0EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:50 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 30 Apr 2023 02:19:50 GMT
x-content-type-options
nosniff
content-encoding
br
age
4781
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-yul12830-YUL
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
6Q043EC48HC8TEQX
age
1170
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7bfc4d560ff55419-YYZ
x-amz-id-2
PcY/0dpZc4BYc1g5VbuKDSLPseMAmiiZHAWhkg6683gAIItZxo2+ziBiixtY9m4hmZhu7yY8tYg=
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 01 May 2023 02:19:50 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 00:30:12 GMT
content-encoding
gzip
via
1.1 d60ae27dae636821c1e43441a8146e02.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:14:05 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
6579
x-amz-server-side-encryption
AES256
etag
W/"37e703da55f96b973658b8e7aeed0e93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
UYgJFvGpzLqxRbH9Coo4XW3gD8MJBDP8fEC4W44ZzWZ5dUhYq_qdAQ==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:2a00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sat, 29 Apr 2023 08:14:11 GMT
Via
1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Jan 2023 04:07:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P6
Age
65140
x-amz-server-side-encryption
AES256
ETag
"aded621b17723f487b3c9d0e43cf2f94"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1859
X-Amz-Cf-Id
FIpt39uoqaDEBuT5EM3YLnmbudlXfBLrFezEA3l-TdY8eMrID3S8YQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 32E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7hvXYUddxEpJ0m9SQEgNqC0i8ZdRonM5BSZ2vs39-PEgIgkhW6sSXEEomr-lo9V0RbuCXzqnTRfYvy9ea7juKMXIXY8GaXmBSLyG9JRuNCre8NjYgNdz_fG_Hns_eBtrcy49JG3b9U7HRnBTwTtBli3S2Ei9Mnnm0NJ9RzmBmA7TFnzaX2Y43Hu6ih7K44KAeA2_2SpJKyZABuXil5eAGdIRGAsiqK8JC0DU23UWqTsi9wN-q_hL5Xhk_hoSAi05nlkmmUGVzaeK6IK8vk5Bd85sX0bXI-rtv0Vi22oQ0mqBrP4e00yAc10y2oGXz74odFJyfhU39GJl9GpwJphpEiVuK4ovyTg&sai=AMfl-YTxtTw2YWj-k_gdxf4hvLStqWl7MabEsu17-ompwI2SsV28oyfbQQ-mW_VunOYT7sRyoaaAaDFE4LgiCnJoa2K8UUPeDMRk_nAdCP0XYKz7tjraKWwn9tdQd4UXDw&sig=Cg0ArKJSzLVy4SzOwz-bEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
tag
a.teads.tv/page/149011/ Frame 32E7 		817 B
841 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/149011/tag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
88e7150c14087d8972359bdc5b4c7cdc27fd9977a3b5c81a4a147cdcfb3a146d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
499
expires
Sun, 30 Apr 2023 03:19:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 32E7 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:50 GMT
5afdeaa8-5734-4f0b-9b91-78dd993a2502
https://www.khaleejtimes.com/ 		11 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.khaleejtimes.com/5afdeaa8-5734-4f0b-9b91-78dd993a2502
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e116d068314b1eb97ad95264d427d9a63c5baa0395467bdaeed4bf9ce9c760a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
10879
Content-Type
application/javascript
ls_CS.js
ct.contentsquare.net/www/tc/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ct.contentsquare.net/www/tc/ls_CS.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23ca:4800:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
249c4e456d6c2e9baf3ddc9ac020eb98fb4859487402ac0dcca8c5ed7d0ec536

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 13:59:49 GMT
content-encoding
gzip
via
1.1 8fd21502425077e617fde7325b45e112.cloudfront.net (CloudFront)
x-amz-version-id
Zqyhv6v5K4fn41p.rBe9wKD0ibFZUYEl
x-amz-cf-pop
JFK50-P2
age
0
x-cache
Hit from cloudfront
content-length
6146
last-modified
Tue, 22 Nov 2022 07:26:02 GMT
server
AmazonS3
etag
"d1a52d522cf883632a9e6963ffc97102"
vary
Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
x-amz-cf-id
4y6OckBSsBZ9UvZuZtfXLn7Al9r2Y7hKoWOYEt81Z208oDmGu-I_0g==
view
securepubads.g.doubleclick.net/pcs/ Frame 41CF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKeq7rOt9s3MZNDWHb12m2iRK3AIHyk1dGMHehfBMNXVCTM8bMtuaRGrfd0CmVWux1qEIr3QE1HIRHyini1veWkIaP9l2H_gM1cMhqbCC6QPphQCbZeUcy1BcYuNGmVkw-IdTwR37nU-eGq8MJDX1WZbutFqVcvjDtr21ZnhtwxqR9kvtqtyYKXyNQs6i9Zv7yp6Wl8-LcFCzRgiU8M6jq5s4NiRst4XC58xL_kPrEI9mA9fBF9qFH8Hn6xDJynhKmQK1uQEEzA5H-F2Jn6EJ24_wMxGsoZ7XUjjEDAqhT14RFG12NtQ2ob8tTxUyzfSV0rQzKp3veMr3gxbellGEoxA&sai=AMfl-YRklWRpjQK0AcWCxW0GPZ_xpFNAA0NtpBlNd7bVl1XDG5g2X6VUxRD2dW7962GNGnPH7gqshYelHkdrgCs341WCXAwzd_FF1B9VYTmVEyMQxqwUHdt2DuujoJZ44D_NcM02r_2CwDfIUZT8xjz3appFUw&sig=Cg0ArKJSzD3w_aBBsfNdEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:50 GMT
truncated
/ Frame AA6C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b7a230cbbda7dd4ec97eaab29d32c5fbbc814377c4fc70afd49f4fdf62081b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 9472 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0u73VOh9hWTQ1TpzK3zf4CiuUMgGuZTuex2NXhSIghEBBRQkXQ8iZdTHqhogntZlX6vPTYn3DBdEO_qRes5n6xntQr97b7jNeadQ5mgDZuue12A4oPvYCsJF7Hx9M5JtJyjcy28eOfNQ3-zpNx5vKFuo3Z1-h9RL-bOOYl2DvmgnIbNs5897m5TygdMT97OQ0-DFFxRytDxiH79Oy5TzCzDYgemdyXThu5rVIUb5R3lPp7ZOkP6_sb9YaTFmByCnLdWCIxctGn9WKIWK1UuxXZ9qkaZ4J6NobNvzLl5NcOtdYniYVOJhDSCWp2wPtGy7aY3y_245hl6o2KzGECsv3-Lw&sai=AMfl-YQaw7CMdAeNK-VyQddHYKooLcociiNkwqI-n0hOEcW7IRmzMBEXxz7RSf9PFy7f0NCad2u733gpFfNLDlShk1PWYTSKhrumphaZE_7W3SWHJKkXlKgpklDLdCTu5uh_h7YwnRk8cGT9DMUoty1bxZROlA&sig=Cg0ArKJSzMhe1kiVaZqaEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:50 GMT
truncated
/ Frame 9472 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56f73d748f1825d9d83064b8ca4713d1de88f9311762cdd4a650963790dd0464

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		232 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=khaleejtimes.com&domain=khaleejtimes.com&path=%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
214f104e4611818c162290e681f7849e9d24e48fe90b11ce845d75c63af672e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
167
x-served-by
cache-yul12826-YUL
x-timer
S1682821190.240598,VS0,VE22
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Fri, 28 Apr 2023 02:19:50 GMT
collect
analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-2VVVMDVFQ8&gtm=45je34q0&_p=1749126243&_gaz=1&cid=2080641419.1682821189&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&_s=1&sid=1682821190&sct=1&seg=0&dl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&dt=Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%7C%20Khaleej%20Times&en=ad_impression&_fv=1&_ss=1&ep.query_id=COKPubnF0P4CFcubswodWmsHyA
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2VVVMDVFQ8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2VVVMDVFQ8&cid=2080641419.1682821189&gtm=45je34q0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2VVVMDVFQ8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-2VVVMDVFQ8&gtm=45je34q0&_p=1749126243&cid=2080641419.1682821189&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1682821190&sct=1&seg=0&dl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&dt=Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%7C%20Khaleej%20Times&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2VVVMDVFQ8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-819330-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2VVVMDVFQ8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc4e3f0d398bd4cd4491920f46d59c3651a03f295ac0742ea5fed2e763c122e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45377
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Apr 2023 02:19:50 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2VVVMDVFQ8&cid=2080641419.1682821189&gtm=45je34q0&aip=1&z=1260656252
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
avcplayer.js
player.avplayer.com/script/8.3/v/ 		772 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by
Host: tg1.playstream.media
URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=631aee2ff1cefe19794600a6&AV_PUBLISHERID=631834db55e9564951409ee5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
e1cbae1c8cc7d330811eae70eb3cb7a53a15c95a0e0a6bb3f182e50d66ba256c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 09:14:00 GMT
etag
"1682068440"
x-hw
1682821190.dop037.dc2.t,1682821190.cds164.dc2.hn,1682821190.cds228.dc2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
202939
track
track1.aniview.com/ Frame AA6C 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=631834db55e9564951409ee5&cid=631aed0efe3b5c12d06b24f5&cb=1682821190252&r=www.khaleejtimes.com&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&d35=&d65=&d66=8&d74=&e=playerLoaded&str=viewable
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-215.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bg.jpg
coronaliveupdates.khaleejtimes.com/images/corona/ Frame 00AF 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronaliveupdates.khaleejtimes.com/images/corona/bg.jpg?v=1
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.36.20 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
471786.cloudwaysapps.com
Software
nginx /
Resource Hash
8bd592492aef00df3edb07d2c90d63d7ed56ab15bbd1cf40479764a9b249767a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:14:42 GMT
last-modified
Fri, 18 Sep 2020 05:04:03 GMT
server
nginx
etag
"5f643fc3-5dc"
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1500
halfvirus.png
coronaliveupdates.khaleejtimes.com/images/corona/ Frame 00AF 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronaliveupdates.khaleejtimes.com/images/corona/halfvirus.png?v=3
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.36.20 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
471786.cloudwaysapps.com
Software
nginx /
Resource Hash
1ddff8b731c76509264e6b48900f281a39b0e3aeb3e4df3a69fda9cc4ca437aa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:14:42 GMT
last-modified
Fri, 18 Sep 2020 05:04:04 GMT
server
nginx
etag
"5f643fc4-2f9a"
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
12186
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		48 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=240672733659405&correlator=1618038059844409&eid=44777629&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C698907-970-250-6&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=13&adks=4184082431&sfv=1-0-40&prev_scp=adunit%3DResponsive-Article-Leaderboard%26prebidtrue%3D0%26refresh1%3D0&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&ppid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&sc=1&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&abxe=1&dt=1682821190322&lmt=1682821190&dlt=1682821187973&idt=472&adxs=315&adys=260&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=4&ohw=1600&psts=ABHeCvgEv86xznXJDqhGXoApEdUtFuaQ3aNlQXLeuhg9sGJ2HeVyGw_X3oZD752tw_cdCiLlPxN3R8HmFWkycwTnBxQtSRsRJig&ga_vid=2080641419.1682821189&ga_sid=1682821189&ga_hid=1749126243&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi4o9b__DBIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBi4o9b__DBIAFICCGQSGQoKcHViY2lkLm9yZxi3o9b__DBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuKPW__wwSABSAghk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6e7252b0a8753b5022b83ce5975626bd71af7c287e5dc666a27040e6f4620da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19678
x-xss-protection
0
google-lineitem-id
6095641153
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138402262032
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=240672733659405&correlator=3134412053871613&eid=44777629&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C698907-300-250-16&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=14&adks=1887997246&sfv=1-0-40&prev_scp=adunit%3DResponsive-Article-MPU-1%26prebidtrue%3D0%26refresh1%3D0%26hb_format_adtelligen%3Dbanner%26hb_size_adtelligent%3D300x250%26hb_pb_adtelligent%3D0.03%26hb_adid_adtelligent%3D17080b880b0cf1db%26hb_bidder_adtelligen%3Dadtelligent%26hb_size%3D300x250%26hb_format%3Dbanner%26hb_pb%3D0.03%26rtb_pb%3D0.03%26hb_adid%3D17080b880b0cf1db%26hb_bidder%3Dadtelligent&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&ppid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&sc=1&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&abxe=1&dt=1682821190337&lmt=1682821190&dlt=1682821187973&idt=472&adxs=1167&adys=587&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=314&psts=ABHeCvgEv86xznXJDqhGXoApEdUtFuaQ3aNlQXLeuhg9sGJ2HeVyGw_X3oZD752tw_cdCiLlPxN3R8HmFWkycwTnBxQtSRsRJig&ga_vid=2080641419.1682821189&ga_sid=1682821189&ga_hid=1749126243&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi4o9b__DBIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBi4o9b__DBIAFICCGQSGQoKcHViY2lkLm9yZxi3o9b__DBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuKPW__wwSABSAghk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26f9373308604b547b40979e71e3e852391fa4c65931639f6d7f7ca25a3deec1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9581
x-xss-protection
0
google-lineitem-id
5971766117
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138254914985
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
hulk.boxx.ai/nav/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://hulk.boxx.ai/nav/?h=www.khaleejtimes.com&c=3328
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.154.184.55 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-154-184-55.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,localboxxcookie
Access-Control-Request-Method
POST
Origin
https://www.khaleejtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,bxpvid,loaded,localBoxxCookie
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
access-control-max-age
86400
date
Sun, 30 Apr 2023 02:19:50 GMT
server
nginx
/
hulk.boxx.ai/nav/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hulk.boxx.ai/nav/?h=www.khaleejtimes.com&c=3328
Requested by
Host: js.boxx.ai
URL: https://js.boxx.ai/sdk.js?client_id=x9vk&_rc=s&hash=467450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.154.184.55 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-154-184-55.ap-south-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b9c89a9a75a8bc7d40f824e863c46337c970be7db8c2559338bcd585319a2cbe

Request headers

Referer
https://www.khaleejtimes.com/
localBoxxCookie
c78fb433-3269-4916-aae9-76b070e74872
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,bxpvid,loaded,localBoxxCookie
/
upload.boxx.ai/transaction/ 		89 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://upload.boxx.ai/transaction/
Requested by
Host: js.boxx.ai
URL: https://js.boxx.ai/sdk.js?client_id=x9vk&_rc=s&hash=467450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-111.ewr52.r.cloudfront.net
Software
/
Resource Hash
c657d48bf8c50dd0ed644753b4d9ee9205f74786c4454ccdce3778fb4ce4aace

Request headers

Accept
application/json
Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
via
1.1 44c3684463dfb1f60dc276fec7fe9d92.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C4
x-amzn-requestid
47286d28-6e3f-47d7-ad6d-1865d3c1e888
x-cache
Miss from cloudfront
x-amz-apigw-id
EK17LHykBcwFpgA=
content-length
101
x-amzn-trace-id
Root=1-644dd047-069f054e3e87e13a508f9e72;Sampled=0;lineage=50d7d5d7:0
access-control-max-age
86400
access-control-allow-methods
GET,PUT,OPTIONS
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
access-control-expose-headers
Set-Cookie
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, bxpvid, loaded, localBoxxCookie
x-amz-cf-id
M83ID230yOJiZYkbB0SB1dCfJqfKTjljvqMUsZSox3ryUi4rKMGrdw==
/
upload.boxx.ai/transaction/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://upload.boxx.ai/transaction/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-111.ewr52.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://www.khaleejtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, bxpvid, loaded, localBoxxCookie
access-control-allow-methods
GET,PUT,OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
access-control-expose-headers
Set-Cookie
access-control-max-age
86400
content-length
4
content-type
application/json
date
Sun, 30 Apr 2023 02:19:50 GMT
via
1.1 029793f26ddd2fb9f0b639d3d8690c5a.cloudfront.net (CloudFront)
x-amz-apigw-id
EK17FFfhhcwFkKw=
x-amz-cf-id
onQEytoy4GzOqjsvO9UAXvQkLRFbKYPjanoGEElWd8VZFql0Xabakg==
x-amz-cf-pop
EWR52-C4
x-amzn-requestid
24041add-6e34-4871-95de-2d14962842cd
x-amzn-trace-id
Root=1-644dd046-58849d4d30cae7867d27149e;Sampled=0;lineage=50d7d5d7:0
x-cache
Miss from cloudfront
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.018347016258534
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Fh53dYCNKE-NkY1317iDGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-Fh53dYCNKE-NkY1317iDGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.23706872394019984
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BFT0OhJaaC0yc3O-UHct7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-BFT0OhJaaC0yc3O-UHct7g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
dvar
c.az.contentsquare.net/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.az.contentsquare.net/dvar?v=13.12.0&pid=20320&uu=2ee5cbe7-2387-a7a5-c6be-3c77068b5ea8&sn=1&pn=1&dv=H4sIAAAAAAAAA6tWSi72TSxJzsjMS%2FdOrVSyUjLQMzUzMTI2MDO3NDIxN7C0MIs3NLMwsjAyNLSwNLQ0VaoFABQrCVg0AAAA&ct=2&r=514042
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.96.87.156 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=2000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.127.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-127-47.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb1.adtelligent.com/v2/auction/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
09aed5ce236949cf198a61ddb74881f899f5d11219c80ba24f40fb2ea73abd34

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:50 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1169
v1
prg-apac.smartadserver.com/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
b13a11c44787dc74263aabe4568f4b59bed570da3230f7d0d3a85b546fefa269

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		782 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed0d232c016cf825707d37ea930af18f0d26b3026e9ce25b0f1a77493ff94c1b

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Sun, 30 Apr 2023 02:19:50 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: andbeyond72810, Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bfc4d581c9b7138-YUL
expires
0
arj
rtbdemand-d.openx.net/w/1.0/ 		175 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=03173d57-3fb5-474b-a911-f67582cb557b&nocache=1682821190408&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=728x90%2C468x60%2C600x100%2C640x100&divids=andbeyond72810&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3f4b3c1281dc44c20857564876917b2e7fc89886757abb23fd27479fa47c6c9e

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:50 GMT
AN-X-Request-Uuid
35d1b38d-ec1f-4937-aadc-d4856135a534
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=17667321994&lsavail=1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
7a1451faafbf928c8910f22381a71c7b745c1afadccdb2a974eeaaf1eaf3dd95

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:50 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
bid
ap.lijit.com/rtb/ 		95 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
c9cc7f2f661318dcf17d5e8d3ec1c12a08dfd8ff928687fd37334a0a4fbaec2e

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
97
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 30 Apr 2023 02:19:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbjson
grid.bidswitch.net/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1d77eed4fefedba8bb2a1d795a83af87736f30a34413fa3ad7f3095c0de9bd0a

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:50 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
prebid
ib.adnxs.com/ut/v3/ 		19 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:50 GMT
AN-X-Request-Uuid
0fb0466d-f330-4fb3-9ce4-a8147872c6d8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=2000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.127.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-127-47.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
accept-ch
sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb2.adtelligent.com/v2/auction/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
df828377f1ffe5f66a592d3402c71d3ecab7af7db3f2a94ec13683b3f2000bfe

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:49 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1195
v1
prg-apac.smartadserver.com/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
464f1c462b3312749eb7e4e7b9f10f53a751d8d440caaad9a7fb2d442eafa95c

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		926 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82688953d4cf3c84b0bff56b67bfd1029f6322e7d54c44223dd1fd31331979e

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Sun, 30 Apr 2023 02:19:50 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: andbeyond72833, Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bfc4d583cd67138-YUL
expires
0
arj
rtbdemand-d.openx.net/w/1.0/ 		174 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bea7c7b2-ff67-417d-99da-ffa1b29e4db6&nocache=1682821190428&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=728x90%2C468x60%2C600x100%2C640x100&divids=andbeyond72833&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8a390763b4b76871495b8577181dadec42d04097a73149d23293dca62191c8e6

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:50 GMT
AN-X-Request-Uuid
53046794-11a5-4ff9-8bd8-280e96c5ebcd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
05385461559fcd6a3a18e0da6baec5ab16810593e3ec08ffd27e68479bb3c7a4

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:50 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 30 Apr 2023 02:19:50 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbjson
grid.bidswitch.net/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b78740a0a4db38a1bc4dafe3e72b31090e88b8fd43c277ff3d7d1b5f2a8a318f

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:50 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=93170456720&lsavail=1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bid
ap.lijit.com/rtb/ 		95 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
22556cded59a6eadae9386548c55369b34f143aeea696e36755913c3ee68398f

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/ 		19 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:50 GMT
AN-X-Request-Uuid
024bad0d-528f-46a7-bf22-493572d6da74
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dispatchngn
twa.netcoresmartech.com/ 		7 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://twa.netcoresmartech.com/dispatchngn
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&siteid=cdf05e30364b953ee8f1b09e48d0473e&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.207.134.149 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-207-134-149.ap-south-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:50 GMT
server
awselb/2.0
content-length
7
content-type
text/plain
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=240672733659405&correlator=553604819451525&eid=44777629&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C537953-160-600-11&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=15&adks=1068659335&sfv=1-0-40&prev_scp=adunit%3D11%26prebidtrue%3D0%26refresh1%3D0%26hb_format_adtelligen%3Dbanner%26hb_size_adtelligent%3D160x600%26hb_pb_adtelligent%3D0.03%26hb_adid_adtelligent%3D17354665923817a2%26hb_bidder_adtelligen%3Dadtelligent%26hb_size%3D160x600%26hb_format%3Dbanner%26hb_pb%3D0.03%26rtb_pb%3D0.03%26hb_adid%3D17354665923817a2%26hb_bidder%3Dadtelligent&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&ppid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&sc=1&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&abxe=1&dt=1682821190478&lmt=1682821190&dlt=1682821187973&idt=472&adxs=111&adys=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=4&ohw=160&psts=ABHeCvgEv86xznXJDqhGXoApEdUtFuaQ3aNlQXLeuhg9sGJ2HeVyGw_X3oZD752tw_cdCiLlPxN3R8HmFWkycwTnBxQtSRsRJig&ga_vid=2080641419.1682821189&ga_sid=1682821189&ga_hid=1749126243&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi4o9b__DBIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBi4o9b__DBIAFICCGQSGQoKcHViY2lkLm9yZxi3o9b__DBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuKPW__wwSABSAghk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa608a90a391b54d2d2cd8564888f2a8889ff6d765aa9243f9c8879109c02f68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9948
x-xss-protection
0
google-lineitem-id
5017495607
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138254914985
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
teasers-kt
play.jogo.studio/games/ Frame E88F 		16 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/framework-50116e63224baba2.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Next.js
Resource Hash
54f2e38ae86d8d9e274a7bddef5983ac8ae3a3250ac0652f7c97a663141f2ab8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://io.jogo.studio/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
0
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:50 GMT
server
Vercel
strict-transport-security
max-age=63072000
x-matched-path
/games/teasers-kt
x-powered-by
Next.js
x-vercel-cache
MISS
x-vercel-id
iad1::iad1::z5cc2-1682821190593-dd20d7326b68
loader.js
cdn.taboola.com/libtrc/khaleejtimesmena-p13238197/ 		305 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/khaleejtimesmena-p13238197/loader.js
Requested by
Host: palibzh.tech
URL: https://palibzh.tech/libs/projectagora.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e95c4380875e6b1515643722783af5df81dd3061dd17a46442c8067ceea2c748

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
NgynigxUGW4xsrrcu6lV4awi6sRkC616
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:50 GMT
x-amz-request-id
MMDNS6HYF02CPH08
age
101
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
44222
x-amz-id-2
VZcgXpGqy1TVI+AAIEzJ//xrZ3Nnv67BLYq8onjVZAwkKDu4lzccPPj9RF1KF+TAq526SPrcH6vDhT3HkUrjSQ==
x-served-by
cache-yul12822-YUL
last-modified
Thu, 27 Apr 2023 09:22:38 GMT
server
AmazonS3
x-timer
S1682821191.548319,VS0,VE2
etag
"5adf61c4182d65a76e2467d7f2b3b432"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
51
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
teads-format.min.js
a.teads.tv/media/format/v3/ 		596 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/149011/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
241ac5b040ea3a3886808a0eba9dbb384ea930524092e128cfd8b189dcd4780d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
br
last-modified
Fri, 28 Apr 2023 08:48:59 GMT
x-amz-request-id
PKH97NP870MAZEDA
etag
"f58aef10894674c5d7428cc6450cf54e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
2
accept-ranges
bytes
content-length
132762
x-amz-id-2
YRgzYvjIyENW5ECt6nm7LvoUL0Xy74TfIBBoXMgW6q4Z0gmFJZro+tIIgBIZmTu0uu2ptQQGvho=
expires
Sun, 30 Apr 2023 02:49:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AA6C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssV8nmqcK27ZbWuaU81Y2nAuLFZqwNQWmAVZyr2NKzPBgimnVnW6sYL20aXBcIBQgzcyuQMbLF1-y3OKP8rQ6GWFJOxTUMWAYTIWmeZYt52SiOR5mQpyX3j7ZnLTkfxG0Vg7Yw_W_Zd_vB_ZTRdiflW7t7JnUyH2tNv-2Z0b5KEYWRGXG7Rv0DS8qY3dAWElnEGqBxl49qWu3NMqxSOVsIhQ9B6C30ycMHjpcvr8wws8Q1X-ip3zvluxyq7sjnVJfRJ0gQ2WIQX23O8dRQA0lSFItlew0ARh-1GwF6UeTCi9kEMZXQ6d_QCq0RMx45XBaz17Hj4Q0ZuWJn-lSwK1A&sai=AMfl-YR49PDGK8GYrszMlaO8t4AHewVU-mZXAEIXtw7B6rOGnCIFCOdPRHW1NhcjyCyVxqtiJSPjJYGiVaCqg7m_bSbk9_d8PMC1yMuyfX_ciPLm09Bu7WPVKEhzzbB9mzMg812k2qvF6xllO0NxZ6Yc9Qjh5A&sig=Cg0ArKJSzMiz6tm87pVOEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:50 GMT
iz_setcid.html
cdn.izooto.com/scripts/sak/ Frame FB23 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/scripts/sak/iz_setcid.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
age
1403226
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
7bfc4d590efd7157-YUL
content-encoding
br
content-type
text/html
date
Sun, 30 Apr 2023 02:19:50 GMT
expires
Wed, 31 May 2023 02:19:50 GMT
last-modified
Tue, 07 Feb 2023 10:27:13 GMT
server
cloudflare
vary
Accept-Encoding
x-xss-protection
1; mode=block
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=240672733659405&correlator=3715875045308430&eid=44777629&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C537953-300-250-15&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=16&adks=3498125349&sfv=1-0-40&prev_scp=adunit%3D15%26prebidtrue%3D0%26refresh1%3D0%26hb_format_adtelligen%3Dbanner%26hb_size_adtelligent%3D300x250%26hb_pb_adtelligent%3D0.03%26hb_adid_adtelligent%3D1761a323f5f24d5d%26hb_bidder_adtelligen%3Dadtelligent%26hb_size%3D300x250%26hb_format%3Dbanner%26hb_pb%3D0.03%26rtb_pb%3D0.03%26hb_adid%3D1761a323f5f24d5d%26hb_bidder%3Dadtelligent&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&ppid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&sc=1&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&abxe=1&dt=1682821190574&lmt=1682821190&dlt=1682821187973&idt=472&adxs=478&adys=1168&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=325x-1&msz=300x-1&fws=4&ohw=325&psts=ABHeCvgEv86xznXJDqhGXoApEdUtFuaQ3aNlQXLeuhg9sGJ2HeVyGw_X3oZD752tw_cdCiLlPxN3R8HmFWkycwTnBxQtSRsRJig&ga_vid=2080641419.1682821189&ga_sid=1682821189&ga_hid=1749126243&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi4o9b__DBIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBi4o9b__DBIAFICCGQSGQoKcHViY2lkLm9yZxi3o9b__DBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuKPW__wwSABSAghk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98c1c3952e39513f931710057b2b2d1d7db92376a93a424c2a2d68d7ac265c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9938
x-xss-protection
0
google-lineitem-id
5017495607
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138254914964
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async-api.6c072bf7-1.230.0.min.js
js-agent.newrelic.com/ Frame 00AF 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6a613ee9108f1d682a41dbf67bf48474111f09ae1b3f9610371f9e9ab310ba1
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
rWoTEmf9ai1ouwS3ToIE043y.yHgDQor
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:50 GMT
strict-transport-security
max-age=300
x-amz-request-id
CYH621C7E35VTNQD
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1210
x-amz-id-2
eZgbR6C+fLNpfOlIfiNFo5ITwBSv277AwC6IUyM8BgaG10v/FkDGjE1+o6uTmqu3a+V0czJtQhw=
x-served-by
cache-yul12823-YUL
last-modified
Mon, 10 Apr 2023 17:14:03 GMT
server
AmazonS3
x-timer
S1682821191.615112,VS0,VE0
etag
"a21c5f6b7cdfc3dedc83c2262a56d7cd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3417
lazy-loader.ff971c03-1.230.0.min.js
js-agent.newrelic.com/ Frame 00AF 		928 B
621 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/lazy-loader.ff971c03-1.230.0.min.js
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
moNPj5M8w_3ogm1Lwe_Y7qB7rdPjSB51
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:50 GMT
strict-transport-security
max-age=300
x-amz-request-id
CYHD1NRXKTCHYHHB
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
414
x-amz-id-2
jyTFeNs7aaJ0YeJ7OKDvNwJi/UjhWSjkLRPS40tiuy2JZCSzGlo6sOwUrZSiTDhRu/hNCAGKEQQ=
x-served-by
cache-yul12823-YUL
last-modified
Mon, 10 Apr 2023 17:14:03 GMT
server
AmazonS3
x-timer
S1682821191.615310,VS0,VE0
etag
"5c71e603fdc4b5e7eb31a10d4bf90768"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3435
site
adgebra.co.in/afpf/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/afpf/site?p1=5823&p2=23043002&p3=AE%20news%2C%20Dubai%20news%2C%20coronavirus%2C%20Microsoft%2C%20SolarWind%2C%20malicious%20software&pixel=5823
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/afpfChild.js?hrId=2023043002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
2588f15b99661eddca2b5cdd109605c31e9fd379e1dcfb586e535a8df5180875

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
vary
accept-encoding
content-type
text/plain;charset=UTF-8
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2941225452779813&ev=PageView&dl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&rl=&if=false&ts=1682821190599&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=0&o=30&cs_est=true&fbp=fb.1.1682821190598.235822026&it=1682821189787&coo=false&eid=ae51ffada2bc0084d068b73efb1b683e&tm=1&rqm=GET
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 30 Apr 2023 02:19:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
stats_game_start
rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/ Frame 11EC 		325 B
721 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/stats_game_start
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/pages/_app-f796fb38e2985f0d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
131ffab1e7eeefcc4df583141d90f01ed8c8540fbbaa520454ef99392787ce8c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

x-client-info
supabase-js/1.30.2
prefer
return=representation
accept-language
en-CA,en;q=0.9
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InJrYnp3bHVob2N3Z3hoaHV3dmpxIiwicm9sZSI6ImFub24iLCJpYXQiOjE2NjIyMDU5MjksImV4cCI6MTk3Nzc4MTkyOX0.RlyNAaJcDlAb27v8fXazW8vgdGilu-Cy-CWWV0-br6I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/json
content-profile
public
Referer
https://io.jogo.studio/
apikey
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InJrYnp3bHVob2N3Z3hoaHV3dmpxIiwicm9sZSI6ImFub24iLCJpYXQiOjE2NjIyMDU5MjksImV4cCI6MTk3Nzc4MTkyOX0.RlyNAaJcDlAb27v8fXazW8vgdGilu-Cy-CWWV0-br6I

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
strict-transport-security
max-age=2592000; includeSubDomains
via
kong/2.8.1
cf-cache-status
DYNAMIC
x-kong-proxy-latency
1
content-range
*/*
x-kong-upstream-latency
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
sb-gateway-version
1
access-control-expose-headers
Content-Encoding, Content-Location, Content-Range, Content-Type, Date, Location, Server, Transfer-Encoding, Range-Unit
content-profile
public
access-control-allow-credentials
true
cf-ray
7bfc4d59bcd7a238-YYZ
stats_game_start
rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/stats_game_start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,authorization,content-profile,content-type,prefer,x-client-info
Access-Control-Request-Method
POST
Origin
https://io.jogo.studio
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers
apikey,authorization,content-profile,content-type,prefer,x-client-info
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
7bfc4d596c40a238-YYZ
content-length
0
date
Sun, 30 Apr 2023 02:19:50 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
truncated
/ Frame 32E7 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
781126d5e34ac565ffcda3761ec6dbd684fb04c8ef25077fc2b18e9ac5ce9660

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 32E7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssm-FHRhxF3iFGF_eK57mQIThA4dzq33PDV6Nw291a-GSK3_3yJKRWfRdTiLTutbT9KukUlyU2foVDdamxbnyBAakQhLugJHuaVlubeNzFolRSpczYa6rxTlqsc2BgCmFz6-XSLPi80M-QekIg5sCN3WHyJYttXe0AGjBB5f6X4a7EjulpMJmrkPYVMyuXWCtG0L6PRQjiwIsLD4gG2VbwUkVL1aCrVDxtBd4tPFoERdkaFVPzASI-bUgiUVp9ZF8hRsHDQdqvwcKg2MAdHfKwiJnv4zmKcAStvQnjmEcHWnBU1LAJh0qOBbtAc6-mqSP5SceemxKXxxDa1oxcmXj4zKMWEVdt_IzVL&sai=AMfl-YRnjUdzWi6mRBGSzo3BN205ZGoB-ITsEp8NvmE_Lpb8mI33V1yt8ZE5tSkkN02T0F4vHjTTw2qEFpPAxKpVb6sz6_V7KjLsD8hhLfhgxQHp0TcqlNNHQPqY6WgBAA&sig=Cg0ArKJSzKFIcrYc2jwcEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:50 GMT
AGSKWxUHHAk4Vp5o_QsGN_gKyudApjCz6JNa1WeCzcjkkDd-LGZS-iJuYeZqOOrSCi19h684_-Wuj8B1tXB6_DGadStRbh1uCALfIai1hFZ-UIuQI9A2mEidQEd0NziHhN8rPnlR4igxuA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHHAk4Vp5o_QsGN_gKyudApjCz6JNa1WeCzcjkkDd-LGZS-iJuYeZqOOrSCi19h684_-Wuj8B1tXB6_DGadStRbh1uCALfIai1hFZ-UIuQI9A2mEidQEd0NziHhN8rPnlR4igxuA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ybzTVIIXPek.es5.O/d=1/rs=AJlcJMxGJKR7-eRVxpV_hdobY36eeJz3Dw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BVenNuCW304zlsbqNIWihA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BVenNuCW304zlsbqNIWihA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
index.m3u8
streaming.playstream.media/storage/videos/0143fd79-320c-4131-8289-3293e594a659/ 		111 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/0143fd79-320c-4131-8289-3293e594a659/index.m3u8
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/vod.js?fluid=false&height=250&id=39a202cd-b451-40ea-861c-74fa4cca20f3&width=300&powered_by=&powered_by_url=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
e06ad7657b5cd403f4bba73cab9f69c95c5ae04bc2ba4bf5194f339c1c3dfc32

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 30 Apr 2023 02:19:50 GMT
cdn-edgestorageid
1069
cdn-cachedat
12/26/2022 11:18:11
cdn-pullzone
1024237
content-length
111
last-modified
Tue, 11 Oct 2022 09:46:23 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"63453b6f-6f"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
236ba2bbf3e1c1af08a51dcdf677a140
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
bridge3.569.0_en.html
imasdk.googleapis.com/js/core/ Frame 89BF 		707 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200a Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
49163
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231159
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 12:40:27 GMT
expires
Sun, 28 Apr 2024 12:40:27 GMT
last-modified
Thu, 20 Apr 2023 19:19:40 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 30 Apr 2023 02:19:50 GMT
increment
id5-sync.com/api/esp/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 30 Apr 2023 02:19:50 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame 47F1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.khaleejtimes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a005::d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6107bf460934843cbde00678d356a436f2dd7c39ec331e8dbb7167e7f3858fc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:50 GMT
server
Kestrel
server-processing-duration-in-ticks
844127
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
config.js
cdn.confiant-integrations.net/FaDPmOA8orpEt4sh3we8vzKlwMg/gpt_and_prebid/ 		81 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/FaDPmOA8orpEt4sh3we8vzKlwMg/gpt_and_prebid/config.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82364aa14a038d1c4fa7b2117d6da03649c359cb1d0ac9b4984301d46b2f781b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 29 Apr 2023 20:47:51 GMT
server
cloudflare
x-amz-request-id
NKDWJE96RGY7QJ6K
age
433
etag
W/"3939a694d0637c0f021bc595ac6107cb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7bfc4d5ad9bb7157-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
o1Wt102XmoUTrOrswiNZlnFHmrGF1muk2ZjQnDh/EaJ6D4Q18LOXk1DrRHeum2hPfH25h63ZTXU=
hls.min.js
player.avplayer.com/script/8.3/v/libs/ 		410 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
7ba40f73a662de57c0241116a95ab2978386dc415c617597954e4ffb9207eef9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 09:14:01 GMT
etag
"1682068441"
x-hw
1682821191.dop037.dc2.t,1682821191.cds164.dc2.hn,1682821191.cds088.dc2.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
116573
31d54a4b841c0e438f13.woff
player.avplayer.com/script/8.3/v/assets/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/assets/31d54a4b841c0e438f13.woff
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8

Request headers

Referer
https://www.khaleejtimes.com/
Origin
https://www.khaleejtimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
last-modified
Fri, 21 Apr 2023 09:14:00 GMT
etag
"1682068440"
x-hw
1682821191.dop055.dc2.t,1682821191.cds203.dc2.hn,1682821191.cds045.dc2.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
35197
view
securepubads.g.doubleclick.net/pcs/ Frame B681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsug-YDHRPVrSv39k2C66LI4NyWi5ZpLmngxtZTdBeeBoG39mviNZMS11PJ-4vK8nFMBGgnPc55IzmDOA3_peAht8UxmQxguctnZ0FtdgexiQlfL9BF9t47d2MsmgMIqZpEpTjuSB-9O4OLRWEVEgujB57PkVEjC7P9LgCn-dipBT-uXLKlXHgcASTTj3AUTN4gNOQEd5Yi4RdbIdtB5Ib7e4_AoUKX6wZ-Q4bvfk9usFhKRlzWosGwwulLWIukmUioD5p2uy2U8KXDbRnpi9JP0WinZSX8Rxta24EREdo0JQELkNflfE0AYvCAI6iOQCxGgAg6UzyXEd297voU&sai=AMfl-YQyq-SJJQXT0YoDqM4N42zVW0xaWKQISOXNI_S8Y_7y0SJY-s9pbRIMCHRUVhk-0f2K3wDAwngc5C1FTGDjH69pDxd3H9UhLUyP5TXKlHP4N84c8PvWpb0bM-bllQ&sig=Cg0ArKJSzAfAR1n91ilLEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame B681 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:06:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
22413
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8751
x-xss-protection
0
server
cafe
etag
8024400250147624166
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:06:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame B681 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
22479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:12 GMT
l
www.google.com/ads/measurement/ Frame B681 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHxG8A1f92osEJBRn5Tll2G-Tspqre5U0D71BZQgc3uXQBtOBfCuNR6PfsBAmyAnN45AAX363GS0DroTHyhXLxF63_dg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B681 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:51 GMT
10956306737700728091
tpc.googlesyndication.com/simgad/ Frame B681 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10956306737700728091
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ad82b9ff77d441413f84f43d69a639fe1db49ff4bf2d4c497e180925ba2df77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:21:55 GMT
x-content-type-options
nosniff
age
32276
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104829
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:58:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 17:21:55 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ Frame E88F 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9882431
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27198
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1514f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FO4WUhxD%2F7sLNexVNNcU6%2FMLIj55gvcyY6Tcx7Vnwy7Xro8M8Yxp5FjAYlMtrFiBc2aoIq1FGw6WWAsxkSGG%2FjDBbDKPSUfdnpVthCGc6iAM%2FcaxhEhy8QjvqIytBVjJeLvhqWBmpAuNF1N02Z%2BwHmo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7bfc4d5d38c2713f-YUL
expires
Fri, 19 Apr 2024 02:19:51 GMT
851ffed9a035c4fd.css
play.jogo.studio/_next/static/css/ Frame E88F 		67 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/css/851ffed9a035c4fd.css
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
b78491ce20ba2c1d55c81fe22ce2a7fe7ca63dac8947a54e076192045b199aae
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::5nvmp-1682821191212-45c4604aaa39
age
106496
x-matched-path
/_next/static/css/851ffed9a035c4fd.css
etag
W/"623916b4ebe95a57f78d73c1e3b7522d"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="851ffed9a035c4fd.css"
webpack-f10c7e5cf2a4cd96.js
play.jogo.studio/_next/static/chunks/ Frame E88F 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/webpack-f10c7e5cf2a4cd96.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
5a790892e3f59eb135281d24001d57871f2fd0acfb6bbe3dd04c17191882b56b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::txkxq-1682821191559-ec4768d5b39b
age
20645
x-matched-path
/_next/static/chunks/webpack-f10c7e5cf2a4cd96.js
etag
W/"17edae09e2f5ecf83a69828a01b28e33"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="webpack-f10c7e5cf2a4cd96.js"
framework-3671d8951bf44e4e.js
play.jogo.studio/_next/static/chunks/ Frame E88F 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/framework-3671d8951bf44e4e.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::z5cc2-1682821191559-684be464c507
age
22938
x-matched-path
/_next/static/chunks/framework-3671d8951bf44e4e.js
etag
W/"6081d0683ad8f48c96c1fa6ba4b00a6c"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="framework-3671d8951bf44e4e.js"
main-403c8612371c9360.js
play.jogo.studio/_next/static/chunks/ Frame E88F 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/main-403c8612371c9360.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::r6dpd-1682821191561-605df2c83749
age
106477
x-matched-path
/_next/static/chunks/main-403c8612371c9360.js
etag
W/"8de5f1bfeb434ccf34a254a49093706a"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="main-403c8612371c9360.js"
_app-8343f0d8808619a2.js
play.jogo.studio/_next/static/chunks/pages/ Frame E88F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/pages/_app-8343f0d8808619a2.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d0e246936131a4311c7f8924118f459c6a85631f69ccd4f82ed39e9e67822059
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::4dghf-1682821191560-b2ad46a7da9a
age
50895
x-matched-path
/_next/static/chunks/pages/_app-8343f0d8808619a2.js
etag
W/"d22a969f0a80e3d98bddbc3f8621adc0"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_app-8343f0d8808619a2.js"
29107295-629d7e677eb34f36.js
play.jogo.studio/_next/static/chunks/ Frame E88F 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/29107295-629d7e677eb34f36.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
96abaf5dff457b64837aa49703a7e7de26aa2295e8c98bfa6d22e90df5c42942
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::q55lq-1682821191560-35d486525683
age
106477
x-matched-path
/_next/static/chunks/29107295-629d7e677eb34f36.js
etag
W/"033cf7f3a25c1797c17ea043ddbd09c5"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="29107295-629d7e677eb34f36.js"
5675-5b337a3e18396823.js
play.jogo.studio/_next/static/chunks/ Frame E88F 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/5675-5b337a3e18396823.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
28e8ab9f67173c4206fc1232333fc189c04c06ef0f992e136418d75cac4d0185
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::9zlv5-1682821191559-1522ec76808c
age
21734
x-matched-path
/_next/static/chunks/5675-5b337a3e18396823.js
etag
W/"714c582ae4510f70b09352123113799b"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="5675-5b337a3e18396823.js"
3437-f452af78cd7bc007.js
play.jogo.studio/_next/static/chunks/ Frame E88F 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/3437-f452af78cd7bc007.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f164954f6574227054040a4e5b681bbafc9f96ed3b990b8386a60668eabe3722
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::fbztb-1682821191560-8236e393a80e
age
106477
x-matched-path
/_next/static/chunks/3437-f452af78cd7bc007.js
etag
W/"4dcfb05abba550d14a4dce925f4791c7"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="3437-f452af78cd7bc007.js"
6064-b31fd1870750dabd.js
play.jogo.studio/_next/static/chunks/ Frame E88F 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/6064-b31fd1870750dabd.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
64052d75c8ecd5b79757c5f04ec0c37fb9af5c924fbb156a2a59a6066d150d33
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::klcnx-1682821191559-55668f1ad950
age
73354
x-matched-path
/_next/static/chunks/6064-b31fd1870750dabd.js
etag
W/"da94d8027dda9b86446e4c4f6da7bdf2"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="6064-b31fd1870750dabd.js"
teasers-kt-d3319e26daa7c62a.js
play.jogo.studio/_next/static/chunks/pages/games/ Frame E88F 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/pages/games/teasers-kt-d3319e26daa7c62a.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
9f2fb59b64b281efcc410e321802f2cc16b377e594882efca16e81b79123f87c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::f9ps2-1682821191559-791e58dd52a7
age
106477
x-matched-path
/_next/static/chunks/pages/games/teasers-kt-d3319e26daa7c62a.js
etag
W/"a9688aa4af35e0c791f71287105c5ea9"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="teasers-kt-d3319e26daa7c62a.js"
_buildManifest.js
play.jogo.studio/_next/static/dW7A_ygF4_PM3GGGaTBOL/ Frame E88F 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/dW7A_ygF4_PM3GGGaTBOL/_buildManifest.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
7b4dfe3872f77445c88075a0cbe72bbfbf29c8517e64b8890bdbe718871f8a58
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::p6c4h-1682821191559-54ff7bd3aa01
age
21933
x-matched-path
/_next/static/dW7A_ygF4_PM3GGGaTBOL/_buildManifest.js
etag
W/"195c164ab81d8dcf9f0a444c62a2f950"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_buildManifest.js"
_ssgManifest.js
play.jogo.studio/_next/static/dW7A_ygF4_PM3GGGaTBOL/ Frame E88F 		77 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/dW7A_ygF4_PM3GGGaTBOL/_ssgManifest.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::z5cc2-1682821191569-250df6cb5137
age
106496
x-matched-path
/_next/static/dW7A_ygF4_PM3GGGaTBOL/_ssgManifest.js
etag
"b6652df95db52feb4daf4eca35380933"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_ssgManifest.js"
accept-ranges
bytes
content-length
77
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=3000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.206.127.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-206-127-47.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
accept-ch
sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
5e375f49ca93ff98ec598cc69aa44bc6f6035f7b625e813caf89a04732075bdf

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1174
v1
prg-apac.smartadserver.com/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.22.16.1 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
216.22.16.1.servint.net
Software
/
Resource Hash
335ee0c30c9dc975874d7282df148de0184bfdb1969c060a482fd37061f00405

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67ec6d3ee4197a632a6a7dbc670db89223d472fa7ed84a8912c8e535bd2d08bb

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-las
date
Sun, 30 Apr 2023 02:19:51 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: andbeyond3009, Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7bfc4d5d1bed7138-YUL
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:51 GMT
AN-X-Request-Uuid
3298ef95-49a8-4ce0-9e4a-b188b21e9407
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		174 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bda44918-16a9-4e08-9c9d-1ab420ac8728&nocache=1682821191214&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C200x200&divids=andbeyond3009&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
17cdb974b6f612cb0881ed02696b49e0ac3158018297538dab6c8f700dddcbff

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		140 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
befb2223097eb55e67086abd9f07bc26c7752a83a5e295cd7c82a5319c58dada
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:51 GMT
AN-X-Request-Uuid
ca29e5aa-1c20-42ad-93d6-e04a72023b66
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
140
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:51 GMT
AN-X-Request-Uuid
84cbf859-8c9e-4eae-af6d-823f99ed7997
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
prebid.media.net/rtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e0b2cc3dd989aa705b0016746a4a3870819fa970c088f436568b14729fc8a2cd

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sun, 30 Apr 2023 02:19:51 GMT
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=95822048615&lsavail=1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
a9ceaf5986b74077d4fb4a4245624fc319e0fb4e10fa3c4685ec20df0618e0d4

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:51 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1982
Expires
0
bid
ap.lijit.com/rtb/ 		95 B
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
737efb481167e66dea7c1897cda5462ab4707a5a497d14e2308c6e440daa04b1

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 30 Apr 2023 02:19:51 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbjson
grid.bidswitch.net/ 		25 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.165.199 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
199.165.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
55185a009c93d0a191aec891dfd0bf732e2235e677d1c56a656f96cdfabbecf3

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
prebid-request
onetag-sys.com/ 		15 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
faa53cdd00b6939b8b21bbeaf5a9ee5b232324929b9fe103d1d09866abc6c546
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:51 GMT
AN-X-Request-Uuid
af401d20-ee93-428e-8d17-edff246a4f8a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FA0E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112336
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:51 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CFD0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112336
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:51 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 16DC 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=6b859b96c564fbe
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
setuid
u.4dex.io/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D
  • https://u.4dex.io/setuid?bidder=openx&uid=8f191100-b819-0451-17b1-71095a0e0e2e
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=openx&uid=8f191100-b819-0451-17b1-71095a0e0e2e
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://u.4dex.io/setuid?bidder=openx&uid=8f191100-b819-0451-17b1-71095a0e0e2e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=240672733659405&correlator=1538682872331595&eid=44777629&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C537953-728-90-33&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=17&adks=1089077029&sfv=1-0-40&prev_scp=adunit%3D33%26prebidtrue%3D0%26refresh1%3D0%26hb_format_adtelligen%3Dbanner%26hb_size_adtelligent%3D728x90%26hb_pb_adtelligent%3D0.03%26hb_adid_adtelligent%3D21402211d241953%26hb_bidder_adtelligen%3Dadtelligent%26hb_size%3D728x90%26hb_format%3Dbanner%26hb_pb%3D0.03%26rtb_pb%3D0.03%26hb_adid%3D21402211d241953%26hb_bidder%3Dadtelligent&eri=5&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0%26url%3Dhttps%253A%252F%252Fwww.khaleejtimes.com%252Ftechnology%252Fmicrosoft-says-it-found-malicious-software-in-its-systems%26words%3Dtechnology%252Cmicrosoft%252Csays%252Cit%252Cfound%252Cmalicious%252Csoftware%252Cin%252Cits%252Csystems%26commit%3D55f12a8f50c54762f4ff4f42c6c79fbe6aa5c92e%26unblockia%3D0%26source%3Ddirect_internal%26CMP_accepted%3D1%26geo%3DCA%26device%3DDesktop%26order%3D7%26api_key%3D841fb3e5-977f-4e2e-be39-fae608323cc5&ppid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&sc=1&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&abxe=1&dt=1682821191330&dlt=1682821187973&idt=472&adxs=313&adys=3762&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&psts=ABHeCvgoCBd8TP_1pF-ivhFhyF0CbLmRVWUi1akX80aftnE8La7Rjgjd7l-4RlvSoR78u1sFuhtIRkTVZaHzJILQdwyb2GP9dyI%2CABHeCvgEv86xznXJDqhGXoApEdUtFuaQ3aNlQXLeuhg9sGJ2HeVyGw_X3oZD752tw_cdCiLlPxN3R8HmFWkycwTnBxQtSRsRJig&ga_vid=2080641419.1682821189&ga_sid=1682821189&ga_hid=1749126243&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi4o9b__DBIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBi4o9b__DBIAFICCGQSGQoKcHViY2lkLm9yZxjNqNb__DBIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YuKPW__wwSABSAghk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bff1d0795802004b484d517e95f830e775c5c5737e94eabc3fc40ef4a20d1980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9620
x-xss-protection
0
google-lineitem-id
5971766117
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138254914985
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvar
c.az.contentsquare.net/ 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.az.contentsquare.net/dvar?v=13.12.0&pid=20320&uu=2ee5cbe7-2387-a7a5-c6be-3c77068b5ea8&sn=1&pn=1&dv=H4sIAAAAAAAAA6tWcnSK983Pi3dJLEnUdc7PyUlNLgHSeSWpeSW6wYWliUWpSlZKrhUFqUWZuUAxJR2YDkMzMxNjC0slKyMDE2NTc6NaAGXDhDRMAAAA&ct=2&r=411939
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.96.87.156 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-disposition
inline
timing-allow-origin
*
access-control-allow-headers
Access-Control-Expose-Headers, Content-Type, Content-Compression, X-Requested-With
expires
Sun, 24 Oct 1982 23:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		235 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.153.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-153-83.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
bedeeebf08386db2b91ecafc38b0bee1fdcc3ce64f3c4c6841032e37b18084fc

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache
x-server
10.40.13.86
access-control-allow-credentials
true
content-length
235
expires
0
analytics.js
www.google-analytics.com/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-819330-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Apr 2023 01:54:31 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1520
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 30 Apr 2023 03:54:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A363 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvI1q1edCqbSkDriuBBqx233rphJddHuIQkMS22-eGcivTKIpAMOtRMaRChbgdFCLMErNhWCukPanuM6B90gGA2e3hT_M7K_4sv-ZveKlthyXNlBWZKSjEuKhoY0KT4DymJtPcFZDIyPb9eGT4FcIVO_NkIQ_sVTExuRxY3JYnQ-vAYABSIR1i9ePWbWVT24OgKdoiIIDtg9hLmvfxymhEhZ5qE_EFy6tjPN9tR6oeyDbtWuhUpLpBT2vbcOzKj62xQmgxxowc1a7li1L3tCmqir9YpMpc17iTm4YGLNNRy9WDRCOOQNMzgNBlhdJ7gprVQX4UIW8DSCaOdX84C&sai=AMfl-YQz7bHvVeDd80OIY1iHW7uqGaX2EGQkZOErDvO5lckpt_qgDEG9OTxQimllWcGLbbV-4VPNGiWFhPu_GA7hC_dJioddff9GDt-aoch-b2yHjhxP7BO3UeSZcuMLww&sig=Cg0ArKJSzO6hYJ7WMsvVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
ads62.adtelligent.com/display/ Frame A363 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/display/?adid=3E5578E936E6A4C6&aid=724993&cb=864437270
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
3a0a7021679268677dc4780116f6f8e8063ddc625b22f0246309a99a5ab010a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
13127
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A363 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:51 GMT
api
adgebra.co.in/Adg_Analytics/ 		2 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/Adg_Analytics/api
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/afpfChild.js?hrId=2023043002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
via
1.1 google
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE, HEAD
content-type
text/html;charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
X-PINGOTHER, Origin, Authorization, X-Requested-With, Content-Type, Accept
content-length
2
view
securepubads.g.doubleclick.net/pcs/ Frame 3D76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZbuawVPwDD3bZoMW-LGuxKcZj6vAlY_ygDF2weUTLhWS2ttq0lxVy8ddiD98SkkqOlApc-BZGv3FSTcou6TbvTP9hp5yjj-zLdBu6RyUSY_fLaBI4lY4TtYTXA_vmxJlRFAqENNkXBlsOjtZxq60R61s_xNiI4MbdBzEZnPXwtbRcfu31QV6CS0PG9YVQK86hLB2ZbFzrZxYEYNVyn-a6X9bhJbwU-4s0S95H94SZndo_GMtNevthSoLzWcIB2L7J-xonfrJluevoxUu8QqAzwGOFRwgCkCd4VJ5Xm4Q5ldpMZnRg4bawXRoLzUqvsWfc54HL2_AzMWy5g4Rf&sai=AMfl-YRDL8I38HNeO5EaAuCx5eUGGsUj1TU3-EcihNptnqCSo7hfXde-IsZHi7VDkia2ZeZBZvPrXQasXKiUah6Cq2NTXfy7SIIShxDUY8YO0Dxv8rLIraCMkqXWhGdDzA&sig=Cg0ArKJSzNpBwXn8m_69EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
ads163.adtelligent.com/display/ Frame 3D76 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads163.adtelligent.com/display/?adid=7F55781BC85A05D9&aid=724993&cb=87506043
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
74670ce4a6f85f9bb9c3c5577daa14f541cc8ffa4a78e53a963fdcb89a28e5cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:50 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
12835
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3D76 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6693 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVVZ3eC9GqAITnTkjGIJpYmqofmaU5kAkzWExtsN93gl2EXtWLIRqsvIcbrHfoKWgioG3-BF7ZE1K5zAxqhoebtsyyIHLsqo_XQA2I9AbkZptmMnVjTvc0IKcfScG8T3cVLsMWua6-rnD8E8dNZCd_koj4wTQhtO4RIJXyftkgqwBGz7d2HSEE8hu2BBJT9ahFJ8vmSmMj-EofTVpvWykIWusYpVbbnhIk3L0lbBboS8jC4R3GOlNh_ZLF7kl4cC_nL1Dsug3pV2rQtS6d2zMzOXUF_aoExelyt-moJ02fpkHqIbnURnQgTMOfRljjzrjIpsvPLQ5eY_HPENEv&sai=AMfl-YTdzeoMaf3B7anctyOEn4iQZkcPXlljGEzJb082oqlC4LnfyTXadPscVsryhYVMD9q7-t4HYrLFJwY-Dmy0UDr-1D3sHVi7PUtlVrv2oIGhzcZVeQWzT79GrhPoGw&sig=Cg0ArKJSzDJcEZBcE_hCEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
ads62.adtelligent.com/display/ Frame 6693 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/display/?adid=3E5578E936E6B203&aid=724993&cb=1365257056
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
24064c406fe2491c3ebbbf72c79978f422ec5582e0d5d2b5b7efdef53c67e132

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
13133
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6693 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:51 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-2VVVMDVFQ8&gtm=45je34q0&_p=1749126243&gdid=dYmQxMT&cid=2080641419.1682821189&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&dt=Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%7C%20Khaleej%20Times&dp=%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&sid=1682821190&sct=1&seg=1&dl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&en=page_view&_ee=1&_et=1&up.web3=no
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2VVVMDVFQ8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3ED1 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4NTyhmFyKP6wOre9kcFzQ9kFjN3XawoEQYnA5H2lsFhl138IP2mfNylnRNVY99oeiRZBkoDBAreakks4UiRHb2UGJPYhB_vioUF084Fgm6WGJvxKo&sig=Cg0ArKJSzGQCFLwf8NEBEAE&id=lidar2&mcvt=1433&p=26,0,27,1&mtos=1433,1433,1433,1433,1433&tos=1433,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1669407057&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682821189410&rpt=644&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 41CF 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZMvIDBldUEYxheBbaC4_5Y2ZA81Z3T28ksWq8kR61lxy-bDH0QUeI0aa3CeuXxN-TiPpovBU1PnRTR2fH4vaiv-AR7fmYkfSwDzU3FQKt0qpdeybI&sig=Cg0ArKJSzJJM0vnloez8EAE&id=lidar2&mcvt=1353&p=46,126,136,326&mtos=1353,1353,1353,1353,1353&tos=1353,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2312031536&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682821189437&rpt=701&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9472 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjqYV94VURXO9B6uw89aQkkfr-MfsWlHNb5wENQx69wCZJ1NbGoO_aSIpQ97YVklMUzXQmViIGYsyfwVA3pC3PjqEIdFP0bNuoI9J-DYIdAafGu61r&sig=Cg0ArKJSzFAQsX39zUlVEAE&id=lidar2&mcvt=1358&p=46,1274,136,1474&mtos=1358,1358,1358,1358,1358&tos=1358,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=124803191&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682821189454&rpt=728&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=appnexus&uid=7906230784814628655
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=appnexus&uid=7906230784814628655
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dd2b4ebe-fd03-4da1-9b91-03bd7a651850
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u.4dex.io/setuid?bidder=appnexus&uid=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=&verify=true
  • https://u.4dex.io/setuid?bidder=yahoo&uid=y-8DjIHPVE2uFR2uOKsW4OC9XCm9FhSq2QU9djzEU-~A&gdpr=0
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=yahoo&uid=y-8DjIHPVE2uFR2uOKsW4OC9XCm9FhSq2QU9djzEU-~A&gdpr=0
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https:///u.4dex.io/setuid?bidder=yahoo&uid=y-8DjIHPVE2uFR2uOKsW4OC9XCm9FhSq2QU9djzEU-~A&gdpr=0
date
Sun, 30 Apr 2023 02:19:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
publishertag.prebid.130.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 01 May 2023 02:19:51 GMT
impl.20230427-7-RELEASE.js
cdn.taboola.com/libtrc/ 		758 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230427-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/khaleejtimesmena-p13238197/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
85f6aeeb69393d338e4706202f7bdb924ee1c8f080a2c7b08e32e6740f8103ac

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
mGtqqC6fcZ4B_YXYmmCFaRKmlFeudzj9
content-encoding
br
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:51 GMT
x-amz-request-id
GZXPMXHF4KCWZ3QH
age
4545
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
161509
x-amz-id-2
RpAK2HMInwxsw3W/GsA82qMNz+BiI4NySW9Mifn1S0GQSyTrnEhpwuyEh5Yple31gt+gK+BR7G4=
x-served-by
cache-yul12822-YUL
last-modified
Thu, 27 Apr 2023 08:55:12 GMT
server
AmazonS3-br
x-timer
S1682821192.683377,VS0,VE0
etag
"afa7bf6383170a8d1496444a032ed8a0"
vary
Accept-Encoding
content-type
application/javascript
abp
15
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
12
track
t.teads.tv/ 		23 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=placementCall&env=js-web&auctid=1d4bd751-4d99-467d-a4f7-515213298ca6&pageId=149011&pid=163132&debug_metadata=ar0IkbK7c5&fv=1179&ts=1682821191731&f=1&referer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.69.164 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-69-164.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
cache-control
private, max-age=3666
content-length
23
content-type
image/gif
track
t.teads.tv/ 		23 B
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=1d4bd751-4d99-467d-a4f7-515213298ca6&pageId=149011&pid=163132&slot=native&fv=1179&ts=1682821191743&f=1&referer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.69.164 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-69-164.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 30 Apr 2023 02:19:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
content-type
image/gif
sid
mug.criteo.com/ Frame 47F1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=khaleejtimes.com&sn=ChromeSyncframe&so=0&topUrl=www.khaleejtimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=SF-LsXxFQWZjZGhmTmVhQmJTRTYwZFlTbUZTUVZpOXpvbnNYVk5WMXFFWU1rN0tRWVIzWlNob3BOWEp6RHc2bXpSZU5HRjM0OGlUR0g4dkdpSDZoQUNBaUxlV0wxT0M2djNaOVlrTXhENDNqZUZZMHEvdGZuZml6QldpaW...
449 B
666 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=SF-LsXxFQWZjZGhmTmVhQmJTRTYwZFlTbUZTUVZpOXpvbnNYVk5WMXFFWU1rN0tRWVIzWlNob3BOWEp6RHc2bXpSZU5HRjM0OGlUR0g4dkdpSDZoQUNBaUxlV0wxT0M2djNaOVlrTXhENDNqZUZZMHEvdGZuZml6QldpaWFDeGc2MjNmZ3lhMy8zS2IvZlg1bnJtY1VUMmxKZGlzL2lxcVVnT3pEWWFsYVdGbFpRNXRPQjUwS0ZuUDJ6QURmQjhoOGxMT3ozNnkwRUJTL042L2FLL1U5cG9zZURyVlJLVnkxa1ZqUW11ZXRDOG9sSVJWU0MyK1FkSEswMEpud0VLQnU2eXB3T3plZUtnMTI5WWVSRXRldytsNWJUZz09fA&cppv=2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
87b1a4929125f55c01aae89535cf480f88814672d10cb2fd25fd5e699db93b21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5119562
expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:50 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=SF-LsXxFQWZjZGhmTmVhQmJTRTYwZFlTbUZTUVZpOXpvbnNYVk5WMXFFWU1rN0tRWVIzWlNob3BOWEp6RHc2bXpSZU5HRjM0OGlUR0g4dkdpSDZoQUNBaUxlV0wxT0M2djNaOVlrTXhENDNqZUZZMHEvdGZuZml6QldpaWFDeGc2MjNmZ3lhMy8zS2IvZlg1bnJtY1VUMmxKZGlzL2lxcVVnT3pEWWFsYVdGbFpRNXRPQjUwS0ZuUDJ6QURmQjhoOGxMT3ozNnkwRUJTL042L2FLL1U5cG9zZURyVlJLVnkxa1ZqUW11ZXRDOG9sSVJWU0MyK1FkSEswMEpud0VLQnU2eXB3T3plZUtnMTI5WWVSRXRldytsNWJUZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
655405
content-length
0
expires
0
/
www.facebook.com/tr/ Frame 174C 		0
76 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.khaleejtimes.com
Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.khaleejtimes.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:51 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
index_0_250.m3u8
streaming.playstream.media/storage/videos/0143fd79-320c-4131-8289-3293e594a659/ 		1 KB
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/0143fd79-320c-4131-8289-3293e594a659/index_0_250.m3u8
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/vod.js?fluid=false&height=250&id=39a202cd-b451-40ea-861c-74fa4cca20f3&width=300&powered_by=&powered_by_url=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
b7fa32d008fb5b25c34f1116cc5ab91cd0d79c74ef15bb1379fb55867156b5f8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
br
cdn-edgestorageid
718
cdn-cachedat
12/18/2022 06:04:29
cdn-pullzone
1024237
last-modified
Tue, 11 Oct 2022 09:46:23 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"63453b6f-4c6"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
ac415b806ea9f33bb646803f13251d26
cdn-requestcountrycode
CA
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=240672733659405&correlator=505271407663109&eid=44777629&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C537953-728-90-10&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=18&adks=3239753485&sfv=1-0-40&prev_scp=adunit%3D10%26prebidtrue%3D0%26refresh1%3D0%26hb_format_adtelligen%3Dbanner%26hb_size_adtelligent%3D728x90%26hb_pb_adtelligent%3D0.03%26hb_adid_adtelligent%3D2158163654e15e46%26hb_bidder_adtelligen%3Dadtelligent%26hb_size%3D728x90%26hb_format%3Dbanner%26hb_pb%3D0.03%26rtb_pb%3D0.03%26hb_adid%3D2158163654e15e46%26hb_bidder%3Dadtelligent&eri=5&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0%26url%3Dhttps%253A%252F%252Fwww.khaleejtimes.com%252Ftechnology%252Fmicrosoft-says-it-found-malicious-software-in-its-systems%26words%3Dtechnology%252Cmicrosoft%252Csays%252Cit%252Cfound%252Cmalicious%252Csoftware%252Cin%252Cits%252Csystems%26commit%3D55f12a8f50c54762f4ff4f42c6c79fbe6aa5c92e%26unblockia%3D0%26source%3Ddirect_internal%26CMP_accepted%3D1%26geo%3DCA%26device%3DDesktop%26order%3D7%26api_key%3D841fb3e5-977f-4e2e-be39-fae608323cc5&ppid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&sc=1&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&abxe=1&dt=1682821191837&dlt=1682821187973&idt=472&adxs=313&adys=4489&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&psts=ABHeCvgoCBd8TP_1pF-ivhFhyF0CbLmRVWUi1akX80aftnE8La7Rjgjd7l-4RlvSoR78u1sFuhtIRkTVZaHzJILQdwyb2GP9dyI%2CABHeCvjnxMulo9mRgfz4AyBr4KzSkcES1Lm3ykwAuAj4cchbDUwhnX44P96Y83SDsYHd1nnzE92fHpkt1rZ6mLV2-GBUM3J5UF4%2CABHeCvgEv86xznXJDqhGXoApEdUtFuaQ3aNlQXLeuhg9sGJ2HeVyGw_X3oZD752tw_cdCiLlPxN3R8HmFWkycwTnBxQtSRsRJig%2CABHeCvgoPIGtqICyYOTF_LzPrtg0ahrsegDT8s9TTttSfKkDOzdTiJM5dxBXRH4SoSVXHhVSv1VRGbnz8_QASfCAk1HNpBtEV1o%2CABHeCvj86dnWHvvf8G3HI9pITr-am0hw8CAr-x9UF4jnW2DrTwpouAjGX43EGc12yGVM0fVvMZpVQJr1aca_meAczhY18yqXS58&ga_vid=2080641419.1682821189&ga_sid=1682821189&ga_hid=1749126243&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRj1sNb__DBIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBi4o9b__DBIAFICCGQSGQoKcHViY2lkLm9yZxjNqNb__DBIAFICCGoSHQoOZXNwLmNyaXRlby5jb20YuKPW__wwSABSAghk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4695f7145c72ca1152c1c40dd17d8152a83ed18254b02caeaeee67d3b8e38cd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9606
x-xss-protection
0
google-lineitem-id
5971766117
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138254882280
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5EEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHfjumxRvucDziNLpasW-PczkxeQ8hXIl1kvd4eb1TZPIKmu5rV91P_CO0i9orT5684Q4GnHgbpKAj9Y9pnBdbg1naZwR2Bla-c-cHFZSVRHkAgmnLo_8_4tvpN8PBj8897H8bSuI6yrt0195b6hpnXVcOjWgRfjIgw5ymJjPNAhvC5kw4tKTt0-i6_1AS1zFZjcOLHslooenGvXeQKhJM8Pjw6vKoS1g6aVSDL69JB4BpmrJ42dESyqcQ3R38Sozvb4HgQicwRREx_QEWZXfua7O95tZnVYKnz6tERn6q7OqSWEreJl1k1j744JogVV8m9MwZv7eTNncB5k4&sai=AMfl-YQtPmZNbAG1m0FDyJkC9VUUOgjWDVsVno5AgHRmT3bHa0teH13tpoyMRIUCv3Tsgz1uuHmiGCCsal6S0YDv-QAyQ03l3LLOLfTaKi7lzM_WGAoGVP7Qqc6yGzSOJA&sig=Cg0ArKJSzOhRvKC1AAM6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
ads163.adtelligent.com/display/ Frame 5EEF 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads163.adtelligent.com/display/?adid=7F55781BC85A1199&aid=724993&cb=569664569
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
c2470fa517702252d19691e5a234f7e3224b117b1b04ad31f9f5a5cf01ccb779

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:50 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
12825
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5EEF 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:51 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AA6C 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufRfjX5dh6RV2AiTFVWpYOVJgJhR1VBS4cwVIAilA0vrm_dIoABrS89Cj1jkOiTFr83ueERDN1P87MKtdha8cSrCnSDsWv0GhXDeAb_0B2kJ9bGqZs&sig=Cg0ArKJSzCi9OLO7KADjEAE&id=lidar2&mcvt=1270&p=27,0,28,1&mtos=1270,1270,1270,1270,1270&tos=1270,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3176091703&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682821189426&rpt=1103&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame B681 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
847cb8c6c23cec1aa2c4bfd198db6afd925de9a4fcfc6d728b035f8b1a84d3ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
usync.html
eus.rubiconproject.com/ Frame C9BB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:51 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 02:19:51 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame B799
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=onfocus&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:51 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 02:19:51 GMT
location
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
server
AkamaiGHost
sync
eb2.3lift.com/ Frame 594D
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
93a8dba93d803963b4ec07ecd87b280fae33fd1cbaa6c85fbb1b970e45420bc0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1202
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:51 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 30 Apr 2023 02:19:51 GMT
location
/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
hde.tynt.com/deb/ Frame 5465
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
446527f98f82647f679f83ce8244e25531e659e09139f04fed06110ac35fd6bb

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1585
content-type
text/html
date
Sun, 30 Apr 2023 02:19:51 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Sun, 30 Apr 2023 02:19:51 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
ad
a.teads.tv/page/149011/ 		541 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/149011/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&auctid=1d4bd751-4d99-467d-a4f7-515213298ca6&formatVersion=1179&env=js-web&netBw=9.7&ttfb=989
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fceb64d831bc39e6dba8c3205ae7eec9103130dcb0708d3156830a4cd059af4a

Request headers

Accept
application/json; charset=UTF-8
Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
380
expires
Sun, 30 Apr 2023 02:19:51 GMT
862.9f44b58b-1.230.0.min.js
js-agent.newrelic.com/ Frame 00AF 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/862.9f44b58b-1.230.0.min.js
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6859eb8f0f96a1493a47e0cab0144e6dba46b3c492042660dd5b02b6cec167b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
xRkMl8fpKmpkb8xSPDFwInKFtxpiLeiU
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:51 GMT
strict-transport-security
max-age=300
x-amz-request-id
CYH7JP0389PESEMJ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3583
x-amz-id-2
+aK+luTVeUIR38cCEZN9IZhDIvjJt3v9A0o+3EiUwVA2GxOXapcjOnpSyr5KcMOe0StHMZk2E1I=
x-served-by
cache-yul12823-YUL
last-modified
Mon, 10 Apr 2023 17:14:03 GMT
server
AmazonS3
x-timer
S1682821192.981509,VS0,VE0
etag
"c4e5d826698f6566f247167a7565c832"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3415
page_view_event-aggregate.75812140-1.230.0.min.js
js-agent.newrelic.com/ Frame 00AF 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.75812140-1.230.0.min.js
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c124e8d5cc4a724c0cc1650bbb0c64f90f6cd00807ec75353423d6cb0880390
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
7bfBjgjP9vhwGKyYNbxNdw69c7w6yepO
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:51 GMT
strict-transport-security
max-age=300
x-amz-request-id
CYHCZMCZRKSV5AXJ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3954
x-amz-id-2
O87bstDcnHgo5HgEq0hgXK1kuwS1MD3O4xlTGgMHwztzRW0nDqdNfNxm9foqgHAHo0MrjzX474M=
x-served-by
cache-yul12823-YUL
last-modified
Mon, 10 Apr 2023 17:14:03 GMT
server
AmazonS3
x-timer
S1682821192.981646,VS0,VE0
etag
"a4978f5fb64e86334a1dbb282220c851"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
502582
page_view_timing-aggregate.9590bdab-1.230.0.min.js
js-agent.newrelic.com/ Frame 00AF 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.9590bdab-1.230.0.min.js
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ffa12a66b77bcb1fc0cc691ed439b877e084a91bd9f5537e651306fcf6246049
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Fq.2FKw4tsY9sm_ft7J67YTmHBEmGUpk
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:51 GMT
strict-transport-security
max-age=300
x-amz-request-id
CYHCN65YJ7XEDS4B
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4624
x-amz-id-2
8I0LOTXfoXjRaPjo5Ksn2DSR4fRybqLuVFkqJ1nZQMesggfyB12hg2NJHnJPojbDbqbOlmXOmKM=
x-served-by
cache-yul12823-YUL
last-modified
Mon, 10 Apr 2023 17:14:03 GMT
server
AmazonS3
x-timer
S1682821192.982164,VS0,VE0
etag
"2357140ba2b3c410d01d12937c6269d8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
502414
metrics-aggregate.20a08804-1.230.0.min.js
js-agent.newrelic.com/ Frame 00AF 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/metrics-aggregate.20a08804-1.230.0.min.js
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b1fb531c79eb8ce9a6e9f833b9de4a43be31458e9a999dcced9147e0176d601
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Ue3teI4xiVp879tlCKhGPbDuwtTRksP9
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:51 GMT
strict-transport-security
max-age=300
x-amz-request-id
CYH3HC4EGYRKCV0F
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1593
x-amz-id-2
OPIwyUaoPYA9dY8jVjnSKXRQTt0kkCDG2d9uLF41nEfOdTjlaSPfROUAVXyF1qgrcU8vn0y9WJs=
x-served-by
cache-yul12823-YUL
last-modified
Mon, 10 Apr 2023 17:14:03 GMT
server
AmazonS3
x-timer
S1682821192.982740,VS0,VE0
etag
"2b4287467d6e1c411110556d75fe617a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3406
sync.js
ads163.adtelligent.com/ Frame 3D76 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads163.adtelligent.com/sync.js?aid=724993
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A05D9&aid=724993&cb=87506043
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
0097d683dc449274dbe4b316850fc81b3bf4af6862f1d2cc7479f6b7b4963a33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1117
sync
ssbsync.smartadserver.com/api/ Frame 0832 		940 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.177 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
2f36340213734570a6392c4432b335594c82127c8b720653cb84e21e38195c5d

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
940
content-type
text/html
date
Sun, 30 Apr 2023 02:19:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B681 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBrXe7ZRnBfsjTwwYbfk6SdgtUbXe3EuzhbHRDBhN-OvuxKY2q3eCY30mOq0R69FLIA_SBLCRoV8F2ox3XxPP_krj-ckiTAFR8ZfjB0snsapIzlDKh0LOU5cmy50eA9cctL_0gcM0zF469sKzwL_U5CrlMg9faTTmop5n_wl2YYjtwSoftRrcSET_5WaRk1l5pFIidV6lgFEBHEReLgV7l_8TZ8QZNwRnPh9VJ84PfwQF_Cl4s_J_wJiZX8fTNnLPiKhBenFN-BRTwo_cYTsFq9IfU-yaD2qCzs5Jh1SsFZskZtB3PJ_Yaex29HqXvl02AS7gt5J0xLdnkXKgyNg&sai=AMfl-YRxcw0akAhgB411AKwSxje82hVk6-83X-8g955EkVnLiZv8TWSyMNs67izuOvh5aIeQfF1KfbhWx01LT01scJpUzTOal38eAzoQOFzxrGbUM0y1JQDBpTQ9iDKm0A&sig=Cg0ArKJSzDP8SuuufV8-EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:52 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202304241206/ 		240 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202304241206/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/FaDPmOA8orpEt4sh3we8vzKlwMg/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
369f20e17ce9308e9e488e6fdbdf3aa0e3c8c4705b903c23cd610e7c41eedd16

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 24 Apr 2023 16:10:41 GMT
server
cloudflare
x-amz-request-id
SG6G6CWYWHEBCJJT
age
465248
etag
W/"d1226925b093cc62c3879362099dc851"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7bfc4d624dee7157-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
kYL5hJEWQPo2GFpk7WrxvoQcmA7E9L0napE8GB32owz5r4Qpoe2O4Uh7DdBtpCuw88abPYkh97s=
PugMaster
image6.pubmatic.com/AdServer/ Frame CFD0 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=62997936&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f1d54379ce525de46e343b088d8e1d3c12bda490ab53e9f98e9bf898b4a9f380

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
truncated
/ Frame A363 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83971b5e8dbe1e8e1040a3dea04ab6e8db2f968bb51375a3fb058eee0151d2b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
campaign
ads163.adtelligent.com/tracking/ Frame 3D76 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads163.adtelligent.com/tracking/campaign?code=2001&dae=false&cec=true&speedLog=true&adid=7F55781BC85A05D9&cmpId=483421&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A05D9&aid=724993&cb=87506043
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads163.adtelligent.com/tracking/ Frame 3D76 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads163.adtelligent.com/tracking/campaign?code=0&adid=7F55781BC85A05D9&cmpId=483421&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A05D9&aid=724993&cb=87506043
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
truncated
/ Frame 6693 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
efbc5fecc29d1c5f84a3ced8f23749b2fd21782c2a9b6c0d7892e10e8423a8f9

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3D76 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQ4LO-0SDngAlgjZrurt5C5u3leDcc0IbcpJ36q0IUzpSQBPERnj4Exs7cwT6gdc3jerKGK6od2QPq4Ua3qbhpyOp8eN4HfIlt4Om9ZjeCjkjV3ZWWvOe5CI9bsJme6Kh9U5n9epH-Uck5YLaIBGV0s12DXFZzKNoI9qQh08Pvlhg80ScEOCWIZvPupGI_QJ7J6wEimlscOEWjYvJx5khklbLgIzJDxkliXMQQh9TEjHuxDvyldeHgeK2yRHMFqPbbhfSrkzY9n01-f2OGpXwiP7YfUTCRg2K7zmlwxMjAe1QV92Im3mwjwWDTbAhuD4EdFFgVoNly5bvx2lhovP4&sai=AMfl-YSbaWUZMZ8EP4QwRl5MvDDr3z01vxwMg94m1EUmY88F5IliBa5P5RfWty1m_VFs2cKa5yqgFu8LIXBYwv1Xn5Wqda67GmFNzf2wSghSze9KoNkwdopUNcqA8ohfCw&sig=Cg0ArKJSzBSehd6b_qyqEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:52 GMT
truncated
/ Frame 3D76 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b047cd89ecfcf5c5add582f4d649b919d1135f6f1be093ebb67ef01a5e66816

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
xuid
eb2.3lift.com/ Frame 594D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=abb0385f-fb71-4da5-be13-d1ca93d34856&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=abb0385f-fb71-4da5-be13-d1ca93d34856&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=abb0385f-fb71-4da5-be13-d1ca93d34856&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 594D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg3NzgyMTE0MzQ3MjA3ODE1NzQ1Mg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 594D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECFypAg-D5nxlfhpLhsDb9E&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECFypAg-D5nxlfhpLhsDb9E&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESECFypAg-D5nxlfhpLhsDb9E&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 594D
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg3NzgyMTE0MzQ3MjA3ODE1NzQ1Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg3NzgyMTE0MzQ3MjA3ODE1NzQ1Mg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mzg3NzgyMTE0MzQ3MjA3ODE1NzQ1Mg%3D%3D
date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 594D 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3877821143472078157452&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 1D4D2194E7E4420E92731670AA45BBAE Ref B: YMQ01EDGE0813 Ref C: 2023-04-30T02:19:52Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6hFdlD8a2Qog92LSFRg==
xuid
eb2.3lift.com/ Frame 594D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3877821143472078157452&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=3877821143472078157452&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=4139660057828765566&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 30 Apr 2023 02:19:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 594D 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3877821143472078157452&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
last-modified
Mon, 24 Apr 2023 16:43:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 17BB1931D21F44118CBE1F7DCB8A34EA Ref B: YMQ01EDGE0421 Ref C: 2023-04-30T02:19:52Z
etag
"97b0d0f2cb76d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 594D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3877821143472078157452?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-9ycs8n9E2oQdEmVnnk_Xxqneje0j8O7X_uyzHf_ktg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-9ycs8n9E2oQdEmVnnk_Xxqneje0j8O7X_uyzHf_ktg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 30 Apr 2023 02:19:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-9ycs8n9E2oQdEmVnnk_Xxqneje0j8O7X_uyzHf_ktg--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 594D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=kuIAmsv1By4MDjailSBd&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NN2USQLNON3DC...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=kuIAmsv1By4MDjailSBd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=kuIAmsv1By4MDjailSBd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:53 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=kuIAmsv1By4MDjailSBd
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 594D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7906230784814628655&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7906230784814628655&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
fbceecff-3fdc-4e67-ba8a-47f8f306321e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=7906230784814628655&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
u.4dex.io/ Frame 594D 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=triplelift&uid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID&ld=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
index_0_250_00000.ts
streaming.playstream.media/storage/videos/0143fd79-320c-4131-8289-3293e594a659/ 		588 KB
590 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/0143fd79-320c-4131-8289-3293e594a659/index_0_250_00000.ts
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/vod.js?fluid=false&height=250&id=39a202cd-b451-40ea-861c-74fa4cca20f3&width=300&powered_by=&powered_by_url=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
131ef292175dcda53aa7f96c3f97bae4fec8e003910def15444c2433b0a4907c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 30 Apr 2023 02:19:52 GMT
cdn-edgestorageid
1067
cdn-cachedat
12/25/2022 10:12:53
cdn-pullzone
1024237
content-length
602540
last-modified
Tue, 11 Oct 2022 09:45:35 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"63453b3f-931ac"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
6fc7bf51e2074736fe82ce9121297c09
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
usync.js
eus.rubiconproject.com/ Frame C9BB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 17:49:36 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=55762
content-length
10020
expires
Sun, 30 Apr 2023 17:49:14 GMT
usync.js
eus.rubiconproject.com/ Frame B799 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 17:49:36 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=55762
content-length
10020
expires
Sun, 30 Apr 2023 17:49:14 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CC15 		684 B
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjO6uffATAB&v=APEucNXnJ_7-svDcRg08i0QLofm7Kd0ozcle9I0iGYcQA1IpDucbhSp0gogEHzfLwYGuTeJz5aImNU90I5FJk61aoR4_QO62HxAsw7KCBaqo4hPGlW8-vgA
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A05D9&aid=724993&cb=87506043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68e12a98552e1d10d74c35c38a6324b2ffc6e1b552ca386894875ee9b60ea169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4CC5 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A05D9&aid=724993&cb=87506043
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:52 GMT
prebid
ox-rtb-europe-west4.openx.net/win/ Frame 4CC5 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-rtb-europe-west4.openx.net/win/prebid?p=FIRST&t=2DAABBgABAAECAAIBAAsAAgAAAZwcGAozN0R4cmxoNzlzHBbfyr30ltnw0ckBFuHJoqyhvKn3vwEAHBbD17Xqyrvn4WYWr5ORoabCsIOrAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoYBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFvbZpIAEFoCIoIAEFRgcFLAJFMACABUEJoYBFoYBFoYBETUOJoYBNAIALCwWtJ2qz5K089V6FrmRw8rP3dvT9gEAFozB7sQMBii82ZiABBbEvpuABBaAiKCABBb22aSABBgJNDY5MzY2MDk0ForGARaGASUEFkQYBzMyMzY1MzQVApa6iokDEREYAk9YDHoUtAkUxAIAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbQAAAA&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A05D9&aid=724993&cb=87506043
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.84.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
165.84.98.34.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
via
1.1 google
server
Cowboy
vary
Origin
content-type
image/gif
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
c8o8cai7abiblrfbnn5s7qv9rhn82bgv
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CC5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AT4lFAco6uJhN4J2-8JB3xv3MKYG5h3Hgqh13OnuRxq0Mc6HjVgLYvOH89-fd2QliHEnrjCsWUOeDgtz3Pyvv5tytV4z-JZ1wz_pQA2wv1VYjSsK4
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A05D9&aid=724993&cb=87506043
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CC5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6414366815693711059&x=9&ct=76
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A05D9&aid=724993&cb=87506043
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fake_image.png
www.khaleejtimes.com/technology/ Frame 3D76 		150 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/technology/fake_image.png
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
imio
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
x-cache
Error from cloudfront
content-type
text/html
x-iinfo
14-30756958-30756963 PNYN RT(1682821186601 5334) q(0 0 0 -1) r(1 1) U24
cache-control
max-age=60
x-amz-cf-id
_mcw0KwZb1NpFxp02hnLl5rSmpZjJN5IIzuztcw4ihzOqI15aXts6g==
expires
60
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1749126243&t=pageview&_s=1&dl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&dp=%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ul=en-us&de=UTF-8&dt=Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%7C%20Khaleej%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4ADAAUABAAAAAAACIg~&cid=2080641419.1682821189&tid=UA-819330-1&_gid=1652133778.1682821192&gtm=457e34q0&cd4=0.5642306792470986_1682821189195&did=dYmQxMT&gdid=dYmQxMT&z=1426004519
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 03:37:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81762
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
q
p.adlooxtracking.com/ 		211 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=gpt-92559af&c=532&t=1193&p=248&pn=%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&s=%2F78059622%2FResponsive-Article-Leaderboard%09div-gpt-ad-1613480627440-0&s=%2F78059622%2FResponsive-Article-Leaderboard-footer%09div-gpt-ad-1623646234024-0&s=%2F78059622%2FResponsive-Article-MPU-1%09div-gpt-ad-1613481060449-0&s=%2F78059622%2FResponsive-Article-MPU-2%09div-gpt-ad-1613481175484-0&s=%2F78059622%2FResponsive-Article-1x1%09div-gpt-ad-1613625644855-0&s=%2F78059622%2FResponsive-Desktop-Expandable-1x1%09div-gpt-ad-1624862944429-0&s=%2F78059622%2FResponsive-Article-2%09div-gpt-ad-1636113966289-0&s=%2F78059622%2FResponsive-Article-1x1-3%09div-gpt-ad-1637151091152-0&s=%2F78059622%2FResponsive-InfiniteArticle-1x1%09div-gpt-ad-1644479678407-0&s=%2F78059622%2FArticle-Ear-Pannel-Left%09div-gpt-ad-1652857412793-0&s=%2F78059622%2FArticle-Ear-Pannel-Right%09div-gpt-ad-1652857619498-0&s=%2F21751243814%2C78059622%2F698907-970-250-6%09andbeyond9702506&s=%2F21751243814%2C78059622%2F698907-300-250-16%09andbeyond30016&s=%2F21751243814%2C78059622%2F537953_KT_Teads_Inread_1x1%09adunit1x1&s=%2F21751243814%2C78059622%2F537953-160-600-11%09andbeyond16011&s=%2F21751243814%2C78059622%2F537953-300-250-15%09andbeyond30015&s=%2F21751243814%2C78059622%2F537953-728-90-10%09andbeyond72810&s=%2F21751243814%2C78059622%2F537953-728-90-33%09andbeyond72833&s=%2F213794966%2C78059622%2Fvuukle-widget%2Fkhaleejtimes.com%09div-gpt-ad-1497448474263-1&s=%2F21751243814%2C78059622%2F537953-300-250-9%09andbeyond3009
Requested by
Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
02e559b2e2e0d24314a232b76794b9514ce44564c9243a1d56955c8c33569e86
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-adloox-pubint-version
20230430005349
date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-real-ip
149.56.153.189
x-adloox-pubint-commit
80ca8d3
via
1.1 google
x-adloox-pubint-commit-db
94afbc1b-dirty
server-timing
conn;dur=0.007, ua;dur=0.035, segment_pipeline;dur=0.442, segment_ip;dur=0.006, segment_iab-valid;dur=0.014, segment_iab-spider;dur=0.801, segment_bs;dur=0.005, segment;dur=1.574
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
vary
Accept-Encoding, origin, user-agent
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age
600
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
39a202cd-b451-40ea-861c-74fa4cca20f3
app.playstream.media/api/vmap/ Frame 89BF 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.playstream.media/api/vmap/39a202cd-b451-40ea-861c-74fa4cca20f3?height=250&width=300&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.99.215.229 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.229.215.99.88.clients.your-server.de
Software
nginx/1.17.10 / PHP/7.4.11
Resource Hash
5a6cc23c9089f7dfc2efc1b647ece117e758d54463a4d55502646a1586dc87a8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
no-cache, private
access-control-allow-credentials
true
server
nginx/1.17.10
x-powered-by
PHP/7.4.11
content-type
text/xml; charset=UTF-8
sync.js
ads163.adtelligent.com/ Frame 5EEF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads163.adtelligent.com/sync.js?aid=724993
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A1199&aid=724993&cb=569664569
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8b0ec2a4125f6fa07cf2201cea163d49d69ab40e86cf9d7728a56c82466864ec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1116
setuid
u.4dex.io/
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1790&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dimprovedigital%26uid%3D%7BPUB_USER_ID%7D
  • https://u.4dex.io/setuid?bidder=improvedigital&uid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=improvedigital&uid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https://u.4dex.io/setuid?bidder=improvedigital&uid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:52 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
u.4dex.io/ Frame D4A5
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=bc65ac468bfc90e6260132832a3bc684&name=ADAGIO&url=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dadyoulike%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=adyoulike&uid=18983ad2ee7bdd870b91633e3e36f3f6
0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=adyoulike&uid=18983ad2ee7bdd870b91633e3e36f3f6
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
0
location
https://u.4dex.io/setuid?bidder=adyoulike&uid=18983ad2ee7bdd870b91633e3e36f3f6
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
fbab4e90-84f8-4ae5-ae99-36378855cb7e
https://www.khaleejtimes.com/ 		61 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.khaleejtimes.com/fbab4e90-84f8-4ae5-ae99-36378855cb7e
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a32f093a22b30f63302929734ba499c2d145cdc557acc98d60e64f9a0fc354b6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
62383
Content-Type
text/javascript
publishertag.prebid.130.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 01 May 2023 02:19:52 GMT
sync
gum.criteo.com/ 		73 B
314 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230427-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a005::d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4d980babcc3034a2281384ecade658f924f7d5ea7773977e9cc04982938fdbf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1963280
expires
60
impression
ads163.adtelligent.com/tracking/ Frame 3D76 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads163.adtelligent.com/tracking/impression?creativeType=&inViewEnabled=undefined&inViewEvent=undefined&inViewSec=undefined&width=0&height=0&cmpId=483421&nestedLevel=0&tti=824&ttiFromStart=296&isHeadless=false&adid=7F55781BC85A05D9&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A05D9&aid=724993&cb=87506043
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
view
securepubads.g.doubleclick.net/pcs/ Frame F6C8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvklouswPh4TqdF4mstySgkBHjQESD3WFVlsFlUEL6PFpnekKha9GIi2WOwBlwx-zWAs8gofcrGSvivujL7wZgA6i6aoP4tOV8ocHNg48xb4v75Msz1Axuz3IPIAaAUwFvlwWMcwqfaLsj7t_s2NhwmmIdifKizC5Ip-BSkgYd1885_FYaz82Cz9w_uWYXhkfWNYdQTrlcURTZwbliU5eOoJuL14v4mm2yHpo_nrcjThWdctS1jWFYNnYRHPuVa6XiUEErGGpPdqp26z8mGwjsj7rTi_IyK6K3rTAW4eDMOmMsJFTvfEpE0FQjjtbejWsrJNT4-FecWCzHvRdg&sai=AMfl-YQP_vY37CAhv9p7PboMpCUMiuX8zuGyJLhl3lGDDb8_UIIukyRHtjoN5Zz6xvwXJ5YYeZ4-Z-Q7SCI00wZLLps49hb3e4SsnNulYh8W3_x_3e2habK19I_60DRp5A&sig=Cg0ArKJSzHGNuq4aGQOYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
ads62.adtelligent.com/display/ Frame F6C8 		30 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/display/?adid=3E5578E936E6BD99&aid=724993&cb=1305002294
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
c600b58247eb70a5942df1fcba17ac7e85ccd44065a7e328dc0bc20c68ddb9d9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
13100
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F6C8 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5EEF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyPFS2lE7dupOLAFm0S9S8r4XdLZhnDAiBjV9qrpmaIY8PHGde_6EldjhXMxxeZkMJ3po5a6yRNfqAcjdX-yYhPaBsBZM6iZl-ZfVM-K9Yykgks5fWGF3--Qr8-C5hivSJxebGpqbaK12y1PXpkQfTo6txlZdigwrY7NKdC02AV9NCa9tJnsR1iOf7plkC72wJeXZlUD2MQ48mNWqyk1SW4XPXxuWCjiwqIU-YT-3d-GNw7sHEOpWf8LyK9s6ypvUkhAPA36PVwsZ_OdjjwS9ke5NCopgUXt4ff_73zDuKSqth4hV8QJtWkSjZusiChm0ZOZEagn06LfQ3Yklueg&sai=AMfl-YTqYnega_p7w37oG-fBDqFEb6IslRkSWVLnbqe5rBHW2rQxNlaUSgtcQcsGsDC7eQrauHzkBYSPhJ0knvG4bPPcyO64jR5K9Lly-YLx8G_64b87tKOz9JE1gmTFEA&sig=Cg0ArKJSzKU0GRyqT0UxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:52 GMT
truncated
/ Frame 5EEF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e46c5981adb40c656d6d3ddacb36961c51d1d8edf0ecc92b8ee6bc116e59c641

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
/
image.khaleejtimes.com/ 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.khaleejtimes.com/?uuid=9cbb5ca1-3db5-5fdb-96bb-7ad87af21854&function=original&type=preview
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-83.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
28ec908a7b2abc463e0d119fb1bea7e02b85b938d3038a0a6c7ac08121d98d63

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sat, 29 Apr 2023 03:05:00 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Sat, 29 Apr 2023 03:05:00 +0000
server
nginx
x-amz-cf-pop
JFK50-P7
age
83692
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
6s1jT9486e61sDHpxPMKm68cxY9Diyg4H78C9XoweXnHFpkSv1J6tA==
expires
Thu, 26 Oct 2023 03:05:00 GMT
/
image.khaleejtimes.com/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.khaleejtimes.com/?uuid=9b6c3c37-9f33-55df-8093-a2a3c1d63df8&function=original&type=preview
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-83.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
e766140e98a78a0d3fcd76d9132d686308cbf4fb84eca14faed47234b6dc771b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Fri, 28 Apr 2023 20:58:46 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Fri, 28 Apr 2023 20:58:46 +0000
server
nginx
x-amz-cf-pop
JFK50-P7
age
105666
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
f6SGS3ElwNFVnOs_EbZIpZvEdw1eHrpbcV5_-4T4TowFDdnY_Aj21Q==
expires
Wed, 25 Oct 2023 20:58:46 GMT
/
image.khaleejtimes.com/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.khaleejtimes.com/?uuid=d29feb22-96cc-4a8c-bb57-3dff910a4906&function=original&type=preview
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-83.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
022e396474d22a62afc2010b78d9db41683790075a1cfd8246d8f9aa6ff4b7b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sat, 29 Apr 2023 03:05:00 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Sat, 29 Apr 2023 03:05:00 +0000
server
nginx
x-amz-cf-pop
JFK50-P7
age
83692
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
vEd6glL3pIFn7lC58iJ3_v_yCvVxPRgpAQ1kylUReKgH2jIbBCV6TA==
expires
Thu, 26 Oct 2023 03:05:00 GMT
/
image.khaleejtimes.com/ 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.khaleejtimes.com/?uuid=defa9312-a66a-5145-94db-bbc7cad063f4&function=original&type=preview
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-83.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
13bf0b2acc9f8e4187bd119b78087614dcf1b993cde84c7892327c4d362dcd33

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Fri, 28 Apr 2023 07:53:05 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Fri, 28 Apr 2023 07:53:05 +0000
server
nginx
x-amz-cf-pop
JFK50-P7
age
152807
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
sscF_3aq8yUX555PFB7oxGeUiLotWLIDdn7HTT9pnud5t_xpND0_oA==
expires
Wed, 25 Oct 2023 07:53:05 GMT
/
image.khaleejtimes.com/ 		151 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.khaleejtimes.com/?uuid=9e85f4e7-c462-493c-9f8b-5157404a2fcd&function=original&type=preview
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-83.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
43f10459e0e3395a878434da39b980d98b6a1b3e7a641201e70e066ec1be7391

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Fri, 28 Apr 2023 18:01:28 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Fri, 28 Apr 2023 18:01:28 +0000
server
nginx
x-amz-cf-pop
JFK50-P7
age
116304
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
WoQENawBtR3jfnlKfWCHiEHVOoALIkqCKtSekwBx1obv3c8l1MC-BQ==
expires
Wed, 25 Oct 2023 18:01:28 GMT
/
image.khaleejtimes.com/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.khaleejtimes.com/?uuid=43320a63-6fbb-4083-b4de-b1e125ab47bd&function=original&type=preview
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-83.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
ab752958cf6ac9ee398484cf9c052e4aa602a7ac42414f9611971ab4cb5bc298

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sat, 29 Apr 2023 08:31:01 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Sat, 29 Apr 2023 08:31:01 +0000
server
nginx
x-amz-cf-pop
JFK50-P7
age
64131
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
MnF_0vUyVTP21a-BDkADvHfHlno7eM7oxyhmeRUfXbQ5xepmNib5ZA==
expires
Thu, 26 Oct 2023 08:31:01 GMT
/
image.khaleejtimes.com/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.khaleejtimes.com/?uuid=deeb31a2-c48c-5ecb-a6a5-2cfed735f61c&function=original&type=preview
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-83.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
10993fd60a35d34df6da9bff74cbd7012765f3f444e796902c3f917c59fdbf68

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Fri, 28 Apr 2023 17:58:57 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Fri, 28 Apr 2023 17:58:57 +0000
server
nginx
x-amz-cf-pop
JFK50-P7
age
116455
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
bYFZZ6HCH-1fNaOE5ngP1P0DXL6wW_WQZWFhFTY9mAQmJuInsUC91w==
expires
Wed, 25 Oct 2023 17:58:57 GMT
/
image.khaleejtimes.com/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.khaleejtimes.com/?uuid=e8cd97a5-4829-4c9e-a54a-99e458c12908&function=original&type=preview
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-83.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
689b8031faf0dca362e8c69e4fcc57064f1819953089df54cb13ffa1e99eed13

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sat, 29 Apr 2023 09:35:52 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Sat, 29 Apr 2023 09:35:52 +0000
server
nginx
x-amz-cf-pop
JFK50-P7
age
60240
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
-ogEoyBdyS0zk0BjBM71mGk3uW_p5qjAXFb9HpSg0zXQSXebUcEXVA==
expires
Thu, 26 Oct 2023 09:35:52 GMT
/
image.khaleejtimes.com/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.khaleejtimes.com/?uuid=33b42840-bec1-53e0-bb27-8f92d2cd470b&function=original&type=preview
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-83.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
252b7d20a88a955f223e2ac6a70dac6e8dd4a881828148cafdc4a3c32d132aef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sat, 29 Apr 2023 06:24:17 GMT
via
1.1 8d7b6b58f3b6f5fc348dc0fff9c2856c.cloudfront.net (CloudFront)
last-modified
Sat, 29 Apr 2023 06:24:17 +0000
server
nginx
x-amz-cf-pop
JFK50-P7
age
71735
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
NHCpDwth_JhuG9AZ7naRvHT6jIog7nM1AB3wzy9SjdQZ64P5wsYIiA==
expires
Thu, 26 Oct 2023 06:24:17 GMT
cs
cs.lkqd.net/ Frame CC15
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_cm&gdpr=0
  • https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJl831r89Wwikx1tbSuuOgU&gdpr=0&google_cver=1
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJl831r89Wwikx1tbSuuOgU&gdpr=0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjO6uffATAB&v=APEucNXnJ_7-svDcRg08i0QLofm7Kd0ozcle9I0iGYcQA1IpDucbhSp0gogEHzfLwYGuTeJz5aImNU90I5FJk61aoR4_QO62HxAsw7KCBaqo4hPGlW8-vgA
Protocol
H2
Server
146.20.132.151 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
43

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.lkqd.net/cs?partnerId=59&partnerUserId=CAESEJl831r89Wwikx1tbSuuOgU&gdpr=0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
307
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CC15
Redirect Chain
  • https://cs.lkqd.net/cs?partnerId=59&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dlkqd_dbm%26google_hm%3D%24%24rawlkqduserid%7Cbase64%24%24
  • https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=TGp3dHZVRm9fZ0k
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=TGp3dHZVRm9fZ0k
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjO6uffATAB&v=APEucNXnJ_7-svDcRg08i0QLofm7Kd0ozcle9I0iGYcQA1IpDucbhSp0gogEHzfLwYGuTeJz5aImNU90I5FJk61aoR4_QO62HxAsw7KCBaqo4hPGlW8-vgA
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:52 GMT
server
nginx
access-control-max-age
0
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=lkqd_dbm&google_hm=TGp3dHZVRm9fZ0k
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Content-Disposition
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
rum
dsum-sec.casalemedia.com/ Frame CC15
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7mH2ixPLok72pMKq6TY1o&google_cver=1&gdpr=0
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7mH2ixPLok72pMKq6TY1o&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjO6uffATAB&v=APEucNXnJ_7-svDcRg08i0QLofm7Kd0ozcle9I0iGYcQA1IpDucbhSp0gogEHzfLwYGuTeJz5aImNU90I5FJk61aoR4_QO62HxAsw7KCBaqo4hPGlW8-vgA
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7mH2ixPLok72pMKq6TY1o&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
324
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame CC15
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZE3QSKiBZz7mrFv9ttLKygAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7mH2ixPLok72pMKq6TY1o&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7mH2ixPLok72pMKq6TY1o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjO6uffATAB&v=APEucNXnJ_7-svDcRg08i0QLofm7Kd0ozcle9I0iGYcQA1IpDucbhSp0gogEHzfLwYGuTeJz5aImNU90I5FJk61aoR4_QO62HxAsw7KCBaqo4hPGlW8-vgA
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEF7mH2ixPLok72pMKq6TY1o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
campaign
ads163.adtelligent.com/tracking/ Frame 5EEF 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads163.adtelligent.com/tracking/campaign?code=2001&dae=false&cec=true&speedLog=true&adid=7F55781BC85A1199&cmpId=483421&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A1199&aid=724993&cb=569664569
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads163.adtelligent.com/tracking/ Frame 5EEF 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads163.adtelligent.com/tracking/campaign?code=0&adid=7F55781BC85A1199&cmpId=483421&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A1199&aid=724993&cb=569664569
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
usync.html
eus.rubiconproject.com/ Frame AEE7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:52 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 02:19:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
setuid
u.4dex.io/ Frame 5465
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1682821192120.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://u.4dex.io/setuid?bidder=33across&uid=212153202608429
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=33across&uid=212153202608429
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://u.4dex.io/setuid?bidder=33across&uid=212153202608429
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5465
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=&ssp=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10595844029665553908&ssp=the33across&gdpr=&gdpr_consent=
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&ts=1682821193&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&ts=1682821193&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&ts=1682821193&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5465
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682821192120.4&ri=1&ru=https%3A%2F%2Fsync.mathtag.com%2Fsync%2Fimg%3Fus_privacy%3D%24%7BUS_PRIVACY%7D%26mt_exid%3D73%26redir%3Dhttps%253A%252F%252Fe...
  • https://sync.mathtag.com/sync/img?us_privacy=&mt_exid=73&redir=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D1%26external_user_id%3D%5BMM_UUID%5D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
MT3 830 785530e master ord-pixel-x54 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=1&external_user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 02:19:51 GMT
match
events-ssc.33across.com/ Frame 5465
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-9pkoB6lE2uF0USXS5HDiujwTTlbmoUWS~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-9pkoB6lE2uF0USXS5HDiujwTTlbmoUWS%7EA&ts=1682821192&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-9pkoB6lE2uF0USXS5HDiujwTTlbmoUWS%7EA&ts=1682821192&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-9pkoB6lE2uF0USXS5HDiujwTTlbmoUWS%7EA&ts=1682821192&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5465
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=55e137c5e57c2191&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAL7N8vOLFCmgMQT54MAAAAAAA&expiration=1682907593&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAL7N8vOLFCmgMQT54MAAAAAAA&ts=1682821193&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAL7N8vOLFCmgMQT54MAAAAAAA&ts=1682821193&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAL7N8vOLFCmgMQT54MAAAAAAA&ts=1682821193&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 5465
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=3877821143472078157452
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3877821143472078157452&ts=1682821192&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3877821143472078157452&ts=1682821192&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:51 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=3877821143472078157452&ts=1682821192&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 96C4 		511 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiW5OffATAB&v=APEucNWE0auP0P3y1Z8hjyzyRtlUBAeIwou0opLFpnb2ubxwHI3sy3zsdBX5bzi6RjXOttkf9SohKn7aPUTzTt5wKCqPQaRYD-ByBOW6Pb_6ZAQIQuAq4BA
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A1199&aid=724993&cb=569664569
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9c77b52464985c96557e8d7c3030b01e75ca95174764105a9251401f74e08d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
175
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame E255 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A1199&aid=724993&cb=569664569
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:52 GMT
prebid
ox-rtb-europe-west4.openx.net/win/ Frame E255 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-rtb-europe-west4.openx.net/win/prebid?p=FIRST&t=2DAABBgABAAECAAIBAAsAAgAAAZ0cGApqMWx6SlpGdDRVHBaaurqW8tLR54MBFq-QyMfExrikrgEAHBbMjYrUofS2uGwW_cKurYXZ7_XXAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoQBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFoLapIAEFoCIoIAEFRgcFLQBFLALABUEJoQBFoQBFoQBETUOJoQBNAIALCwWkeK9r5i-5bnDARbf6pCLgO768rsBABaMwe7EDAYovNmYgAQWxL6bgAQWgIiggAQWgtqkgAQYCTQ2OTM2NTI3MBaKxgEWhAElBBZCGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FLgBFIQGABYCGANydGIA3BsCiBhNTF9GRUVfT1BUSU1JWkVSX0FQUExJRUQFZmFsc2UeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyAKw4CmZpdmVyci5jb20AAAA&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A1199&aid=724993&cb=569664569
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.84.165 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
165.84.98.34.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 google
server
Cowboy
vary
Origin
content-type
image/gif
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
b56thclisn3ke3rs14dshr1rga3lneco
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E255 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BKxHf35bPxGK-6FjcB3tB4QpbKDKAh5Vgk3npbSVB-za4akwS05SpOHgdHBzb8YsIE7i7peU0XEC2tgenFBxMPcanOx8nluQzNeLMxKahS9rafl7U
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A1199&aid=724993&cb=569664569
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E255 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8602326844081805496&x=9&ct=76
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A1199&aid=724993&cb=569664569
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fake_image.png
www.khaleejtimes.com/technology/ Frame 5EEF 		150 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/technology/fake_image.png
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A1199&aid=724993&cb=569664569
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
imio
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
x-cache
Error from cloudfront
content-type
text/html
x-iinfo
14-30756958-30756963 PNYN RT(1682821186601 5642) q(0 0 0 -1) r(0 0) U24
cache-control
max-age=60
x-amz-cf-id
Jr-XMUwY7b4Tfdr33nRmrwLWmcayUiQeMjd5EpypTkIaammdqLBtfg==
expires
60
f8fc1g715j
www.clarity.ms/tag/ Frame E88F 		615 B
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/f8fc1g715j
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fc9e10a0daad7032ddc6da634395e9346474aa1f06effa3d1b48daed02b80bea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
application/x-javascript
date
Sun, 30 Apr 2023 02:19:51 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0SNBNZAAAAAAuNW/K9xeQSYl0Jv9HNKrUWVRPMjIxMDkwODE5MDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
speed
ads163.adtelligent.com/tracking/ Frame 3D76 		43 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads163.adtelligent.com/tracking/speed?network=218&queue=174
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A05D9&aid=724993&cb=87506043
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
/
ads.us.e-planning.net/uspd/1/ Frame BEC6
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
acbc7cb07df3f663fa2c5db0a43fef008aeef497ba2c63b67ab1cefea8cee704

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
Sun, 30 Apr 2023 02:19:52 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1212

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Sun, 30 Apr 2023 02:19:52 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1212
csync
sync.adtelligent.com/ Frame B639
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
43 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:51 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
dc44faaa-21b2-47e5-94d8-324c4fa4f57b
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 30 Apr 2023 02:19:52 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
sync.html
s.console.adtarget.com.tr/ Frame C330 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:958::2 , United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6344c20f5e2a231f73e2f211e982630c32ea054347f57d2de05a175ea856837d

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
862
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame 9387 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync.html
s.adtelligent.com/ Frame 3B3B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.90 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4d103aa6459418648cbe913c21965506dec88b052033c15ece5c5800e39f7e34

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
943
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
de.tynt.com/deb/ Frame C060
Redirect Chain
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
41767a83d5d4ac0ece242b70cf76f657f08d0f1f9a5317d537bcaa855e7a1c52

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1983
content-type
text/html
date
Sun, 30 Apr 2023 02:19:51 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-length
171
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ECD3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112335
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
vid.vidoomy.com/ Frame 3D76 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 3D76
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
pi2jt5ogr144hk45g6md5pqhab6es9cr
RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
sync.targeting.unrulymedia.com/csync/ Frame 3D76
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1682821192717
  • https://ad.turn.com/r/cs?pid=45&rndcb=2348982698
  • https://sync.1rx.io/usersync/turn/3464934303237790935?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
csync
sync.adtelligent.com/ Frame 3D76
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=GkJrZBZH2ygXJcZOSOi_0W40
43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=GkJrZBZH2ygXJcZOSOi_0W40
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=GkJrZBZH2ygXJcZOSOi_0W40
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
csync
sync.adtelligent.com/ Frame 3D76
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7906230784814628655
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7906230784814628655
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
10854e9b-be02-4b44-9f13-8f644bd0497b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 3D76
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:53 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csync
sync.adtelligent.com/ Frame 3D76
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7906230784814628655
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7906230784814628655
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
4135bb17-640f-45e9-ab9f-4d94c324e4ce
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
segment.html
adgebra.co.in/afpf/ Frame 4697 		2 KB
955 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/afpf/segment.html?p1=5823&p2=&p3=&p4=&p5=&p6=1&p7=%20%20&p8=24553&p9=23043002&p10=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/afpfChild.js?hrId=2023043002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
36607fad23733017530ae863b127afca2a0fb3766b6027eaf58bca5f05b18e86

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 02:19:52 GMT
last-modified
Wed, 19 Apr 2023 16:42:42 GMT
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
via
1.1 google
EcgProcess.html
adgebra.co.in/AdServing/ Frame FBC8 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/AdServing/EcgProcess.html?p1=5823&p2=24553&p3=UAE%20news%2C%20Dubai%20news%2C%20coronavirus%2C%20Microsoft%2C%20SolarWind%2C%20malicious%20software!Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%20%20Khaleej%20Times%20Microsoft%20Corp%20said%20on%20Thursday%20it%20found%20malicious%20software%20in%20its%20systems%20related%20to%20a%20massive%20hacking%20campaign%20disclosed%20by%20US%20officials%20this%20week%2C%20addin..%20&p4=23043002&flytxt=313&preferurl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&neg=0
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/afpfChild.js?hrId=2023043002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
d5255be4074e1afdef6d0de837c627878f7b4ddbcd94306ec939d9d590cae09b

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-headers
Content-Type, Accept, X-Requested-With,Origin, Control-Request-Method,remember-me, Access-Control-Request-Headers,Authorization, x-auth-token
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 02:19:52 GMT
etag
W/"9380-1682613114000"
last-modified
Thu, 27 Apr 2023 16:31:54 GMT
vary
accept-encoding
via
1.1 google
index.m3u8
streaming.playstream.media/storage/videos/a5301896-69c2-45a9-8679-350f7be44cf6/ 		114 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/a5301896-69c2-45a9-8679-350f7be44cf6/index.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
1bf872a6b59e7e76e364fc2e151dcb225f7d9284f3a82ddb31d1851842dfd22f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 30 Apr 2023 02:19:52 GMT
cdn-edgestorageid
1070
cdn-cachedat
04/15/2023 07:25:46
cdn-pullzone
1024237
content-length
114
last-modified
Sat, 15 Apr 2023 07:14:58 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"643a4ef2-72"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
41b33c5aa3bfb462b96170d37f2a5817
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanova-regular-webfont.woff2
jogo-assets.s3.amazonaws.com/fonts/ Frame E88F 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jogo-assets.s3.amazonaws.com/fonts/proximanova-regular-webfont.woff2
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/_next/static/css/851ffed9a035c4fd.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.118.105 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c2ad3b2ad1c100ebb196165df8a0bfad3941024d991dcbef5c92437283e17b57

Request headers

Referer
https://play.jogo.studio/
Origin
https://play.jogo.studio
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Last-Modified
Tue, 18 Apr 2023 10:05:18 GMT
Server
AmazonS3
x-amz-request-id
FSP6ETDHFD28Y592
ETag
"26f29fbc44abfbef4387f6fe478bc72c"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
*
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
19964
x-amz-id-2
alTVebH3Fnu3ucvf1dw24N+ZNGG85+hAeskAkzePT/8bApbA8v3oWgWzlPOSJNd0mTkdcos9Jmg=
LyonDisplay-Regular.woff2
jogo-assets.s3.amazonaws.com/fonts/ Frame E88F 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jogo-assets.s3.amazonaws.com/fonts/LyonDisplay-Regular.woff2
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/_next/static/css/851ffed9a035c4fd.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.118.105 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a88ba17ef2dba59fbd83de0a0c2e4cc9943f59a4aa02697aa1b7b63d8de576cd

Request headers

Referer
https://play.jogo.studio/
Origin
https://play.jogo.studio
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Last-Modified
Tue, 18 Apr 2023 10:05:14 GMT
Server
AmazonS3
x-amz-request-id
FSP1DY9EWFPSWYYP
ETag
"aac2e93444ca5fa6d031b698f226107c"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
*
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
47240
x-amz-id-2
IOVkgEgBEUqJILv9i4I0lKC6CWel80cKwusoncxjG1dP6ZyKOvipUAd3KEVSZcNL46kndPaEZ8k=
ne.svg
play.jogo.studio/assets/img/flags/ Frame E88F 		273 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.jogo.studio/assets/img/flags/ne.svg
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4b91653d53f76ddaf492a61adad3c1be86528ee9f23d7a18a6044c4eed165cad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
iad1:iad1::5nvmp-1682821192697-efa410ec0a1a
age
103035
x-matched-path
/assets/img/flags/ne.svg
etag
"5c109026a107f910512b09e208a90538"
x-vercel-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="ne.svg"
accept-ranges
bytes
content-length
273
setuid
u.4dex.io/ Frame 0832 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=2403475317176069061&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 0832
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=smartadserver
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=Go1CAQPvWv5mMcBHozEv_5U4mb0&user_group=1&ssp=smartadserver&gdpr=0
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&gdpr_consent=
43 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&gdpr_consent=
Date
Sun, 30 Apr 2023 02:19:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 0832
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=04010023_644dd048f02af&gdpr=0&gdpr_consent=
43 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=04010023_644dd048f02af&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sun, 30 Apr 2023 02:19:53 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=04010023_644dd048f02af&gdpr=0&gdpr_consent=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
/
rtb-csync.smartadserver.com/redir/ Frame 0832
Redirect Chain
  • https://cs.admanmedia.com/e09bad714a425a93d6dea503dcf9c528.gif?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D130%26partneruserid%3D%5BUID%5D%26gdpr%3D%5BGDPR%5...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=611927c9-b19d-413e-a399-edc6a02241e2&gdpr=0&gdpr_consent=[GDPR_CONSENT]
43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=611927c9-b19d-413e-a399-edc6a02241e2&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:53 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
DENY
Location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=130&partneruserid=611927c9-b19d-413e-a399-edc6a02241e2&gdpr=0&gdpr_consent=[GDPR_CONSENT]
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 0832
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=39&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D25%26partneruserid%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=5ded644d-d048-4900-9db9-f4be5bd2dfb7&gdpr=0&gdpr_consent=
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=5ded644d-d048-4900-9db9-f4be5bd2dfb7&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
MT3 830 785530e master ord-pixel-x13 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=25&partneruserid=5ded644d-d048-4900-9db9-f4be5bd2dfb7&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 02:19:51 GMT
impression
ads163.adtelligent.com/tracking/ Frame 5EEF 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads163.adtelligent.com/tracking/impression?creativeType=&inViewEnabled=undefined&inViewEvent=undefined&inViewSec=undefined&width=0&height=0&cmpId=483421&nestedLevel=0&tti=723&ttiFromStart=255&isHeadless=false&adid=7F55781BC85A1199&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A1199&aid=724993&cb=569664569
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:51 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 5BE3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZE3QSAAGdt3yhgA9&gdpr=1&gdpr_consent=&_test=ZE3QSAAGdt3yhgA9
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZE3QSAAGdt3yhgA9&gdpr=1&gdpr_consent=&_test=ZE3QSAAGdt3yhgA9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 30 Apr 2023 02:19:52 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZE3QSAAGdt3yhgA9&gdpr=1&gdpr_consent=&_test=ZE3QSAAGdt3yhgA9
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yyz4560-YYZ
x-timer
S1682821193.846209,VS0,VE0
Pug
image2.pubmatic.com/AdServer/ Frame DC33
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477414437337801
42 B
273 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477414437337801
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 30 Apr 2023 02:19:52 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=978477414437337801
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
dcm
s.amazon-adsystem.com/ Frame 4679
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D25146A7-FA5A-44E2-8074-F1A3074DE67C&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D25146A7-FA5A-44E2-8074-F1A3074DE67C&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D25146A7-FA5A-44E2-8074-F1A3074DE67C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CPHQGYRBPRVVXG68YK5N

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sun, 30 Apr 2023 02:19:52 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=D25146A7-FA5A-44E2-8074-F1A3074DE67C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3VR727FBYHCP2B8CTWMW
Pug
image2.pubmatic.com/AdServer/ Frame 703B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFBak9VN0ltNkVBQUNCdWQxZl85UQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAAjOU7Im6EAACBud1f_9Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2403475317176069061&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAAjOU7Im6EAACBud1f_9Q&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2403475317176069061%26gdpr%3D0%26gdpr_cons...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2403475317176069061&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAAjOU7Im6EAACBud1f_9Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2403475317176069061%26gdpr%3D0%26bee_sync_pa...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2403475317176069061&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AAAjOU7Im6EAACBud1f_9...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 2FC5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1d73644d-d048-4a00-afcb-6c18b71cf71f&gdpr=0&gdpr_consent=
42 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1d73644d-d048-4a00-afcb-6c18b71cf71f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:52 GMT
Expires
Sun, 30 Apr 2023 02:19:51 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master ord-pixel-x51 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:1d73644d-d048-4a00-afcb-6c18b71cf71f&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 6E5D
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7db5d42e-e6fd-11ed-a34e-d15af96d51e0
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7db5d42e-e6fd-11ed-a34e-d15af96d51e0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=7db5d42e-e6fd-11ed-a34e-d15af96d51e0
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-6
Pug
simage2.pubmatic.com/AdServer/ Frame B3E9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7906230784814628655&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7906230784814628655&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
1582ead3-3ac2-4bf4-9000-1fa5637b7fb1
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 30 Apr 2023 02:19:52 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7906230784814628655&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
image2.pubmatic.com/AdServer/ Frame F9F6
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uSkp4ustKb6ifirjuC4wt-skeOKiJS3nu3yz6CBt
42 B
563 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uSkp4ustKb6ifirjuC4wt-skeOKiJS3nu3yz6CBt
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uSkp4ustKb6ifirjuC4wt-skeOKiJS3nu3yz6CBt
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
141
match.deepintent.com/usersync/ Frame 9C54 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Sun, 30 Apr 2023 02:19:52 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 48E8
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
Sun, 30 Apr 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1513283
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame B0B0
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
42 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:51 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 195E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:fYpSPiDn1PSWFi5&gdpr=0&gdpr_consent=
42 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:fYpSPiDn1PSWFi5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Sun, 30 Apr 2023 02:19:52 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:fYpSPiDn1PSWFi5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0ee9e37f6f1ce5e71@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame AA8D
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=8dec9353-583e-4c52-8dc5-83aeb3620aef&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
42 B
491 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.204.24.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-204-24-233.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Sun, 30 Apr 2023 02:19:52 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 8227
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Go1CAQPvWv5mMcBHozEv_5U4mb0&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Go1CAQPvWv5mMcBHozEv_5U4mb0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sun, 30 Apr 2023 02:19:52 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Go1CAQPvWv5mMcBHozEv_5U4mb0&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame E3E8
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 30 Apr 2023 02:19:53 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
i.match
s.tribalfusion.com/z/ Frame 703F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7bfc4d67ca467154-YUL
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7bfc4d6709107154-YUL
content-type
text/html
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
977
setuid
u.4dex.io/ Frame EDD3 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CFD0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=0lFGp_paROKAdPGjB03mfA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=112334
accept-ranges
bytes
content-length
5554
expires
Mon, 01 May 2023 09:32:07 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame CFD0
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=D25146A7-FA5A-44E2-8074-F1A3074DE67C
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=D25146A7-FA5A-44E2-8074-F1A3074DE67C
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=68afccab-c100-4461-a445-3890741431f3%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=abb0385f-fb71-4da5-be13-d1ca93d34856&ttd_puid=68afccab-c100-4461-a445-3890741431f3%2C%2C
95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=abb0385f-fb71-4da5-be13-d1ca93d34856&ttd_puid=68afccab-c100-4461-a445-3890741431f3%2C%2C
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=abb0385f-fb71-4da5-be13-d1ca93d34856&ttd_puid=68afccab-c100-4461-a445-3890741431f3%2C%2C
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
359
xuid
eb2.3lift.com/ Frame CFD0 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
insync
thrtle.com/ Frame CFD0
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=d68d4bc9-9884-49f3-a2b0-a3d71e6d872e
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=d68d4bc9-9884-49f3-a2b0-a3d71e6d872e
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
52.0.82.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-82-32.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Sun, 30 Apr 2023 02:19:53 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=d68d4bc9-9884-49f3-a2b0-a3d71e6d872e
date
Sun, 30 Apr 2023 02:19:52 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
Pug
image2.pubmatic.com/AdServer/ Frame CFD0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDI1MTQ2QTctRkE1QS00NEUyLTgwNzQtRjFBMzA3NERFNjdD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CFD0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIuCokoupdqAG3MACwWQAUg&google_cver=1
42 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIuCokoupdqAG3MACwWQAUg&google_cver=1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIuCokoupdqAG3MACwWQAUg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CFD0
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:429FA571C8024762B89F507D54B48C58
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:429FA571C8024762B89F507D54B48C58
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Sun, 30 Apr 2023 02:19:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:429FA571C8024762B89F507D54B48C58
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 02:19:52 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CFD0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3464934303237790935&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3464934303237790935&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3464934303237790935&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame CFD0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
42 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame CFD0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-H53MDO5E2uUaA2EJEL3QGGZxZhU9Cb0-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-H53MDO5E2uUaA2EJEL3QGGZxZhU9Cb0-~A&gdpr=0
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-H53MDO5E2uUaA2EJEL3QGGZxZhU9Cb0-~A&gdpr=0
date
Sun, 30 Apr 2023 02:19:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
D25146A7-FA5A-44E2-8074-F1A3074DE67C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CFD0 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/D25146A7-FA5A-44E2-8074-F1A3074DE67C?gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:6422:e7b:c10:ea7a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame CFD0
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=29dad5f5b6062163&is_secure=true&networkId=17100&version=1&nuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMERwH02NBawN4yMlgAAAAAAA&expiration=1682907593&nuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&...
42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMERwH02NBawN4yMlgAAAAAAA&expiration=1682907593&nuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMERwH02NBawN4yMlgAAAAAAA&expiration=1682907593&nuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame CFD0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=c4dd86a7-5678-49a7-ae61-326910133e40&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&gdpr_pd=
1 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 30 Apr 2023 02:19:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame CFD0
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=275eb785-370e-447e-879f-7fd6dba0d1e9&gdpr=0&gdpr_consent=
1 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=275eb785-370e-447e-879f-7fd6dba0d1e9&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=275eb785-370e-447e-879f-7fd6dba0d1e9&gdpr=0&gdpr_consent=
Date
Sun, 30 Apr 2023 02:19:52 GMT
Connection
keep-alive
X-CI-RTID
af20468f-54a7-47c7-8fd2-84279d36762e
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
image2.pubmatic.com/AdServer/ Frame CFD0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
42 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame CFD0 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.183.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-183-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
sn.ashx
pmp.mxptint.net/ Frame CFD0
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_101EA6830_8FA46364&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
38.98.69.175 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-365825947; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:52 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-365825947; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame CFD0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4139660057828765566
42 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4139660057828765566
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4139660057828765566
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CC5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5213080493894&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CC5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5213080493894&version=m202301230201&ct=76&x=9&cor=6414366815693711000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4CC5 		72 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8QPhpFxDHwNvqORpEYrBwnbXHrPvWrT-gFaZTOT07rtxYAOdxK7tetyKlunz9mC1ygQv5rWPEkomWG4XrSej_dnL5GrQ697ptoakUWxXCMQ1o00In3a5CrZvj-t1shjab9d0I68IAMZsi7qdORmVMWbej8vOEf7IEFYwEssVMSiFT4L4&dbm_d=AKAmf-BjEh_KjAB4SKyyn-wRykM08wElQXhxASEBgsW-BUYZDMd99O-tJjbLAwyUSz5OzNpMkQ_3Gd2soHzzox55x7CPMcx6eGM_FDr16Joh_wDqwmgXUh7iEsDMrmO-iJhKrcsJj48G4DNwR6dZAPVm1biML-2IrS8WnJ5cuZbUce1xhHSUbKcVay4xdmx9AKstiAFe5FCd8wKjHY1xzU91MPnh0-k1KT-hC4XcxOJ3ZoFHYpED19KT9HEVRGGcavNgpLWkcno5j_ah7_8q2K0ZEaInOef6nn1lFUUTHu_ra906yHliZdqSSQ3HUbMnvLrj9qeGRJ-ckqvQJyD_AUtV6nzG0bxDEDQfptoOXfiwlA6MRyfRTcG4a-R8_k75h1g1EiUYE7q0dXr_wT8Gzu4tCcAiteOZ5agfxx-ygKnAvhfruKFxV0N2FgCrIZ_crvuT5FPli8DMlhWBho_PfwytR7AU-Gf4O2-Vp3C7yaxY-mWanC9MgvSDvUb-FDexdMrzj9vXYBS0LmcXj2hMLY82cliSXoeDu4SOCksVI_QTFBlN9Mm5mmWtZrSAKXHKuYstwTreWBQ08i5C5_pUUaMS-DG6bipOVdzmKgqVk_osgEXGjXL36rds75jzbO__1fXHmHV0TnSQXqg8a_iKqa3HJsiKyT2Fe4uX-WNVR5Wk-gIm9fcrHoppiRADOtoEDOkhjaZaUelc432k-hnHvP5ddSvD0c_X3xHBAjlIoqKqOfM6Rllxjj1IKY5RSm3PzixvRvW8yDKDubxMD3ApRieWz1Thagaxt3Viqy5Db3vRA6l_C1ju4t63CY2dV7zvVMY-Q-nHQ4J0_H1-iomFEXOrOPAeK0ed9yLjEcyY0a0H1hyvwg8MzQFrku5ofUBgz8FSUZkD0vB67gP-5Llrg0uOk8za0p6jr1O7Y-AwUuIyvVfeMpCYKoad-YdthYDPnSNF_v8IOUospCy1JahSz4S80NxaOKdTlBrg81OnuQFDzPcq7Sj6CfmDM-0lDyJT2CTcsBGQZtewBkWAmmu--CR6iTmQRfi9_oUKo8GynsYusQTAlcBha02L5QmpK1K_QemBnkmbu09vouv4rsdnH6BhG1cFgyJ2oM_sq5lW5RA_v8GSB1rcYVgk9sW9UGUPH3W8yiZZpeWeshp_emfEfc2bzOKFJio0x0ONRKY6qIlQXsRlkA3zYmz9np3fY0GsS9Y0-LKfJgP4lB8Mgs3BRQfEBdcRpiKlqKM5dcke6ELn93Ay036t8uRKb0XS3WuuPGFGtTlAU_F7ueZoGCBSoskLW7PwyXppZcvjAhPlXJLuiV1IzUC7EFL4gOkaPsr-hgXHCNQUXcGhdNelXvUV9hhWiESXJa_RxE_fOHlFVV5VT9-VEoE2MeXp8gTBG1RyeEvJK50wCdPBF3Q0djL3Gc0r-5i2QSmaJyx9JwqDS9tIV5Ui9gWMLPnb2dwOiw3fu88rQ9i_1rcuSqsqWSSQKJqay7OY7ctRVIoN-4vbvhrebGyagNcCGRIYdNgnVIwX2-pCMYXeIq1KK6R8QYXOsTVbceVQLm5NkhdrcPjOlqk1YMI83LP8BwHyhUFGSjOIO7GafhYr0WMtaKK8-M-2c0ciEOAgJPKv2NsRN0-6JqEkd5QfJ0fAlh9bIkeGMydaUivKUH58P6KbBRygaGYarB4EKybkwJzxZ8U7lzEWe-7r2atuMi7fbmIweY64Moj6ZewV3NcxVEdiOgq5deusBmZAmFOyMXI4-pGLLXxAblUpXsuHSxmKIpwc186pZO5rFQ-mgj34S5S_4YQmqbFqaTAkePokCeS3Lfhrf1AtXXhyHk8aiSSh3e8FrERuuiTbnxj9ob1rdLMrm0H-iO_IEHwqmyVjK38aZsCo48mClh1RVW_zv60MOLwmdiJ7kG-ORzE_NJHLes8kW_C6eehVrm-xo7_zXl0Dk5VSSD93FNJyEhA1-6xYkJt9yIa3GZiTU5Utmei0B-zDNmnhKgPcVBbQY8z7GRf9f1Q2RvUg5vNrPXgJ-q7L43iSL3a_bdIN7IvM3-5R8P08H1yOjEF9gPNF112i8idNlMqpLpqU8HRaMSk4N9f9nNHtZa8dJ72QXCccqJ5N0L82YfAL3FZrd3IlYTG0ttZ7S6UdOg-xyOsm8Md_e_P-PviV927u9gQIB_Ryw-CsZWaZZZLgPbfL1X_lfBHQuvW2YlF_73doU0meAFmAVlzG96R59K8IQ88E4tVbkrAbzCt1qCcOrRTkQpRAQmM2__l2vHE1mtYH_IUcJhgQF7DqPWQigm2Eo-Zmw-kW5UsNU7AeOu_fn_uVhRFXm-qJ59wU8d4Vf_HQNm6xufh7eyGMPHsqOPGmvpU4PvXRmoXC7r9QoK7CaZ7GmIbM1CHKBs39hpN6dS793_8VcLE1wlrcuH9AUwnqApcomujrW-wQLiQcrGQzXHPMpOR6mrbf0XgP61NIAHAgcVnf-6vFcT_xB6HwJZvPCTrhXLF9zUyIfLu_J19kdUlSS3Rxz_Rn6pm3CmwkV6e0eBEmzr2tI4xvfdepMAfFa0qc-Fisp-zsGwlZZ6RSNRECc-PLiYxxoU3WGp6xOHq2vom8wHIlcQ3DiUD7b5EhOrZEbBTezOIKopPVXK7xKWwwYE06GXOCzhrzPMPtiOODu1YISpGLb00vad5FSKIDe6TQJ1lnF9L_z5JZhDI-wbWmTd7SpsMnun_U90wBQUHZkCw2I8GCnYlPervjjwu7x0D_8cmAjVhQNatjqPWgff7SNfrkiyIzmUBHN4YsXAaax5C6S-Ril7dj0WdjevNb24LyebmAZRXye291EyZ7VawVOXJfIpzwpEYwr6qBh5xbSn6BrXO0K27E_sGPAZoJqE3gpnVD7LT9Oe293AIe-ZawEWfaksoKgcfhiQxZqQ-U9lNAhE60FYquhcKdfuihu-koT-mm6tJvvUm6U5yEuCSmu-XWxrhSLx8GJBSdPdC5RTB49-dXgyAiVhv4zAiEhzkG9joSzp7JlfL5_7xolpP2fXxSQ8QiVgA6iP1_aAYcUXalqxMPSEdPdMU8Iz7ArKhHAqb4rv6oIXhVaBxEwBciEk_5zNo-ftjOgOIdMrm5Usl1YO_TLee-ZizITvhVpDboW3rfi6NjsNQ9PqVvAdmafikOUcWKf_Ld0eAIi1lCoC_SKbebStjKMmgx2iIGGZP1qUUT3Eip-Ng112saVqKnCqIg0Q_Obfc5LzMbClZdPSqRAKGMq9ki000LJnE1IuJ85R4UUxRRBY-39khmCE3HvtAz0tC_tIhCDk0nbiIfixbhRbtWmCQzokWqQzSWpuwCV8FRxLuP3bN9F2udKqhaAXKbz0Dv1fAlOm064Jlbv-YCJRyAIVMjza4BYUip02GyIlZ-Er3sgrDp&pr=9%3AAAABh8_1kkN35CQgCn_14eWSWtNGmPfHbYJzpw&cid=CAQSGwBygQiDbt7CYCgXvb3mivu1JlQRn5TC59eOLhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZwcGAozN0R4cmxoNzlzHBbfyr30ltnw0ckBFuHJoqyhvKn3vwEAHBbD17Xqyrvn4WYWr5ORoabCsIOrAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoYBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFvbZpIAEFoCIoIAEFRgcFLAJFMACABUEJoYBFoYBFoYBETUOJoYBNAIALCwWtJ2qz5K089V6FrmRw8rP3dvT9gEAFozB7sQMBii82ZiABBbEvpuABBaAiKCABBb22aSABBgJNDY5MzY2MDk0ForGARaGASUEFkQYBzMyMzY1MzQVApa6iokDEREYAk9YDHoUtAkUxAIAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=6414366815693711000&adk=2453281538&idt=108&cac=0&dtd=45
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de16da1c225f7b68b956cffa2474b3670c94122664fad14a8fbb1a21a2b7dcc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=240672733659405&correlator=806710312194630&eid=44777629&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C537953-300-250-9&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=19&adks=2424930324&sfv=1-0-40&prev_scp=adunit%3D9%26prebidtrue%3D0%26refresh1%3D0%26adl_dis%3D-1%26hb_format_adtelligen%3Dbanner%26hb_size_adtelligent%3D300x250%26hb_pb_adtelligent%3D0.03%26hb_adid_adtelligent%3D2166f43d09bda14e%26hb_bidder_adtelligen%3Dadtelligent%26hb_size%3D300x250%26hb_format%3Dbanner%26hb_pb%3D0.03%26rtb_pb%3D0.03%26hb_adid%3D2166f43d09bda14e%26hb_bidder%3Dadtelligent&eri=5&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0%26url%3Dhttps%253A%252F%252Fwww.khaleejtimes.com%252Ftechnology%252Fmicrosoft-says-it-found-malicious-software-in-its-systems%26words%3Dtechnology%252Cmicrosoft%252Csays%252Cit%252Cfound%252Cmalicious%252Csoftware%252Cin%252Cits%252Csystems%26commit%3D55f12a8f50c54762f4ff4f42c6c79fbe6aa5c92e%26unblockia%3D0%26source%3Ddirect_internal%26CMP_accepted%3D1%26geo%3DCA%26device%3DDesktop%26order%3D7%26api_key%3D841fb3e5-977f-4e2e-be39-fae608323cc5%26adl_ip%3Dadloox-dc%26adl_ok%3D1&ppid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&sc=1&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&abxe=1&dt=1682821192859&dlt=1682821187973&idt=472&adxs=478&adys=2178&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=325x-1&msz=300x-1&fws=4&ohw=325&psts=ABHeCvgoCBd8TP_1pF-ivhFhyF0CbLmRVWUi1akX80aftnE8La7Rjgjd7l-4RlvSoR78u1sFuhtIRkTVZaHzJILQdwyb2GP9dyI%2CABHeCvjnxMulo9mRgfz4AyBr4KzSkcES1Lm3ykwAuAj4cchbDUwhnX44P96Y83SDsYHd1nnzE92fHpkt1rZ6mLV2-GBUM3J5UF4%2CABHeCvgEv86xznXJDqhGXoApEdUtFuaQ3aNlQXLeuhg9sGJ2HeVyGw_X3oZD752tw_cdCiLlPxN3R8HmFWkycwTnBxQtSRsRJig%2CABHeCvgoPIGtqICyYOTF_LzPrtg0ahrsegDT8s9TTttSfKkDOzdTiJM5dxBXRH4SoSVXHhVSv1VRGbnz8_QASfCAk1HNpBtEV1o%2CABHeCvj86dnWHvvf8G3HI9pITr-am0hw8CAr-x9UF4jnW2DrTwpouAjGX43EGc12yGVM0fVvMZpVQJr1aca_meAczhY18yqXS58%2CABHeCvgwMwiYvrwHPhNgGwiSqjS3iXiu1QHTDXn8IR9u_Qli7oC44tXuG_4Z0gFpTPZN1RL7tXVfXfI30BuucHvTSafFTmLmkKw%2CABHeCvg6Ut1Kr9jDIqbd4WDCP4pCJSGuLG9FBwTy0h6R-2OOi35F0kKKvbNoTJ5pFQwxpHGD7AMrfUxlTSznMIGYZjzyLvXX6io&ga_vid=2080641419.1682821189&ga_sid=1682821189&ga_hid=1749126243&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRj1sNb__DBIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAM2M0YTQwNTFhYzJmNjQyNGU4YTg2ODU1NjlhYzE2ZDUzOTM4ZmUzOWExYzQxNjc3YjMwMWM2ZjM3ODM4MjVjYRjtsdb__DBIABIZCgpwdWJjaWQub3JnGM2o1v_8MEgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRi4o9b__DBIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02fddd8137770313efd007b7e22874ced5e55deeb7fa58ef78a5432110617403
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9973
x-xss-protection
0
google-lineitem-id
5180018800
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138254914964
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 96C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
  • https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEOFVp5148LgsuloCqR4cb60&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEOFVp5148LgsuloCqR4cb60&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiW5OffATAB&v=APEucNWE0auP0P3y1Z8hjyzyRtlUBAeIwou0opLFpnb2ubxwHI3sy3zsdBX5bzi6RjXOttkf9SohKn7aPUTzTt5wKCqPQaRYD-ByBOW6Pb_6ZAQIQuAq4BA
Protocol
HTTP/1.1
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:53 GMT
AN-X-Request-Uuid
eea4bb8b-2ca3-4af8-84f1-c3ef2ff6600d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEOFVp5148LgsuloCqR4cb60&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 96C4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkwNjIzMDc4NDgxNDYyODY1NQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkwNjIzMDc4NDgxNDYyODY1NQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiW5OffATAB&v=APEucNWE0auP0P3y1Z8hjyzyRtlUBAeIwou0opLFpnb2ubxwHI3sy3zsdBX5bzi6RjXOttkf9SohKn7aPUTzTt5wKCqPQaRYD-ByBOW6Pb_6ZAQIQuAq4BA
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c69c0124-fafb-4bd9-8c3b-179735d15f97
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkwNjIzMDc4NDgxNDYyODY1NQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 96C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHiZ2yv1UAn_tghjpA4RL9I&google_cver=1
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHiZ2yv1UAn_tghjpA4RL9I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiW5OffATAB&v=APEucNWE0auP0P3y1Z8hjyzyRtlUBAeIwou0opLFpnb2ubxwHI3sy3zsdBX5bzi6RjXOttkf9SohKn7aPUTzTt5wKCqPQaRYD-ByBOW6Pb_6ZAQIQuAq4BA
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEHiZ2yv1UAn_tghjpA4RL9I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 96C4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiW5OffATAB&v=APEucNWE0auP0P3y1Z8hjyzyRtlUBAeIwou0opLFpnb2ubxwHI3sy3zsdBX5bzi6RjXOttkf9SohKn7aPUTzTt5wKCqPQaRYD-ByBOW6Pb_6ZAQIQuAq4BA
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame AEE7 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 17:49:36 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=55762
content-length
10020
expires
Sun, 30 Apr 2023 17:49:14 GMT
index_0_250.m3u8
streaming.playstream.media/storage/videos/a5301896-69c2-45a9-8679-350f7be44cf6/ 		510 B
844 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/a5301896-69c2-45a9-8679-350f7be44cf6/index_0_250.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
509818a7252ed5aa047b8929545c191bb83776dc12bbdd38dd3ea766bd6339f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
br
cdn-edgestorageid
1069
cdn-cachedat
04/15/2023 07:25:47
cdn-pullzone
1024237
last-modified
Sat, 15 Apr 2023 07:14:58 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"643a4ef2-1fe"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
0f2425af96b416ef9dab09a547d01a3a
cdn-requestcountrycode
CA
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194558&cb=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dindexexchange%26uid%3D
  • https://u.4dex.io/setuid?bidder=indexexchange&uid=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://u.4dex.io/setuid?bidder=indexexchange&uid=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
setuid
u.4dex.io/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=3cc4b2f6-c7e1-439a-8174-b6dbb96bcabf&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%7BOPENX_ID%7D
  • https://u.4dex.io/setuid?bidder=openx&uid=8f191100-b819-0451-17b1-71095a0e0e2e
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=openx&uid=8f191100-b819-0451-17b1-71095a0e0e2e
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://u.4dex.io/setuid?bidder=openx&uid=8f191100-b819-0451-17b1-71095a0e0e2e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 1B15 		756 B
858 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.177 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
ae46728d5edbd2361cb2f016700fa91fd60e8a1aa58c93448c3d103773f683e9

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
756
content-type
text/html
date
Sun, 30 Apr 2023 02:19:52 GMT
sync.js
ads62.adtelligent.com/ Frame 6693 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/sync.js?aid=724993
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6B203&aid=724993&cb=1365257056
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
5a29df16d0e98e575ff17095bcb69330a3d08d6f635dc28725bbc55d93bb5a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1034
sync.js
ads62.adtelligent.com/ Frame A363 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/sync.js?aid=724993
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6A4C6&aid=724993&cb=864437270
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d526aa2b9979f07c6bdf4e2f6f88a8cdf4ee804d83e6a145c2a413ac0cf8301a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
996
csync
sync.adtelligent.com/ Frame 5EEF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7906230784814628655
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7906230784814628655
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a772216e-2c31-45c4-b877-4923c7f854f7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.us.e-planning.net/uspd/1/ Frame C427 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
3128abcbb4f37862e885e75897a12fdefe8cb7a533a15cc268063d1faa05b7ee

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Sun, 30 Apr 2023 02:19:53 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1212
sync.html
s.adtelligent.com/ Frame 8483 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.90 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
c9b418d52625158f8dd70e9af7381f5531720b9e586e5de3d10b1945a87484db

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
950
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 5EEF
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=GkJrZBZH2ygXJcZOSOi_0W40
43 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=GkJrZBZH2ygXJcZOSOi_0W40
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=GkJrZBZH2ygXJcZOSOi_0W40
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sync.html
s.console.adtarget.com.tr/ Frame 85C8 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:958::2 , United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6344c20f5e2a231f73e2f211e982630c32ea054347f57d2de05a175ea856837d

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
862
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
de.tynt.com/deb/ Frame 2D88
Redirect Chain
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
4338240292fb5e55dbd3b02b86f5ef5746790f77ba4085d33c2dc222fa0af88e

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1531
content-type
text/html
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-length
171
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 568F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112334
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 5EEF
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
o9fju19ritdk7nckoj07ela60dc5cfv6
sync
vid.vidoomy.com/ Frame 5EEF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 5EEF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7906230784814628655
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7906230784814628655
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e7c6129b-8a2b-4944-8275-c4df9034485c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 5EEF
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:53 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/usync/ Frame C9C6 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 5EEF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://ad.turn.com/r/cs?pid=45&rndcb=7312875239
  • https://sync.1rx.io/usersync/turn/3464934303237790935?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-25e123c1-91dd-4efb-b23f...
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Tengine
ETag
RX25e123c191dd4efbb23f8cb41c34b8bd005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Content-Type
text/html
Connection
keep-alive
csync
sync.adtelligent.com/ Frame C223
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
43 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:52 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
8a5f184f-2880-4bcc-b40a-735070b102c7
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 30 Apr 2023 02:19:53 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
video2adrenderer.-sticky-ad-
fundingchoicesmessages.google.com/f/AGSKWxWGAAbbGXmz_6wXRSQ7I-ckokCSUb3G2YAAvwQCRrxjyQrHkYnbIRgyXcnYLsxxoAwb2_QfTf1DCM_nQN4eRRBhtJcJ9aNE7_RvIZw4WzFo6OVk17EoeN4Kz6lB4-THIe9ibuuu-g0mNGeCrOM5Z9IKBYWUc... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWGAAbbGXmz_6wXRSQ7I-ckokCSUb3G2YAAvwQCRrxjyQrHkYnbIRgyXcnYLsxxoAwb2_QfTf1DCM_nQN4eRRBhtJcJ9aNE7_RvIZw4WzFo6OVk17EoeN4Kz6lB4-THIe9ibuuu-g0mNGeCrOM5Z9IKBYWUcZF3d1d5VCUhFMn7jvcKviHiXBksJGlW/_/150x300_/adblockchecker..ads1./video2adrenderer.-sticky-ad-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ybzTVIIXPek.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMxGJKR7-eRVxpV_hdobY36eeJz3Dw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3a51300a0219a84fc5e0da5637cbcefd69d3b322c322a333a7cd090a28b81579
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LIx2Hnm2_giFm9zmXdbQcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-LIx2Hnm2_giFm9zmXdbQcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ybzTVIIXPek.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMxGJKR7-eRVxpV_hdobY36eeJz3Dw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 13:19:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
46843
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 13:19:10 GMT
AGSKWxUHHAk4Vp5o_QsGN_gKyudApjCz6JNa1WeCzcjkkDd-LGZS-iJuYeZqOOrSCi19h684_-Wuj8B1tXB6_DGadStRbh1uCALfIai1hFZ-UIuQI9A2mEidQEd0NziHhN8rPnlR4igxuA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHHAk4Vp5o_QsGN_gKyudApjCz6JNa1WeCzcjkkDd-LGZS-iJuYeZqOOrSCi19h684_-Wuj8B1tXB6_DGadStRbh1uCALfIai1hFZ-UIuQI9A2mEidQEd0NziHhN8rPnlR4igxuA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ybzTVIIXPek.es5.O/d=1/rs=AJlcJMxGJKR7-eRVxpV_hdobY36eeJz3Dw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DQI3XbODOVwTMpmsBGjfaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-security-policy
script-src 'report-sample' 'nonce-DQI3XbODOVwTMpmsBGjfaw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
speed
ads163.adtelligent.com/tracking/ Frame 5EEF 		43 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads163.adtelligent.com/tracking/speed?network=158&queue=234
Requested by
Host: ads163.adtelligent.com
URL: https://ads163.adtelligent.com/display/?adid=7F55781BC85A1199&aid=724993&cb=569664569
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
um
u-iad04.e-planning.net/ Frame BEC6
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D4e1bf7541f976ee9
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&partner_url=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D8a409b54-c4...
  • https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=4e1bf7541f976ee9
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=4e1bf7541f976ee9
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
image/gif

Redirect headers

date
Sun, 30 Apr 2023 02:19:53 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=4e1bf7541f976ee9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
u-iad04.e-planning.net/ Frame BEC6
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D4e1bf7541f976ee9%26uid%3D%24%7BUID%7D
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4e1bf7541f976ee9&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4e1bf7541f976ee9&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:53 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=4e1bf7541f976ee9&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
j1q1v88lnn67qkj9jpgdc0jv55uo5m8k
lotame20230117.js
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame BEC6 		676 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
gzip
last-modified
Tue, 17 Jan 2023 20:00:05 GMT
server
openresty
etag
W/"63c6fe45-2a4"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 28 Apr 2028 02:19:53 GMT
um
u-iad04.e-planning.net/ Frame BEC6
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D4e1bf7541f976ee9%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=2e55a5a9982621f7&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi...
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=4e1bf7541f976ee9&uid=AAAL7N8vOLFCrANMlvPvAAAAAAA&expiration=1682907593&is_secure=true
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=4e1bf7541f976ee9&uid=AAAL7N8vOLFCrANMlvPvAAAAAAA&expiration=1682907593&is_secure=true
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=4e1bf7541f976ee9&uid=AAAL7N8vOLFCrANMlvPvAAAAAAA&expiration=1682907593&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
um
u-iad04.e-planning.net/ Frame BEC6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D4e1bf7541f976ee9%26uid%3D%24UID
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=4e1bf7541f976ee9&uid=7906230784814628655
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=4e1bf7541f976ee9&uid=7906230784814628655
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:53 GMT
content-type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
01ecab75-6c57-4fb4-90e5-ab30d1caa9c3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=4e1bf7541f976ee9&uid=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-iad04.e-planning.net/ Frame BEC6
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D4e1bf7541f976ee9%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=4e1bf7541f976ee9&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=4e1bf7541f976ee9&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:53 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-34
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=4e1bf7541f976ee9&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-iad04.e-planning.net/ Frame BEC6
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D4e1bf7541f976ee9%26uid%3D%24UID&partner=eplanning
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=4e1bf7541f976ee9&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=4e1bf7541f976ee9&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:53 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=4e1bf7541f976ee9&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-store
content-length
0
expires
0
um
sync.e-planning.net/ Frame BEC6
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
  • https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:53 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
date
Sun, 30 Apr 2023 02:19:53 GMT
content-length
0
khaos.jpg
token.rubiconproject.com/ Frame C9BB 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame B799 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gen_204
pagead2.googlesyndication.com/pagead/ Frame E255 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5219506397918&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E255 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5219506397918&version=m202301230201&ct=76&x=9&cor=8602326844081805000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame E255 		72 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRnuitxa1GHKh0bM2yCkr9KDwdggiwkz-06O-v5BIyNcO38RxplWsx3FOMV1oFNxUN2nW0kI-TK0lQgIEJQJupkxMq-71iRBuiJjE3GJ_wlRwVKgyDNmrzaixGSsGfSXRVBTmj07IB3xPzi2hwH00qXYhjgzoNADrBnfTrH-0GzqHaUZE&dbm_d=AKAmf-AicHalYMg1HRE1RmhTrLsSyskoCi8mQHptzPXgzIK9MsjgOKVKgZc_wAPY48edc04XQwXO9cQU8RDXdfjXnaiDfcySf9z_W3PZpbqak0W0NBQq7iWM0klBE7s9lRKHipAZk0EELlc5oHtY4M4M5sAoMehG5sjE1gFW8FLcblbDJCsAinOlaFaAMsqZuxywamGDc5BwBEIY8kqa9FkkbtRlDgWibEgub7eTFOywWovn5xSgAvkyEC0baON1M5IWUZO4mrvsu6XgG7HprSJRbY0CjtU1lGWV4MrZAcarm6oXPlzSdaQ3Gee0C3bzlrXEWhlirkOJB0CB8fOR6ZSt2lHn4zniPGppmbCGXinE6lTmbKDS43FUaVG_7JIIqjLnodMyDbeNH3N278UEEklWQuFfTUw7A26ESj3R9dFrwsLBQ7CyNQ7MXv1rLMWP1aj81oVwcs1sbYA4jZImvoXINypXfNROWOOo9ZqpQFpQjSkqqvPb9XEVGar9QhdEjSk2wyHR8heYU4YYp2XDgFAIgtDGygrho4_YmewtzUYUJxGJKkZ7uAYguvV-WvqBjIsghc15J10Z4DZKpv_e6xgt9Jn2DucXLAT4FtxS-6vb4brpdDgpQ-dBnnOx1pAZAIkI5C7cGhX9a4HPXh07htGnHX76r9F-tExB8C45JHKztkhViLlyiWAdDEZgp9cFjj94PH9Bnd6CcjN9rWcSyqsqvS26A-QEtMt6q67RWWu38RSnEmyQEOkzzMafoHF2zlm0vgoecT-KYvhAkzGtt14HoSUz-wrM7kc-Qu2NqvSVUTCkH_rxdnfPSe7mAMB7khDOxljldx5bQn7E1ZF3aH1YaRgxN7NgZhxmfNEXJmi36lVgdwzgEiBl1m9fCqYmYzc7VGpxd8NUwPzMOvy9-AUjF9VJBXraJPsjeQlMCPd2gT3TrL-ymaCPE_LNBchni7gB08WTm-xQsI2fwZCfP690rX2560omNVKh284U9wbynAwnq3C29cQU58oq1nwd5iYFoC21kjwh4u9EnqHbmqgEJQnQfKyLiD9Zl6DCqE3dqgIEMTO32hSmOk2Iv-FL-O2qknnHTSymesMBcvXOXRZZpw7yKeXY1a0RrZsuE22qfCaDzqkWSdn2sGtzVSwP8j3wIfsobMXOvTaIFi-CmeEY7sjNk4nfVMNXv_93zpx9oBq1ZSFmcLDAQrtz_zGwYEp7eTrbdaxPRXodiNyTS7Q3oQTHKjdJeIIGTmseqm7sZyveR1cezTX1iHZFPYQkKkMREYCrYWGpE6hg9ODoF32Yq47_tXe7SoGEA0t3NE8ZYgx0j2zVd08ukyyMeOmWdLQeUkZv1ZbiVOtIXw1qJ2knlNeVIZMLJ4UN274hSFL8cET4nqTygn_tsnF0FJRbArgxnZTWXjhXS7mV6IjuOxYWdCSPSuyMcIen7u5AtA0L-Tht_JaCXhKTurk_VhtAoNxBhnEsZB_esZ9XJwPohad-LW8dFiYpcTPdH8JHjilf1rnTojPrZASoy_bM5jfHEVnbxx3mN371xRdhqHA_MI_3-9emjdixnbDqdoBqInuEGl81djhbGNDEwwCb2e6r1JdlZ6fdbwsUSw-iV8TR_z5loDBYBgQetvIzEcO5io0oJ7z9bWt6gm2NhEPGQg5ka-J-tLLJioWki3U-gE6umgRT-I8s1JGtIdkqTJFXC6_U0483DPRPATcn8nZ9S4lqWUkJnaWBFPs8_9mO3rc8Jp33T8IotkKj9qcPFR5kumKGsV22yhHMz_cv0Dn5hj3MbjizGp2WYRiRvtp2Dagw9c4fROWAamu-3fOPYCSmXBeojdcu8eNaN7lQ3GoUqHIpNexHrR0kBOObL1Z93krkfIp18GV9V--Sc6ImJihIkufKYBXOX9fdg23_Oap_LzTOabo6SvLkdbrIniWgjyZJv1J6xVW572f2pmu3zCNDvmzXMzns2YKvHd9T-zsX4_p1PJqAH8azW5LCYZ_mnamwnrUAdmdc6Gj9m6jK6Fz74UUsmVzAd4zzdSVVshohap8s8vqwUzwvjvtyjambpFO-vPoS5wTeBLa-WQ6-GCHB4jkCe13DrGgX7HshKStEkW_5NJPLk99jy_pspnglmnu5LwMRJl900HSJ8eVx9OewlwA8n6WfV9W0xknYXQcDDlLRLPIBATfVk-BOc_wlaZKz8arfcGo7Dfjqn4QU_oJ7vs9TnmXS5afAPUqE0K4A_mKQbwJWgSYSYa44L5mlhwtndkLp3D8-Vd0Mji3q99JYPrviaSHZcTprT64Tqbz1dKTBdDZ0fsTBimUj46sAHZtKAmnXuAAZuQWS_-27o4e3VQGdzxaHHeDUxqb8tYVp7H934oasUw8cpbx_owfs3TMOuruTGy_HyQCYXINWbRX7EIrECS486MNokRGcYYLD8btT4ul0ghBSh3p7erdeVAk_LWlOI_cr3Tg9B4dlWyIJWiNvQFjg8f9jvLGDuNH8GyO3ZNVdGoMVLh_Y0sI8P-rKUFNik6WUYW6MmZK4qq1UTxU6IpuuGmBzfCRPKNJwbAzOcy7ZiI8For_blc9UHTcrequ-bkL9PH3QRDsvxPYYwK_NSjyQbte-3yOP8h-ej-rQJqL0v_E-9cy3tjK9iIELV4iM_cEcxxkwgu9P9llBR-xY6UZZZ-yItrr70UhHh2RaBpaoAKkSKiyR8FXcYhRW-pYDlP5MFX_L1ZZqsejWG-9HrCEFc4nrgyxIYGITwzPZVJwTnQJW8fm3JkfIw_rnx_23FYUJ8rLssk_CYm8Jyt08nTlCosygWV8qPp3gaV74wtEktmDcLJaRcLDJP3N_LOjnCMpefA5vccDsRX_C_ArQ-FFrQkhCzD9wOVGS7FqZZLsM_yjbxIUeU2BIPI8Bl9J52fv9CqimAGLIoN80Bi5D-S5raunbax7H_KaUhPD3Sf05SnDn0MKpiULcc0lovgmE44v3X0theJ-ICDdBIdZ81pRd6M4Q3fJqdbB87eUUeBdoBvPjj99OE3UBejnP7Gt9U4JH6Mv4_54pUIQVJiTRFkwvmnFL20Y6yUDd4k-4r8-uavU1liODbCYw3lLK4-qFN0sAb8E9dz4oGoQQE6alMFiCuWMcxu2ZlVC15WydDGzFWrhjXFgAfjG-WSoTRYNvPeAb2F2OX9DwG0JEdl1u6cI_XoSaWzgbnC9xsbqQ-X6UwFXclPpYm54Pc2-4u66hKaYO5zlMPzU4IazDtLD_wU2GeEeh7hZsm0rXnyZCwx8y_AHhR3M6i6d8Nk4Gqqi9WvK7Kxh0XLI7xwH3qsGLsjWPXKi54JczT3aZl2K67haOxjFbL_doK_9VlqQpi_h3ljdQy-JatqSVtSY5she9yixX86dG5V4&pr=9%3AAAABh8_1k6AF4z_qGye174wd3kxLbKdmWrHtdg&cid=CAQSGwBygQiD4cNcZaiwZaeXs8hDS1YP2xNVXrZ2khgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApqMWx6SlpGdDRVHBaaurqW8tLR54MBFq-QyMfExrikrgEAHBbMjYrUofS2uGwW_cKurYXZ7_XXAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoQBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFoLapIAEFoCIoIAEFRgcFLQBFLALABUEJoQBFoQBFoQBETUOJoQBNAIALCwWkeK9r5i-5bnDARbf6pCLgO768rsBABaMwe7EDAYovNmYgAQWxL6bgAQWgIiggAQWgtqkgAQYCTQ2OTM2NTI3MBaKxgEWhAElBBZCGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FLgBFIQGABYCGANydGIA3BsCiBhNTF9GRUVfT1BUSU1JWkVSX0FQUExJRUQFZmFsc2UeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8602326844081805000&adk=613581378&idt=68&cac=0&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57c51e072bd11e2821e6bdd89323b42a255d5dffdfa76d98a86bc0b2eb22b125
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34968
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
de.tynt.com/deb/ Frame 2FB8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
2087756a0190b21c86565ef21cbf973911ee3702bc456bf77366caa594f4ffb4

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1573
content-type
text/html
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP013
x-33x-status
8340000A
json
trc.taboola.com/khaleejtimesmena-p13238197/trc/3/ 		112 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/khaleejtimesmena-p13238197/trc/3/json?tim=02%3A19%3A53.226&lti=deflated&data=%7B%22id%22%3A374%2C%22ii%22%3A%22%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1682587353739%2C%22vi%22%3A1682821193222%2C%22cv%22%3A%2220230427-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems%22%2C%22vpi%22%3A%22%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A7476%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22sc-khaleejtimes-mid-article_mobile%3Aabp%3D0%22%2C%22uip%22%3A%22Sponsored%20mid-article%22%2C%22orig_uip%22%3A%22Sponsored%20mid-article%22%2C%22cd%22%3A2538.5625%2C%22mw%22%3A1003.5%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A10%2C%22uim%22%3A%22sc-belowarticle-khaleejtimes2%3Aabp%3D0%22%2C%22uip%22%3A%22Sponsored%20Below%20Article%22%2C%22orig_uip%22%3A%22Sponsored%20Below%20Article%22%2C%22cd%22%3A5584.375%2C%22mw%22%3A1003.5%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22sc-righthandside-khaleejtimes%3Aabp%3D0%22%2C%22uip%22%3A%22Sponsored%20Article%20Righthandside%22%2C%22orig_uip%22%3A%22Sponsored%20Article%20Righthandside%22%2C%22cd%22%3A1788.390625%2C%22mw%22%3A314.5%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems%2CSponsored%20Article%20Righthandside%3Dsc-righthandside-khaleejtimes%3Aabp%3D0%2C%2CSponsored%20Below%20Article%3Dsc-belowarticle-khaleejtimes2%3Aabp%3D0%2C%2CSponsored%20mid-article%3Dsc-khaleejtimes-mid-article_mobile%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230427-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
09b88b955172595961d81d607a021b04ab743e45cd9fa42a1bf16700c576f0e6

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
588
date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-yul12822-YUL
server
nginx
x-timer
S1682821193.239142,VS0,VE588
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.khaleejtimes.com
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3C60
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682821192682.1&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112334
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP006
x-33x-status
40000000008200000A
cm
us-u.openx.net/w/1.0/ Frame 58F1
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682821192682.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e6f7b1821046dbce1a798791060df115e0a15ddf2fc2e13f5f9252c54547c005

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
733
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Sun, 30 Apr 2023 02:19:52 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP020
x-33x-status
40000000008200000A
match
cms-xch-chicago.33across.com/ Frame C060
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1685413193%26external_user_id%3Dabb0385f-fb71-4da5-be13-d1ca93d34856
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1685413193&external_user_id=abb0385f-fb71-4da5-be13-d1ca93d34856
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1685413193&external_user_id=abb0385f-fb71-4da5-be13-d1ca93d34856
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1685413193&external_user_id=abb0385f-fb71-4da5-be13-d1ca93d34856
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame C060
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682821192682.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=ZE3QSKiBZz7mrFv9ttLKygAA%261459
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=ZE3QSKiBZz7mrFv9ttLKygAA%261459
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=2&external_user_id=ZE3QSKiBZz7mrFv9ttLKygAA%261459
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
match
events-ssc.33across.com/ Frame C060
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&partner_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26...
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame C060
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=120&xu=Go1CAQPvWv5mMcBHozEv_5U4mb0
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=Go1CAQPvWv5mMcBHozEv_5U4mb0&ts=1682821193&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=Go1CAQPvWv5mMcBHozEv_5U4mb0&ts=1682821193&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=Go1CAQPvWv5mMcBHozEv_5U4mb0&ts=1682821193&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
campaign
ads62.adtelligent.com/tracking/ Frame 6693 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/campaign?code=2001&dae=false&cec=true&speedLog=true&adid=3E5578E936E6B203&cmpId=483421&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6B203&aid=724993&cb=1365257056
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads62.adtelligent.com/tracking/ Frame 6693 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/campaign?code=0&adid=3E5578E936E6B203&cmpId=483421&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6B203&aid=724993&cb=1365257056
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
sync.js
ads62.adtelligent.com/ Frame F6C8 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/sync.js?aid=724993
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6BD99&aid=724993&cb=1305002294
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
25208c6ee960b928d8f697e0eba039bc6206cc9f22d6e2fe96aec93d91129dfd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
993
campaign
ads62.adtelligent.com/tracking/ Frame A363 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/campaign?code=2001&dae=false&cec=true&speedLog=true&adid=3E5578E936E6A4C6&cmpId=483421&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6A4C6&aid=724993&cb=864437270
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads62.adtelligent.com/tracking/ Frame A363 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/campaign?code=0&adid=3E5578E936E6A4C6&cmpId=483421&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6A4C6&aid=724993&cb=864437270
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
pixel
googleads.g.doubleclick.net/xbbe/ Frame F63D 		581 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNWBHTfwVNx6jBnFICfPZmL4JzFNz2xIeDRBopatM57aNXybojpsslhhmcDUdrFMMM6j3BSKSZETJRwx0_SB-b0oajFucikwlR_gupJ6-xwSkhtyEa4
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6B203&aid=724993&cb=1365257056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1aca13a5b24687b2213a2a9d87cbd7f140a6eb4d4db480d4867a81a433813b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
262
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 766C 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6B203&aid=724993&cb=1365257056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:53 GMT
prebid
ox-rtb-europe-west2.openx.net/win/ Frame 766C 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-rtb-europe-west2.openx.net/win/prebid?p=FIRST&t=2DAABBgABAAECAAIBAAsAAgAAAogcGAo5bVFGUkUyanlNHBbr7L2yv-6n3OoBFon74OLnhbTtqgEAHBaf6uW5g6Oyj7QBFtv6we7cp7GB_wEAFozB7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFvK0qqzSz6OHxAEWpf6toe7eot7OAQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFvrZpIAEGAk0NjkzNjU4MzcWisYBFowBJQQWRhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehT4AxTaBAAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUNUanJiQVplbFhWS19lRWtVRlNUZW1ZcnRMMl81NlJjSDFGT0h0NzVuamJOTG5qYWFjb2w4cUg1cUowUDlCSUNxMmFLUVF6T0tWQV9VWU5EYTBHUUZHWkVjNWo3MTFrZDFGZXB1RENqVFBTZjdMQ1ZVJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6B203&aid=724993&cb=1365257056
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.143.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.143.102.34.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 google
server
Cowboy
vary
Origin
content-type
image/gif
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ibl7kn0n6st8o4tt2al48sojcjtuavcv
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 766C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AAEpNNEiBM6Znip_i4kdn93dhJpNOhexrezb2ERc7Lii1AM35C7L7-iPi-2qDPHuhWf_g3jiGiAtMRBvaRHRA_4EK9V4RyBsa1IoCx2GGW7BeP3b4
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6B203&aid=724993&cb=1365257056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 766C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=8905270053501221968&x=9&ct=76
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6B203&aid=724993&cb=1365257056
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fake_image.png
www.khaleejtimes.com/technology/ Frame 6693 		150 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/technology/fake_image.png
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
imio
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
1
x-cache
Error from cloudfront
content-type
text/html
x-iinfo
14-30756958-30756963 PNYN RT(1682821186601 6356) q(0 0 0 -1) r(0 0) U24
cache-control
max-age=60
x-amz-cf-id
JfPe2RodjVy_5HijgVklORGEM6mkpmvZnMhWIwDa643dW3IbZ4YIrw==
expires
60
NRJS-004eae0ecd9d1313a6a
bam.nr-data.net/1/ Frame 00AF 		49 B
513 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-004eae0ecd9d1313a6a?a=1771017370&v=1.230.0&to=YgdWZxRWW0NVW0JfDFtNYUEPGEFCVVtdUxEaD11dDxlFWEQ%3D&rst=3858&ck=0&s=4621b62300517c89&ref=https://coronaliveupdates.khaleejtimes.com/tracker/mini.php&be=393&fe=723&dc=520&perf=%7B%22timing%22:%7B%22of%22:1682821189464,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:25,%22c%22:25,%22s%22:115,%22ce%22:213,%22rq%22:213,%22rp%22:392,%22rpe%22:394,%22dl%22:631,%22di%22:912,%22ds%22:912,%22de%22:912,%22dc%22:1114,%22l%22:1114,%22le%22:1115%7D,%22navigation%22:%7B%7D%7D&fp=853&fcp=853&at=TkBVEVxMSE0%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
close
CF-Ray
7bfc4d6abc9e8c15-EWR
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5EEB 		704 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNUEMhDMjaa1REa9rnstxyxyBwTD_4jp3qQ-ycSOymFy9n0U-mAV9hSN93wuecKTUV6ED1mSFvmnuzAS-bl2HVgAQYG1jkoM0OBQetHf_vWjR_HF8zs
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6A4C6&aid=724993&cb=864437270
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c520fc9cb89d9d15c1d22f682ee51b6c67d9e7c1908e318ed17491d5f0a04d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame EBD5 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6A4C6&aid=724993&cb=864437270
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:53 GMT
prebid
ox-rtb-europe-west2.openx.net/win/ Frame EBD5 		43 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-rtb-europe-west2.openx.net/win/prebid?p=FIRST&t=2DAABBgABAAECAAIBAAsAAgAAAoYcGApFaFY0cUduNWYxHBalxZ3QvsHxgAcWn-6F96XQn6D8AQAcFti4sr7blPfjMBbBrfKM5su2ke4BABaKwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkYWRhZGFigWKBYoFigWjAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQW-tmkgAQWgIiggAQVGBwU9AMU2AQAFQQmjAEWjAEWjAERNQ4mjAE0AgAsLBbtyO3VhPGb3qABFu3cj6CbwrKFkwEAForB7sQMBii82ZiABBbEvpuABBaAiKCABBb62aSABBgJNDY5MzY1ODM3ForGARaMASUEFkYYBzMyMzY1MzQVApa6iokDEREYAk9YDHoU-AMU2gQAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbRjnAWh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ_aWQ9bG9zcyZiZD1BS0FtZi1CaDBNY1NoT1BEanBaYlJvMEpGNTYzQUZEaERRX2VCRnZnWl81WGVGVTBYMmdqTWdfdVhuMUl0WHByUlBoeW1xeUd1OGE1V0VXVlcwbTNGRURReFNLUUd0YURNcDhiNy1XZ3BHZFl0RWs0dEhRczhsVSZsb3NzX3JlYXNvbj0ke0FVQ1RJT05fTE9TU30mcHI9JHtBVUNUSU9OX1BSSUNFfQAAAA&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6A4C6&aid=724993&cb=864437270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.143.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.143.102.34.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
via
1.1 google
server
Cowboy
vary
Origin
content-type
image/gif
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
5tuluitgigm6sj4go6hbokaciug52ees
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EBD5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CxKfpPSmgKkl7YXgSDppMA2V10TIuc8siByAkVBxI5BbBeWJzNeGQOKbAfY0315VFC6Wc1MuVLRy0_9-J2RtCVh00_qMnV-z4jnWpxNz7HCcSLTtU
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6A4C6&aid=724993&cb=864437270
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EBD5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11977372721605668413&x=9&ct=76
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6A4C6&aid=724993&cb=864437270
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fake_image.png
www.khaleejtimes.com/technology/ Frame A363 		150 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/technology/fake_image.png
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6A4C6&aid=724993&cb=864437270
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
imio
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
1
x-cache
Error from cloudfront
content-type
text/html
x-iinfo
14-30756958-30756963 PNYN RT(1682821186601 6377) q(0 0 0 -1) r(0 0) U24
cache-control
max-age=60
x-amz-cf-id
akeznH8mPeSUYRGRoN4XA1sUbtSQOVlODFRjJPEd8rbUunCPwuvozw==
expires
60
setuid
u.4dex.io/ Frame 1B15 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=smart&uid=2403475317176069061&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 1B15
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZE3QSAAGdt3yhgA9&gdpr=0&gdpr_consent=
43 B
513 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZE3QSAAGdt3yhgA9&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

x-served-by
cache-yyz4560-YYZ
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682821193.351795,VS0,VE0
x-cache
HIT
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=94&partneruserid=ZE3QSAAGdt3yhgA9&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
rtb-csync.smartadserver.com/redir/ Frame 1B15
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=1b9b14f4-3cf0-4810-acfb-20126d2da168&gdpr=0
43 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=1b9b14f4-3cf0-4810-acfb-20126d2da168&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=1b9b14f4-3cf0-4810-acfb-20126d2da168&gdpr=0
date
Sun, 30 Apr 2023 02:19:53 GMT
content-length
0
sync.php
demand.trafficroots.com/ Frame 1B15 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 1B15
Redirect Chain
  • https://cms.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=MqGfLmCln3Ip9pwvM6aGe2Cszi4prZsrMPRJgkA5
43 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=MqGfLmCln3Ip9pwvM6aGe2Cszi4prZsrMPRJgkA5
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=43&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&gdpr=0&partneruserid=MqGfLmCln3Ip9pwvM6aGe2Cszi4prZsrMPRJgkA5
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame F089
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:53 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 02:19:53 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7BD1 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4e1bf7541f976ee9%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112334
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 1A61 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e1bf7541f976ee9%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
522c50189bf674504e642a78954b55de0671c5c6a6db66c50291fd31f04eede7

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1649
Content-Type
text/html
Date
Sun, 30 Apr 2023 02:19:53 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 4C8C 		1 KB
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 09 Nov 2027 12:27:06 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
21.090
x-cf-reqid
668c9b1bcb5e518d07782f6da58917bb
x-cf-tsc
1668083227
x-cf1
29080:fD.waw1:co:1585621119:cacheN.waw1-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame B94F 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 9499 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0a2209b30a10e8badec7004d452aa7ccffdc47a91e6eee338e89487ebd2bd1b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7bfc4d6afebea1f2-YYZ
content-encoding
br
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
server
cloudflare
vary
Origin
via
1.1 google
um
u-iad04.e-planning.net/ Frame C427
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dab9c2de71df9c853
  • https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=ab9c2de71df9c853
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=ab9c2de71df9c853
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:53 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:52 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=ab9c2de71df9c853
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-iad04.e-planning.net/ Frame C427
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dab9c2de71df9c853%26uid%3D%24%7BUID%7D
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ab9c2de71df9c853&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ab9c2de71df9c853&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:53 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ab9c2de71df9c853&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
v0nfrpg25f6d9c28sm7fpqdcnmm6h5ec
lotame20230117.js
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame C427 		676 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
gzip
last-modified
Tue, 17 Jan 2023 20:00:05 GMT
server
openresty
etag
W/"63c6fe45-2a4"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 28 Apr 2028 02:19:53 GMT
um
u-iad04.e-planning.net/ Frame C427
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Dab9c2de71df9c853%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=1daea7639bb821f7&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi...
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ab9c2de71df9c853&uid=AAAMERwH02NBjQNjeAUjAAAAAAA&expiration=1682907594&is_secure=true
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ab9c2de71df9c853&uid=AAAMERwH02NBjQNjeAUjAAAAAAA&expiration=1682907594&is_secure=true
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ab9c2de71df9c853&uid=AAAMERwH02NBjQNjeAUjAAAAAAA&expiration=1682907594&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
um
u-iad04.e-planning.net/ Frame C427
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dab9c2de71df9c853%26uid%3D%24UID
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ab9c2de71df9c853&uid=7906230784814628655
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ab9c2de71df9c853&uid=7906230784814628655
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
24acea42-ee21-48e8-9d4c-5f19850b08b5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ab9c2de71df9c853&uid=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-iad04.e-planning.net/ Frame C427
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dab9c2de71df9c853%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ab9c2de71df9c853&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ab9c2de71df9c853&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-34
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ab9c2de71df9c853&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-iad04.e-planning.net/ Frame C427
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dab9c2de71df9c853%26uid%3D%24UID&partner=eplanning
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ab9c2de71df9c853&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ab9c2de71df9c853&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ab9c2de71df9c853&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-store
content-length
0
expires
0
um
sync.e-planning.net/ Frame C427
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
  • https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
date
Sun, 30 Apr 2023 02:19:53 GMT
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame B681 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsujepOTCciqoNP0f0f-FuTzh_GyEz17AeyvAZ2fFT5sSeehjAjSdy8R8P-odgAzACkQ3EbaiNqEFfcSvj-ggw0OnajzjBLsvAAdEJBkApMTDZwy-n-0&sig=Cg0ArKJSzMwiZQkSp14pEAE&id=lidar2&mcvt=1353&p=241,315,491,1285&mtos=1353,1353,1353,1353,1353&tos=1353,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4184082431&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682821191166&rpt=861&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
piggiback.js
adgebra.co.in/afpf/ Frame 4697 		1 KB
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/afpf/piggiback.js?cache_b=3886835381335332000
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/segment.html?p1=5823&p2=&p3=&p4=&p5=&p6=1&p7=%20%20&p8=24553&p9=23043002&p10=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
fa7749f9ed2bd6c466571dfb10f2d42f2f65097b3b27cd6843c77d60e414c281

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://adgebra.co.in/afpf/segment.html?p1=5823&p2=&p3=&p4=&p5=&p6=1&p7=%20%20&p8=24553&p9=23043002&p10=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 19 Apr 2023 16:42:42 GMT
accept-ranges
bytes
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/javascript
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 4CC5 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8QPhpFxDHwNvqORpEYrBwnbXHrPvWrT-gFaZTOT07rtxYAOdxK7tetyKlunz9mC1ygQv5rWPEkomWG4XrSej_dnL5GrQ697ptoakUWxXCMQ1o00In3a5CrZvj-t1shjab9d0I68IAMZsi7qdORmVMWbej8vOEf7IEFYwEssVMSiFT4L4&dbm_d=AKAmf-BjEh_KjAB4SKyyn-wRykM08wElQXhxASEBgsW-BUYZDMd99O-tJjbLAwyUSz5OzNpMkQ_3Gd2soHzzox55x7CPMcx6eGM_FDr16Joh_wDqwmgXUh7iEsDMrmO-iJhKrcsJj48G4DNwR6dZAPVm1biML-2IrS8WnJ5cuZbUce1xhHSUbKcVay4xdmx9AKstiAFe5FCd8wKjHY1xzU91MPnh0-k1KT-hC4XcxOJ3ZoFHYpED19KT9HEVRGGcavNgpLWkcno5j_ah7_8q2K0ZEaInOef6nn1lFUUTHu_ra906yHliZdqSSQ3HUbMnvLrj9qeGRJ-ckqvQJyD_AUtV6nzG0bxDEDQfptoOXfiwlA6MRyfRTcG4a-R8_k75h1g1EiUYE7q0dXr_wT8Gzu4tCcAiteOZ5agfxx-ygKnAvhfruKFxV0N2FgCrIZ_crvuT5FPli8DMlhWBho_PfwytR7AU-Gf4O2-Vp3C7yaxY-mWanC9MgvSDvUb-FDexdMrzj9vXYBS0LmcXj2hMLY82cliSXoeDu4SOCksVI_QTFBlN9Mm5mmWtZrSAKXHKuYstwTreWBQ08i5C5_pUUaMS-DG6bipOVdzmKgqVk_osgEXGjXL36rds75jzbO__1fXHmHV0TnSQXqg8a_iKqa3HJsiKyT2Fe4uX-WNVR5Wk-gIm9fcrHoppiRADOtoEDOkhjaZaUelc432k-hnHvP5ddSvD0c_X3xHBAjlIoqKqOfM6Rllxjj1IKY5RSm3PzixvRvW8yDKDubxMD3ApRieWz1Thagaxt3Viqy5Db3vRA6l_C1ju4t63CY2dV7zvVMY-Q-nHQ4J0_H1-iomFEXOrOPAeK0ed9yLjEcyY0a0H1hyvwg8MzQFrku5ofUBgz8FSUZkD0vB67gP-5Llrg0uOk8za0p6jr1O7Y-AwUuIyvVfeMpCYKoad-YdthYDPnSNF_v8IOUospCy1JahSz4S80NxaOKdTlBrg81OnuQFDzPcq7Sj6CfmDM-0lDyJT2CTcsBGQZtewBkWAmmu--CR6iTmQRfi9_oUKo8GynsYusQTAlcBha02L5QmpK1K_QemBnkmbu09vouv4rsdnH6BhG1cFgyJ2oM_sq5lW5RA_v8GSB1rcYVgk9sW9UGUPH3W8yiZZpeWeshp_emfEfc2bzOKFJio0x0ONRKY6qIlQXsRlkA3zYmz9np3fY0GsS9Y0-LKfJgP4lB8Mgs3BRQfEBdcRpiKlqKM5dcke6ELn93Ay036t8uRKb0XS3WuuPGFGtTlAU_F7ueZoGCBSoskLW7PwyXppZcvjAhPlXJLuiV1IzUC7EFL4gOkaPsr-hgXHCNQUXcGhdNelXvUV9hhWiESXJa_RxE_fOHlFVV5VT9-VEoE2MeXp8gTBG1RyeEvJK50wCdPBF3Q0djL3Gc0r-5i2QSmaJyx9JwqDS9tIV5Ui9gWMLPnb2dwOiw3fu88rQ9i_1rcuSqsqWSSQKJqay7OY7ctRVIoN-4vbvhrebGyagNcCGRIYdNgnVIwX2-pCMYXeIq1KK6R8QYXOsTVbceVQLm5NkhdrcPjOlqk1YMI83LP8BwHyhUFGSjOIO7GafhYr0WMtaKK8-M-2c0ciEOAgJPKv2NsRN0-6JqEkd5QfJ0fAlh9bIkeGMydaUivKUH58P6KbBRygaGYarB4EKybkwJzxZ8U7lzEWe-7r2atuMi7fbmIweY64Moj6ZewV3NcxVEdiOgq5deusBmZAmFOyMXI4-pGLLXxAblUpXsuHSxmKIpwc186pZO5rFQ-mgj34S5S_4YQmqbFqaTAkePokCeS3Lfhrf1AtXXhyHk8aiSSh3e8FrERuuiTbnxj9ob1rdLMrm0H-iO_IEHwqmyVjK38aZsCo48mClh1RVW_zv60MOLwmdiJ7kG-ORzE_NJHLes8kW_C6eehVrm-xo7_zXl0Dk5VSSD93FNJyEhA1-6xYkJt9yIa3GZiTU5Utmei0B-zDNmnhKgPcVBbQY8z7GRf9f1Q2RvUg5vNrPXgJ-q7L43iSL3a_bdIN7IvM3-5R8P08H1yOjEF9gPNF112i8idNlMqpLpqU8HRaMSk4N9f9nNHtZa8dJ72QXCccqJ5N0L82YfAL3FZrd3IlYTG0ttZ7S6UdOg-xyOsm8Md_e_P-PviV927u9gQIB_Ryw-CsZWaZZZLgPbfL1X_lfBHQuvW2YlF_73doU0meAFmAVlzG96R59K8IQ88E4tVbkrAbzCt1qCcOrRTkQpRAQmM2__l2vHE1mtYH_IUcJhgQF7DqPWQigm2Eo-Zmw-kW5UsNU7AeOu_fn_uVhRFXm-qJ59wU8d4Vf_HQNm6xufh7eyGMPHsqOPGmvpU4PvXRmoXC7r9QoK7CaZ7GmIbM1CHKBs39hpN6dS793_8VcLE1wlrcuH9AUwnqApcomujrW-wQLiQcrGQzXHPMpOR6mrbf0XgP61NIAHAgcVnf-6vFcT_xB6HwJZvPCTrhXLF9zUyIfLu_J19kdUlSS3Rxz_Rn6pm3CmwkV6e0eBEmzr2tI4xvfdepMAfFa0qc-Fisp-zsGwlZZ6RSNRECc-PLiYxxoU3WGp6xOHq2vom8wHIlcQ3DiUD7b5EhOrZEbBTezOIKopPVXK7xKWwwYE06GXOCzhrzPMPtiOODu1YISpGLb00vad5FSKIDe6TQJ1lnF9L_z5JZhDI-wbWmTd7SpsMnun_U90wBQUHZkCw2I8GCnYlPervjjwu7x0D_8cmAjVhQNatjqPWgff7SNfrkiyIzmUBHN4YsXAaax5C6S-Ril7dj0WdjevNb24LyebmAZRXye291EyZ7VawVOXJfIpzwpEYwr6qBh5xbSn6BrXO0K27E_sGPAZoJqE3gpnVD7LT9Oe293AIe-ZawEWfaksoKgcfhiQxZqQ-U9lNAhE60FYquhcKdfuihu-koT-mm6tJvvUm6U5yEuCSmu-XWxrhSLx8GJBSdPdC5RTB49-dXgyAiVhv4zAiEhzkG9joSzp7JlfL5_7xolpP2fXxSQ8QiVgA6iP1_aAYcUXalqxMPSEdPdMU8Iz7ArKhHAqb4rv6oIXhVaBxEwBciEk_5zNo-ftjOgOIdMrm5Usl1YO_TLee-ZizITvhVpDboW3rfi6NjsNQ9PqVvAdmafikOUcWKf_Ld0eAIi1lCoC_SKbebStjKMmgx2iIGGZP1qUUT3Eip-Ng112saVqKnCqIg0Q_Obfc5LzMbClZdPSqRAKGMq9ki000LJnE1IuJ85R4UUxRRBY-39khmCE3HvtAz0tC_tIhCDk0nbiIfixbhRbtWmCQzokWqQzSWpuwCV8FRxLuP3bN9F2udKqhaAXKbz0Dv1fAlOm064Jlbv-YCJRyAIVMjza4BYUip02GyIlZ-Er3sgrDp&pr=9%3AAAABh8_1kkN35CQgCn_14eWSWtNGmPfHbYJzpw&cid=CAQSGwBygQiDbt7CYCgXvb3mivu1JlQRn5TC59eOLhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZwcGAozN0R4cmxoNzlzHBbfyr30ltnw0ckBFuHJoqyhvKn3vwEAHBbD17Xqyrvn4WYWr5ORoabCsIOrAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoYBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFvbZpIAEFoCIoIAEFRgcFLAJFMACABUEJoYBFoYBFoYBETUOJoYBNAIALCwWtJ2qz5K089V6FrmRw8rP3dvT9gEAFozB7sQMBii82ZiABBbEvpuABBaAiKCABBb22aSABBgJNDY5MzY2MDk0ForGARaGASUEFkQYBzMyMzY1MzQVApa6iokDEREYAk9YDHoUtAkUxAIAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=6414366815693711000&adk=2453281538&idt=108&cac=0&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
22491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4CC5 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8QPhpFxDHwNvqORpEYrBwnbXHrPvWrT-gFaZTOT07rtxYAOdxK7tetyKlunz9mC1ygQv5rWPEkomWG4XrSej_dnL5GrQ697ptoakUWxXCMQ1o00In3a5CrZvj-t1shjab9d0I68IAMZsi7qdORmVMWbej8vOEf7IEFYwEssVMSiFT4L4&dbm_d=AKAmf-BjEh_KjAB4SKyyn-wRykM08wElQXhxASEBgsW-BUYZDMd99O-tJjbLAwyUSz5OzNpMkQ_3Gd2soHzzox55x7CPMcx6eGM_FDr16Joh_wDqwmgXUh7iEsDMrmO-iJhKrcsJj48G4DNwR6dZAPVm1biML-2IrS8WnJ5cuZbUce1xhHSUbKcVay4xdmx9AKstiAFe5FCd8wKjHY1xzU91MPnh0-k1KT-hC4XcxOJ3ZoFHYpED19KT9HEVRGGcavNgpLWkcno5j_ah7_8q2K0ZEaInOef6nn1lFUUTHu_ra906yHliZdqSSQ3HUbMnvLrj9qeGRJ-ckqvQJyD_AUtV6nzG0bxDEDQfptoOXfiwlA6MRyfRTcG4a-R8_k75h1g1EiUYE7q0dXr_wT8Gzu4tCcAiteOZ5agfxx-ygKnAvhfruKFxV0N2FgCrIZ_crvuT5FPli8DMlhWBho_PfwytR7AU-Gf4O2-Vp3C7yaxY-mWanC9MgvSDvUb-FDexdMrzj9vXYBS0LmcXj2hMLY82cliSXoeDu4SOCksVI_QTFBlN9Mm5mmWtZrSAKXHKuYstwTreWBQ08i5C5_pUUaMS-DG6bipOVdzmKgqVk_osgEXGjXL36rds75jzbO__1fXHmHV0TnSQXqg8a_iKqa3HJsiKyT2Fe4uX-WNVR5Wk-gIm9fcrHoppiRADOtoEDOkhjaZaUelc432k-hnHvP5ddSvD0c_X3xHBAjlIoqKqOfM6Rllxjj1IKY5RSm3PzixvRvW8yDKDubxMD3ApRieWz1Thagaxt3Viqy5Db3vRA6l_C1ju4t63CY2dV7zvVMY-Q-nHQ4J0_H1-iomFEXOrOPAeK0ed9yLjEcyY0a0H1hyvwg8MzQFrku5ofUBgz8FSUZkD0vB67gP-5Llrg0uOk8za0p6jr1O7Y-AwUuIyvVfeMpCYKoad-YdthYDPnSNF_v8IOUospCy1JahSz4S80NxaOKdTlBrg81OnuQFDzPcq7Sj6CfmDM-0lDyJT2CTcsBGQZtewBkWAmmu--CR6iTmQRfi9_oUKo8GynsYusQTAlcBha02L5QmpK1K_QemBnkmbu09vouv4rsdnH6BhG1cFgyJ2oM_sq5lW5RA_v8GSB1rcYVgk9sW9UGUPH3W8yiZZpeWeshp_emfEfc2bzOKFJio0x0ONRKY6qIlQXsRlkA3zYmz9np3fY0GsS9Y0-LKfJgP4lB8Mgs3BRQfEBdcRpiKlqKM5dcke6ELn93Ay036t8uRKb0XS3WuuPGFGtTlAU_F7ueZoGCBSoskLW7PwyXppZcvjAhPlXJLuiV1IzUC7EFL4gOkaPsr-hgXHCNQUXcGhdNelXvUV9hhWiESXJa_RxE_fOHlFVV5VT9-VEoE2MeXp8gTBG1RyeEvJK50wCdPBF3Q0djL3Gc0r-5i2QSmaJyx9JwqDS9tIV5Ui9gWMLPnb2dwOiw3fu88rQ9i_1rcuSqsqWSSQKJqay7OY7ctRVIoN-4vbvhrebGyagNcCGRIYdNgnVIwX2-pCMYXeIq1KK6R8QYXOsTVbceVQLm5NkhdrcPjOlqk1YMI83LP8BwHyhUFGSjOIO7GafhYr0WMtaKK8-M-2c0ciEOAgJPKv2NsRN0-6JqEkd5QfJ0fAlh9bIkeGMydaUivKUH58P6KbBRygaGYarB4EKybkwJzxZ8U7lzEWe-7r2atuMi7fbmIweY64Moj6ZewV3NcxVEdiOgq5deusBmZAmFOyMXI4-pGLLXxAblUpXsuHSxmKIpwc186pZO5rFQ-mgj34S5S_4YQmqbFqaTAkePokCeS3Lfhrf1AtXXhyHk8aiSSh3e8FrERuuiTbnxj9ob1rdLMrm0H-iO_IEHwqmyVjK38aZsCo48mClh1RVW_zv60MOLwmdiJ7kG-ORzE_NJHLes8kW_C6eehVrm-xo7_zXl0Dk5VSSD93FNJyEhA1-6xYkJt9yIa3GZiTU5Utmei0B-zDNmnhKgPcVBbQY8z7GRf9f1Q2RvUg5vNrPXgJ-q7L43iSL3a_bdIN7IvM3-5R8P08H1yOjEF9gPNF112i8idNlMqpLpqU8HRaMSk4N9f9nNHtZa8dJ72QXCccqJ5N0L82YfAL3FZrd3IlYTG0ttZ7S6UdOg-xyOsm8Md_e_P-PviV927u9gQIB_Ryw-CsZWaZZZLgPbfL1X_lfBHQuvW2YlF_73doU0meAFmAVlzG96R59K8IQ88E4tVbkrAbzCt1qCcOrRTkQpRAQmM2__l2vHE1mtYH_IUcJhgQF7DqPWQigm2Eo-Zmw-kW5UsNU7AeOu_fn_uVhRFXm-qJ59wU8d4Vf_HQNm6xufh7eyGMPHsqOPGmvpU4PvXRmoXC7r9QoK7CaZ7GmIbM1CHKBs39hpN6dS793_8VcLE1wlrcuH9AUwnqApcomujrW-wQLiQcrGQzXHPMpOR6mrbf0XgP61NIAHAgcVnf-6vFcT_xB6HwJZvPCTrhXLF9zUyIfLu_J19kdUlSS3Rxz_Rn6pm3CmwkV6e0eBEmzr2tI4xvfdepMAfFa0qc-Fisp-zsGwlZZ6RSNRECc-PLiYxxoU3WGp6xOHq2vom8wHIlcQ3DiUD7b5EhOrZEbBTezOIKopPVXK7xKWwwYE06GXOCzhrzPMPtiOODu1YISpGLb00vad5FSKIDe6TQJ1lnF9L_z5JZhDI-wbWmTd7SpsMnun_U90wBQUHZkCw2I8GCnYlPervjjwu7x0D_8cmAjVhQNatjqPWgff7SNfrkiyIzmUBHN4YsXAaax5C6S-Ril7dj0WdjevNb24LyebmAZRXye291EyZ7VawVOXJfIpzwpEYwr6qBh5xbSn6BrXO0K27E_sGPAZoJqE3gpnVD7LT9Oe293AIe-ZawEWfaksoKgcfhiQxZqQ-U9lNAhE60FYquhcKdfuihu-koT-mm6tJvvUm6U5yEuCSmu-XWxrhSLx8GJBSdPdC5RTB49-dXgyAiVhv4zAiEhzkG9joSzp7JlfL5_7xolpP2fXxSQ8QiVgA6iP1_aAYcUXalqxMPSEdPdMU8Iz7ArKhHAqb4rv6oIXhVaBxEwBciEk_5zNo-ftjOgOIdMrm5Usl1YO_TLee-ZizITvhVpDboW3rfi6NjsNQ9PqVvAdmafikOUcWKf_Ld0eAIi1lCoC_SKbebStjKMmgx2iIGGZP1qUUT3Eip-Ng112saVqKnCqIg0Q_Obfc5LzMbClZdPSqRAKGMq9ki000LJnE1IuJ85R4UUxRRBY-39khmCE3HvtAz0tC_tIhCDk0nbiIfixbhRbtWmCQzokWqQzSWpuwCV8FRxLuP3bN9F2udKqhaAXKbz0Dv1fAlOm064Jlbv-YCJRyAIVMjza4BYUip02GyIlZ-Er3sgrDp&pr=9%3AAAABh8_1kkN35CQgCn_14eWSWtNGmPfHbYJzpw&cid=CAQSGwBygQiDbt7CYCgXvb3mivu1JlQRn5TC59eOLhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZwcGAozN0R4cmxoNzlzHBbfyr30ltnw0ckBFuHJoqyhvKn3vwEAHBbD17Xqyrvn4WYWr5ORoabCsIOrAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoYBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFvbZpIAEFoCIoIAEFRgcFLAJFMACABUEJoYBFoYBFoYBETUOJoYBNAIALCwWtJ2qz5K089V6FrmRw8rP3dvT9gEAFozB7sQMBii82ZiABBbEvpuABBaAiKCABBb22aSABBgJNDY5MzY2MDk0ForGARaGASUEFkQYBzMyMzY1MzQVApa6iokDEREYAk9YDHoUtAkUxAIAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=6414366815693711000&adk=2453281538&idt=108&cac=0&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:53 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 4CC5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8QPhpFxDHwNvqORpEYrBwnbXHrPvWrT-gFaZTOT07rtxYAOdxK7tetyKlunz9mC1ygQv5rWPEkomWG4XrSej_dnL5GrQ697ptoakUWxXCMQ1o00In3a5CrZvj-t1shjab9d0I68IAMZsi7qdORmVMWbej8vOEf7IEFYwEssVMSiFT4L4&dbm_d=AKAmf-BjEh_KjAB4SKyyn-wRykM08wElQXhxASEBgsW-BUYZDMd99O-tJjbLAwyUSz5OzNpMkQ_3Gd2soHzzox55x7CPMcx6eGM_FDr16Joh_wDqwmgXUh7iEsDMrmO-iJhKrcsJj48G4DNwR6dZAPVm1biML-2IrS8WnJ5cuZbUce1xhHSUbKcVay4xdmx9AKstiAFe5FCd8wKjHY1xzU91MPnh0-k1KT-hC4XcxOJ3ZoFHYpED19KT9HEVRGGcavNgpLWkcno5j_ah7_8q2K0ZEaInOef6nn1lFUUTHu_ra906yHliZdqSSQ3HUbMnvLrj9qeGRJ-ckqvQJyD_AUtV6nzG0bxDEDQfptoOXfiwlA6MRyfRTcG4a-R8_k75h1g1EiUYE7q0dXr_wT8Gzu4tCcAiteOZ5agfxx-ygKnAvhfruKFxV0N2FgCrIZ_crvuT5FPli8DMlhWBho_PfwytR7AU-Gf4O2-Vp3C7yaxY-mWanC9MgvSDvUb-FDexdMrzj9vXYBS0LmcXj2hMLY82cliSXoeDu4SOCksVI_QTFBlN9Mm5mmWtZrSAKXHKuYstwTreWBQ08i5C5_pUUaMS-DG6bipOVdzmKgqVk_osgEXGjXL36rds75jzbO__1fXHmHV0TnSQXqg8a_iKqa3HJsiKyT2Fe4uX-WNVR5Wk-gIm9fcrHoppiRADOtoEDOkhjaZaUelc432k-hnHvP5ddSvD0c_X3xHBAjlIoqKqOfM6Rllxjj1IKY5RSm3PzixvRvW8yDKDubxMD3ApRieWz1Thagaxt3Viqy5Db3vRA6l_C1ju4t63CY2dV7zvVMY-Q-nHQ4J0_H1-iomFEXOrOPAeK0ed9yLjEcyY0a0H1hyvwg8MzQFrku5ofUBgz8FSUZkD0vB67gP-5Llrg0uOk8za0p6jr1O7Y-AwUuIyvVfeMpCYKoad-YdthYDPnSNF_v8IOUospCy1JahSz4S80NxaOKdTlBrg81OnuQFDzPcq7Sj6CfmDM-0lDyJT2CTcsBGQZtewBkWAmmu--CR6iTmQRfi9_oUKo8GynsYusQTAlcBha02L5QmpK1K_QemBnkmbu09vouv4rsdnH6BhG1cFgyJ2oM_sq5lW5RA_v8GSB1rcYVgk9sW9UGUPH3W8yiZZpeWeshp_emfEfc2bzOKFJio0x0ONRKY6qIlQXsRlkA3zYmz9np3fY0GsS9Y0-LKfJgP4lB8Mgs3BRQfEBdcRpiKlqKM5dcke6ELn93Ay036t8uRKb0XS3WuuPGFGtTlAU_F7ueZoGCBSoskLW7PwyXppZcvjAhPlXJLuiV1IzUC7EFL4gOkaPsr-hgXHCNQUXcGhdNelXvUV9hhWiESXJa_RxE_fOHlFVV5VT9-VEoE2MeXp8gTBG1RyeEvJK50wCdPBF3Q0djL3Gc0r-5i2QSmaJyx9JwqDS9tIV5Ui9gWMLPnb2dwOiw3fu88rQ9i_1rcuSqsqWSSQKJqay7OY7ctRVIoN-4vbvhrebGyagNcCGRIYdNgnVIwX2-pCMYXeIq1KK6R8QYXOsTVbceVQLm5NkhdrcPjOlqk1YMI83LP8BwHyhUFGSjOIO7GafhYr0WMtaKK8-M-2c0ciEOAgJPKv2NsRN0-6JqEkd5QfJ0fAlh9bIkeGMydaUivKUH58P6KbBRygaGYarB4EKybkwJzxZ8U7lzEWe-7r2atuMi7fbmIweY64Moj6ZewV3NcxVEdiOgq5deusBmZAmFOyMXI4-pGLLXxAblUpXsuHSxmKIpwc186pZO5rFQ-mgj34S5S_4YQmqbFqaTAkePokCeS3Lfhrf1AtXXhyHk8aiSSh3e8FrERuuiTbnxj9ob1rdLMrm0H-iO_IEHwqmyVjK38aZsCo48mClh1RVW_zv60MOLwmdiJ7kG-ORzE_NJHLes8kW_C6eehVrm-xo7_zXl0Dk5VSSD93FNJyEhA1-6xYkJt9yIa3GZiTU5Utmei0B-zDNmnhKgPcVBbQY8z7GRf9f1Q2RvUg5vNrPXgJ-q7L43iSL3a_bdIN7IvM3-5R8P08H1yOjEF9gPNF112i8idNlMqpLpqU8HRaMSk4N9f9nNHtZa8dJ72QXCccqJ5N0L82YfAL3FZrd3IlYTG0ttZ7S6UdOg-xyOsm8Md_e_P-PviV927u9gQIB_Ryw-CsZWaZZZLgPbfL1X_lfBHQuvW2YlF_73doU0meAFmAVlzG96R59K8IQ88E4tVbkrAbzCt1qCcOrRTkQpRAQmM2__l2vHE1mtYH_IUcJhgQF7DqPWQigm2Eo-Zmw-kW5UsNU7AeOu_fn_uVhRFXm-qJ59wU8d4Vf_HQNm6xufh7eyGMPHsqOPGmvpU4PvXRmoXC7r9QoK7CaZ7GmIbM1CHKBs39hpN6dS793_8VcLE1wlrcuH9AUwnqApcomujrW-wQLiQcrGQzXHPMpOR6mrbf0XgP61NIAHAgcVnf-6vFcT_xB6HwJZvPCTrhXLF9zUyIfLu_J19kdUlSS3Rxz_Rn6pm3CmwkV6e0eBEmzr2tI4xvfdepMAfFa0qc-Fisp-zsGwlZZ6RSNRECc-PLiYxxoU3WGp6xOHq2vom8wHIlcQ3DiUD7b5EhOrZEbBTezOIKopPVXK7xKWwwYE06GXOCzhrzPMPtiOODu1YISpGLb00vad5FSKIDe6TQJ1lnF9L_z5JZhDI-wbWmTd7SpsMnun_U90wBQUHZkCw2I8GCnYlPervjjwu7x0D_8cmAjVhQNatjqPWgff7SNfrkiyIzmUBHN4YsXAaax5C6S-Ril7dj0WdjevNb24LyebmAZRXye291EyZ7VawVOXJfIpzwpEYwr6qBh5xbSn6BrXO0K27E_sGPAZoJqE3gpnVD7LT9Oe293AIe-ZawEWfaksoKgcfhiQxZqQ-U9lNAhE60FYquhcKdfuihu-koT-mm6tJvvUm6U5yEuCSmu-XWxrhSLx8GJBSdPdC5RTB49-dXgyAiVhv4zAiEhzkG9joSzp7JlfL5_7xolpP2fXxSQ8QiVgA6iP1_aAYcUXalqxMPSEdPdMU8Iz7ArKhHAqb4rv6oIXhVaBxEwBciEk_5zNo-ftjOgOIdMrm5Usl1YO_TLee-ZizITvhVpDboW3rfi6NjsNQ9PqVvAdmafikOUcWKf_Ld0eAIi1lCoC_SKbebStjKMmgx2iIGGZP1qUUT3Eip-Ng112saVqKnCqIg0Q_Obfc5LzMbClZdPSqRAKGMq9ki000LJnE1IuJ85R4UUxRRBY-39khmCE3HvtAz0tC_tIhCDk0nbiIfixbhRbtWmCQzokWqQzSWpuwCV8FRxLuP3bN9F2udKqhaAXKbz0Dv1fAlOm064Jlbv-YCJRyAIVMjza4BYUip02GyIlZ-Er3sgrDp&pr=9%3AAAABh8_1kkN35CQgCn_14eWSWtNGmPfHbYJzpw&cid=CAQSGwBygQiDbt7CYCgXvb3mivu1JlQRn5TC59eOLhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZwcGAozN0R4cmxoNzlzHBbfyr30ltnw0ckBFuHJoqyhvKn3vwEAHBbD17Xqyrvn4WYWr5ORoabCsIOrAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoYBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFvbZpIAEFoCIoIAEFRgcFLAJFMACABUEJoYBFoYBFoYBETUOJoYBNAIALCwWtJ2qz5K089V6FrmRw8rP3dvT9gEAFozB7sQMBii82ZiABBbEvpuABBaAiKCABBb22aSABBgJNDY5MzY2MDk0ForGARaGASUEFkQYBzMyMzY1MzQVApa6iokDEREYAk9YDHoUtAkUxAIAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=6414366815693711000&adk=2453281538&idt=108&cac=0&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
22492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4CC5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsun316lhcL-5w1HIs4W9QVQWlkHkP8KZtdCFCsYULBvuxBsFinJjvsUSnDWdLwvVDy-7JDJF4e8TGdyWlPVHmMPzfdkVJ6zAd-WfT2PefbpO02PQLsV1wI34uTJvlpGkbKR9za3ZUN7uJgod44iGLgGvG3xRINM7tDQtv2rKjDqwgzefuwHvHBZ3QlVRf4iPZuFoRzejc_YQa0GsgRjdgy3cFPQuCjMQ0T88RPLgYaZSqWe19bz-GNFPX2vvzm66up-VH8oGlSx3Ehs90NrLQ3xiG-ucE23T766zNZeAquwiTUoUHlw3dosnqMETun5iiMTw1nKNb5rm-0D9aIOyqTSk8Tjgg7ZBe4dAQ34j78kAXMCx79l8W8PwB-yCeJrQO9iVf3CRWMUGtXfC83z3qTXS-MkVtl62Ffz-WfuAL7gCwhAfvQgn4S6j4eR5fSu8zGoQ3fOOMzHPmYpmUGRGaO-cf0RXreCPiQpU7kuDuE7zOXVVWdDMsLRiar6eREMyljxQ2iQcat8i0U0NknBT9_mFPC9hbrQM3cqB55IY5HMOCxETralEhatQufnhMkI2O7f5PX8LWzh4JqWKhyktbBe4BnHJIHtspszfCGXNijtQblAHo_Fu8MQ24A10nhNAd0FIPUOYI0GcJgImtGQvZxCbxwRsSO-_VJcwf7GWMsFX2O3PW3lywNdsTg4U1jq_yDIP6Qsztg8I2GQzeP1OYTmaA_hm4tDnTr-oJ-jEKI6hbwQGFtYdi1D9TcL22FshUMi65mlmM-KNvxHu5RPJQSB3T3NKuM0rVYmoUIeZo_yIHfO20iWDtyEHKKg_0Z53rCla6KEpN6qNxMUz-kfdMtwNN90yA6kwVAurkGNe7uC9fn4WvNLbFibkLlkxyBWX5Jo3FcdchlHXFZz5Ucnzqjl1KfKSvItQmXhFS7spBLaWeY41bVR5s8eF3MUZjlSSXYc6kPXbmqy9zrLGmvO5VaNaHROQO5JCOZ_8O1mPMsWTSJ6uL5ZAAC2md4tuHgg5liQ8mBkMthgjVUZRYefQnGI0EBx6TtJKo4lH7CxTI6qR9nMgowc0yzQCoLkpDQjjkOAZbnVgGbFaPnAcV_qvH7SzU_LXm8q4bfjN2Ml_EdBphcm5l0BBc253XK3zN9lH82knxKWmEJQEuYqh0YZyofGUZvtQJ7RmGAy56vGbMCBC2wkG3hP2bmTswrRkA&sai=AMfl-YQhIM7_N04K1oEzoJWSGVce_qUdzYaC7TvXv9YiS6bb2cOyybStTP8tNX7iRIcNyoeyYdez3vaPKpLPe70OXI52bRINRc7W-68vCoVvuF21dbksBzR8gWruM1iSIzaydRCTMJMb92uvK9Gm1Rvck_vIp-DNhIyxsdMIQTjHg6uQlb4ifNg&sig=Cg0ArKJSzOvPyfwg_BtPEAE&uach_m=[UACH]&pr=9:AAABh8_1kkN35CQgCn_14eWSWtNGmPfHbYJzpw&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230426.02613&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8QPhpFxDHwNvqORpEYrBwnbXHrPvWrT-gFaZTOT07rtxYAOdxK7tetyKlunz9mC1ygQv5rWPEkomWG4XrSej_dnL5GrQ697ptoakUWxXCMQ1o00In3a5CrZvj-t1shjab9d0I68IAMZsi7qdORmVMWbej8vOEf7IEFYwEssVMSiFT4L4&dbm_d=AKAmf-BjEh_KjAB4SKyyn-wRykM08wElQXhxASEBgsW-BUYZDMd99O-tJjbLAwyUSz5OzNpMkQ_3Gd2soHzzox55x7CPMcx6eGM_FDr16Joh_wDqwmgXUh7iEsDMrmO-iJhKrcsJj48G4DNwR6dZAPVm1biML-2IrS8WnJ5cuZbUce1xhHSUbKcVay4xdmx9AKstiAFe5FCd8wKjHY1xzU91MPnh0-k1KT-hC4XcxOJ3ZoFHYpED19KT9HEVRGGcavNgpLWkcno5j_ah7_8q2K0ZEaInOef6nn1lFUUTHu_ra906yHliZdqSSQ3HUbMnvLrj9qeGRJ-ckqvQJyD_AUtV6nzG0bxDEDQfptoOXfiwlA6MRyfRTcG4a-R8_k75h1g1EiUYE7q0dXr_wT8Gzu4tCcAiteOZ5agfxx-ygKnAvhfruKFxV0N2FgCrIZ_crvuT5FPli8DMlhWBho_PfwytR7AU-Gf4O2-Vp3C7yaxY-mWanC9MgvSDvUb-FDexdMrzj9vXYBS0LmcXj2hMLY82cliSXoeDu4SOCksVI_QTFBlN9Mm5mmWtZrSAKXHKuYstwTreWBQ08i5C5_pUUaMS-DG6bipOVdzmKgqVk_osgEXGjXL36rds75jzbO__1fXHmHV0TnSQXqg8a_iKqa3HJsiKyT2Fe4uX-WNVR5Wk-gIm9fcrHoppiRADOtoEDOkhjaZaUelc432k-hnHvP5ddSvD0c_X3xHBAjlIoqKqOfM6Rllxjj1IKY5RSm3PzixvRvW8yDKDubxMD3ApRieWz1Thagaxt3Viqy5Db3vRA6l_C1ju4t63CY2dV7zvVMY-Q-nHQ4J0_H1-iomFEXOrOPAeK0ed9yLjEcyY0a0H1hyvwg8MzQFrku5ofUBgz8FSUZkD0vB67gP-5Llrg0uOk8za0p6jr1O7Y-AwUuIyvVfeMpCYKoad-YdthYDPnSNF_v8IOUospCy1JahSz4S80NxaOKdTlBrg81OnuQFDzPcq7Sj6CfmDM-0lDyJT2CTcsBGQZtewBkWAmmu--CR6iTmQRfi9_oUKo8GynsYusQTAlcBha02L5QmpK1K_QemBnkmbu09vouv4rsdnH6BhG1cFgyJ2oM_sq5lW5RA_v8GSB1rcYVgk9sW9UGUPH3W8yiZZpeWeshp_emfEfc2bzOKFJio0x0ONRKY6qIlQXsRlkA3zYmz9np3fY0GsS9Y0-LKfJgP4lB8Mgs3BRQfEBdcRpiKlqKM5dcke6ELn93Ay036t8uRKb0XS3WuuPGFGtTlAU_F7ueZoGCBSoskLW7PwyXppZcvjAhPlXJLuiV1IzUC7EFL4gOkaPsr-hgXHCNQUXcGhdNelXvUV9hhWiESXJa_RxE_fOHlFVV5VT9-VEoE2MeXp8gTBG1RyeEvJK50wCdPBF3Q0djL3Gc0r-5i2QSmaJyx9JwqDS9tIV5Ui9gWMLPnb2dwOiw3fu88rQ9i_1rcuSqsqWSSQKJqay7OY7ctRVIoN-4vbvhrebGyagNcCGRIYdNgnVIwX2-pCMYXeIq1KK6R8QYXOsTVbceVQLm5NkhdrcPjOlqk1YMI83LP8BwHyhUFGSjOIO7GafhYr0WMtaKK8-M-2c0ciEOAgJPKv2NsRN0-6JqEkd5QfJ0fAlh9bIkeGMydaUivKUH58P6KbBRygaGYarB4EKybkwJzxZ8U7lzEWe-7r2atuMi7fbmIweY64Moj6ZewV3NcxVEdiOgq5deusBmZAmFOyMXI4-pGLLXxAblUpXsuHSxmKIpwc186pZO5rFQ-mgj34S5S_4YQmqbFqaTAkePokCeS3Lfhrf1AtXXhyHk8aiSSh3e8FrERuuiTbnxj9ob1rdLMrm0H-iO_IEHwqmyVjK38aZsCo48mClh1RVW_zv60MOLwmdiJ7kG-ORzE_NJHLes8kW_C6eehVrm-xo7_zXl0Dk5VSSD93FNJyEhA1-6xYkJt9yIa3GZiTU5Utmei0B-zDNmnhKgPcVBbQY8z7GRf9f1Q2RvUg5vNrPXgJ-q7L43iSL3a_bdIN7IvM3-5R8P08H1yOjEF9gPNF112i8idNlMqpLpqU8HRaMSk4N9f9nNHtZa8dJ72QXCccqJ5N0L82YfAL3FZrd3IlYTG0ttZ7S6UdOg-xyOsm8Md_e_P-PviV927u9gQIB_Ryw-CsZWaZZZLgPbfL1X_lfBHQuvW2YlF_73doU0meAFmAVlzG96R59K8IQ88E4tVbkrAbzCt1qCcOrRTkQpRAQmM2__l2vHE1mtYH_IUcJhgQF7DqPWQigm2Eo-Zmw-kW5UsNU7AeOu_fn_uVhRFXm-qJ59wU8d4Vf_HQNm6xufh7eyGMPHsqOPGmvpU4PvXRmoXC7r9QoK7CaZ7GmIbM1CHKBs39hpN6dS793_8VcLE1wlrcuH9AUwnqApcomujrW-wQLiQcrGQzXHPMpOR6mrbf0XgP61NIAHAgcVnf-6vFcT_xB6HwJZvPCTrhXLF9zUyIfLu_J19kdUlSS3Rxz_Rn6pm3CmwkV6e0eBEmzr2tI4xvfdepMAfFa0qc-Fisp-zsGwlZZ6RSNRECc-PLiYxxoU3WGp6xOHq2vom8wHIlcQ3DiUD7b5EhOrZEbBTezOIKopPVXK7xKWwwYE06GXOCzhrzPMPtiOODu1YISpGLb00vad5FSKIDe6TQJ1lnF9L_z5JZhDI-wbWmTd7SpsMnun_U90wBQUHZkCw2I8GCnYlPervjjwu7x0D_8cmAjVhQNatjqPWgff7SNfrkiyIzmUBHN4YsXAaax5C6S-Ril7dj0WdjevNb24LyebmAZRXye291EyZ7VawVOXJfIpzwpEYwr6qBh5xbSn6BrXO0K27E_sGPAZoJqE3gpnVD7LT9Oe293AIe-ZawEWfaksoKgcfhiQxZqQ-U9lNAhE60FYquhcKdfuihu-koT-mm6tJvvUm6U5yEuCSmu-XWxrhSLx8GJBSdPdC5RTB49-dXgyAiVhv4zAiEhzkG9joSzp7JlfL5_7xolpP2fXxSQ8QiVgA6iP1_aAYcUXalqxMPSEdPdMU8Iz7ArKhHAqb4rv6oIXhVaBxEwBciEk_5zNo-ftjOgOIdMrm5Usl1YO_TLee-ZizITvhVpDboW3rfi6NjsNQ9PqVvAdmafikOUcWKf_Ld0eAIi1lCoC_SKbebStjKMmgx2iIGGZP1qUUT3Eip-Ng112saVqKnCqIg0Q_Obfc5LzMbClZdPSqRAKGMq9ki000LJnE1IuJ85R4UUxRRBY-39khmCE3HvtAz0tC_tIhCDk0nbiIfixbhRbtWmCQzokWqQzSWpuwCV8FRxLuP3bN9F2udKqhaAXKbz0Dv1fAlOm064Jlbv-YCJRyAIVMjza4BYUip02GyIlZ-Er3sgrDp&pr=9%3AAAABh8_1kkN35CQgCn_14eWSWtNGmPfHbYJzpw&cid=CAQSGwBygQiDbt7CYCgXvb3mivu1JlQRn5TC59eOLhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZwcGAozN0R4cmxoNzlzHBbfyr30ltnw0ckBFuHJoqyhvKn3vwEAHBbD17Xqyrvn4WYWr5ORoabCsIOrAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoYBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFvbZpIAEFoCIoIAEFRgcFLAJFMACABUEJoYBFoYBFoYBETUOJoYBNAIALCwWtJ2qz5K089V6FrmRw8rP3dvT9gEAFozB7sQMBii82ZiABBbEvpuABBaAiKCABBb22aSABBgJNDY5MzY2MDk0ForGARaGASUEFkQYBzMyMzY1MzQVApa6iokDEREYAk9YDHoUtAkUxAIAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=6414366815693711000&adk=2453281538&idt=108&cac=0&dtd=45
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4CC5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8QPhpFxDHwNvqORpEYrBwnbXHrPvWrT-gFaZTOT07rtxYAOdxK7tetyKlunz9mC1ygQv5rWPEkomWG4XrSej_dnL5GrQ697ptoakUWxXCMQ1o00In3a5CrZvj-t1shjab9d0I68IAMZsi7qdORmVMWbej8vOEf7IEFYwEssVMSiFT4L4&dbm_d=AKAmf-BjEh_KjAB4SKyyn-wRykM08wElQXhxASEBgsW-BUYZDMd99O-tJjbLAwyUSz5OzNpMkQ_3Gd2soHzzox55x7CPMcx6eGM_FDr16Joh_wDqwmgXUh7iEsDMrmO-iJhKrcsJj48G4DNwR6dZAPVm1biML-2IrS8WnJ5cuZbUce1xhHSUbKcVay4xdmx9AKstiAFe5FCd8wKjHY1xzU91MPnh0-k1KT-hC4XcxOJ3ZoFHYpED19KT9HEVRGGcavNgpLWkcno5j_ah7_8q2K0ZEaInOef6nn1lFUUTHu_ra906yHliZdqSSQ3HUbMnvLrj9qeGRJ-ckqvQJyD_AUtV6nzG0bxDEDQfptoOXfiwlA6MRyfRTcG4a-R8_k75h1g1EiUYE7q0dXr_wT8Gzu4tCcAiteOZ5agfxx-ygKnAvhfruKFxV0N2FgCrIZ_crvuT5FPli8DMlhWBho_PfwytR7AU-Gf4O2-Vp3C7yaxY-mWanC9MgvSDvUb-FDexdMrzj9vXYBS0LmcXj2hMLY82cliSXoeDu4SOCksVI_QTFBlN9Mm5mmWtZrSAKXHKuYstwTreWBQ08i5C5_pUUaMS-DG6bipOVdzmKgqVk_osgEXGjXL36rds75jzbO__1fXHmHV0TnSQXqg8a_iKqa3HJsiKyT2Fe4uX-WNVR5Wk-gIm9fcrHoppiRADOtoEDOkhjaZaUelc432k-hnHvP5ddSvD0c_X3xHBAjlIoqKqOfM6Rllxjj1IKY5RSm3PzixvRvW8yDKDubxMD3ApRieWz1Thagaxt3Viqy5Db3vRA6l_C1ju4t63CY2dV7zvVMY-Q-nHQ4J0_H1-iomFEXOrOPAeK0ed9yLjEcyY0a0H1hyvwg8MzQFrku5ofUBgz8FSUZkD0vB67gP-5Llrg0uOk8za0p6jr1O7Y-AwUuIyvVfeMpCYKoad-YdthYDPnSNF_v8IOUospCy1JahSz4S80NxaOKdTlBrg81OnuQFDzPcq7Sj6CfmDM-0lDyJT2CTcsBGQZtewBkWAmmu--CR6iTmQRfi9_oUKo8GynsYusQTAlcBha02L5QmpK1K_QemBnkmbu09vouv4rsdnH6BhG1cFgyJ2oM_sq5lW5RA_v8GSB1rcYVgk9sW9UGUPH3W8yiZZpeWeshp_emfEfc2bzOKFJio0x0ONRKY6qIlQXsRlkA3zYmz9np3fY0GsS9Y0-LKfJgP4lB8Mgs3BRQfEBdcRpiKlqKM5dcke6ELn93Ay036t8uRKb0XS3WuuPGFGtTlAU_F7ueZoGCBSoskLW7PwyXppZcvjAhPlXJLuiV1IzUC7EFL4gOkaPsr-hgXHCNQUXcGhdNelXvUV9hhWiESXJa_RxE_fOHlFVV5VT9-VEoE2MeXp8gTBG1RyeEvJK50wCdPBF3Q0djL3Gc0r-5i2QSmaJyx9JwqDS9tIV5Ui9gWMLPnb2dwOiw3fu88rQ9i_1rcuSqsqWSSQKJqay7OY7ctRVIoN-4vbvhrebGyagNcCGRIYdNgnVIwX2-pCMYXeIq1KK6R8QYXOsTVbceVQLm5NkhdrcPjOlqk1YMI83LP8BwHyhUFGSjOIO7GafhYr0WMtaKK8-M-2c0ciEOAgJPKv2NsRN0-6JqEkd5QfJ0fAlh9bIkeGMydaUivKUH58P6KbBRygaGYarB4EKybkwJzxZ8U7lzEWe-7r2atuMi7fbmIweY64Moj6ZewV3NcxVEdiOgq5deusBmZAmFOyMXI4-pGLLXxAblUpXsuHSxmKIpwc186pZO5rFQ-mgj34S5S_4YQmqbFqaTAkePokCeS3Lfhrf1AtXXhyHk8aiSSh3e8FrERuuiTbnxj9ob1rdLMrm0H-iO_IEHwqmyVjK38aZsCo48mClh1RVW_zv60MOLwmdiJ7kG-ORzE_NJHLes8kW_C6eehVrm-xo7_zXl0Dk5VSSD93FNJyEhA1-6xYkJt9yIa3GZiTU5Utmei0B-zDNmnhKgPcVBbQY8z7GRf9f1Q2RvUg5vNrPXgJ-q7L43iSL3a_bdIN7IvM3-5R8P08H1yOjEF9gPNF112i8idNlMqpLpqU8HRaMSk4N9f9nNHtZa8dJ72QXCccqJ5N0L82YfAL3FZrd3IlYTG0ttZ7S6UdOg-xyOsm8Md_e_P-PviV927u9gQIB_Ryw-CsZWaZZZLgPbfL1X_lfBHQuvW2YlF_73doU0meAFmAVlzG96R59K8IQ88E4tVbkrAbzCt1qCcOrRTkQpRAQmM2__l2vHE1mtYH_IUcJhgQF7DqPWQigm2Eo-Zmw-kW5UsNU7AeOu_fn_uVhRFXm-qJ59wU8d4Vf_HQNm6xufh7eyGMPHsqOPGmvpU4PvXRmoXC7r9QoK7CaZ7GmIbM1CHKBs39hpN6dS793_8VcLE1wlrcuH9AUwnqApcomujrW-wQLiQcrGQzXHPMpOR6mrbf0XgP61NIAHAgcVnf-6vFcT_xB6HwJZvPCTrhXLF9zUyIfLu_J19kdUlSS3Rxz_Rn6pm3CmwkV6e0eBEmzr2tI4xvfdepMAfFa0qc-Fisp-zsGwlZZ6RSNRECc-PLiYxxoU3WGp6xOHq2vom8wHIlcQ3DiUD7b5EhOrZEbBTezOIKopPVXK7xKWwwYE06GXOCzhrzPMPtiOODu1YISpGLb00vad5FSKIDe6TQJ1lnF9L_z5JZhDI-wbWmTd7SpsMnun_U90wBQUHZkCw2I8GCnYlPervjjwu7x0D_8cmAjVhQNatjqPWgff7SNfrkiyIzmUBHN4YsXAaax5C6S-Ril7dj0WdjevNb24LyebmAZRXye291EyZ7VawVOXJfIpzwpEYwr6qBh5xbSn6BrXO0K27E_sGPAZoJqE3gpnVD7LT9Oe293AIe-ZawEWfaksoKgcfhiQxZqQ-U9lNAhE60FYquhcKdfuihu-koT-mm6tJvvUm6U5yEuCSmu-XWxrhSLx8GJBSdPdC5RTB49-dXgyAiVhv4zAiEhzkG9joSzp7JlfL5_7xolpP2fXxSQ8QiVgA6iP1_aAYcUXalqxMPSEdPdMU8Iz7ArKhHAqb4rv6oIXhVaBxEwBciEk_5zNo-ftjOgOIdMrm5Usl1YO_TLee-ZizITvhVpDboW3rfi6NjsNQ9PqVvAdmafikOUcWKf_Ld0eAIi1lCoC_SKbebStjKMmgx2iIGGZP1qUUT3Eip-Ng112saVqKnCqIg0Q_Obfc5LzMbClZdPSqRAKGMq9ki000LJnE1IuJ85R4UUxRRBY-39khmCE3HvtAz0tC_tIhCDk0nbiIfixbhRbtWmCQzokWqQzSWpuwCV8FRxLuP3bN9F2udKqhaAXKbz0Dv1fAlOm064Jlbv-YCJRyAIVMjza4BYUip02GyIlZ-Er3sgrDp&pr=9%3AAAABh8_1kkN35CQgCn_14eWSWtNGmPfHbYJzpw&cid=CAQSGwBygQiDbt7CYCgXvb3mivu1JlQRn5TC59eOLhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZwcGAozN0R4cmxoNzlzHBbfyr30ltnw0ckBFuHJoqyhvKn3vwEAHBbD17Xqyrvn4WYWr5ORoabCsIOrAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoYBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFvbZpIAEFoCIoIAEFRgcFLAJFMACABUEJoYBFoYBFoYBETUOJoYBNAIALCwWtJ2qz5K089V6FrmRw8rP3dvT9gEAFozB7sQMBii82ZiABBbEvpuABBaAiKCABBb22aSABBgJNDY5MzY2MDk0ForGARaGASUEFkQYBzMyMzY1MzQVApa6iokDEREYAk9YDHoUtAkUxAIAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=6414366815693711000&adk=2453281538&idt=108&cac=0&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 17:25:31 GMT
4705202056439302842
s0.2mdn.net/simgad/ Frame 4CC5 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4705202056439302842
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dc63db2627b9a19ef528d57af329aa3bbb7477384987e49a8639a8c95d60e0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 02:20:43 GMT
x-content-type-options
nosniff
age
86350
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12364
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 14:54:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 02:20:43 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2F32 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDD3SkmZHMDUliGAmH7Xf1Nhhu97pc55o-RRsTNmvSgDaeEG83l8G8peDqILbOwM1yjPnkcVftjzPzz9xXH84xc3jfM3H_2dL-vuw4MIp4C4eNPn56g97_8EmKxkTbNtwFZchri0q-56zeBmlvRoDjLfmoXovqHqkyEWh8LYpy0eBcLpF8MVXe6WFs1W9RQyisManDSAK3g3XZsFmlz0wkUkjCdXPvzf2gwvWNDWoTkWNd-RpMsYKF-KkW_TZqQYv_KGvIpsmuuCxhqOu5SC1I_cNfR4GsuQyeMDNfNbmS5NwgjTI3uvzjp4QXwqlqRxaJTphRRVo-FTo1L7M&sai=AMfl-YS2YI4YBqPlgBrxrwKqmMocx8QxwCXw-PA_2gA2jjijt1LWGduc6RDDZPtW590i2XP-t_Ke8Vwa43AANr3x7jhpPUkplg1LPO6ko0q6iBW1HTZ1M8ZUtsljVlqiAQ&sig=Cg0ArKJSzC6gJTIURfTDEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
ads62.adtelligent.com/display/ Frame 2F32 		29 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/display/?adid=3E5578E936E6D02F&aid=724993&cb=750714413
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
dab3471b48b306859bda71528fb04d8476669dedbdcf718dfe3fe4f7fc2a3d2b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
12848
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2F32 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:53 GMT
setuid
u.4dex.io/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58675/occ?gdpr=0&gdpr_consent=
  • https://u.4dex.io/setuid?bidder=yahoo&uid=y-8DjIHPVE2uFR2uOKsW4OC9XCm9FhSq2QU9djzEU-~A&gdpr=0
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=yahoo&uid=y-8DjIHPVE2uFR2uOKsW4OC9XCm9FhSq2QU9djzEU-~A&gdpr=0
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

location
https:///u.4dex.io/setuid?bidder=yahoo&uid=y-8DjIHPVE2uFR2uOKsW4OC9XCm9FhSq2QU9djzEU-~A&gdpr=0
date
Sun, 30 Apr 2023 02:19:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
u.4dex.io/
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://u.4dex.io/setuid?bidder=sovrn&uid=GkJrZBZH2ygXJcZOSOi_0W40
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=sovrn&uid=GkJrZBZH2ygXJcZOSOi_0W40
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://u.4dex.io/setuid?bidder=sovrn&uid=GkJrZBZH2ygXJcZOSOi_0W40
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
clarity.js
www.clarity.ms/s/0.7.6/ Frame E88F 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.6/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/f8fc1g715j
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
content-encoding
br
last-modified
Fri, 28 Apr 2023 17:12:38 GMT
x-azure-ref-originshield
0CTxNZAAAAABIy0IuuEfTQq+QVF+ZJb5jTU5aMjIxMDYwNjExMDQ5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DB480BC4980B73"
x-azure-ref
0SdBNZAAAAADeVS2uVJ5wS4pRqRuH3anTWVRPMjIxMDkwODE5MDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
2c70f71b-a01e-003d-321a-7a58c0000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
c.gif
c.clarity.ms/ Frame E88F
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=08CFC161E8804E15B43BC8D2AFA59F8F&RedC=c.clarity.ms&MXFR=34648C04CB6463E411599F07CF646DCC
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=08CFC161E8804E15B43BC8D2AFA59F8F&MUID=34776753A8676F3A3F9E7450A9B16EC5
42 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=08CFC161E8804E15B43BC8D2AFA59F8F&MUID=34776753A8676F3A3F9E7450A9B16EC5
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://play.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
last-modified
Mon, 24 Apr 2023 08:10:59 GMT
server
Microsoft-IIS/10.0
etag
"eca874d8476d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 86F6BE020799428B9D50B557AB0F79B6 Ref B: YMQ01EDGE0421 Ref C: 2023-04-30T02:19:53Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=08CFC161E8804E15B43BC8D2AFA59F8F&MUID=34776753A8676F3A3F9E7450A9B16EC5
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame F6C8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOfNCgdea-HH2zcCkYSdLDi2jY3lmCjDHe_4t2aGNnO1w05BaqQWfTMSH5Xh5OGzGlWG5z6Mtl9qinm6FUmEm-CRsXh_icEV46tsShKXkaAiG6iyD14myMy1uGEZ1IGdIwo01wqPQIXDrOfKp88hRp9EGTwFaLhS2BWSy3xz6VoGkrjpqtmUY15AW1oK3z_oEOMbEl3KS17nZ77PEjQrK2h_2-CrmnTK5rW1bNRfWEcUKS3r7MlVJcmslMIB3Ay0EfM36Omxv2pU3pxdlOz_AcI5BQFEbnPsbUTUPMnVN7eNSh_pHc6EkCRv95p8wUNz-b64JJklnD9eghK0-M0w&sai=AMfl-YTq_Us4xOcTjJ3hYl6kwuRnDspl5fKYqvfSOP86DV83EvH0s-FmLNJOiC7VFrokLYhk2WhJ7GLohuPWhJPlRolrekFsEGJw_Qo9TyE_iXVwCUYr0OfP3O1-szHHcA&sig=Cg0ArKJSzLWta2JJJmeYEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:53 GMT
truncated
/ Frame F6C8 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4927f5f8d353eba6cb4f6177085d67b4b72a5ded8c59bacef7081f90e17e5764

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
/
servx.playstream.media/api/adserver/vast3/ Frame 89BF 		131 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://servx.playstream.media/api/adserver/vast3/?AV_PUBLISHERID=631834db55e9564951409ee5&AV_CHANNELID=633bf016a4c8d47b685fec86&AV_URL=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&cb=cebceb4b-2f4b-4818-b1b7-037cd1d05567&AV_WIDTH=300&AV_HEIGHT=250&logo=false&hidevpaid=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.100.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-100-191.compute-1.amazonaws.com
Software
/
Resource Hash
86b85472e101535843a1a3b428c3a1d4bed6446a67d0f14925496783946957dc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://imasdk.googleapis.com
content-type
application/xml
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Tue, 18 Apr 2023 12:33:13 GMT
campaign
ads62.adtelligent.com/tracking/ Frame F6C8 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/campaign?code=2001&dae=false&cec=true&speedLog=true&adid=3E5578E936E6BD99&cmpId=483421&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6BD99&aid=724993&cb=1305002294
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads62.adtelligent.com/tracking/ Frame F6C8 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/campaign?code=0&adid=3E5578E936E6BD99&cmpId=483421&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6BD99&aid=724993&cb=1305002294
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
impression
ads62.adtelligent.com/tracking/ Frame 6693 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/impression?creativeType=&inViewEnabled=undefined&inViewEvent=undefined&inViewSec=undefined&width=0&height=0&cmpId=483421&nestedLevel=0&tti=1827&ttiFromStart=356&isHeadless=false&adid=3E5578E936E6B203&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6B203&aid=724993&cb=1365257056
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
pixel
googleads.g.doubleclick.net/xbbe/ Frame EFD4 		503 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiW5OffATAB&v=APEucNWEe5qU9mw_plYD3CBPaom5J_UQLIGoQnk9pRJwmsDwR820hYLNLnDujTTkDi8I6sEcPv0QXwsYPqyXKwH3XEcBUaa89g0G-GL0j2q_xN9XNC5mSVE
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6BD99&aid=724993&cb=1305002294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58644b7dfa826a3291e2e5d6c2974b47906616e1aa03a2f757fdd1bde7796621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
198
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame BA8E 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6BD99&aid=724993&cb=1305002294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:53 GMT
prebid
ox-rtb-europe-west2.openx.net/win/ Frame BA8E 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-rtb-europe-west2.openx.net/win/prebid?p=FIRST&t=2DAABBgABAAECAAIBAAsAAgAAAoUcGApnNXdoM3dzMXppHBaB3aXO4_Xq_1MWwc65k_7O5rOkAQAcFpaEorL-_uevSRbTiKOB-bXCzZoBABaMwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkIWQhZCFigWKBYoFigWhAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQWgtqkgAQWgIiggAQVGBwUtAEUsAsAFQQmhAEWhAEWhAERNQ4mhAE0AgAsLBbqjbqnzvL95CkW7ZmSrOzq-dW7AQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFoLapIAEGAk0NjkzNjUyNzAWisYBFoQBJQQWQhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehS4ARSEBgAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUFoT01XNkJfR0VqUXdDN2N6eXZ0Y3NDVXROY0VNRjZIa2JLWS1na0F6SXpSZ2l6WW9HdjNJNi1PYVBjWmZxRHZsaXVKVHQ0b2FMY29qMWpRcEhVLWhZbDNlTzdGVTlyZG1VMldEZ2tkTTZyeE0yQWpJJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6BD99&aid=724993&cb=1305002294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.143.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.143.102.34.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
via
1.1 google
server
Cowboy
vary
Origin
content-type
image/gif
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
dcaub0dlnmvmgjeav2j382go28an9ok7
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA8E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BzjtGnjGwBiQ_TSllsDsRoAd_2DyZf-VBfsAFic9f30gQm49F4YET4s-eZoF4tK0F8IQ1jkK9Zt_Igv_21dTEH-qozQtqDFhDUucLsoHCwMgra2tE
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6BD99&aid=724993&cb=1305002294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA8E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17382755063370141290&x=9&ct=76
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6BD99&aid=724993&cb=1305002294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fake_image.png
www.khaleejtimes.com/technology/ Frame F6C8 		150 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/technology/fake_image.png
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6BD99&aid=724993&cb=1305002294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
imio
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
1
x-cache
Error from cloudfront
content-type
text/html
x-iinfo
14-30756958-30756963 PNYN RT(1682821186601 6677) q(0 0 0 -1) r(0 0) U24
cache-control
max-age=60
x-amz-cf-id
SRXVokAqF5Ua0r0f5WTnSfoKHj5vdtReUPZqFJ9qewyTLKuNjKVk6Q==
expires
60
csync
sync.console.adtarget.com.tr/ Frame 5BA4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic&tc=1
43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:53 GMT
Etag
7ff839d6e5a54b30
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 30 Apr 2023 02:19:53 GMT Sun, 30 Apr 2023 02:19:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic&tc=1
pragma
no-cache
csync
sync.console.adtarget.com.tr/ Frame AB40
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
43 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:53 GMT
Etag
7ff839d6e5a54b30
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 30 Apr 2023 02:19:53 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
server
nginx
csync
sync.console.adtarget.com.tr/ Frame 37C8
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
43 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:53 GMT
Etag
7ff839d6e5a54b30
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 30 Apr 2023 02:19:53 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
server
nginx
csync
sync.adtelligent.com/ Frame C330
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
7ff839d6e5a54b30
Content-Length
0
impression
ads62.adtelligent.com/tracking/ Frame A363 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/impression?creativeType=&inViewEnabled=undefined&inViewEvent=undefined&inViewSec=undefined&width=0&height=0&cmpId=483421&nestedLevel=0&tti=1900&ttiFromStart=363&isHeadless=false&adid=3E5578E936E6A4C6&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6A4C6&aid=724993&cb=864437270
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
match
events-ssc.33across.com/ Frame 58F1 		68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=70&external_user_id=757819fb-b1fa-0676-372f-43fe8bd89599
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
sync
ups.analytics.yahoo.com/ups/58294/ Frame 58F1 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=2dd7961c-b71b-0cd0-083f-8d24162ff3af
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
458249.gif
idsync.rlcdn.com/ Frame 58F1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=56d56af3-a236-00f9-0461-ccddb817661e
  • https://id.rlcdn.com/1000.gif?memo=CPaqHBIvCisIARCUaxokNTZkNTZhZjMtYTIzNi0wMGY5LTA0NjEtY2NkZGI4MTc2NjFlEAAaDQjKoLeiBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=24a4fb8b72005d282611f8cdeb48f936f2cece8cc3013da3bef2c0ba49c69b1c791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyNGE0ZmI4YjcyMDA1ZDI4MjYxMWY4Y2RlYjQ4ZjkzNmYyY2VjZThjYzMwMTNkYTNiZWYyYzBiYTQ5YzY5YjFjNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyNGE0ZmI4YjcyMDA1ZDI4MjYxMWY4Y2RlYjQ4ZjkzNmYyY2VjZThjYzMwMTNkYTNiZWYyYzBiYTQ5YzY5YjFjNzkxNDI2YjU0MTdkY2UyMRAAGgwIy6C3ogYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=c627d1eb-5899-4018-b4dc-df80b3747a69
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=c627d1eb-5899-4018-b4dc-df80b3747a69
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=c627d1eb-5899-4018-b4dc-df80b3747a69
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 58F1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7906230784814628655
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7906230784814628655
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
09c5eaad-ccb6-4ef0-8304-7e58e361c1d9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 58F1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3464934303237790935&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3464934303237790935&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3464934303237790935&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 58F1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE3QSAAGdt3yhgA9
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE3QSAAGdt3yhgA9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4560-YYZ
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682821194.920683,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZE3QSAAGdt3yhgA9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
97d473d1-ffdd-a4d0-6acf-5adb7edbca8f
pr-bh.ybp.yahoo.com/sync/openx/ Frame 58F1 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/97d473d1-ffdd-a4d0-6acf-5adb7edbca8f?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:6422:e7b:c10:ea7a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 58F1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=5bc569e8-73db-8d63-9b16-ceb9e9bfcc26
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RM2XYNSZX6J8EZ3V9TAK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 58F1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=03131595-6f71-3699-5b18-4c2e818c07c6&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=abb0385f-fb71-4da5-be13-d1ca93d34856&ttd_puid=03131595-6f71-3699-5b18-4c2e818c07c6&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=abb0385f-fb71-4da5-be13-d1ca93d34856&ttd_puid=03131595-6f71-3699-5b18-4c2e818c07c6&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=abb0385f-fb71-4da5-be13-d1ca93d34856&ttd_puid=03131595-6f71-3699-5b18-4c2e818c07c6&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame 58F1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmY3Y2M2NWYtYTYwNi02ODNkLTRlZjgtMTY5NzRiNmVjOWE2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 58F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDy8ChPshv8dJEi20QG_8b8&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDy8ChPshv8dJEi20QG_8b8&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDy8ChPshv8dJEi20QG_8b8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F63D
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=16&user_group=1&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dbidswitch_dbm%26google_hm%3D%24%7BBSW_UID_ENCODED%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=NGU4OGJhZjktNjBkMi00YjdhLTk4MGMtNWMxYzdjNjJkMjdj
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=NGU4OGJhZjktNjBkMi00YjdhLTk4MGMtNWMxYzdjNjJkMjdj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNWBHTfwVNx6jBnFICfPZmL4JzFNz2xIeDRBopatM57aNXybojpsslhhmcDUdrFMMM6j3BSKSZETJRwx0_SB-b0oajFucikwlR_gupJ6-xwSkhtyEa4
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_hm=NGU4OGJhZjktNjBkMi00YjdhLTk4MGMtNWMxYzdjNjJkMjdj
Date
Sun, 30 Apr 2023 02:19:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame F63D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDy8ChPshv8dJEi20QG_8b8&google_cver=1&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDy8ChPshv8dJEi20QG_8b8&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNWBHTfwVNx6jBnFICfPZmL4JzFNz2xIeDRBopatM57aNXybojpsslhhmcDUdrFMMM6j3BSKSZETJRwx0_SB-b0oajFucikwlR_gupJ6-xwSkhtyEa4
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDy8ChPshv8dJEi20QG_8b8&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
306
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F63D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=0&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmY3Y2M2NWYtYTYwNi02ODNkLTRlZjgtMTY5NzRiNmVjOWE2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmY3Y2M2NWYtYTYwNi02ODNkLTRlZjgtMTY5NzRiNmVjOWE2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNWBHTfwVNx6jBnFICfPZmL4JzFNz2xIeDRBopatM57aNXybojpsslhhmcDUdrFMMM6j3BSKSZETJRwx0_SB-b0oajFucikwlR_gupJ6-xwSkhtyEa4
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmY3Y2M2NWYtYTYwNi02ODNkLTRlZjgtMTY5NzRiNmVjOWE2
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 5EEB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm&gdpr=0
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&piggybackCookie=CAESEIuCokoupdqAG3MACwWQAUg&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&piggybackCookie=CAESEIuCokoupdqAG3MACwWQAUg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNUEMhDMjaa1REa9rnstxyxyBwTD_4jp3qQ-ycSOymFy9n0U-mAV9hSN93wuecKTUV6ED1mSFvmnuzAS-bl2HVgAQYG1jkoM0OBQetHf_vWjR_HF8zs
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&piggybackCookie=CAESEIuCokoupdqAG3MACwWQAUg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
361
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5EEB
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&gdpr=0&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_co...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDI1MTQ2QTctRkE1QS00NEUyLTgwNzQtRjFBMzA3NERFNjdD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNUEMhDMjaa1REa9rnstxyxyBwTD_4jp3qQ-ycSOymFy9n0U-mAV9hSN93wuecKTUV6ED1mSFvmnuzAS-bl2HVgAQYG1jkoM0OBQetHf_vWjR_HF8zs
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 5EEB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.teads.tv/um?eid=3&uid=CAESEHxKKXFT3JOcmWrvBDwcI_8&google_cver=1&gdpr=0
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEHxKKXFT3JOcmWrvBDwcI_8&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNUEMhDMjaa1REa9rnstxyxyBwTD_4jp3qQ-ycSOymFy9n0U-mAV9hSN93wuecKTUV6ED1mSFvmnuzAS-bl2HVgAQYG1jkoM0OBQetHf_vWjR_HF8zs
Protocol
H2
Server
72.247.69.164 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-69-164.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires
Sun, 30 Apr 2023 02:19:54 GMT
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEHxKKXFT3JOcmWrvBDwcI_8&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
292
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5EEB
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&gdpr=0&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDJjYjg2MTctZGZhOS00YmVkLTgxMmUtZDViZWE2NTE1MDQ5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDJjYjg2MTctZGZhOS00YmVkLTgxMmUtZDViZWE2NTE1MDQ5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNUEMhDMjaa1REa9rnstxyxyBwTD_4jp3qQ-ycSOymFy9n0U-mAV9hSN93wuecKTUV6ED1mSFvmnuzAS-bl2HVgAQYG1jkoM0OBQetHf_vWjR_HF8zs
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
server
akka-http/10.2.10
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=ZDJjYjg2MTctZGZhOS00YmVkLTgxMmUtZDViZWE2NTE1MDQ5
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sun, 30 Apr 2023 02:19:54 GMT
csync
sync.console.adtarget.com.tr/ Frame CD99
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic&tc=1
43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:53 GMT
Etag
7ff839d6e5a54b30
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 30 Apr 2023 02:19:54 GMT Sun, 30 Apr 2023 02:19:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic&tc=1
pragma
no-cache
csync
sync.console.adtarget.com.tr/ Frame 4388
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
43 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:53 GMT
Etag
7ff839d6e5a54b30
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 30 Apr 2023 02:19:53 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
server
nginx
csync
sync.console.adtarget.com.tr/ Frame 3415
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
43 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:53 GMT
Etag
7ff839d6e5a54b30
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 30 Apr 2023 02:19:53 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
server
nginx
csync
sync.adtelligent.com/ Frame 85C8
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
7ff839d6e5a54b30
Content-Length
0
usync.html
eus.rubiconproject.com/ Frame 8462
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:53 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 02:19:53 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 78A2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112334
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 6016 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
4a7e514fe83f6c1ae141940885cd60d4b015afeb06060d2e9fd25948111b83de

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1742
Content-Type
text/html
Date
Sun, 30 Apr 2023 02:19:53 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame F2C8 		1 KB
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 09 Nov 2027 12:27:06 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
21.090
x-cf-reqid
36ba9fcd93b036b96e2f9c602618e952
x-cf-tsc
1668083227
x-cf1
29080:fD.waw1:co:1585621119:cacheN.waw1-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame C3DA 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 39E0 		229 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1f54db519952f15cdfe918183fbcf04b56f390cfdf362d477146c27e8fb9641

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7bfc4d6ca9e7a1f2-YYZ
content-encoding
br
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
server
cloudflare
vary
Origin
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame F089 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 17:49:36 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=55761
content-length
10020
expires
Sun, 30 Apr 2023 17:49:14 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EAE9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112334
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame C513 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame 3B3B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
Etag
91de8cda0809327e
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
csync
sync.adtelligent.com/ Frame 3B3B 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif
match
events-ssc.33across.com/ Frame 2D88
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1682821193045.1&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dg%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=7906230784814628655
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=7906230784814628655
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a2583fec-6945-4219-bb4e-5fb37e8ba23b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=90&external_user_id=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
events-ssc.33across.com/ Frame 2D88
Redirect Chain
  • https://cs.admanmedia.com/ad78321e103d19bf85068e7bf407c77f.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D121%26us_privacy%3D%26xu%3D%5BUID%5D
  • https://ssc-cms.33across.com/ps/?xi=121&us_privacy=&xu=611927c9-b19d-413e-a399-edc6a02241e2
  • https://events-ssc.33across.com/match?bidder_id=121&external_user_id=611927c9-b19d-413e-a399-edc6a02241e2&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=121&external_user_id=611927c9-b19d-413e-a399-edc6a02241e2&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=121&external_user_id=611927c9-b19d-413e-a399-edc6a02241e2&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 2D88
Redirect Chain
  • https://sync.1rx.io/usersync2/33across?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3D%5BRX_UUID%5D
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3DRX-25e123c1...
  • https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
  • https://events-ssc.33across.com/match?bidder_id=43&external_user_id=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=43&external_user_id=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=43&external_user_id=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 2D88
Redirect Chain
  • https://csync.loopme.me/?pubid=11575&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D122%26us_privacy%3D%26xu%3D%7Bviewer_token%7D
  • https://ssc-cms.33across.com/ps/?xi=122&us_privacy=&xu=92e3d4d5-9716-4f5e-b708-bda9da8c9680&gdpr_consent=null&gdpr=0
  • https://events-ssc.33across.com/match?bidder_id=122&external_user_id=92e3d4d5-9716-4f5e-b708-bda9da8c9680&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=122&external_user_id=92e3d4d5-9716-4f5e-b708-bda9da8c9680&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=122&external_user_id=92e3d4d5-9716-4f5e-b708-bda9da8c9680&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 2D88
Redirect Chain
  • https://pxl.iqm.com/i/ck/ttacross?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D123%26ts%3D1682821193045.5%26us_privacy%3D%26xu%3D%5BPUID%5D
  • https://ssc-cms.33across.com/ps/?xi=123&ts=1682821193045.5&us_privacy=&xu=b5b970f6-4794-4043-a6b9-526dc1551fab
  • https://events-ssc.33across.com/match?bidder_id=123&external_user_id=b5b970f6-4794-4043-a6b9-526dc1551fab&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=123&external_user_id=b5b970f6-4794-4043-a6b9-526dc1551fab&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=123&external_user_id=b5b970f6-4794-4043-a6b9-526dc1551fab&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 2D88
Redirect Chain
  • https://match.deepintent.com/usersync/149?us_privacy=
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=75&xu=di_bb7fe3469a6e4f3c81420
  • https://events-ssc.33across.com/match?bidder_id=75&external_user_id=di_bb7fe3469a6e4f3c81420&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=75&external_user_id=di_bb7fe3469a6e4f3c81420&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=75&external_user_id=di_bb7fe3469a6e4f3c81420&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
onetag-sys.com/usync/ Frame 2E33 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C301 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112334
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 8483
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
Etag
91de8cda0809327e
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
csync
sync.adtelligent.com/ Frame 8483 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:52 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif
index_0_250_00000.ts
streaming.playstream.media/storage/videos/a5301896-69c2-45a9-8679-350f7be44cf6/ 		509 KB
510 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/a5301896-69c2-45a9-8679-350f7be44cf6/index_0_250_00000.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
607979871888d521fe865871b1140d79e5e740487d40091cf30fe37c8185bf56

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 30 Apr 2023 02:19:53 GMT
cdn-edgestorageid
1067
cdn-cachedat
04/15/2023 07:25:48
cdn-pullzone
1024237
content-length
520760
last-modified
Sat, 15 Apr 2023 07:14:36 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"643a4edc-7f238"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
369c1c50ec6506f842f204a4bb837593
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
spot.js
adgebra.co.in/AdServing/ 		38 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/AdServing/spot.js?p1=5823&p2=24553&p3=UAE%20news%2C%20Dubai%20news%2C%20coronavirus%2C%20Microsoft%2C%20SolarWind%2C%20malicious%20software!Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%20%20Khaleej%20Times%20Microsoft%20Corp%20said%20on%20Thursday%20it%20found%20malicious%20software%20in%20its%20systems%20related%20to%20a%20massive%20hacking%20campaign%20disclosed%20by%20US%20officials%20this%20week%2C%20addin..%20&p4=23043002&flytxt=313&preferurl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&neg=0&p5=&p8=&p10=&p12=_&p11=7&DC=2&p15=0&p16=&dynamic_trg=is_safe%3Dunsafe%40_%23flags%3Dcontroversial%40_%23cSafe%3Dcontroversial
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/afpf/afpfChild.js?hrId=2023043002
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
33b6da556107d63d603d250677b6e297ecb92d7d0c351d95228d9cd84cc5bd79

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 27 Apr 2023 16:31:54 GMT
etag
W/"39307-1682613114000"
vary
accept-encoding
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
Content-Type, Accept, X-Requested-With,Origin, Control-Request-Method,remember-me, Access-Control-Request-Headers,Authorization, x-auth-token
setuid
u.4dex.io/ Frame C9BB
Redirect Chain
  • https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=onfocus&khaos=LH2SAEWK-1A-5ERB
  • https://u.4dex.io/setuid?bidder=rubicon&uid=LH2SAEWK-1A-5ERB
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=rubicon&uid=LH2SAEWK-1A-5ERB
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://u.4dex.io/setuid?bidder=rubicon&uid=LH2SAEWK-1A-5ERB
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Expires
0
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame E255 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRnuitxa1GHKh0bM2yCkr9KDwdggiwkz-06O-v5BIyNcO38RxplWsx3FOMV1oFNxUN2nW0kI-TK0lQgIEJQJupkxMq-71iRBuiJjE3GJ_wlRwVKgyDNmrzaixGSsGfSXRVBTmj07IB3xPzi2hwH00qXYhjgzoNADrBnfTrH-0GzqHaUZE&dbm_d=AKAmf-AicHalYMg1HRE1RmhTrLsSyskoCi8mQHptzPXgzIK9MsjgOKVKgZc_wAPY48edc04XQwXO9cQU8RDXdfjXnaiDfcySf9z_W3PZpbqak0W0NBQq7iWM0klBE7s9lRKHipAZk0EELlc5oHtY4M4M5sAoMehG5sjE1gFW8FLcblbDJCsAinOlaFaAMsqZuxywamGDc5BwBEIY8kqa9FkkbtRlDgWibEgub7eTFOywWovn5xSgAvkyEC0baON1M5IWUZO4mrvsu6XgG7HprSJRbY0CjtU1lGWV4MrZAcarm6oXPlzSdaQ3Gee0C3bzlrXEWhlirkOJB0CB8fOR6ZSt2lHn4zniPGppmbCGXinE6lTmbKDS43FUaVG_7JIIqjLnodMyDbeNH3N278UEEklWQuFfTUw7A26ESj3R9dFrwsLBQ7CyNQ7MXv1rLMWP1aj81oVwcs1sbYA4jZImvoXINypXfNROWOOo9ZqpQFpQjSkqqvPb9XEVGar9QhdEjSk2wyHR8heYU4YYp2XDgFAIgtDGygrho4_YmewtzUYUJxGJKkZ7uAYguvV-WvqBjIsghc15J10Z4DZKpv_e6xgt9Jn2DucXLAT4FtxS-6vb4brpdDgpQ-dBnnOx1pAZAIkI5C7cGhX9a4HPXh07htGnHX76r9F-tExB8C45JHKztkhViLlyiWAdDEZgp9cFjj94PH9Bnd6CcjN9rWcSyqsqvS26A-QEtMt6q67RWWu38RSnEmyQEOkzzMafoHF2zlm0vgoecT-KYvhAkzGtt14HoSUz-wrM7kc-Qu2NqvSVUTCkH_rxdnfPSe7mAMB7khDOxljldx5bQn7E1ZF3aH1YaRgxN7NgZhxmfNEXJmi36lVgdwzgEiBl1m9fCqYmYzc7VGpxd8NUwPzMOvy9-AUjF9VJBXraJPsjeQlMCPd2gT3TrL-ymaCPE_LNBchni7gB08WTm-xQsI2fwZCfP690rX2560omNVKh284U9wbynAwnq3C29cQU58oq1nwd5iYFoC21kjwh4u9EnqHbmqgEJQnQfKyLiD9Zl6DCqE3dqgIEMTO32hSmOk2Iv-FL-O2qknnHTSymesMBcvXOXRZZpw7yKeXY1a0RrZsuE22qfCaDzqkWSdn2sGtzVSwP8j3wIfsobMXOvTaIFi-CmeEY7sjNk4nfVMNXv_93zpx9oBq1ZSFmcLDAQrtz_zGwYEp7eTrbdaxPRXodiNyTS7Q3oQTHKjdJeIIGTmseqm7sZyveR1cezTX1iHZFPYQkKkMREYCrYWGpE6hg9ODoF32Yq47_tXe7SoGEA0t3NE8ZYgx0j2zVd08ukyyMeOmWdLQeUkZv1ZbiVOtIXw1qJ2knlNeVIZMLJ4UN274hSFL8cET4nqTygn_tsnF0FJRbArgxnZTWXjhXS7mV6IjuOxYWdCSPSuyMcIen7u5AtA0L-Tht_JaCXhKTurk_VhtAoNxBhnEsZB_esZ9XJwPohad-LW8dFiYpcTPdH8JHjilf1rnTojPrZASoy_bM5jfHEVnbxx3mN371xRdhqHA_MI_3-9emjdixnbDqdoBqInuEGl81djhbGNDEwwCb2e6r1JdlZ6fdbwsUSw-iV8TR_z5loDBYBgQetvIzEcO5io0oJ7z9bWt6gm2NhEPGQg5ka-J-tLLJioWki3U-gE6umgRT-I8s1JGtIdkqTJFXC6_U0483DPRPATcn8nZ9S4lqWUkJnaWBFPs8_9mO3rc8Jp33T8IotkKj9qcPFR5kumKGsV22yhHMz_cv0Dn5hj3MbjizGp2WYRiRvtp2Dagw9c4fROWAamu-3fOPYCSmXBeojdcu8eNaN7lQ3GoUqHIpNexHrR0kBOObL1Z93krkfIp18GV9V--Sc6ImJihIkufKYBXOX9fdg23_Oap_LzTOabo6SvLkdbrIniWgjyZJv1J6xVW572f2pmu3zCNDvmzXMzns2YKvHd9T-zsX4_p1PJqAH8azW5LCYZ_mnamwnrUAdmdc6Gj9m6jK6Fz74UUsmVzAd4zzdSVVshohap8s8vqwUzwvjvtyjambpFO-vPoS5wTeBLa-WQ6-GCHB4jkCe13DrGgX7HshKStEkW_5NJPLk99jy_pspnglmnu5LwMRJl900HSJ8eVx9OewlwA8n6WfV9W0xknYXQcDDlLRLPIBATfVk-BOc_wlaZKz8arfcGo7Dfjqn4QU_oJ7vs9TnmXS5afAPUqE0K4A_mKQbwJWgSYSYa44L5mlhwtndkLp3D8-Vd0Mji3q99JYPrviaSHZcTprT64Tqbz1dKTBdDZ0fsTBimUj46sAHZtKAmnXuAAZuQWS_-27o4e3VQGdzxaHHeDUxqb8tYVp7H934oasUw8cpbx_owfs3TMOuruTGy_HyQCYXINWbRX7EIrECS486MNokRGcYYLD8btT4ul0ghBSh3p7erdeVAk_LWlOI_cr3Tg9B4dlWyIJWiNvQFjg8f9jvLGDuNH8GyO3ZNVdGoMVLh_Y0sI8P-rKUFNik6WUYW6MmZK4qq1UTxU6IpuuGmBzfCRPKNJwbAzOcy7ZiI8For_blc9UHTcrequ-bkL9PH3QRDsvxPYYwK_NSjyQbte-3yOP8h-ej-rQJqL0v_E-9cy3tjK9iIELV4iM_cEcxxkwgu9P9llBR-xY6UZZZ-yItrr70UhHh2RaBpaoAKkSKiyR8FXcYhRW-pYDlP5MFX_L1ZZqsejWG-9HrCEFc4nrgyxIYGITwzPZVJwTnQJW8fm3JkfIw_rnx_23FYUJ8rLssk_CYm8Jyt08nTlCosygWV8qPp3gaV74wtEktmDcLJaRcLDJP3N_LOjnCMpefA5vccDsRX_C_ArQ-FFrQkhCzD9wOVGS7FqZZLsM_yjbxIUeU2BIPI8Bl9J52fv9CqimAGLIoN80Bi5D-S5raunbax7H_KaUhPD3Sf05SnDn0MKpiULcc0lovgmE44v3X0theJ-ICDdBIdZ81pRd6M4Q3fJqdbB87eUUeBdoBvPjj99OE3UBejnP7Gt9U4JH6Mv4_54pUIQVJiTRFkwvmnFL20Y6yUDd4k-4r8-uavU1liODbCYw3lLK4-qFN0sAb8E9dz4oGoQQE6alMFiCuWMcxu2ZlVC15WydDGzFWrhjXFgAfjG-WSoTRYNvPeAb2F2OX9DwG0JEdl1u6cI_XoSaWzgbnC9xsbqQ-X6UwFXclPpYm54Pc2-4u66hKaYO5zlMPzU4IazDtLD_wU2GeEeh7hZsm0rXnyZCwx8y_AHhR3M6i6d8Nk4Gqqi9WvK7Kxh0XLI7xwH3qsGLsjWPXKi54JczT3aZl2K67haOxjFbL_doK_9VlqQpi_h3ljdQy-JatqSVtSY5she9yixX86dG5V4&pr=9%3AAAABh8_1k6AF4z_qGye174wd3kxLbKdmWrHtdg&cid=CAQSGwBygQiD4cNcZaiwZaeXs8hDS1YP2xNVXrZ2khgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApqMWx6SlpGdDRVHBaaurqW8tLR54MBFq-QyMfExrikrgEAHBbMjYrUofS2uGwW_cKurYXZ7_XXAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoQBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFoLapIAEFoCIoIAEFRgcFLQBFLALABUEJoQBFoQBFoQBETUOJoQBNAIALCwWkeK9r5i-5bnDARbf6pCLgO768rsBABaMwe7EDAYovNmYgAQWxL6bgAQWgIiggAQWgtqkgAQYCTQ2OTM2NTI3MBaKxgEWhAElBBZCGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FLgBFIQGABYCGANydGIA3BsCiBhNTF9GRUVfT1BUSU1JWkVSX0FQUExJRUQFZmFsc2UeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8602326844081805000&adk=613581378&idt=68&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
22491
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E255 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRnuitxa1GHKh0bM2yCkr9KDwdggiwkz-06O-v5BIyNcO38RxplWsx3FOMV1oFNxUN2nW0kI-TK0lQgIEJQJupkxMq-71iRBuiJjE3GJ_wlRwVKgyDNmrzaixGSsGfSXRVBTmj07IB3xPzi2hwH00qXYhjgzoNADrBnfTrH-0GzqHaUZE&dbm_d=AKAmf-AicHalYMg1HRE1RmhTrLsSyskoCi8mQHptzPXgzIK9MsjgOKVKgZc_wAPY48edc04XQwXO9cQU8RDXdfjXnaiDfcySf9z_W3PZpbqak0W0NBQq7iWM0klBE7s9lRKHipAZk0EELlc5oHtY4M4M5sAoMehG5sjE1gFW8FLcblbDJCsAinOlaFaAMsqZuxywamGDc5BwBEIY8kqa9FkkbtRlDgWibEgub7eTFOywWovn5xSgAvkyEC0baON1M5IWUZO4mrvsu6XgG7HprSJRbY0CjtU1lGWV4MrZAcarm6oXPlzSdaQ3Gee0C3bzlrXEWhlirkOJB0CB8fOR6ZSt2lHn4zniPGppmbCGXinE6lTmbKDS43FUaVG_7JIIqjLnodMyDbeNH3N278UEEklWQuFfTUw7A26ESj3R9dFrwsLBQ7CyNQ7MXv1rLMWP1aj81oVwcs1sbYA4jZImvoXINypXfNROWOOo9ZqpQFpQjSkqqvPb9XEVGar9QhdEjSk2wyHR8heYU4YYp2XDgFAIgtDGygrho4_YmewtzUYUJxGJKkZ7uAYguvV-WvqBjIsghc15J10Z4DZKpv_e6xgt9Jn2DucXLAT4FtxS-6vb4brpdDgpQ-dBnnOx1pAZAIkI5C7cGhX9a4HPXh07htGnHX76r9F-tExB8C45JHKztkhViLlyiWAdDEZgp9cFjj94PH9Bnd6CcjN9rWcSyqsqvS26A-QEtMt6q67RWWu38RSnEmyQEOkzzMafoHF2zlm0vgoecT-KYvhAkzGtt14HoSUz-wrM7kc-Qu2NqvSVUTCkH_rxdnfPSe7mAMB7khDOxljldx5bQn7E1ZF3aH1YaRgxN7NgZhxmfNEXJmi36lVgdwzgEiBl1m9fCqYmYzc7VGpxd8NUwPzMOvy9-AUjF9VJBXraJPsjeQlMCPd2gT3TrL-ymaCPE_LNBchni7gB08WTm-xQsI2fwZCfP690rX2560omNVKh284U9wbynAwnq3C29cQU58oq1nwd5iYFoC21kjwh4u9EnqHbmqgEJQnQfKyLiD9Zl6DCqE3dqgIEMTO32hSmOk2Iv-FL-O2qknnHTSymesMBcvXOXRZZpw7yKeXY1a0RrZsuE22qfCaDzqkWSdn2sGtzVSwP8j3wIfsobMXOvTaIFi-CmeEY7sjNk4nfVMNXv_93zpx9oBq1ZSFmcLDAQrtz_zGwYEp7eTrbdaxPRXodiNyTS7Q3oQTHKjdJeIIGTmseqm7sZyveR1cezTX1iHZFPYQkKkMREYCrYWGpE6hg9ODoF32Yq47_tXe7SoGEA0t3NE8ZYgx0j2zVd08ukyyMeOmWdLQeUkZv1ZbiVOtIXw1qJ2knlNeVIZMLJ4UN274hSFL8cET4nqTygn_tsnF0FJRbArgxnZTWXjhXS7mV6IjuOxYWdCSPSuyMcIen7u5AtA0L-Tht_JaCXhKTurk_VhtAoNxBhnEsZB_esZ9XJwPohad-LW8dFiYpcTPdH8JHjilf1rnTojPrZASoy_bM5jfHEVnbxx3mN371xRdhqHA_MI_3-9emjdixnbDqdoBqInuEGl81djhbGNDEwwCb2e6r1JdlZ6fdbwsUSw-iV8TR_z5loDBYBgQetvIzEcO5io0oJ7z9bWt6gm2NhEPGQg5ka-J-tLLJioWki3U-gE6umgRT-I8s1JGtIdkqTJFXC6_U0483DPRPATcn8nZ9S4lqWUkJnaWBFPs8_9mO3rc8Jp33T8IotkKj9qcPFR5kumKGsV22yhHMz_cv0Dn5hj3MbjizGp2WYRiRvtp2Dagw9c4fROWAamu-3fOPYCSmXBeojdcu8eNaN7lQ3GoUqHIpNexHrR0kBOObL1Z93krkfIp18GV9V--Sc6ImJihIkufKYBXOX9fdg23_Oap_LzTOabo6SvLkdbrIniWgjyZJv1J6xVW572f2pmu3zCNDvmzXMzns2YKvHd9T-zsX4_p1PJqAH8azW5LCYZ_mnamwnrUAdmdc6Gj9m6jK6Fz74UUsmVzAd4zzdSVVshohap8s8vqwUzwvjvtyjambpFO-vPoS5wTeBLa-WQ6-GCHB4jkCe13DrGgX7HshKStEkW_5NJPLk99jy_pspnglmnu5LwMRJl900HSJ8eVx9OewlwA8n6WfV9W0xknYXQcDDlLRLPIBATfVk-BOc_wlaZKz8arfcGo7Dfjqn4QU_oJ7vs9TnmXS5afAPUqE0K4A_mKQbwJWgSYSYa44L5mlhwtndkLp3D8-Vd0Mji3q99JYPrviaSHZcTprT64Tqbz1dKTBdDZ0fsTBimUj46sAHZtKAmnXuAAZuQWS_-27o4e3VQGdzxaHHeDUxqb8tYVp7H934oasUw8cpbx_owfs3TMOuruTGy_HyQCYXINWbRX7EIrECS486MNokRGcYYLD8btT4ul0ghBSh3p7erdeVAk_LWlOI_cr3Tg9B4dlWyIJWiNvQFjg8f9jvLGDuNH8GyO3ZNVdGoMVLh_Y0sI8P-rKUFNik6WUYW6MmZK4qq1UTxU6IpuuGmBzfCRPKNJwbAzOcy7ZiI8For_blc9UHTcrequ-bkL9PH3QRDsvxPYYwK_NSjyQbte-3yOP8h-ej-rQJqL0v_E-9cy3tjK9iIELV4iM_cEcxxkwgu9P9llBR-xY6UZZZ-yItrr70UhHh2RaBpaoAKkSKiyR8FXcYhRW-pYDlP5MFX_L1ZZqsejWG-9HrCEFc4nrgyxIYGITwzPZVJwTnQJW8fm3JkfIw_rnx_23FYUJ8rLssk_CYm8Jyt08nTlCosygWV8qPp3gaV74wtEktmDcLJaRcLDJP3N_LOjnCMpefA5vccDsRX_C_ArQ-FFrQkhCzD9wOVGS7FqZZLsM_yjbxIUeU2BIPI8Bl9J52fv9CqimAGLIoN80Bi5D-S5raunbax7H_KaUhPD3Sf05SnDn0MKpiULcc0lovgmE44v3X0theJ-ICDdBIdZ81pRd6M4Q3fJqdbB87eUUeBdoBvPjj99OE3UBejnP7Gt9U4JH6Mv4_54pUIQVJiTRFkwvmnFL20Y6yUDd4k-4r8-uavU1liODbCYw3lLK4-qFN0sAb8E9dz4oGoQQE6alMFiCuWMcxu2ZlVC15WydDGzFWrhjXFgAfjG-WSoTRYNvPeAb2F2OX9DwG0JEdl1u6cI_XoSaWzgbnC9xsbqQ-X6UwFXclPpYm54Pc2-4u66hKaYO5zlMPzU4IazDtLD_wU2GeEeh7hZsm0rXnyZCwx8y_AHhR3M6i6d8Nk4Gqqi9WvK7Kxh0XLI7xwH3qsGLsjWPXKi54JczT3aZl2K67haOxjFbL_doK_9VlqQpi_h3ljdQy-JatqSVtSY5she9yixX86dG5V4&pr=9%3AAAABh8_1k6AF4z_qGye174wd3kxLbKdmWrHtdg&cid=CAQSGwBygQiD4cNcZaiwZaeXs8hDS1YP2xNVXrZ2khgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApqMWx6SlpGdDRVHBaaurqW8tLR54MBFq-QyMfExrikrgEAHBbMjYrUofS2uGwW_cKurYXZ7_XXAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoQBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFoLapIAEFoCIoIAEFRgcFLQBFLALABUEJoQBFoQBFoQBETUOJoQBNAIALCwWkeK9r5i-5bnDARbf6pCLgO768rsBABaMwe7EDAYovNmYgAQWxL6bgAQWgIiggAQWgtqkgAQYCTQ2OTM2NTI3MBaKxgEWhAElBBZCGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FLgBFIQGABYCGANydGIA3BsCiBhNTF9GRUVfT1BUSU1JWkVSX0FQUExJRUQFZmFsc2UeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8602326844081805000&adk=613581378&idt=68&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:53 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame E255 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRnuitxa1GHKh0bM2yCkr9KDwdggiwkz-06O-v5BIyNcO38RxplWsx3FOMV1oFNxUN2nW0kI-TK0lQgIEJQJupkxMq-71iRBuiJjE3GJ_wlRwVKgyDNmrzaixGSsGfSXRVBTmj07IB3xPzi2hwH00qXYhjgzoNADrBnfTrH-0GzqHaUZE&dbm_d=AKAmf-AicHalYMg1HRE1RmhTrLsSyskoCi8mQHptzPXgzIK9MsjgOKVKgZc_wAPY48edc04XQwXO9cQU8RDXdfjXnaiDfcySf9z_W3PZpbqak0W0NBQq7iWM0klBE7s9lRKHipAZk0EELlc5oHtY4M4M5sAoMehG5sjE1gFW8FLcblbDJCsAinOlaFaAMsqZuxywamGDc5BwBEIY8kqa9FkkbtRlDgWibEgub7eTFOywWovn5xSgAvkyEC0baON1M5IWUZO4mrvsu6XgG7HprSJRbY0CjtU1lGWV4MrZAcarm6oXPlzSdaQ3Gee0C3bzlrXEWhlirkOJB0CB8fOR6ZSt2lHn4zniPGppmbCGXinE6lTmbKDS43FUaVG_7JIIqjLnodMyDbeNH3N278UEEklWQuFfTUw7A26ESj3R9dFrwsLBQ7CyNQ7MXv1rLMWP1aj81oVwcs1sbYA4jZImvoXINypXfNROWOOo9ZqpQFpQjSkqqvPb9XEVGar9QhdEjSk2wyHR8heYU4YYp2XDgFAIgtDGygrho4_YmewtzUYUJxGJKkZ7uAYguvV-WvqBjIsghc15J10Z4DZKpv_e6xgt9Jn2DucXLAT4FtxS-6vb4brpdDgpQ-dBnnOx1pAZAIkI5C7cGhX9a4HPXh07htGnHX76r9F-tExB8C45JHKztkhViLlyiWAdDEZgp9cFjj94PH9Bnd6CcjN9rWcSyqsqvS26A-QEtMt6q67RWWu38RSnEmyQEOkzzMafoHF2zlm0vgoecT-KYvhAkzGtt14HoSUz-wrM7kc-Qu2NqvSVUTCkH_rxdnfPSe7mAMB7khDOxljldx5bQn7E1ZF3aH1YaRgxN7NgZhxmfNEXJmi36lVgdwzgEiBl1m9fCqYmYzc7VGpxd8NUwPzMOvy9-AUjF9VJBXraJPsjeQlMCPd2gT3TrL-ymaCPE_LNBchni7gB08WTm-xQsI2fwZCfP690rX2560omNVKh284U9wbynAwnq3C29cQU58oq1nwd5iYFoC21kjwh4u9EnqHbmqgEJQnQfKyLiD9Zl6DCqE3dqgIEMTO32hSmOk2Iv-FL-O2qknnHTSymesMBcvXOXRZZpw7yKeXY1a0RrZsuE22qfCaDzqkWSdn2sGtzVSwP8j3wIfsobMXOvTaIFi-CmeEY7sjNk4nfVMNXv_93zpx9oBq1ZSFmcLDAQrtz_zGwYEp7eTrbdaxPRXodiNyTS7Q3oQTHKjdJeIIGTmseqm7sZyveR1cezTX1iHZFPYQkKkMREYCrYWGpE6hg9ODoF32Yq47_tXe7SoGEA0t3NE8ZYgx0j2zVd08ukyyMeOmWdLQeUkZv1ZbiVOtIXw1qJ2knlNeVIZMLJ4UN274hSFL8cET4nqTygn_tsnF0FJRbArgxnZTWXjhXS7mV6IjuOxYWdCSPSuyMcIen7u5AtA0L-Tht_JaCXhKTurk_VhtAoNxBhnEsZB_esZ9XJwPohad-LW8dFiYpcTPdH8JHjilf1rnTojPrZASoy_bM5jfHEVnbxx3mN371xRdhqHA_MI_3-9emjdixnbDqdoBqInuEGl81djhbGNDEwwCb2e6r1JdlZ6fdbwsUSw-iV8TR_z5loDBYBgQetvIzEcO5io0oJ7z9bWt6gm2NhEPGQg5ka-J-tLLJioWki3U-gE6umgRT-I8s1JGtIdkqTJFXC6_U0483DPRPATcn8nZ9S4lqWUkJnaWBFPs8_9mO3rc8Jp33T8IotkKj9qcPFR5kumKGsV22yhHMz_cv0Dn5hj3MbjizGp2WYRiRvtp2Dagw9c4fROWAamu-3fOPYCSmXBeojdcu8eNaN7lQ3GoUqHIpNexHrR0kBOObL1Z93krkfIp18GV9V--Sc6ImJihIkufKYBXOX9fdg23_Oap_LzTOabo6SvLkdbrIniWgjyZJv1J6xVW572f2pmu3zCNDvmzXMzns2YKvHd9T-zsX4_p1PJqAH8azW5LCYZ_mnamwnrUAdmdc6Gj9m6jK6Fz74UUsmVzAd4zzdSVVshohap8s8vqwUzwvjvtyjambpFO-vPoS5wTeBLa-WQ6-GCHB4jkCe13DrGgX7HshKStEkW_5NJPLk99jy_pspnglmnu5LwMRJl900HSJ8eVx9OewlwA8n6WfV9W0xknYXQcDDlLRLPIBATfVk-BOc_wlaZKz8arfcGo7Dfjqn4QU_oJ7vs9TnmXS5afAPUqE0K4A_mKQbwJWgSYSYa44L5mlhwtndkLp3D8-Vd0Mji3q99JYPrviaSHZcTprT64Tqbz1dKTBdDZ0fsTBimUj46sAHZtKAmnXuAAZuQWS_-27o4e3VQGdzxaHHeDUxqb8tYVp7H934oasUw8cpbx_owfs3TMOuruTGy_HyQCYXINWbRX7EIrECS486MNokRGcYYLD8btT4ul0ghBSh3p7erdeVAk_LWlOI_cr3Tg9B4dlWyIJWiNvQFjg8f9jvLGDuNH8GyO3ZNVdGoMVLh_Y0sI8P-rKUFNik6WUYW6MmZK4qq1UTxU6IpuuGmBzfCRPKNJwbAzOcy7ZiI8For_blc9UHTcrequ-bkL9PH3QRDsvxPYYwK_NSjyQbte-3yOP8h-ej-rQJqL0v_E-9cy3tjK9iIELV4iM_cEcxxkwgu9P9llBR-xY6UZZZ-yItrr70UhHh2RaBpaoAKkSKiyR8FXcYhRW-pYDlP5MFX_L1ZZqsejWG-9HrCEFc4nrgyxIYGITwzPZVJwTnQJW8fm3JkfIw_rnx_23FYUJ8rLssk_CYm8Jyt08nTlCosygWV8qPp3gaV74wtEktmDcLJaRcLDJP3N_LOjnCMpefA5vccDsRX_C_ArQ-FFrQkhCzD9wOVGS7FqZZLsM_yjbxIUeU2BIPI8Bl9J52fv9CqimAGLIoN80Bi5D-S5raunbax7H_KaUhPD3Sf05SnDn0MKpiULcc0lovgmE44v3X0theJ-ICDdBIdZ81pRd6M4Q3fJqdbB87eUUeBdoBvPjj99OE3UBejnP7Gt9U4JH6Mv4_54pUIQVJiTRFkwvmnFL20Y6yUDd4k-4r8-uavU1liODbCYw3lLK4-qFN0sAb8E9dz4oGoQQE6alMFiCuWMcxu2ZlVC15WydDGzFWrhjXFgAfjG-WSoTRYNvPeAb2F2OX9DwG0JEdl1u6cI_XoSaWzgbnC9xsbqQ-X6UwFXclPpYm54Pc2-4u66hKaYO5zlMPzU4IazDtLD_wU2GeEeh7hZsm0rXnyZCwx8y_AHhR3M6i6d8Nk4Gqqi9WvK7Kxh0XLI7xwH3qsGLsjWPXKi54JczT3aZl2K67haOxjFbL_doK_9VlqQpi_h3ljdQy-JatqSVtSY5she9yixX86dG5V4&pr=9%3AAAABh8_1k6AF4z_qGye174wd3kxLbKdmWrHtdg&cid=CAQSGwBygQiD4cNcZaiwZaeXs8hDS1YP2xNVXrZ2khgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApqMWx6SlpGdDRVHBaaurqW8tLR54MBFq-QyMfExrikrgEAHBbMjYrUofS2uGwW_cKurYXZ7_XXAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoQBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFoLapIAEFoCIoIAEFRgcFLQBFLALABUEJoQBFoQBFoQBETUOJoQBNAIALCwWkeK9r5i-5bnDARbf6pCLgO768rsBABaMwe7EDAYovNmYgAQWxL6bgAQWgIiggAQWgtqkgAQYCTQ2OTM2NTI3MBaKxgEWhAElBBZCGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FLgBFIQGABYCGANydGIA3BsCiBhNTF9GRUVfT1BUSU1JWkVSX0FQUExJRUQFZmFsc2UeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8602326844081805000&adk=613581378&idt=68&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
22492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E255 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssj1QI1z9MrliFyTQGk5rwBaVDIL6ZB6q5K_DnDbsozpX2RUUSieJhxkNdFdnhZVmY1GMeVAIn8QduJnkmG_cwMLtiIWNzWTdyBonrDpYQwp6d-SFs72dWATlx_hN7XqjXtpkA4ZaBKJgsLuV_akAsQK_ZjBHTA8oYIOy3wwsSly3O0yq5cwq5VnHERyo5Kcp1LTL4sZJLYPUFjWjp9pYxMqF3QcDtlz2XQthLr96gGTZ_I3wOg95vV0vEhmj9Ix1GfvcoXD-kUNL-X7vp___L5q-pXPBRKCWYd7nxbGDWKbmICrrKEjCTZK8PRiAGmATblYaSWOHAu1kyGrtAUFfO0e81ewZ__W42y44yjj8MMfX8TntnQLKNPRgXVXCfB2Xg28hfBYyYotlaLvM7xv6sY7RP3gFTDgR60F4Z7befMa_aw2Bltqy4dhEJfocSrDyw68uL6cLgY0ChHmNj4PnCIdESG00_dQ1cLg7w-exuReiGxkvEJ21K-1NMXa8JNF1XxN_gFWxKlfVbs7JNnssEPEhsOSQqVLSmyMdkxCboVuABMVYEYJuMkCmFaJogNd1iO6c2yi0dBs_nfLtvW-LRiqqTcs6pRLH7hknnwBmoVPx4N-TdB2VTaRl4ctr7HLTnn5v9wM11Ujivt6pEbBixEN1cIOA7BoQqevY7-zdqI5uFxl3breITk8r_n5ORy6ij7uVgUBXNl3Flq2NbXTabiuWKtWckbuSShOweua1DA8qmDtbOLw-O1FkexZSC3AC6FWWO6UC6yqIRBnltr2aGL2QRfcFi6zL9Ctx1lMxSf6LDac2hC3Q89Xv6CLF1PVNkiaLNt2PS-8ctza20BYegv0q9s_qxxCAYgI8SigykWeUwB6nsUnM5rgq3RF-84wIHk0j7eifLVqZKfV_-FUteYtRr7RyOsUpkFnfO9GP20ut_a0EyiCbd0eIiFgSfD4e6s0vbMT_fjTZ4SxCrOGubF12C3GNRU1-BR9qHM8XzMdUvt7XGHjRAjFX-X5eNB6OIwaJJ6fwjQFAHrJLmS7srk3DSUd_oSPOUwVysz0-LOqN5gKoo1_HrAwcdgh5SbuaoJynak7alorWrc716BIpW6c6Ow4akmx0QQP50j28UD_qZtHi1MropIKTPbNSrTr-O8_ou3qgSOo9rIG1W3CBJYq_4gz_lA0QP_xH3FjhVIBeg6CC9GZyYJJQ&sai=AMfl-YSJjj2PxgJhRrdd4Iuzu9J0vnkipwxCrcotI4pwNit18jr-fjG7mLox1_sOQ5vNk1bqHHyFTWIFjsrxauEQwFPzsnr3MUJcqFuTajk7XBiJzxwnAiMYh-qNEpwIsOwbVtWHlsLPpSn_rCxK1-6Oxiz7VdT5OKQAKoFuCLBVZp3eWeP-14w&sig=Cg0ArKJSzJyIV2gwZAOGEAE&uach_m=[UACH]&pr=9:AAABh8_1k6AF4z_qGye174wd3kxLbKdmWrHtdg&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230426.16209&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRnuitxa1GHKh0bM2yCkr9KDwdggiwkz-06O-v5BIyNcO38RxplWsx3FOMV1oFNxUN2nW0kI-TK0lQgIEJQJupkxMq-71iRBuiJjE3GJ_wlRwVKgyDNmrzaixGSsGfSXRVBTmj07IB3xPzi2hwH00qXYhjgzoNADrBnfTrH-0GzqHaUZE&dbm_d=AKAmf-AicHalYMg1HRE1RmhTrLsSyskoCi8mQHptzPXgzIK9MsjgOKVKgZc_wAPY48edc04XQwXO9cQU8RDXdfjXnaiDfcySf9z_W3PZpbqak0W0NBQq7iWM0klBE7s9lRKHipAZk0EELlc5oHtY4M4M5sAoMehG5sjE1gFW8FLcblbDJCsAinOlaFaAMsqZuxywamGDc5BwBEIY8kqa9FkkbtRlDgWibEgub7eTFOywWovn5xSgAvkyEC0baON1M5IWUZO4mrvsu6XgG7HprSJRbY0CjtU1lGWV4MrZAcarm6oXPlzSdaQ3Gee0C3bzlrXEWhlirkOJB0CB8fOR6ZSt2lHn4zniPGppmbCGXinE6lTmbKDS43FUaVG_7JIIqjLnodMyDbeNH3N278UEEklWQuFfTUw7A26ESj3R9dFrwsLBQ7CyNQ7MXv1rLMWP1aj81oVwcs1sbYA4jZImvoXINypXfNROWOOo9ZqpQFpQjSkqqvPb9XEVGar9QhdEjSk2wyHR8heYU4YYp2XDgFAIgtDGygrho4_YmewtzUYUJxGJKkZ7uAYguvV-WvqBjIsghc15J10Z4DZKpv_e6xgt9Jn2DucXLAT4FtxS-6vb4brpdDgpQ-dBnnOx1pAZAIkI5C7cGhX9a4HPXh07htGnHX76r9F-tExB8C45JHKztkhViLlyiWAdDEZgp9cFjj94PH9Bnd6CcjN9rWcSyqsqvS26A-QEtMt6q67RWWu38RSnEmyQEOkzzMafoHF2zlm0vgoecT-KYvhAkzGtt14HoSUz-wrM7kc-Qu2NqvSVUTCkH_rxdnfPSe7mAMB7khDOxljldx5bQn7E1ZF3aH1YaRgxN7NgZhxmfNEXJmi36lVgdwzgEiBl1m9fCqYmYzc7VGpxd8NUwPzMOvy9-AUjF9VJBXraJPsjeQlMCPd2gT3TrL-ymaCPE_LNBchni7gB08WTm-xQsI2fwZCfP690rX2560omNVKh284U9wbynAwnq3C29cQU58oq1nwd5iYFoC21kjwh4u9EnqHbmqgEJQnQfKyLiD9Zl6DCqE3dqgIEMTO32hSmOk2Iv-FL-O2qknnHTSymesMBcvXOXRZZpw7yKeXY1a0RrZsuE22qfCaDzqkWSdn2sGtzVSwP8j3wIfsobMXOvTaIFi-CmeEY7sjNk4nfVMNXv_93zpx9oBq1ZSFmcLDAQrtz_zGwYEp7eTrbdaxPRXodiNyTS7Q3oQTHKjdJeIIGTmseqm7sZyveR1cezTX1iHZFPYQkKkMREYCrYWGpE6hg9ODoF32Yq47_tXe7SoGEA0t3NE8ZYgx0j2zVd08ukyyMeOmWdLQeUkZv1ZbiVOtIXw1qJ2knlNeVIZMLJ4UN274hSFL8cET4nqTygn_tsnF0FJRbArgxnZTWXjhXS7mV6IjuOxYWdCSPSuyMcIen7u5AtA0L-Tht_JaCXhKTurk_VhtAoNxBhnEsZB_esZ9XJwPohad-LW8dFiYpcTPdH8JHjilf1rnTojPrZASoy_bM5jfHEVnbxx3mN371xRdhqHA_MI_3-9emjdixnbDqdoBqInuEGl81djhbGNDEwwCb2e6r1JdlZ6fdbwsUSw-iV8TR_z5loDBYBgQetvIzEcO5io0oJ7z9bWt6gm2NhEPGQg5ka-J-tLLJioWki3U-gE6umgRT-I8s1JGtIdkqTJFXC6_U0483DPRPATcn8nZ9S4lqWUkJnaWBFPs8_9mO3rc8Jp33T8IotkKj9qcPFR5kumKGsV22yhHMz_cv0Dn5hj3MbjizGp2WYRiRvtp2Dagw9c4fROWAamu-3fOPYCSmXBeojdcu8eNaN7lQ3GoUqHIpNexHrR0kBOObL1Z93krkfIp18GV9V--Sc6ImJihIkufKYBXOX9fdg23_Oap_LzTOabo6SvLkdbrIniWgjyZJv1J6xVW572f2pmu3zCNDvmzXMzns2YKvHd9T-zsX4_p1PJqAH8azW5LCYZ_mnamwnrUAdmdc6Gj9m6jK6Fz74UUsmVzAd4zzdSVVshohap8s8vqwUzwvjvtyjambpFO-vPoS5wTeBLa-WQ6-GCHB4jkCe13DrGgX7HshKStEkW_5NJPLk99jy_pspnglmnu5LwMRJl900HSJ8eVx9OewlwA8n6WfV9W0xknYXQcDDlLRLPIBATfVk-BOc_wlaZKz8arfcGo7Dfjqn4QU_oJ7vs9TnmXS5afAPUqE0K4A_mKQbwJWgSYSYa44L5mlhwtndkLp3D8-Vd0Mji3q99JYPrviaSHZcTprT64Tqbz1dKTBdDZ0fsTBimUj46sAHZtKAmnXuAAZuQWS_-27o4e3VQGdzxaHHeDUxqb8tYVp7H934oasUw8cpbx_owfs3TMOuruTGy_HyQCYXINWbRX7EIrECS486MNokRGcYYLD8btT4ul0ghBSh3p7erdeVAk_LWlOI_cr3Tg9B4dlWyIJWiNvQFjg8f9jvLGDuNH8GyO3ZNVdGoMVLh_Y0sI8P-rKUFNik6WUYW6MmZK4qq1UTxU6IpuuGmBzfCRPKNJwbAzOcy7ZiI8For_blc9UHTcrequ-bkL9PH3QRDsvxPYYwK_NSjyQbte-3yOP8h-ej-rQJqL0v_E-9cy3tjK9iIELV4iM_cEcxxkwgu9P9llBR-xY6UZZZ-yItrr70UhHh2RaBpaoAKkSKiyR8FXcYhRW-pYDlP5MFX_L1ZZqsejWG-9HrCEFc4nrgyxIYGITwzPZVJwTnQJW8fm3JkfIw_rnx_23FYUJ8rLssk_CYm8Jyt08nTlCosygWV8qPp3gaV74wtEktmDcLJaRcLDJP3N_LOjnCMpefA5vccDsRX_C_ArQ-FFrQkhCzD9wOVGS7FqZZLsM_yjbxIUeU2BIPI8Bl9J52fv9CqimAGLIoN80Bi5D-S5raunbax7H_KaUhPD3Sf05SnDn0MKpiULcc0lovgmE44v3X0theJ-ICDdBIdZ81pRd6M4Q3fJqdbB87eUUeBdoBvPjj99OE3UBejnP7Gt9U4JH6Mv4_54pUIQVJiTRFkwvmnFL20Y6yUDd4k-4r8-uavU1liODbCYw3lLK4-qFN0sAb8E9dz4oGoQQE6alMFiCuWMcxu2ZlVC15WydDGzFWrhjXFgAfjG-WSoTRYNvPeAb2F2OX9DwG0JEdl1u6cI_XoSaWzgbnC9xsbqQ-X6UwFXclPpYm54Pc2-4u66hKaYO5zlMPzU4IazDtLD_wU2GeEeh7hZsm0rXnyZCwx8y_AHhR3M6i6d8Nk4Gqqi9WvK7Kxh0XLI7xwH3qsGLsjWPXKi54JczT3aZl2K67haOxjFbL_doK_9VlqQpi_h3ljdQy-JatqSVtSY5she9yixX86dG5V4&pr=9%3AAAABh8_1k6AF4z_qGye174wd3kxLbKdmWrHtdg&cid=CAQSGwBygQiD4cNcZaiwZaeXs8hDS1YP2xNVXrZ2khgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApqMWx6SlpGdDRVHBaaurqW8tLR54MBFq-QyMfExrikrgEAHBbMjYrUofS2uGwW_cKurYXZ7_XXAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoQBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFoLapIAEFoCIoIAEFRgcFLQBFLALABUEJoQBFoQBFoQBETUOJoQBNAIALCwWkeK9r5i-5bnDARbf6pCLgO768rsBABaMwe7EDAYovNmYgAQWxL6bgAQWgIiggAQWgtqkgAQYCTQ2OTM2NTI3MBaKxgEWhAElBBZCGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FLgBFIQGABYCGANydGIA3BsCiBhNTF9GRUVfT1BUSU1JWkVSX0FQUExJRUQFZmFsc2UeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8602326844081805000&adk=613581378&idt=68&cac=0&dtd=16
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:53 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E255 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRnuitxa1GHKh0bM2yCkr9KDwdggiwkz-06O-v5BIyNcO38RxplWsx3FOMV1oFNxUN2nW0kI-TK0lQgIEJQJupkxMq-71iRBuiJjE3GJ_wlRwVKgyDNmrzaixGSsGfSXRVBTmj07IB3xPzi2hwH00qXYhjgzoNADrBnfTrH-0GzqHaUZE&dbm_d=AKAmf-AicHalYMg1HRE1RmhTrLsSyskoCi8mQHptzPXgzIK9MsjgOKVKgZc_wAPY48edc04XQwXO9cQU8RDXdfjXnaiDfcySf9z_W3PZpbqak0W0NBQq7iWM0klBE7s9lRKHipAZk0EELlc5oHtY4M4M5sAoMehG5sjE1gFW8FLcblbDJCsAinOlaFaAMsqZuxywamGDc5BwBEIY8kqa9FkkbtRlDgWibEgub7eTFOywWovn5xSgAvkyEC0baON1M5IWUZO4mrvsu6XgG7HprSJRbY0CjtU1lGWV4MrZAcarm6oXPlzSdaQ3Gee0C3bzlrXEWhlirkOJB0CB8fOR6ZSt2lHn4zniPGppmbCGXinE6lTmbKDS43FUaVG_7JIIqjLnodMyDbeNH3N278UEEklWQuFfTUw7A26ESj3R9dFrwsLBQ7CyNQ7MXv1rLMWP1aj81oVwcs1sbYA4jZImvoXINypXfNROWOOo9ZqpQFpQjSkqqvPb9XEVGar9QhdEjSk2wyHR8heYU4YYp2XDgFAIgtDGygrho4_YmewtzUYUJxGJKkZ7uAYguvV-WvqBjIsghc15J10Z4DZKpv_e6xgt9Jn2DucXLAT4FtxS-6vb4brpdDgpQ-dBnnOx1pAZAIkI5C7cGhX9a4HPXh07htGnHX76r9F-tExB8C45JHKztkhViLlyiWAdDEZgp9cFjj94PH9Bnd6CcjN9rWcSyqsqvS26A-QEtMt6q67RWWu38RSnEmyQEOkzzMafoHF2zlm0vgoecT-KYvhAkzGtt14HoSUz-wrM7kc-Qu2NqvSVUTCkH_rxdnfPSe7mAMB7khDOxljldx5bQn7E1ZF3aH1YaRgxN7NgZhxmfNEXJmi36lVgdwzgEiBl1m9fCqYmYzc7VGpxd8NUwPzMOvy9-AUjF9VJBXraJPsjeQlMCPd2gT3TrL-ymaCPE_LNBchni7gB08WTm-xQsI2fwZCfP690rX2560omNVKh284U9wbynAwnq3C29cQU58oq1nwd5iYFoC21kjwh4u9EnqHbmqgEJQnQfKyLiD9Zl6DCqE3dqgIEMTO32hSmOk2Iv-FL-O2qknnHTSymesMBcvXOXRZZpw7yKeXY1a0RrZsuE22qfCaDzqkWSdn2sGtzVSwP8j3wIfsobMXOvTaIFi-CmeEY7sjNk4nfVMNXv_93zpx9oBq1ZSFmcLDAQrtz_zGwYEp7eTrbdaxPRXodiNyTS7Q3oQTHKjdJeIIGTmseqm7sZyveR1cezTX1iHZFPYQkKkMREYCrYWGpE6hg9ODoF32Yq47_tXe7SoGEA0t3NE8ZYgx0j2zVd08ukyyMeOmWdLQeUkZv1ZbiVOtIXw1qJ2knlNeVIZMLJ4UN274hSFL8cET4nqTygn_tsnF0FJRbArgxnZTWXjhXS7mV6IjuOxYWdCSPSuyMcIen7u5AtA0L-Tht_JaCXhKTurk_VhtAoNxBhnEsZB_esZ9XJwPohad-LW8dFiYpcTPdH8JHjilf1rnTojPrZASoy_bM5jfHEVnbxx3mN371xRdhqHA_MI_3-9emjdixnbDqdoBqInuEGl81djhbGNDEwwCb2e6r1JdlZ6fdbwsUSw-iV8TR_z5loDBYBgQetvIzEcO5io0oJ7z9bWt6gm2NhEPGQg5ka-J-tLLJioWki3U-gE6umgRT-I8s1JGtIdkqTJFXC6_U0483DPRPATcn8nZ9S4lqWUkJnaWBFPs8_9mO3rc8Jp33T8IotkKj9qcPFR5kumKGsV22yhHMz_cv0Dn5hj3MbjizGp2WYRiRvtp2Dagw9c4fROWAamu-3fOPYCSmXBeojdcu8eNaN7lQ3GoUqHIpNexHrR0kBOObL1Z93krkfIp18GV9V--Sc6ImJihIkufKYBXOX9fdg23_Oap_LzTOabo6SvLkdbrIniWgjyZJv1J6xVW572f2pmu3zCNDvmzXMzns2YKvHd9T-zsX4_p1PJqAH8azW5LCYZ_mnamwnrUAdmdc6Gj9m6jK6Fz74UUsmVzAd4zzdSVVshohap8s8vqwUzwvjvtyjambpFO-vPoS5wTeBLa-WQ6-GCHB4jkCe13DrGgX7HshKStEkW_5NJPLk99jy_pspnglmnu5LwMRJl900HSJ8eVx9OewlwA8n6WfV9W0xknYXQcDDlLRLPIBATfVk-BOc_wlaZKz8arfcGo7Dfjqn4QU_oJ7vs9TnmXS5afAPUqE0K4A_mKQbwJWgSYSYa44L5mlhwtndkLp3D8-Vd0Mji3q99JYPrviaSHZcTprT64Tqbz1dKTBdDZ0fsTBimUj46sAHZtKAmnXuAAZuQWS_-27o4e3VQGdzxaHHeDUxqb8tYVp7H934oasUw8cpbx_owfs3TMOuruTGy_HyQCYXINWbRX7EIrECS486MNokRGcYYLD8btT4ul0ghBSh3p7erdeVAk_LWlOI_cr3Tg9B4dlWyIJWiNvQFjg8f9jvLGDuNH8GyO3ZNVdGoMVLh_Y0sI8P-rKUFNik6WUYW6MmZK4qq1UTxU6IpuuGmBzfCRPKNJwbAzOcy7ZiI8For_blc9UHTcrequ-bkL9PH3QRDsvxPYYwK_NSjyQbte-3yOP8h-ej-rQJqL0v_E-9cy3tjK9iIELV4iM_cEcxxkwgu9P9llBR-xY6UZZZ-yItrr70UhHh2RaBpaoAKkSKiyR8FXcYhRW-pYDlP5MFX_L1ZZqsejWG-9HrCEFc4nrgyxIYGITwzPZVJwTnQJW8fm3JkfIw_rnx_23FYUJ8rLssk_CYm8Jyt08nTlCosygWV8qPp3gaV74wtEktmDcLJaRcLDJP3N_LOjnCMpefA5vccDsRX_C_ArQ-FFrQkhCzD9wOVGS7FqZZLsM_yjbxIUeU2BIPI8Bl9J52fv9CqimAGLIoN80Bi5D-S5raunbax7H_KaUhPD3Sf05SnDn0MKpiULcc0lovgmE44v3X0theJ-ICDdBIdZ81pRd6M4Q3fJqdbB87eUUeBdoBvPjj99OE3UBejnP7Gt9U4JH6Mv4_54pUIQVJiTRFkwvmnFL20Y6yUDd4k-4r8-uavU1liODbCYw3lLK4-qFN0sAb8E9dz4oGoQQE6alMFiCuWMcxu2ZlVC15WydDGzFWrhjXFgAfjG-WSoTRYNvPeAb2F2OX9DwG0JEdl1u6cI_XoSaWzgbnC9xsbqQ-X6UwFXclPpYm54Pc2-4u66hKaYO5zlMPzU4IazDtLD_wU2GeEeh7hZsm0rXnyZCwx8y_AHhR3M6i6d8Nk4Gqqi9WvK7Kxh0XLI7xwH3qsGLsjWPXKi54JczT3aZl2K67haOxjFbL_doK_9VlqQpi_h3ljdQy-JatqSVtSY5she9yixX86dG5V4&pr=9%3AAAABh8_1k6AF4z_qGye174wd3kxLbKdmWrHtdg&cid=CAQSGwBygQiD4cNcZaiwZaeXs8hDS1YP2xNVXrZ2khgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApqMWx6SlpGdDRVHBaaurqW8tLR54MBFq-QyMfExrikrgEAHBbMjYrUofS2uGwW_cKurYXZ7_XXAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoQBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFoLapIAEFoCIoIAEFRgcFLQBFLALABUEJoQBFoQBFoQBETUOJoQBNAIALCwWkeK9r5i-5bnDARbf6pCLgO768rsBABaMwe7EDAYovNmYgAQWxL6bgAQWgIiggAQWgtqkgAQYCTQ2OTM2NTI3MBaKxgEWhAElBBZCGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FLgBFIQGABYCGANydGIA3BsCiBhNTF9GRUVfT1BUSU1JWkVSX0FQUExJRUQFZmFsc2UeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8602326844081805000&adk=613581378&idt=68&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 17:25:31 GMT
5434988223629041942
s0.2mdn.net/simgad/ Frame E255 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5434988223629041942
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7e27be34c9ef9b56c5e8b9a4effd52e421bd261c78bf3f029be9e06c80a21c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 23:40:29 GMT
x-content-type-options
nosniff
age
9564
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8951
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 14:54:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 23:40:29 GMT
setuid
u.4dex.io/ Frame 2FB8
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1682821193226.&ri=0015a00002oUk4aAAC&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
  • https://u.4dex.io/setuid?bidder=33across&uid=212153202608429
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.4dex.io/setuid?bidder=33across&uid=212153202608429
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://u.4dex.io/setuid?bidder=33across&uid=212153202608429
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 2FB8
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43963&callback_url=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D124%26ts%3D1682821193226.2%26us_privacy%3D%26xu%3D%24%7BUSER_ID%7D
  • https://ssc-cms.33across.com/ps/?xi=124&ts=1682821193226.2&us_privacy=&xu=caa4e1f7-081e-5278-9695-c2ccf2d81289
  • https://events-ssc.33across.com/match?bidder_id=124&external_user_id=caa4e1f7-081e-5278-9695-c2ccf2d81289&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=124&external_user_id=caa4e1f7-081e-5278-9695-c2ccf2d81289&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=124&external_user_id=caa4e1f7-081e-5278-9695-c2ccf2d81289&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 2FB8
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=78&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D125%26ts%3D1682821193226.3%26us_privacy%3D%26xu%3D%5Bssb_sy...
  • https://ssc-cms.33across.com/ps/?xi=125&ts=1682821193226.3&us_privacy=&xu=2403475317176069061
  • https://events-ssc.33across.com/match?bidder_id=125&external_user_id=2403475317176069061&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=125&external_user_id=2403475317176069061&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=125&external_user_id=2403475317176069061&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 2FB8
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=2c3b95b9-6513-42b2-beb7-260851c73b75&secure=1&us_privacy=&cb=1682821193226.4
  • https://ssc-cms.33across.com/ps/?xi=66&us_privacy=&xu=7fd7cc0b-465c-4695-8bfe-08207b90870e
  • https://events-ssc.33across.com/match?bidder_id=66&external_user_id=7fd7cc0b-465c-4695-8bfe-08207b90870e&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=66&external_user_id=7fd7cc0b-465c-4695-8bfe-08207b90870e&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
referrer-policy
unsafe-url
server
33XP006
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=66&external_user_id=7fd7cc0b-465c-4695-8bfe-08207b90870e&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 2FB8
Redirect Chain
  • https://p.rfihub.com/cm?pub=35686&in=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=93&xu=978477414437337801&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=93&external_user_id=978477414437337801&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=93&external_user_id=978477414437337801&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
referrer-policy
unsafe-url
server
33XP020
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=93&external_user_id=978477414437337801&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 2FB8
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=the33across&ssp_user_id=&_=1682821193226.6&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=the33across&ssp_user_id=&_=1682821193226.6&us_privacy=
  • https://ssc-cms.33across.com/ps/?&xi=112&xu=5fc738f9-8cf6-4ead-96c1-1c7828490792&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=112&external_user_id=5fc738f9-8cf6-4ead-96c1-1c7828490792&ts=1682821195&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=112&external_user_id=5fc738f9-8cf6-4ead-96c1-1c7828490792&ts=1682821195&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=112&external_user_id=5fc738f9-8cf6-4ead-96c1-1c7828490792&ts=1682821195&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 2FB8
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561516&ev=1&us_privacy=&rurl=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D5%26xu%3D%25%25VGUID%25%25
  • https://ssc-cms.33across.com/ps/?xi=5&xu=n0h9TTaSFk0n&ev=1&us_privacy=&pid=561516
  • https://events-ssc.33across.com/match?bidder_id=5&external_user_id=n0h9TTaSFk0n&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=5&external_user_id=n0h9TTaSFk0n&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0015a00002oUk4aAAC&ru=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3D33across%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
referrer-policy
unsafe-url
server
33XP019
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=5&external_user_id=n0h9TTaSFk0n&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
dcm
s.amazon-adsystem.com/ Frame 1A61 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e1bf7541f976ee9%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:53 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2A1BQ4E639D2ST3JKFEM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1A61
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=abb0385f-fb71-4da5-be13-d1ca93d34856&expiration=1685413193&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=abb0385f-fb71-4da5-be13-d1ca93d34856&expiration=1685413193&gdpr=0&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e1bf7541f976ee9%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=abb0385f-fb71-4da5-be13-d1ca93d34856&expiration=1685413193&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 1A61
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e1bf7541f976ee9%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1A61 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e1bf7541f976ee9%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:6422:e7b:c10:ea7a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 1A61
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=429FA571C8024762B89F507D54B48C58
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=429FA571C8024762B89F507D54B48C58
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e1bf7541f976ee9%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Sun, 30 Apr 2023 02:19:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=429FA571C8024762B89F507D54B48C58
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 02:19:54 GMT
crum
dsum-sec.casalemedia.com/ Frame 1A61
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477414437337801
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477414437337801
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e1bf7541f976ee9%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=978477414437337801
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum.casalemedia.com/ Frame 1A61
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7906230784814628655
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7906230784814628655
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e1bf7541f976ee9%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
08a4abdf-81b0-4945-9b82-a11a4972c90f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1A61
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3464934303237790935
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3464934303237790935
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e1bf7541f976ee9%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3464934303237790935
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
um
u-iad04.e-planning.net/ Frame 1A61 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=4e1bf7541f976ee9&uid=ZE3QSKiBZz7mrFv9ttLKygAA%261459
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D4e1bf7541f976ee9%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
image/gif
getuid
ib.adnxs.com/ Frame 9499 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 9499 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 9499
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D68afccab-c100-4461-a445-3890741431f3%252Chttps%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7906230784814628655&pt=68afccab-c100-4461-a445-3890741431f3%2Chttps%253A%252F%252Fmwzeom.zeotap.com%252Fmw%253Fcid%25...
  • https://mwzeom.zeotap.com/mw?cid=68afccab-c100-4461-a445-3890741431f3&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3...
95 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=68afccab-c100-4461-a445-3890741431f3&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d7a7ca1a1f2-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=68afccab-c100-4461-a445-3890741431f3&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 9499 		0
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 9499
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df3802262-1e01-41c2-7c52-ea2294ef5952%26reqId%3D6...
  • https://mwzeom.zeotap.com/mw?cid=abb0385f-fb71-4da5-be13-d1ca93d34856&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=abb0385f-fb71-4da5-be13-d1ca93d34856&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d73cf8da1f2-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=abb0385f-fb71-4da5-be13-d1ca93d34856&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 9499 		0
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1682821194.376770,VS0,VE10
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12822-YUL
u
dmp.v.fwmrm.net/ad/ Frame 9499 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f608:d96:5850:6736:187e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:54 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
mw
mwzeom.zeotap.com/ Frame 9499
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f49...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d73af1da1f2-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&cid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
date
Sun, 30 Apr 2023 02:19:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 9499
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=f16a5e4b-bacc-4f83-9ca9-55ee06a547a4&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f16a5e4b-bacc-4f83-9ca9-55ee06a547a4&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d7b4e19a1f2-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=f16a5e4b-bacc-4f83-9ca9-55ee06a547a4&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 9499
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f3802262-1e01-41c2-7c52-ea2294ef5952&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f3802262-1e01-41c2-7c52-ea2294ef5952&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=74528481465111208781197755918741327382&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=74528481465111208781197755918741327382&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d77bf7da1f2-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-va6-2-v047-0091bd7b1.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
UEfOdN6vQiw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=74528481465111208781197755918741327382&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mw
mwzeom.zeotap.com/ Frame 9499
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7227661993255565453&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7227661993255565453&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d756aeba1f2-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7227661993255565453&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
mw
mwzeom.zeotap.com/ Frame 9499
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f3802262-1e01-41c2-7c52-ea2294ef5952&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f3802262-1e01-41c2-7c52-ea2294ef5952&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=RznXt1RCwDOmgdA5Q1EmNO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=RznXt1RCwDOmgdA5Q1EmNO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d792a03a1f2-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
last-modified
Sun, 30 Apr 2023 02:19:55 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=RznXt1RCwDOmgdA5Q1EmNO&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 9499
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D[sas_uid]%26zpartnerid%3D592%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%...
  • https://mwzeom.zeotap.com/mw?cid=2403475317176069061&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cf...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=2403475317176069061&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d753a98a1f2-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=2403475317176069061&zpartnerid=592&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
date
Sun, 30 Apr 2023 02:19:54 GMT
content-length
0
mw
mwzeom.zeotap.com/ Frame 9499
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f3802262-1e01-41c2-7c52-ea2294ef5952?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=8d29ae9cdc157d778c92c0c52e27883a&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-66...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=8d29ae9cdc157d778c92c0c52e27883a&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d73efefa1f2-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=8d29ae9cdc157d778c92c0c52e27883a&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
cache-control
no-cache
x-server
10.40.47.250
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 9499
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-.JwtF3FE2opwFMYrQvML4eQUUWdLyflWdw--~A&zpartnerid=570&env=mWeb
95 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-.JwtF3FE2opwFMYrQvML4eQUUWdLyflWdw--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d767ceea1f2-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-.JwtF3FE2opwFMYrQvML4eQUUWdLyflWdw--~A&zpartnerid=570&env=mWeb
date
Sun, 30 Apr 2023 02:19:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame 9499
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=CAN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CAN&zdid=1361&cid=U6BFRsCULOfJCqkgAvwlMTgGeB7%2B6jTN%2BS41iYitP1U%3D
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CAN&zdid=1361&cid=U6BFRsCULOfJCqkgAvwlMTgGeB7%2B6jTN%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d748943a1f2-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=CAN&zdid=1361&cid=U6BFRsCULOfJCqkgAvwlMTgGeB7%2B6jTN%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
Q88Gzch0hdaG2Uk8vltuVsJAtWIKCzN5gd7SWFEkwIdBef5Ni5ck3w==
expires
0
mw
mwzeom.zeotap.com/ Frame 9499
Redirect Chain
  • https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=f3802262-1e01-41c2-7c52-ea2294ef5952&gdpr=0&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2...
  • https://mwzeom.zeotap.com/mw?zpartnerid=993&env=mWeb&cid=10595844029665553908&zdid=1361&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&w_k=${w_k}&user_zi=${user_zi}&optin=${optin}&uc=${uc}&z_p=${z_p}&g...
95 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=993&env=mWeb&cid=10595844029665553908&zdid=1361&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&w_k=${w_k}&user_zi=${user_zi}&optin=${optin}&uc=${uc}&z_p=${z_p}&gdpr=0&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d7448e3a1f2-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://mwzeom.zeotap.com/mw?zpartnerid=993&env=mWeb&cid=10595844029665553908&zdid=1361&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&w_k=${w_k}&user_zi=${user_zi}&optin=${optin}&uc=${uc}&z_p=${z_p}&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 9499 		0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.95.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-95-213.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
beacon-n010-ash-prod.krxd.net
date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=40 t=1682821194
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
mw
mwzeom.zeotap.com/ Frame 9499
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZE3QSAAGdt3yhgA9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-064...
95 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZE3QSAAGdt3yhgA9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d7438b0a1f2-YYZ
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-yyz4560-YYZ
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1682821194.378574,VS0,VE21
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZE3QSAAGdt3yhgA9&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame 9499
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7c...
0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
35.169.95.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-95-213.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
beacon-n028-ash-prod.krxd.net
date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=25 t=1682821194
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
date
Sun, 30 Apr 2023 02:19:54 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a017-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9499
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f3802262-1e01-41c2-7c52-ea2294ef5952&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c5...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f3802262-1e01-41c2-7c52-ea2294ef5952&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c5...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f3802262-1e01-41c2-7c52-ea2294ef5952&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3G0SGFRDBHK0ZD9EAA9N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GVN5JQSDW8Z95FVQXGWH
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f3802262-1e01-41c2-7c52-ea2294ef5952&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 9499 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=f3802262-1e01-41c2-7c52-ea2294ef5952&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.229 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 9499 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d734e67a1f2-YYZ
access-control-allow-headers
*
content-length
95
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E1A4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112334
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 6693
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6930189154
  • https://sync.1rx.io/usersync/tradedesk/abb0385f-fb71-4da5-be13-d1ca93d34856
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-25e123c1-91dd-4efb-b23f...
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Tengine
ETag
RX25e123c191dd4efbb23f8cb41c34b8bd005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Content-Type
text/html
Connection
keep-alive
csync
sync.adtelligent.com/ Frame 6693
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:53 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.html
s.console.adtarget.com.tr/ Frame 1CC9 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:958::2 , United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6344c20f5e2a231f73e2f211e982630c32ea054347f57d2de05a175ea856837d

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
862
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame B6E6 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync.html
s.adtelligent.com/ Frame 7089 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.90 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4d103aa6459418648cbe913c21965506dec88b052033c15ece5c5800e39f7e34

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
943
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
X-Robots-Tag
noindex
csync
sync.adtelligent.com/ Frame 6693
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
9oo5sql9ink7i9ceat1er9er04vb4l5k
/
ads.us.e-planning.net/uspd/1/ Frame 9FDD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
3128abcbb4f37862e885e75897a12fdefe8cb7a533a15cc268063d1faa05b7ee

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Sun, 30 Apr 2023 02:19:53 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1212
/
de.tynt.com/deb/ Frame 04D1
Redirect Chain
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
616 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
1f3d0f38e9bbceb563be5a8f9318e660fb13fbb16d9318c1c8b5613f74ce28c2

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
616
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-length
171
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync
vid.vidoomy.com/ Frame 6693 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
impression
ads62.adtelligent.com/tracking/ Frame F6C8 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/impression?creativeType=&inViewEnabled=undefined&inViewEvent=undefined&inViewSec=undefined&width=0&height=0&cmpId=483421&nestedLevel=0&tti=1126&ttiFromStart=316&isHeadless=false&adid=3E5578E936E6BD99&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6BD99&aid=724993&cb=1305002294
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
csync
sync.adtelligent.com/ Frame A363
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:53 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.html
s.console.adtarget.com.tr/ Frame 556F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:958::2 , United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6344c20f5e2a231f73e2f211e982630c32ea054347f57d2de05a175ea856837d

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
862
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
ads.us.e-planning.net/uspd/1/ Frame E8C0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
3128abcbb4f37862e885e75897a12fdefe8cb7a533a15cc268063d1faa05b7ee

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Sun, 30 Apr 2023 02:19:53 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1212
sync.html
s.adtelligent.com/ Frame B676 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.90 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
c9b418d52625158f8dd70e9af7381f5531720b9e586e5de3d10b1945a87484db

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
950
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync
vid.vidoomy.com/ Frame A363 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
/
onetag-sys.com/usync/ Frame 0EF2 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
de.tynt.com/deb/ Frame 307D
Redirect Chain
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
616 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
1f3d0f38e9bbceb563be5a8f9318e660fb13fbb16d9318c1c8b5613f74ce28c2

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
616
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-length
171
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D698 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112334
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame A363
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4275550696
  • https://sync.1rx.io/usersync/tradedesk/abb0385f-fb71-4da5-be13-d1ca93d34856
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-25e123c1-91dd-4efb-b23f...
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Tengine
ETag
RX25e123c191dd4efbb23f8cb41c34b8bd005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Content-Type
text/html
Connection
keep-alive
speed
ads62.adtelligent.com/tracking/ Frame 6693 		43 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/speed?network=356&queue=332
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6B203&aid=724993&cb=1365257056
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
sync
partners.tremorhub.com/ Frame EFD4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm&gdpr=0
  • https://partners.tremorhub.com/sync?UIGL=CAESEBta2DlDtcRhR0N3_YAM6TU&google_cver=1&gdpr=0
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEBta2DlDtcRhR0N3_YAM6TU&google_cver=1&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiW5OffATAB&v=APEucNWEe5qU9mw_plYD3CBPaom5J_UQLIGoQnk9pRJwmsDwR820hYLNLnDujTTkDi8I6sEcPv0QXwsYPqyXKwH3XEcBUaa89g0G-GL0j2q_xN9XNC5mSVE
Protocol
H2
Server
2600:1f18:612b:4216:bab5:2e60:d0c4:5889 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 30 Apr 2023 02:19:54 GMT
server
nginx
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://partners.tremorhub.com/sync?UIGL=CAESEBta2DlDtcRhR0N3_YAM6TU&google_cver=1&gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
294
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame EFD4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm&gdpr=0
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEGT3xmMi4zuACO-HmI4thzM&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEGT3xmMi4zuACO-HmI4thzM&google_cver=1&__user_check__=1&sync_id=7eb8be00-e6fd-11ed-8934-101e43450403
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&uid=CAESEGT3xmMi4zuACO-HmI4thzM&google_cver=1&__user_check__=1&sync_id=7eb8be00-e6fd-11ed-8934-101e43450403
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiW5OffATAB&v=APEucNWEe5qU9mw_plYD3CBPaom5J_UQLIGoQnk9pRJwmsDwR820hYLNLnDujTTkDi8I6sEcPv0QXwsYPqyXKwH3XEcBUaa89g0G-GL0j2q_xN9XNC5mSVE
Protocol
H2
Server
192.35.249.138 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
369
content-length
43

Redirect headers

date
Sun, 30 Apr 2023 02:19:54 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
/partner?adv_id=7025&gdpr=0&uid=CAESEGT3xmMi4zuACO-HmI4thzM&google_cver=1&__user_check__=1&sync_id=7eb8be00-e6fd-11ed-8934-101e43450403
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
59
content-length
0
pixel
cm.g.doubleclick.net/ Frame EFD4
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&gdpr=0&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=N2ViOGJkYjAtZTZmZC0xMWVkLTg5MzQtMTAxZTQzNDUwNDAz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=N2ViOGJkYjAtZTZmZC0xMWVkLTg5MzQtMTAxZTQzNDUwNDAz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARiW5OffATAB&v=APEucNWEe5qU9mw_plYD3CBPaom5J_UQLIGoQnk9pRJwmsDwR820hYLNLnDujTTkDi8I6sEcPv0QXwsYPqyXKwH3XEcBUaa89g0G-GL0j2q_xN9XNC5mSVE
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:55 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=N2ViOGJkYjAtZTZmZC0xMWVkLTg5MzQtMTAxZTQzNDUwNDAz
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
false
x-fe
178
content-length
0
match
events-ssc.33across.com/ Frame AEE7
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LH2SAEWK-1A-5ERB
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LH2SAEWK-1A-5ERB
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LH2SAEWK-1A-5ERB&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LH2SAEWK-1A-5ERB&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LH2SAEWK-1A-5ERB&ts=1682821194&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
speed
ads62.adtelligent.com/tracking/ Frame A363 		43 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/speed?network=350&queue=333
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6A4C6&aid=724993&cb=864437270
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 766C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6864495078764&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 766C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6864495078764&version=m202301230201&ct=76&x=9&cor=8905270053501222000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 766C 		72 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Avqlr4uE4x-cPZ_ow6T85JzE2dLmPY1AXTXwTu0O0cB8veytRvj45Odhb7fV67zJ--e3ydB9NohgrbMHev0AwSdv-olQ3wGPXr3l9QQTqw5blK4O60qwi_Jq1mf_SCyISa_nRgnkGM46iOu1zEAmb6qDVMbLX0B1pWtrGpFtMjqliSXdI&dbm_d=AKAmf-A4xhNZO3zHrZfZ_StV6_Y2aAlVoGh_c8Ggl7SIA-pnILtah0YYvSHOHFswqg_DU8_N1RFn3TBTHECKVFIkklWhU0NQUWvk_cPm1GfVTmPo9rqcRyrIrUr71UUynL20ADwrR60Jy_kW9s03ms27X0C4tuz4BBGZb8fJwlQFN_oCY7QXpC1PE6X594K_4pHOKUq7TkrsLDdMZcPVhPhpzRNEbsiytlDq38DIPhakzyF6Of-iMMqLdktHsORnQCIr0zxOzjCyapJ5nzYFqjmv9JPQrnrCwyc9mP1hbwQ5hEDAFE68fFt6aFJvDxlBgJ-AxAfKxyi_IqHLwz8MmPoAkbA_ZJCsM8BlrEI_Fc1rXjKQY_t1wACXtQgowZhC3I5HQyNOdQwD2xXIifmmYzxZpCBrcK4CxW4frm0ZCE8IZMYtUr66WINkf1yR51DiuH7AJbPU3ydzQPQ06MyRcYDSoJwXCf9mVz1NqzxyEsbQoBJGdgpwq15pYb3Q1Vaw_03Y4gmVA9NeVHgdP3M8hWRekJrkyrjyPktzS7YWcYzY81ObqCTzfVhFEnmFoYEPPPKc5qsqQy4Vqk42babSgPxiO2HXaXCdDTnyXKXIF2i-IKCCmyvF0uxSqute_Vk1xQ-jca6eYeseufXoe-k9TdfOA87WelT0d08_ajOUwkKUDIfdiX7F0ZjPY9Aro0sAKXea0n9zh1PV9jKdl3f-Ye1O8M-ajxPDWR7uH57pFUmiCzfMJlXN-c0ztJUTQ6i1uQ_9Me8M750_6ylH-xWssVaISdUiHoUKmJZI9XyEMgRrv6vpjE1wDChNszjrnaJoZM84CnfNwpbvVjTqgIvOd2qTm-0qqR1Bv-GxGz57lgMtmNn4w2AmbhPKDboVdEDY_MATZIRNDfsyVOt3kfEshZ4rEIITQxW8gF6AQ_H_rHbZIbVvNSyxrR8xqM88-iNdkD34mU5pvSnrxiAHJmNBgziTlC4o93rKbvFsZV1wZsNOqsEDo7Y_oZIfQxPwdAqlmrvnOT5Ji-uNn8BI2--0_YB9mqUeEQeYT2wmqOzaxoqvEep3MFjG1N-uVJJa2cdDUvnzKEzVQn48xEkmflQE8OW6naq0lp5ZqDlEaeUmlbZ98uq3yYaoEU8sah-u50pe7bOLud4OaURreruxUwf45M6vc5h5om8f6RpO_RNiFsAi2cGXEPwD-Wr1AxQMlT3u31g2_Z1iDNcdSIVu3Dgtyuq3j4Y4Qh1GTsuhNZyKyOPimfdwXUceAXQ8k0mchy6tDb8p_yPWxO7NEhJDDmJmfKUzt5jk6YrRqDnOm2Cp5kDUuTvKMQyHztNdFOxGcqH_XnmqV3JUmXH3ns4UYE--qGAaTcNUF7TMKNnKMSsaSbo9o_qGJZhdAKzxTB784okLCxNHRFQihn0sGljHE14ZwMxAdDCVyr6SbuBh-GaGKjoPTBuXpD6Uu7PTs0b2X8t4CcqVApzI3QOEEsMRcwNhg0UfsudeXzswBSzWmPR2Mb-qjFJRccyWYWeLBjgX2uN0NtXeY44Z_NdMZiklNSL__jJuPyMnipQvgK6_tMX0sgKJxQjR0dqsYQZ2EjU6-ReBG1hzgluNhPJcSMeT7ZTqD5jf_suNK8iWVYZ0--F4VdNLEDIdMxij6xVqYvp-6LZH8iqiZ5MSB3ZjtQTiXaFO0ShuhI6Qe8cxRpA_j4vCt7_wAdIe3-_-uNz0LAC4OjmVUHCj9xyoyDSj0dvOEQKB_QLhTPIp1ULDZp5FN-cwmaHPllXMIGS5Zu06T-s1e9ezSLHd3oy_A_40zyHTvb92IeqlHJ45w0sub0EzSky17XZ8nLSEHd5VfiyextljmNyMZGpBTt9tXaYab7YJOLNgggxly987Poy0peWwOyfV5k8yMMrlKT_RWxVyqTk5VNYons70qd8e90tuviyHPzfINH-JJcVCj4CD_0v8lxKTAKoScv5La1-v6q4pin6PqXydCNn4rTUMYIrmQBRIFnQt_GgR94mRzjn3fE8CzeOvjoS3jZxZDNCGlCRYHDZsWGLjQjL5ePxh4BqJEruIKvLIv_5-H8sMq6_b8wsh0WJA7jsKaeTM-J1s40k1LAULnTfhb-oG-WTYBGw3tlqi6AQphDMAKtq1hkSSyDseZWgGR5RdALDF07YswaE9YikyYWUp2GKVBLuFLOUoZ-TKQr_hy4TMfhiSBdLc2vt7ezC8WWgKUBptAJL9FSs3llM9C0HKjGqgwv1yID8FVc5U2-49TQ3XJFSeBSR8dDgrYQn1p3Xcwa3JbcALebsp_vVzZBMSZBIuzrbjiG0WzDJheEwDz3nlp3gKH1fhyJX3J65KCN8Ym8M_w_Vqmu93ZFj6-JAq2wNUwdRNoJyRX6KzZQv-jia10BSq3H0CrH7NYXsOLlGhXTh_jQkhvWkIohtsq6lElTeg5oPQVS77GCtKQ0MM7S9OqCoA9iC_7eZ3dFI3pjHuuMhQUdB0D8-psD5lEe4_CN4wPsFyO0BF83_H1BscBAG1yoSDDLoaAzKkQvS6sr7yikvBj3yBWED7AlDUOJYH6Uty4U-CSLnEJMl14EEzM_611SUDKuJB6i0Nt0mDIu7vPzwH6dzT0YhKp5ahO4qqI0FuQTzogpbPuHMS7rhv0RPWJiOmJV2VMSjihW0zAh1zIl9igdqIO_URkeNVVPdllj_qUSl9SJqqRhOg3ocviyDqhxGbNeACjNiI81NoyDMv2IlqyCBpdg1FIG4avo07zopNskxgP5ojOwE3md8Laj-UXb45HRSeE-O_dwGGB3jw9WSzhqRxFeBmBe_sB-slxAWhandG6nT3fkVHHenzQ7wMUkFGonJKGB9saT4pCKmHvcyI_Fy-An9HY8yBAL3-5yquyIBhZuS1ymB-6SF6ro7XAfwc1H4eq49BkSsfUeFJrtYSMnyUwDsVrQ7yjAz5Y73gsHllhCVu-0CqWf5APXCGs4cLf6qbaRO2eJXcyIqOzPkXdSTxc7nzujqEKrTVS1_yaef1-k7RKfkU3B4q262sma_1SPlehcqsqvShfkaSe_BGHfc4EgkXmjY1pRd6K1hV4dLCTIvbuTc8jrcnML58ATatndA85t46U9HpdMJ7ES1H8f5V29k8Ewe4Apmlf643fwkUqfBmVK7Tdb69eVoQCZfs6xrX2TKJX5-UYpSEv2DWHCVsFk0PxUcQ4yTtP3KPV95NyxVKRTRwjYlqRPctcjbISnK0EYfgZzF9MRzoo6J7T5BH5NWO0h-7opy9RHuSn0ihs8DB0PMTe5siGgUvfGuyDd1VaGxFC4lvgQyqfsMqm4lZ07Gm6OAXYinVEQYR8zHm8mWmW9KKPXHkhcqBJy0oixbzDNcBr0UYJSpKwwCAIqULAoDTE9LeFgZcCl1edXrIsLcM&pr=9%3AAAABh8_1keiyGXo_3byi5DIEkdHICDRWCzE8tw&cid=CAQSGwBygQiDZeEyw0wv5Q5SP3Y80OZ9pvy-Dt-2kxgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAogcGAo5bVFGUkUyanlNHBbr7L2yv-6n3OoBFon74OLnhbTtqgEAHBaf6uW5g6Oyj7QBFtv6we7cp7GB_wEAFozB7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFvK0qqzSz6OHxAEWpf6toe7eot7OAQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFvrZpIAEGAk0NjkzNjU4MzcWisYBFowBJQQWRhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehT4AxTaBAAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUNUanJiQVplbFhWS19lRWtVRlNUZW1ZcnRMMl81NlJjSDFGT0h0NzVuamJOTG5qYWFjb2w4cUg1cUowUDlCSUNxMmFLUVF6T0tWQV9VWU5EYTBHUUZHWkVjNWo3MTFrZDFGZXB1RENqVFBTZjdMQ1ZVJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8905270053501222000&adk=2372091703&idt=62&cac=0&dtd=44
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8f848f050082d15f92a78e176abaf199bc20a3dfd27346380cbb0f30e82a1ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35468
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EBD5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9523759043747&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EBD5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9523759043747&version=m202301230201&ct=76&x=9&cor=11977372721605669000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame EBD5 		72 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BACACs52aG7wf3NuAm3WPDzypdRHwCSzfRLCQl9naWlhc8N0SJG9HNwWwiQF5ODNlZdAYNnzKv41KMmQqtEaLjYIEnkMSMBvO-xedLcoiwBIMj33tk8HLPfZibKs4lFLOQmpP3fBEd1wcpbvKXGBO_b2NTVVdQtyqtg91Sz9u199iVI_k&dbm_d=AKAmf-DF2VUhPDY4cN8YA-bdfa6go3cR9bCWOJM1rWM1B64qhP1ZqPEaqrtsvYyPoT9c2ucX-i4GjKyyLYiH_QzRgv0BW_eusYQw26DBzQEapZFlbwjiFUYFaTf3dPCmWwraoKFGov44c-AAIOX_D14a0YLDh08lCSjw8mOYVdYw3BCs4QDj8fTgPd_junhgwujcS7BO0SKzpl5ZUksMlH78RgTvYQQIlB1OpGXovC1w8Kdr8orMrZ6QmIT1KOUBUOhJeoH_mbtnvClNfxfbkHbbJLlXVyqIYY53JiEv56i2Cq4za0MkX18LWQpdGJPDZk-Hcepqw7z1pMYHclrJrT-5PIaQNntDXRSFWPFuj5UhtQC-2j_U-MmJe1-kIELMo46jCm19PXi5ZXOglAkhFp8VMB4RmfCUNpOCpfqRYNxhagUxhE9DUwDuMhugJvG3zhner2oBkgxbYZrpI8A9DsMOIAsqqsi-M4RuCmOC0rwka8Q2iKwo_NEEDaG2iRO9LgedG-CqBXoyKpfo9eU_T_Bm_ioFjKMNh6nNLw0VSUD2PpBtz69leSoyHMbiihPxThvsFMxJXDyWLJcG1R5uDWsCnKmAPWLyeQhkm_bXWwoSYxgngs_5G3KI5dgWj-0Kokb7PT3qPQmvqEvHbKmEG-NIUKQzktY3K9r0AyHCeNJH90M9CdgzNWkulFew7ydPBw-R773Sj2Hjb2amcDrIj4oFw3qt760K3gkb02ibZhRC5m1yx2ptkyg1Rx78YdG5xFXErJ8UXGW8DVIOH8lxLAwjeiRj6k30SaGV6I1IJgSdw8O3Gp0CE5wGLlK8gjbfTKUZKeCFC-YLFheQFd5cPRegmmgPJERkj1o4o7wpfU253RQ6fW5AZkLEphYN9KXHCyV6UTLM6bBuaXSRjwVMkXJOkPqYVItV65HwzSVdvKZlQOnrqoYGeMP3rMXn7C20uTBk_J9yn1HTGQjH_bOfoIqeyHG2ZuDnDm26tqIDLSaXQui-0N0n4N-rFDlXxpFiyXFX5wxzaZUYAp--ELDeSecX3ahPXj68mTh-6UWfeqAkKFPhy0vvdGHNtx14l0ayOfGFW7mt_xZeTF0GQLBwWYfLVNYu4b6HFE65-movu7cZzmusqjRkw89-bPepggU6Vt_1yZ5qfi4fwCVPlOcedGthhwtnC7hXK-55JFZoBEVSWlKX7NI2h0mAXR7aBvc3Bqaey4sLNaV-OfWbYczaW2zFrCyAVNpCZKhlSVvgGzn331HhDspN6o_RqGusjejRVtHLUAm-LkdxyGgk9P2lENUAcrFaOECOAqRl00VLA8CS6V1hiuVOHlZaJ-2M2uBA0xewHDhFtSFowvS-pI37v7k-VFmJUd1hPDg_65qYhNbq3R1oGqaHYxdlE9HRDVgAPRcQEUHl0QeKnbC4yz9HXXuLF013ebmq65UdxGoHb7LXVKrAry4Fe0Ca4Wm6EcuwrfQjJqNqD5KTDG9tBI1Ma2yqxUoxlChVw8S227i5H-nbxiegiMTPWcDfdLa2lkQPS9kq0LMbNx_WUplVKJ0StafmnBLMwaw3W-dKGj2D4YFCXvnsmLSSND11idPG_a8kvDt9Ef34r6LG_z40YztT5VM8a6oDJ7PnJ0Q-zY_XX4ull19vWPH8Gy3B1dmEK8-E20LiEyksXtizPuAPfzW2eZ1MBtBKCX9ko5Q8WOf2sbw7wCPjFyPAqAlfLSAt3wdEXPY1lZfNwfmhapE_I46b_l9Um-_46b44I39xITEEDcupPGHEJIwEBY1H7gC3OpBmH8taoGWSQGkri8WsuwJD6_A8jJlROeRAu3O-kZ8puu-wy-M1jnsKzZFJvt3cDYavqrQRBQWNVuHDFCup0xnDVmxM424kX9z_LOLNXmJGD9qCQeKZBuxJrbDnyD_udzl0SAAuBvUThzUxJ1zNDzz-4kax2tpJfa2ZSliMemdYUhn-7aIyNFhOeRLFXv9GxVXN27Xb45qdFlYF6YQ_Y7LjaRcqYfv-SbK4FEe5Wxjsspvw8x12iEuCKvxFNG5PbeTdASlhQ1uoF_vV85utHKWK-VLYexgl8fDd9bI5iOQ9GTtRe-J65I5yFhOx3yVBHHNy_L6yJmS8xTHP-baMH6xrjRaomeqoh4SbkSl_zp4kz_HmCNcDq4HDsyltqh-JA0wDCatke2T5JKVka1lQjde_oAplIk7_4ej2SwaYt1kPstZavBNCaFLOfcfR6hslg2eRmiUq1J2e3eNxbu2E_8-nwR4wdOsbO9kWx7R7FXo4AglgTnCsuR_aXqd5wpvKfb3cJaoSNuprJn8PTpO2yFIhKJ87uuEB_b2n8mdnSxnQcSaohGhRkKQShbuk57CyNxooVOZR-UI9ymUecdWTig9TvADQspw5r1Ct-j5MM28lHd0XYRFZTPe0Y6XQ99wHz9JNWHIhFod8Pumo4RVJ6jsSY9eCz26wx_Ckzac3tbYvYqPXHCoJ1XQl1lpZ14eyJhxKuBplzkTxwz-E0jl0yl74UVV1BiJcdn1qwLZbvq8z-rtKMuiUjrftOx7oAT6HN8pr8v9eRgBqPu7TwEuQumjxveban8_vLf0a8IGBHCO5uFf72I9YtwwzwNccBusQWbbAvGmzMML8XSl2h4ZEQ-ePGhkJM3eY0hkVbd1EMGctpKdKdB-1saFH282iDfErLAYsuawyWSJ2RcagCy7xYEgYzFV_ueOxOxIpjkv7GU4snuhY-YNlb1EgLPmVCR6WTqQox1q-LTzhQNqjcSRLYCyVo__UZi7Uso0Jn9Eqsn594NcNembqpLSZL7EF0n535oCE5-bw8ngfqXBEFP5dhvi1lG3o-GpwdswzqJqz_x8c8EEJMsThjB9weGvF9oT-TaestgkOOAVVlih_PBR6yAZX4MqJfwIkv-YIFOpf7H79-utAlKsZPmZTdKbZoDNjgCdaTRU5OABcdOMmHB37pkMQYJoALfaqGck1ssyhDi3oy-UQha0gTcnh_uA_DF0ZCU9GJ6oN0hKhllIRu75_A5dS2N5zyeghYSvikdRDV3zMemIjiSvRwovsz8DpMX4RBVH9vHZOX5q-BdLTbVcQObizL3QXDR3iGPSDC-ovwKa7JU-_paiEmV-n_4gP5f0KsGSH8YDaz9bDF1ook9uVUJNtUi1zDOP5pNV5SzvlQROml8_Y8VAWGSJNfp__FmaMIx6cHaC3cJ6MvqxoQQQWTdJ_TUiPTXrToRKdLBqEZLLS4kiyaDQjDVs7azHfmtrngFVA2jn6htqkssCxjAwTfiAD0ZgNFn8ycUUQm89S8B3CXD5_-r3H77T2j7dzWyX-v8kTO_1oGmrPVCeQyqKZW484HmPL6fJi-exZRJbzsOkKsUCLrFJWEmPhCr6CScT9gqBL70ErGtbnhDdY&pr=9%3AAAABh8_1j-i2qtqaA8d6nM1yIZ2u8RK1q_6SMg&cid=CAQSGwBygQiDPwXAOJ7mx88tUtyjkbUyxvfMCCXZ9RgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoYcGApFaFY0cUduNWYxHBalxZ3QvsHxgAcWn-6F96XQn6D8AQAcFti4sr7blPfjMBbBrfKM5su2ke4BABaKwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkYWRhZGFigWKBYoFigWjAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQW-tmkgAQWgIiggAQVGBwU9AMU2AQAFQQmjAEWjAEWjAERNQ4mjAE0AgAsLBbtyO3VhPGb3qABFu3cj6CbwrKFkwEAForB7sQMBii82ZiABBbEvpuABBaAiKCABBb62aSABBgJNDY5MzY1ODM3ForGARaMASUEFkYYBzMyMzY1MzQVApa6iokDEREYAk9YDHoU-AMU2gQAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbRjnAWh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ_aWQ9bG9zcyZiZD1BS0FtZi1CaDBNY1NoT1BEanBaYlJvMEpGNTYzQUZEaERRX2VCRnZnWl81WGVGVTBYMmdqTWdfdVhuMUl0WHByUlBoeW1xeUd1OGE1V0VXVlcwbTNGRURReFNLUUd0YURNcDhiNy1XZ3BHZFl0RWs0dEhRczhsVSZsb3NzX3JlYXNvbj0ke0FVQ1RJT05fTE9TU30mcHI9JHtBVUNUSU9OX1BSSUNFfQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=11977372721605669000&adk=27505019&idt=57&cac=0&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d77e862946ba9861b6fbee1dcfbe53a721235e78a3d6c8293326c6cfdd8a504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35413
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6016 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ZD4RY2VB5S38FTC9MTX1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6016
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6016
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=abb0385f-fb71-4da5-be13-d1ca93d34856&expiration=1685413194&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=abb0385f-fb71-4da5-be13-d1ca93d34856&expiration=1685413194&gdpr=0&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=abb0385f-fb71-4da5-be13-d1ca93d34856&expiration=1685413194&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6016 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:6422:e7b:c10:ea7a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 6016
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZE3QSKiBZz7mrFv9ttLKygAA%261459&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
date
Sun, 30 Apr 2023 02:19:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22344
crum
dsum.casalemedia.com/ Frame 6016
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9392106e-c708-905c-1a29a45f
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9392106e-c708-905c-1a29a45f
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=9392106e-c708-905c-1a29a45f
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
crum
dsum.casalemedia.com/ Frame 6016
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7906230784814628655
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7906230784814628655
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0c556ce6-40c5-41aa-b94b-3327d728ff8f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6016
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e7b476299e03423b876156b73e369518&expiration=1685413197
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e7b476299e03423b876156b73e369518&expiration=1685413197
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=e7b476299e03423b876156b73e369518&expiration=1685413197
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
u-iad04.e-planning.net/ Frame 6016 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=ab9c2de71df9c853&uid=ZE3QSKiBZz7mrFv9ttLKygAA%261459
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 8462 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 17:49:36 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=55760
content-length
10020
expires
Sun, 30 Apr 2023 17:49:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4CC5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsun316lhcL-5w1HIs4W9QVQWlkHkP8KZtdCFCsYULBvuxBsFinJjvsUSnDWdLwvVDy-7JDJF4e8TGdyWlPVHmMPzfdkVJ6zAd-WfT2PefbpO02PQLsV1wI34uTJvlpGkbKR9za3ZUN7uJgod44iGLgGvG3xRINM7tDQtv2rKjDqwgzefuwHvHBZ3QlVRf4iPZuFoRzejc_YQa0GsgRjdgy3cFPQuCjMQ0T88RPLgYaZSqWe19bz-GNFPX2vvzm66up-VH8oGlSx3Ehs90NrLQ3xiG-ucE23T766zNZeAquwiTUoUHlw3dosnqMETun5iiMTw1nKNb5rm-0D9aIOyqTSk8Tjgg7ZBe4dAQ34j78kAXMCx79l8W8PwB-yCeJrQO9iVf3CRWMUGtXfC83z3qTXS-MkVtl62Ffz-WfuAL7gCwhAfvQgn4S6j4eR5fSu8zGoQ3fOOMzHPmYpmUGRGaO-cf0RXreCPiQpU7kuDuE7zOXVVWdDMsLRiar6eREMyljxQ2iQcat8i0U0NknBT9_mFPC9hbrQM3cqB55IY5HMOCxETralEhatQufnhMkI2O7f5PX8LWzh4JqWKhyktbBe4BnHJIHtspszfCGXNijtQblAHo_Fu8MQ24A10nhNAd0FIPUOYI0GcJgImtGQvZxCbxwRsSO-_VJcwf7GWMsFX2O3PW3lywNdsTg4U1jq_yDIP6Qsztg8I2GQzeP1OYTmaA_hm4tDnTr-oJ-jEKI6hbwQGFtYdi1D9TcL22FshUMi65mlmM-KNvxHu5RPJQSB3T3NKuM0rVYmoUIeZo_yIHfO20iWDtyEHKKg_0Z53rCla6KEpN6qNxMUz-kfdMtwNN90yA6kwVAurkGNe7uC9fn4WvNLbFibkLlkxyBWX5Jo3FcdchlHXFZz5Ucnzqjl1KfKSvItQmXhFS7spBLaWeY41bVR5s8eF3MUZjlSSXYc6kPXbmqy9zrLGmvO5VaNaHROQO5JCOZ_8O1mPMsWTSJ6uL5ZAAC2md4tuHgg5liQ8mBkMthgjVUZRYefQnGI0EBx6TtJKo4lH7CxTI6qR9nMgowc0yzQCoLkpDQjjkOAZbnVgGbFaPnAcV_qvH7SzU_LXm8q4bfjN2Ml_EdBphcm5l0BBc253XK3zN9lH82knxKWmEJQEuYqh0YZyofGUZvtQJ7RmGAy56vGbMCBC2wkG3hP2bmTswrRkA&sai=AMfl-YQhIM7_N04K1oEzoJWSGVce_qUdzYaC7TvXv9YiS6bb2cOyybStTP8tNX7iRIcNyoeyYdez3vaPKpLPe70OXI52bRINRc7W-68vCoVvuF21dbksBzR8gWruM1iSIzaydRCTMJMb92uvK9Gm1Rvck_vIp-DNhIyxsdMIQTjHg6uQlb4ifNg&sig=Cg0ArKJSzOvPyfwg_BtPEAE&uach_m=[UACH]&pr=9:AAABh8_1kkN35CQgCn_14eWSWtNGmPfHbYJzpw&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=607&vt=11&dtpt=605&dett=2&cstd=0&cisv=r20230426.02613&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8QPhpFxDHwNvqORpEYrBwnbXHrPvWrT-gFaZTOT07rtxYAOdxK7tetyKlunz9mC1ygQv5rWPEkomWG4XrSej_dnL5GrQ697ptoakUWxXCMQ1o00In3a5CrZvj-t1shjab9d0I68IAMZsi7qdORmVMWbej8vOEf7IEFYwEssVMSiFT4L4&dbm_d=AKAmf-BjEh_KjAB4SKyyn-wRykM08wElQXhxASEBgsW-BUYZDMd99O-tJjbLAwyUSz5OzNpMkQ_3Gd2soHzzox55x7CPMcx6eGM_FDr16Joh_wDqwmgXUh7iEsDMrmO-iJhKrcsJj48G4DNwR6dZAPVm1biML-2IrS8WnJ5cuZbUce1xhHSUbKcVay4xdmx9AKstiAFe5FCd8wKjHY1xzU91MPnh0-k1KT-hC4XcxOJ3ZoFHYpED19KT9HEVRGGcavNgpLWkcno5j_ah7_8q2K0ZEaInOef6nn1lFUUTHu_ra906yHliZdqSSQ3HUbMnvLrj9qeGRJ-ckqvQJyD_AUtV6nzG0bxDEDQfptoOXfiwlA6MRyfRTcG4a-R8_k75h1g1EiUYE7q0dXr_wT8Gzu4tCcAiteOZ5agfxx-ygKnAvhfruKFxV0N2FgCrIZ_crvuT5FPli8DMlhWBho_PfwytR7AU-Gf4O2-Vp3C7yaxY-mWanC9MgvSDvUb-FDexdMrzj9vXYBS0LmcXj2hMLY82cliSXoeDu4SOCksVI_QTFBlN9Mm5mmWtZrSAKXHKuYstwTreWBQ08i5C5_pUUaMS-DG6bipOVdzmKgqVk_osgEXGjXL36rds75jzbO__1fXHmHV0TnSQXqg8a_iKqa3HJsiKyT2Fe4uX-WNVR5Wk-gIm9fcrHoppiRADOtoEDOkhjaZaUelc432k-hnHvP5ddSvD0c_X3xHBAjlIoqKqOfM6Rllxjj1IKY5RSm3PzixvRvW8yDKDubxMD3ApRieWz1Thagaxt3Viqy5Db3vRA6l_C1ju4t63CY2dV7zvVMY-Q-nHQ4J0_H1-iomFEXOrOPAeK0ed9yLjEcyY0a0H1hyvwg8MzQFrku5ofUBgz8FSUZkD0vB67gP-5Llrg0uOk8za0p6jr1O7Y-AwUuIyvVfeMpCYKoad-YdthYDPnSNF_v8IOUospCy1JahSz4S80NxaOKdTlBrg81OnuQFDzPcq7Sj6CfmDM-0lDyJT2CTcsBGQZtewBkWAmmu--CR6iTmQRfi9_oUKo8GynsYusQTAlcBha02L5QmpK1K_QemBnkmbu09vouv4rsdnH6BhG1cFgyJ2oM_sq5lW5RA_v8GSB1rcYVgk9sW9UGUPH3W8yiZZpeWeshp_emfEfc2bzOKFJio0x0ONRKY6qIlQXsRlkA3zYmz9np3fY0GsS9Y0-LKfJgP4lB8Mgs3BRQfEBdcRpiKlqKM5dcke6ELn93Ay036t8uRKb0XS3WuuPGFGtTlAU_F7ueZoGCBSoskLW7PwyXppZcvjAhPlXJLuiV1IzUC7EFL4gOkaPsr-hgXHCNQUXcGhdNelXvUV9hhWiESXJa_RxE_fOHlFVV5VT9-VEoE2MeXp8gTBG1RyeEvJK50wCdPBF3Q0djL3Gc0r-5i2QSmaJyx9JwqDS9tIV5Ui9gWMLPnb2dwOiw3fu88rQ9i_1rcuSqsqWSSQKJqay7OY7ctRVIoN-4vbvhrebGyagNcCGRIYdNgnVIwX2-pCMYXeIq1KK6R8QYXOsTVbceVQLm5NkhdrcPjOlqk1YMI83LP8BwHyhUFGSjOIO7GafhYr0WMtaKK8-M-2c0ciEOAgJPKv2NsRN0-6JqEkd5QfJ0fAlh9bIkeGMydaUivKUH58P6KbBRygaGYarB4EKybkwJzxZ8U7lzEWe-7r2atuMi7fbmIweY64Moj6ZewV3NcxVEdiOgq5deusBmZAmFOyMXI4-pGLLXxAblUpXsuHSxmKIpwc186pZO5rFQ-mgj34S5S_4YQmqbFqaTAkePokCeS3Lfhrf1AtXXhyHk8aiSSh3e8FrERuuiTbnxj9ob1rdLMrm0H-iO_IEHwqmyVjK38aZsCo48mClh1RVW_zv60MOLwmdiJ7kG-ORzE_NJHLes8kW_C6eehVrm-xo7_zXl0Dk5VSSD93FNJyEhA1-6xYkJt9yIa3GZiTU5Utmei0B-zDNmnhKgPcVBbQY8z7GRf9f1Q2RvUg5vNrPXgJ-q7L43iSL3a_bdIN7IvM3-5R8P08H1yOjEF9gPNF112i8idNlMqpLpqU8HRaMSk4N9f9nNHtZa8dJ72QXCccqJ5N0L82YfAL3FZrd3IlYTG0ttZ7S6UdOg-xyOsm8Md_e_P-PviV927u9gQIB_Ryw-CsZWaZZZLgPbfL1X_lfBHQuvW2YlF_73doU0meAFmAVlzG96R59K8IQ88E4tVbkrAbzCt1qCcOrRTkQpRAQmM2__l2vHE1mtYH_IUcJhgQF7DqPWQigm2Eo-Zmw-kW5UsNU7AeOu_fn_uVhRFXm-qJ59wU8d4Vf_HQNm6xufh7eyGMPHsqOPGmvpU4PvXRmoXC7r9QoK7CaZ7GmIbM1CHKBs39hpN6dS793_8VcLE1wlrcuH9AUwnqApcomujrW-wQLiQcrGQzXHPMpOR6mrbf0XgP61NIAHAgcVnf-6vFcT_xB6HwJZvPCTrhXLF9zUyIfLu_J19kdUlSS3Rxz_Rn6pm3CmwkV6e0eBEmzr2tI4xvfdepMAfFa0qc-Fisp-zsGwlZZ6RSNRECc-PLiYxxoU3WGp6xOHq2vom8wHIlcQ3DiUD7b5EhOrZEbBTezOIKopPVXK7xKWwwYE06GXOCzhrzPMPtiOODu1YISpGLb00vad5FSKIDe6TQJ1lnF9L_z5JZhDI-wbWmTd7SpsMnun_U90wBQUHZkCw2I8GCnYlPervjjwu7x0D_8cmAjVhQNatjqPWgff7SNfrkiyIzmUBHN4YsXAaax5C6S-Ril7dj0WdjevNb24LyebmAZRXye291EyZ7VawVOXJfIpzwpEYwr6qBh5xbSn6BrXO0K27E_sGPAZoJqE3gpnVD7LT9Oe293AIe-ZawEWfaksoKgcfhiQxZqQ-U9lNAhE60FYquhcKdfuihu-koT-mm6tJvvUm6U5yEuCSmu-XWxrhSLx8GJBSdPdC5RTB49-dXgyAiVhv4zAiEhzkG9joSzp7JlfL5_7xolpP2fXxSQ8QiVgA6iP1_aAYcUXalqxMPSEdPdMU8Iz7ArKhHAqb4rv6oIXhVaBxEwBciEk_5zNo-ftjOgOIdMrm5Usl1YO_TLee-ZizITvhVpDboW3rfi6NjsNQ9PqVvAdmafikOUcWKf_Ld0eAIi1lCoC_SKbebStjKMmgx2iIGGZP1qUUT3Eip-Ng112saVqKnCqIg0Q_Obfc5LzMbClZdPSqRAKGMq9ki000LJnE1IuJ85R4UUxRRBY-39khmCE3HvtAz0tC_tIhCDk0nbiIfixbhRbtWmCQzokWqQzSWpuwCV8FRxLuP3bN9F2udKqhaAXKbz0Dv1fAlOm064Jlbv-YCJRyAIVMjza4BYUip02GyIlZ-Er3sgrDp&pr=9%3AAAABh8_1kkN35CQgCn_14eWSWtNGmPfHbYJzpw&cid=CAQSGwBygQiDbt7CYCgXvb3mivu1JlQRn5TC59eOLhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZwcGAozN0R4cmxoNzlzHBbfyr30ltnw0ckBFuHJoqyhvKn3vwEAHBbD17Xqyrvn4WYWr5ORoabCsIOrAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoYBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFvbZpIAEFoCIoIAEFRgcFLAJFMACABUEJoYBFoYBFoYBETUOJoYBNAIALCwWtJ2qz5K089V6FrmRw8rP3dvT9gEAFozB7sQMBii82ZiABBbEvpuABBaAiKCABBb22aSABBgJNDY5MzY2MDk0ForGARaGASUEFkQYBzMyMzY1MzQVApa6iokDEREYAk9YDHoUtAkUxAIAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=6414366815693711000&adk=2453281538&idt=108&cac=0&dtd=45
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:54 GMT
pd
us-u.openx.net/w/1.0/ Frame 879B 		762 B
464 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ebbc68c100c2e68350ad74792b98b74b879c876690e489c418e71c48f9e5476a

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
445
content-type
text/html
date
Sun, 30 Apr 2023 02:19:54 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
csi
csi.gstatic.com/ Frame 89BF 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lh2sadp7&c=5929998944819&slotId=2964999472409.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 39E0 		95 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=3a82591f-53ec-4047-4747-5736471ec338&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d6f8fa5a1f2-YYZ
access-control-allow-headers
*
content-length
95
UnitWidgetItemDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.9/ 		110 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230427-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b108ad68dfc4388a72abac7eaeb6541a3989a5bd72137817408e650f59b3d28

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 6e873fe6803a6da3d6232f8bb9104e9e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
YUL62-C2
age
2218467
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
30625
x-served-by
cache-yul12822-YUL
last-modified
Sun, 05 Mar 2023 10:04:45 GMT
server
AmazonS3
x-timer
S1682821194.211654,VS0,VE0
etag
"ea028f92a7f8148937b7e7ff11aa20a4"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
QURQj5e8gMNuREyI462YM6exdb15gfHRr7uYw41YyHuN9TWY-KCZlQ==
x-cache-hits
36354
userx.20230427-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230427-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/khaleejtimesmena-p13238197/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b8625c4402d86800b7897daba8aab22235ca8ca1f711b577558ccf73b8817c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Impp0E3AOkcLKlBUBj8zlyqTggheLDUl
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:54 GMT
x-amz-request-id
3RNE4D7JSFZ0NH33
age
150891
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
JEB9kELj57RLtp5I1Ws+CqoUZepOb/SnTmN/vbr08WJhe4XAEO1F1sgTwPiis7p8f+xHol5sEIo=
x-served-by
cache-yul12822-YUL
last-modified
Fri, 28 Apr 2023 08:25:03 GMT
server
AmazonS3
x-timer
S1682821194.211331,VS0,VE0
etag
"902ec59d9ad5a82b954f8d0b83b65cdb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
11
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
49970
floating-unit.20230427-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230427-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/khaleejtimesmena-p13238197/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd89cb6278a8fd165825b97cd64f5b3bed95e1162c7278098ac3fd2344599d36

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
5undYmn7ARvxe1tV0U2IMgFrYRvoZSjD
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:54 GMT
x-amz-request-id
D4DP5F5VD2KZ1GHH
age
150899
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2473
x-amz-id-2
kgEvutAnteBdkF3z83huOHQdoGEpprp7gtudk07+8x74Nw9kK0Dbve+fk8bEAWQpwf7n3Kbz7jU=
x-served-by
cache-yul12822-YUL
last-modified
Fri, 28 Apr 2023 08:24:42 GMT
server
AmazonS3
x-timer
S1682821194.212413,VS0,VE0
etag
"29b944f8d415cc3ad693613cccad23d4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
11
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11876
cta-component.20230427-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20230427-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/khaleejtimesmena-p13238197/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
974f3fdec0973d3d80a91558a63cc8c478c15ba2ca96ee1e523c86e23a25faf8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Q4LtgS8LjWQSD.2X4jlcWzou2WKkGp4R
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:54 GMT
x-amz-request-id
F0DCDK8GNN2E5TT5
age
150923
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4737
x-amz-id-2
yA9HXWOan9rzjr+0glji1QfYV1Dpo3hNLd4DylRMk+4seCTxlBEjnJZUPHuIICao20OAFx3wA5g=
x-served-by
cache-yul12822-YUL
last-modified
Fri, 28 Apr 2023 08:24:31 GMT
server
AmazonS3
x-timer
S1682821194.230747,VS0,VE0
etag
"847e28fccdce776d65523c7ef8f05e7f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
11
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
158513
tb
15.taboola.com/ 		32 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://15.taboola.com/tb?oid=15&pubnm=khaleejtimesmena-p13238197&unitType=226&tbloc=&pageType=text&pstn=Sponsored%20Below%20Article&uuip=&cisrf=&cirf=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&encoded=1&uid=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&variant=-100|1&callback=TRC.videoTagCallbacks.videoCallback2&cb=1682821194230&tagid=&cntry=CA&platform=1&sesid=cee9076c1765ae81151a2dad5d03f2fa&itemid=/tech/microsoft-says-it-found-malicious-software-in-its-systems&viewid=1682821193222&geolat=&geoing=&deviceifa=&appid=&sd=v2_cee9076c1765ae81151a2dad5d03f2fa_5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9_1682821193_1682821193_CNawjgYQhNdFGIa81v_8MCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABowPup8duG3vbwAXAB&ri=980a73f9e4242f959ad056d1e8539e89&appname=&cdb=&gdprApplies=false&rid=&sii=&oee=true&tpubid=1141636&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=1---&region=QC&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1141622&prcnt=&layer=&normp=1&gvv=11103
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230427-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
26531e872adc86712eba0bd13fa0a20e7c99d9a1684e99cb4088662938686196

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

expires
Sat, 26 Jul 1997 05:00:00 GMT
date
Sun, 30 Apr 2023 02:19:54 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1143
x-cache
MISS
xvid-debug
mrmr - :
x-served-by
cache-yul12822-YUL
pragma
no-cache
server
nginx
x-timer
S1682821194.246555,VS0,VE29
vary
Accept-Encoding
content-type
text/html;charset=ISO-8859-1
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<https://us-wf.taboola.com>; rel=preconnect
x-cache-hits
0
explore-more.20230427-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230427-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/khaleejtimesmena-p13238197/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ca9f09fd888168eaa6fbaeb6305f77192e22689d6648f75249b27b89469fafa

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
aCaelB.I6.002MZc9OprusQ1nqFSmPc.
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:54 GMT
x-amz-request-id
K1N2H74TJEV29166
age
150919
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7554
x-amz-id-2
AzB/t/Hf+YKztLQHwjf5mhMemKM1aeA2n24lW0p0vfw/1IHYKX2d0mQehE7DC3252zt/GpQKqGI=
x-served-by
cache-yul12822-YUL
last-modified
Fri, 28 Apr 2023 08:24:36 GMT
server
AmazonS3
x-timer
S1682821194.239772,VS0,VE0
etag
"183528c666f49b54092265493111af43"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
11
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
80188
feed-card-placeholder.20230427-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230427-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/khaleejtimesmena-p13238197/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b76acaf40bb58b64fcc644504641c93f5091e0aeddcc55db81ff58b4a802e6a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
lykY8tvsxn49RywfWLirxEJmAMDhR9sx
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:54 GMT
x-amz-request-id
K4XMAP4SFWPBNMQD
age
150917
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
ONCcQhxWfz3CG0PokeDJBurIckicEVuIBXX2ZftZPe99600nRSIC6I4dgU7TEvYPxY7Mmf68bP0=
x-served-by
cache-yul12822-YUL
last-modified
Fri, 28 Apr 2023 08:24:37 GMT
server
AmazonS3
x-timer
S1682821194.241990,VS0,VE0
etag
"10ac00fa6d0dda809a73bea40c206cf5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
11
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
143557
supply-feature
us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/ 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/supply-feature?route=US:US:V&lti=deflated&ri=739236eba8fe3fe462a6a91e72965c6c&sd=v2_cee9076c1765ae81151a2dad5d03f2fa_5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9_1682821193_1682821193_CNawjgYQhNdFGIa81v_8MCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABowPup8duG3vbwAXAB&ui=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&pi=/tech/microsoft-says-it-found-malicious-software-in-its-systems&wi=-2936916532520794986&pt=text&vi=1682821193222&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=02%3A19%3A54.205&id=5394&llvl=2&cv=20230427-7-RELEASE&
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/supply-feature?route=US:US:V&lti=deflated&ri=739236eba8fe3fe462a6a91e72965c6c&sd=v2_cee9076c1765ae81151a2dad5d03f2fa_5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9_1682821193_1682821193_CNawjgYQhNdFGIa81v_8MCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABowPup8duG3vbwAXAB&ui=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&pi=/tech/microsoft-says-it-found-malicious-software-in-its-systems&wi=-2936916532520794986&pt=text&vi=1682821193222&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=02%3A19%3A54.232&id=2596&llvl=2&cv=20230427-7-RELEASE&
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2739 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112333
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:54 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
ads.us.e-planning.net/uspd/1/ Frame 5371 		1 KB
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
be261bef0b49678870fd91d7a20f971d710ac25eacb427d33f977d309360aa26

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 02:19:54 GMT
expires
Sun, 30 Apr 2023 02:19:54 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1212
sync.html
s.adtelligent.com/ Frame 13AD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.90 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4d103aa6459418648cbe913c21965506dec88b052033c15ece5c5800e39f7e34

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
943
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
de.tynt.com/deb/ Frame 710C
Redirect Chain
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
75 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
75
content-type
text/html
date
Sun, 30 Apr 2023 02:19:53 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-length
171
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:54 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync
vid.vidoomy.com/ Frame F6C8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
sync.targeting.unrulymedia.com/csync/ Frame F6C8
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3790831835
  • https://sync.1rx.io/usersync/tradedesk/abb0385f-fb71-4da5-be13-d1ca93d34856
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
csync
sync.adtelligent.com/ Frame F6C8
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync.html
s.console.adtarget.com.tr/ Frame B6B0 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:4f00:958::2 , United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
0a96b43eaff5f46d5a979dbe0269f6e64d8fef024233ed560559f196df783073

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
729
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
onetag-sys.com/usync/ Frame 6524 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
speed
ads62.adtelligent.com/tracking/ Frame F6C8 		43 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/speed?network=294&queue=302
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6BD99&aid=724993&cb=1305002294
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:53 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
/
sync.richaudience.com/74889303289e27f327ad0c6de7be7264/ Frame 4A1C 		95 B
178 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/74889303289e27f327ad0c6de7be7264/?p=1BTOoaD22a&r=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Drichaudience%26uid%3D[PDID]
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
image/png
date
Sun, 30 Apr 2023 02:19:54 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
um
u-iad04.e-planning.net/ Frame 9FDD
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dab9c2de71df9c853
  • https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=ab9c2de71df9c853
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=ab9c2de71df9c853
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:53 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=ab9c2de71df9c853
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-iad04.e-planning.net/ Frame 9FDD
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dab9c2de71df9c853%26uid%3D%24%7BUID%7D
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ab9c2de71df9c853&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ab9c2de71df9c853&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ab9c2de71df9c853&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
ktdok3dmg57t51hkn2a4eafmkkjo5sod
lotame20230117.js
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame 9FDD 		676 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
content-encoding
gzip
last-modified
Tue, 17 Jan 2023 20:00:05 GMT
server
openresty
etag
W/"63c6fe45-2a4"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 28 Apr 2028 02:19:54 GMT
um
u-iad04.e-planning.net/ Frame 9FDD
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Dab9c2de71df9c853%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=364109cfab360fe8&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi...
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ab9c2de71df9c853&uid=AAAMERwH02NBqANzpj3zAAAAAAA&expiration=1682907595&is_secure=true
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ab9c2de71df9c853&uid=AAAMERwH02NBqANzpj3zAAAAAAA&expiration=1682907595&is_secure=true
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ab9c2de71df9c853&uid=AAAMERwH02NBqANzpj3zAAAAAAA&expiration=1682907595&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
um
u-iad04.e-planning.net/ Frame 9FDD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dab9c2de71df9c853%26uid%3D%24UID
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ab9c2de71df9c853&uid=7906230784814628655
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ab9c2de71df9c853&uid=7906230784814628655
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1119d1f0-6931-481f-9bec-cde0692fe114
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ab9c2de71df9c853&uid=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-iad04.e-planning.net/ Frame 9FDD
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dab9c2de71df9c853%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ab9c2de71df9c853&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ab9c2de71df9c853&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-34
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ab9c2de71df9c853&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-iad04.e-planning.net/ Frame 9FDD
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dab9c2de71df9c853%26uid%3D%24UID&partner=eplanning
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ab9c2de71df9c853&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ab9c2de71df9c853&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ab9c2de71df9c853&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-store
content-length
0
expires
0
um
sync.e-planning.net/ Frame 9FDD
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
  • https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
date
Sun, 30 Apr 2023 02:19:54 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame C9BB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEgyU0FFV0stMUEtNUVSQg==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOk91bNr3-eHr2em6AAzZZA&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyU0FFV0stMUEtNUVSQg==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyU0FFV0stMUEtNUVSQg==&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyU0FFV0stMUEtNUVSQg==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
setuid
px.ads.linkedin.com/ Frame C9BB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2SAEWK-1A-5ERB
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2SAEWK-1A-5ERB
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 08149E566AE5407898011EE9E7E5ABDE Ref B: YMQ01EDGE0813 Ref C: 2023-04-30T02:19:54Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6hFeMKG1FwzLv2Y53VQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH2SAEWK-1A-5ERB
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame C9BB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DM19KBtVQMGAX9tcsFoNdQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DM19KBtVQMGAX9tcsFoNdQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DM19KBtVQMGAX9tcsFoNdQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FHV0BK1TXX28VQF9SP5B
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DM19KBtVQMGAX9tcsFoNdQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame C9BB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/AuEfNLX9FeAR5vBeNw1mPcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uASBihJE2oJXi8CVW2j.qKdouufS9OojEWjnvw--~A
42 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uASBihJE2oJXi8CVW2j.qKdouufS9OojEWjnvw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 30 Apr 2023 02:19:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-uASBihJE2oJXi8CVW2j.qKdouufS9OojEWjnvw--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame C9BB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=&expires=30
42 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame C9BB
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjFjZjdhNjVmYjIxNDQ2Yjg1ZmIwMmYyZGE2NmMyZDgwYWFhOGM0NQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjFjZjdhNjVmYjIxNDQ2Yjg1ZmIwMmYyZGE2NmMyZDgwYWFhOGM0NQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjFjZjdhNjVmYjIxNDQ2Yjg1ZmIwMmYyZGE2NmMyZDgwYWFhOGM0NQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame C9BB 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z0ESCVN7KANV5KTFX7T0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C9BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHiZ2yv1UAn_tghjpA4RL9I&google_cver=1
42 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHiZ2yv1UAn_tghjpA4RL9I&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=onfocus&endpoint=us-west
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHiZ2yv1UAn_tghjpA4RL9I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
u-iad04.e-planning.net/ Frame E8C0
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dab9c2de71df9c853
  • https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=ab9c2de71df9c853
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=ab9c2de71df9c853
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-iad04.e-planning.net/um?uid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dc=0abbcb4eba840e59&fi=ab9c2de71df9c853
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-iad04.e-planning.net/ Frame E8C0
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dab9c2de71df9c853%26uid%3D%24%7BUID%7D
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ab9c2de71df9c853&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ab9c2de71df9c853&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:54 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=ab9c2de71df9c853&uid=3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
prq48bn7s65i4tnp54mhcrigb93qvnqc
lotame20230117.js
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame E8C0 		676 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
content-encoding
gzip
last-modified
Tue, 17 Jan 2023 20:00:05 GMT
server
openresty
etag
W/"63c6fe45-2a4"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 28 Apr 2028 02:19:54 GMT
um
u-iad04.e-planning.net/ Frame E8C0
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3Dab9c2de71df9c853%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=3a4bdc102ddb2163&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi...
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ab9c2de71df9c853&uid=AAAL7N8vOLFC1gMkrmI6AAAAAAA&expiration=1682907595&is_secure=true
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ab9c2de71df9c853&uid=AAAL7N8vOLFC1gMkrmI6AAAAAAA&expiration=1682907595&is_secure=true
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=ab9c2de71df9c853&uid=AAAL7N8vOLFC1gMkrmI6AAAAAAA&expiration=1682907595&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
um
u-iad04.e-planning.net/ Frame E8C0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dab9c2de71df9c853%26uid%3D%24UID
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ab9c2de71df9c853&uid=7906230784814628655
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ab9c2de71df9c853&uid=7906230784814628655
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
73ca9de0-f8e5-4283-8a84-2efa9700d530
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=ab9c2de71df9c853&uid=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-iad04.e-planning.net/ Frame E8C0
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dab9c2de71df9c853%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ab9c2de71df9c853&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ab9c2de71df9c853&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-34
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=ab9c2de71df9c853&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-iad04.e-planning.net/ Frame E8C0
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dab9c2de71df9c853%26uid%3D%24UID&partner=eplanning
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ab9c2de71df9c853&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ab9c2de71df9c853&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=ab9c2de71df9c853&uid=ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-store
content-length
0
expires
0
um
sync.e-planning.net/ Frame E8C0
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
  • https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=1b9b14f4-3cf0-4810-acfb-20126d2da168&dc=769fefa8321c94fb&iss=1
date
Sun, 30 Apr 2023 02:19:54 GMT
content-length
0
sync
eb2.3lift.com/ Frame A934 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
2b2f43a35cc7a3b2e758f41fbfa745596b8ccdaa0c8311868188707a88959491

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1173
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:54 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
csync
sync.adtelligent.com/ Frame C2B9 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJGsunjaG4FJPvmH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:53 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA8E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1056419815756&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA8E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1056419815756&version=m202301230201&ct=76&x=9&cor=17382755063370142000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BA8E 		72 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxmWEnWeLv5IygJaWOoBB_IcAjoD2AiE1egY-ENiPBElpUvVjDLvb05qWlt8g8xcVkWC-gorLQl9H_wMIQMM7xZapnz5Y6n4GEELwFnn3t-tHxAeShH_HZM9DIJKID2VSRAvokpeHHDfzNN9shmuiw9xkdnV1Th-J5_ufhMaUhu5tKjCg&dbm_d=AKAmf-DCT_gEmuFoVTLcVA3iOSK-49q7NpbW8wy2BJC1HJUnbJj3MQiGL1wI7REV2LxqzSmZQaWKA8Y8jChyWt-9UVPDWuTwjsoJURcax1mItiBJbhtPDKj4NPJEZmGIVg12nRpuZ6JufTf1AOWBxBqnsRL-AC7ijq45q7y9tB5HMbNpDkoBOpa5jnqSbeuOOzCpjOEuo22AUgMiKh5BKyWxyc2sTXxReZVPh-ZXyMM4AbxKjrt2d4yBPmTWuSlgx_r10zLHBnan5eZ8rHyrSwONYJvyvT_IpZ2XKalGqU4Sx27olUcLWXI_xRVieEE71eRUYPNGoJqwxYOwPxAnLWqtGJDM6Q-YlCVdyUrLWaKa_OJhsIEkwdrbZLk6-rxC7KrGuoKBh1aj0Tn2vnkxg1-0qDhJFcoeAur1IWI2xeDPIkCM4VRNJfD3jrBot-CqhMVQO4tD9eu8zxxeIp5BvFOn-YSxFh44oae_VAZcQuG-AUo_4NMtftegxSVPppv6EUcGaW74zZWh4al46Np3uDhVu4VzWGiS1Q6qGvaCSc5A5wAbLxqyTNmIycLvm4XkBHuXspbG95qjCLy6q1DQ7TXPelzJMgu81xFqwX2LqLqm57WFNTencJnbJb6EUjUTX66DDa4HrBp9xii3bcILbPVu5psex0VxiCqt1U43HycFnk7VefmTykWPlGUJ-9GZ1WgzyEnmfLEaAUd3V4ztwEnd6G53IEttsG0Q8wqmhs1kJYii3KRdKcwkv5sKfSQ4pUvBlnxvAsXwWtpszmMsg7grKejvCYPrrxfYNvFGvFbZPGhZHqFvEMquuz7qMSgfFpxXE1iuWwr6ZQ7Ui_nvOdydX6hz41NqhvxeL1Wz5IA8BhRwQUXF0IZGEQqSHjrz-KveJNTJz-_6fa4ZRVul37W6wDj1cpYvirR6U9TJPuPpSOV-nTXKtBb9dPXI4UPhTT2BK1Bk0nTipp6JiSLSmn0v4hMnjrGvlEZn_bUejizgg47kD1KgvFuQyzPTrf4LHMQYalkfr2jzF1PSOkeQeMIO-BnI-1BvyYwNJF_dXgcpMieMbSFbjMFYGItYi6ivk5ypiIxvk_tWztEriOrXgGiVjG_YgFqpQL6ypaWMS-JNlhchG3wEbJQyHB6mlH1Wr6qRY8-NJqh6YJlHIBFM9J_UWow-C7kTV35G6hJ6QIHO7J8oJSfLnVocxTFhat-pjjJzW5w6PAnZbqW6bYJEoe9DdIfGVmLW1gAWPoCiu3zfm3VAspcDGK9YJNrtQPcBK8AF9nM0ju_AHl3MqGbu4fzuBRl60GCHh4c8tyBJxsHAhyJk80qXscGUK9umSrAedDQbPl2oLkAPHZoC6zSIOvKUFOe_2NbRWJWVH-5X8_IEhgHYCDhtL7T_JFXZXR_CtTeje_TjFwvT1MUL89r7xjXXFu1a9PinkKBt_jCezMv1wFJwJTv3sUeuzQX2mskCFBpS_uyDmn32NF0GoeUGrHbXeO2-60tAt7tcn8xvM8TlCGVv21c5lW2_QYcqupLAhEDBMikEFzCo_eWsSnwSTsXKX7xXQ84rlTdWjQKpSelzXVemZWl6briulf_JsXmilt9jqQMFFr_n4H7qOVFInwVDBOQFr4c7gm131KVCd_s6M1j_Rrc3anf2_yQYdc1qWSIUzv9xZL2BJ6PAUz2DmkY6fJBJkEKzcpV2JjKJ9M-JRGKXa-X88qMukv0VK2ydixzKkALKIIs6QKXb6yrR8CqOss4kz9CtIBdpEvGf3o0XTTT4TShkqAB9lt0B4FzCKYDcxmdxrNa9yFWoioLTTMTNQB-rsS9SXP8GzZ41446EzrgeTe3wYa_qmRGufCGVy5xkXlgO4Z1PY2s1kvK4FvKNyBsSKO1S6hLM0gj5VusEdIxW2o17FRBk4gUExMxkRxVX5egTUvzyQZZXqVhHILJ1UuZW6cFc_xMcd4l7TzAdsM1RupjkrYwN9w_FZC2RkhrT8eiaeH0oNDe0mr0S67Ip2O59LqMNdY0-DME-9wJ9RVvMLZPXc1MNp46J2v_Pn-QfePj4ASnyndf1OCNKPoeXim-NnKU555ldiUL9qS5HLfK5lI_pFA5ghl3Ti8m4TGWg36jyaEWfVqD5ykfIQsk-BiPbi7Wda-AAPWCPhx9HyTcJSdjMSbYTD6-ckmTeC7J9HdGJf0VB_iThUNRCnAlgNNbXgl0FUg4rltNzFcWW8OgPcsAdTmHtXUyYYBFBRF5_cjWiKwchTUNKiZbz_Mk4iB71UxzdyZvBUKUzavPUtWkx-JNiF0N4vMNek5mCThZG_Tk0EwIRzl3SDO-CBsRTBvHSoJfNhvl4aSXjsagfEytgj2aaDIcUXJlmcxMPyR2CR0w8ijJyx4GMXxlmxTOuWmdQyshHJT-P5fzXZned3WbZdw8VRsR-vFREj0GTwMCAdOB2hu8GAkXaDSklb6e-JnKHtFBsOAIgJf3AZnYIRacmrWtM-ZbYdZyonSWhOT8e-o2zRyzb3C-V2_krmpacCi-68Xtr0s7yDF0g1Ldsfw6Cjj80fuEYgdGqU-aiNG1qEias9GgARSlM0cp2lg_6GjHn0aJixhe6bvD7DlI00yLKg7Tr54F-7zUA6Um2QUZA-4x32Fwj-OHuuN-JgQvpBlYMbr-0tJyLO79g4zcZe4eychlwFWwf8yC_5kNEJJgUgSSqxP3gJUFjmz_9KmMdq6rD32SriJONvU_NSrbVbNjiEhKYmLch51hFWJcHWqs9CMJeVXwgiVHI9XNjpq3EPo75RUY0jNK_OMIeYJxIDEC7a6JIe60fBQ1z8aGPNk0zib1o12p6VzdBvlInP7WaiS6XNqINRpu0BZfvC_kw66IjppBhBf4nyhADee16PNzCc1KkhkgA00T8ZrCR7J1SAhmFWnr-YBqvL86fUMo833YrGl1fhR2jDkCYV8f3EUSUmejE51p7FQrK7QeIUQz2Mp0opgygirkkenTEQzXjcpX3gTIqAXloHd75QhmlQKvdsqyo7GNurmIOPJ850sWLMlox3jylrPzISOl4HPa06io1-NRf_5TXIecPIsc-ul0ZxaS4w3a-y8uUuwt8dXYxG494Z-4VcCDPgVEKqsT52nzGy3vF68WFdG4MtCQpLl-42OyG9uhIj07rXJUmeRie4UwPptX9YqW7fcO1JAYIunB-A1vlENoEqzRtlC6eL4owX6hvkuAmIn88a4qpOnlsDg5zVWnI8uZyUqr-NEdPX9FwQLdePJy2PKBy-MX5yrLjy6fRHyhN3T4et1GBAxZ5QcR2GXaMGJQTXLLmPj2UZDyArjviCbJ26j8QwyK7h4f7hVS8ZsJZ_1vYenTArGEELsz9jKWHMKFNkK_Q9TUnsA7o89XASak&pr=9%3AAAABh8_1lAcXi4WfqyP0eii9nCY56htbhs_jbw&cid=CAQSGwBygQiDoXWWTwfO3ZLNWtDjHYVcE_tPtxIC6xgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoUcGApnNXdoM3dzMXppHBaB3aXO4_Xq_1MWwc65k_7O5rOkAQAcFpaEorL-_uevSRbTiKOB-bXCzZoBABaMwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkIWQhZCFigWKBYoFigWhAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQWgtqkgAQWgIiggAQVGBwUtAEUsAsAFQQmhAEWhAEWhAERNQ4mhAE0AgAsLBbqjbqnzvL95CkW7ZmSrOzq-dW7AQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFoLapIAEGAk0NjkzNjUyNzAWisYBFoQBJQQWQhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehS4ARSEBgAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUFoT01XNkJfR0VqUXdDN2N6eXZ0Y3NDVXROY0VNRjZIa2JLWS1na0F6SXpSZ2l6WW9HdjNJNi1PYVBjWmZxRHZsaXVKVHQ0b2FMY29qMWpRcEhVLWhZbDNlTzdGVTlyZG1VMldEZ2tkTTZyeE0yQWpJJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=17382755063370142000&adk=1703591385&idt=138&cac=0&dtd=20
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a3d11b07d63fdf4f57562150f4cfd5ff77686cb8c15700a766d21b95e527816
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35624
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUHHAk4Vp5o_QsGN_gKyudApjCz6JNa1WeCzcjkkDd-LGZS-iJuYeZqOOrSCi19h684_-Wuj8B1tXB6_DGadStRbh1uCALfIai1hFZ-UIuQI9A2mEidQEd0NziHhN8rPnlR4igxuA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHHAk4Vp5o_QsGN_gKyudApjCz6JNa1WeCzcjkkDd-LGZS-iJuYeZqOOrSCi19h684_-Wuj8B1tXB6_DGadStRbh1uCALfIai1hFZ-UIuQI9A2mEidQEd0NziHhN8rPnlR4igxuA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ybzTVIIXPek.es5.O/d=1/rs=AJlcJMxGJKR7-eRVxpV_hdobY36eeJz3Dw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MbakvSV8EB4CqTVODK3X0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MbakvSV8EB4CqTVODK3X0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUHHAk4Vp5o_QsGN_gKyudApjCz6JNa1WeCzcjkkDd-LGZS-iJuYeZqOOrSCi19h684_-Wuj8B1tXB6_DGadStRbh1uCALfIai1hFZ-UIuQI9A2mEidQEd0NziHhN8rPnlR4igxuA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHHAk4Vp5o_QsGN_gKyudApjCz6JNa1WeCzcjkkDd-LGZS-iJuYeZqOOrSCi19h684_-Wuj8B1tXB6_DGadStRbh1uCALfIai1hFZ-UIuQI9A2mEidQEd0NziHhN8rPnlR4igxuA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ybzTVIIXPek.es5.O/d=1/rs=AJlcJMxGJKR7-eRVxpV_hdobY36eeJz3Dw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-N1KHoc8Yt43xYLa6Q-qw-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-N1KHoc8Yt43xYLa6Q-qw-g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUHHAk4Vp5o_QsGN_gKyudApjCz6JNa1WeCzcjkkDd-LGZS-iJuYeZqOOrSCi19h684_-Wuj8B1tXB6_DGadStRbh1uCALfIai1hFZ-UIuQI9A2mEidQEd0NziHhN8rPnlR4igxuA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHHAk4Vp5o_QsGN_gKyudApjCz6JNa1WeCzcjkkDd-LGZS-iJuYeZqOOrSCi19h684_-Wuj8B1tXB6_DGadStRbh1uCALfIai1hFZ-UIuQI9A2mEidQEd0NziHhN8rPnlR4igxuA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ybzTVIIXPek.es5.O/d=1/rs=AJlcJMxGJKR7-eRVxpV_hdobY36eeJz3Dw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NIeYsQKMJ1LDo4YMZd_pyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-NIeYsQKMJ1LDo4YMZd_pyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW9rXIGZhx8ID42Y2bTjSxpStBHY5ctOadMTps0Rj8MRfZzzYzNX-kieOCUmkGCykjc5QQaCfDaViP10czycoll09J9zsJTauXMQ6JZryt4atlUlU5c3nhRM3nBnYm_o7KA2CacEg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW9rXIGZhx8ID42Y2bTjSxpStBHY5ctOadMTps0Rj8MRfZzzYzNX-kieOCUmkGCykjc5QQaCfDaViP10czycoll09J9zsJTauXMQ6JZryt4atlUlU5c3nhRM3nBnYm_o7KA2CacEg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjgyODIxMTk0LDYyMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmtoYWxlZWp0aW1lcy5jb20vdGVjaG5vbG9neS9taWNyb3NvZnQtc2F5cy1pdC1mb3VuZC1tYWxpY2lvdXMtc29mdHdhcmUtaW4taXRzLXN5c3RlbXMiLG51bGwsW1s4LCJ5YnpUVklJWFBlayJdLFs5LCJlbi1VUyJdLFsxNiwiW3RydWUsdHJ1ZSx0cnVlXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ybzTVIIXPek.es5.O/d=1/rs=AJlcJMxGJKR7-eRVxpV_hdobY36eeJz3Dw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de57e9b1e237ce59b3ce54520642f424df52c7edd337a8f25d1dde196e081fcb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DzLW3UNN0fkQ0imZNdBLYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
content-security-policy
script-src 'report-sample' 'nonce-DzLW3UNN0fkQ0imZNdBLYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
592941dd-c63b-4e7c-a4be-ad682892d41e
https://www.khaleejtimes.com/ 		94 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.khaleejtimes.com/592941dd-c63b-4e7c-a4be-ad682892d41e
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd2df0fff950bce978c27cee54ed6e14e5e90d9e7f1829ab56da3fb21025ec48

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
96496
Content-Type
text/javascript
sd
us-u.openx.net/w/1.0/ Frame 879B
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=1c9d2170-3d0b-0ad7-2d8d-d76f65be09f7&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:0493722afcf1b6c27b31a620a7601a82
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:0493722afcf1b6c27b31a620a7601a82
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:54 GMT
server
Aorta/20230424.0cea469ad
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=c:0493722afcf1b6c27b31a620a7601a82
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
ae1d9d2e1183
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 879B
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=3EWfqcb3j7e9bACZUpU9fA==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
eesb99ptattmtrluqm79hhf5f82anp74

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 879B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=5ded644d-d048-4900-9db9-f4be5bd2dfb7
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=5ded644d-d048-4900-9db9-f4be5bd2dfb7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
MT3 830 785530e master ord-pixel-x14 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=5ded644d-d048-4900-9db9-f4be5bd2dfb7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 02:19:54 GMT
sd
us-u.openx.net/w/1.0/ Frame 879B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=275eb785-370e-447e-879f-7fd6dba0d1e9
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=275eb785-370e-447e-879f-7fd6dba0d1e9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=275eb785-370e-447e-879f-7fd6dba0d1e9
Date
Sun, 30 Apr 2023 02:19:55 GMT
Connection
keep-alive
X-CI-RTID
a54b51eb-72c3-40e1-b5b9-5faac07408aa
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 879B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 879B 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=056d6669-3476-0b1e-11f9-d4f8b200c6ca
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync.js
ads62.adtelligent.com/ Frame 2F32 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/sync.js?aid=724993
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6D02F&aid=724993&cb=750714413
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
92b929516542c42f391c5cf6ac806805d97e713543eb6825f86202eea75d06a9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
873
abtests
us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/abtests?route=US:US:V&lti=deflated&ri=739236eba8fe3fe462a6a91e72965c6c&sd=v2_cee9076c1765ae81151a2dad5d03f2fa_5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9_1682821193_1682821193_CNawjgYQhNdFGIa81v_8MCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABowPup8duG3vbwAXAB&ui=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&pi=/tech/microsoft-says-it-found-malicious-software-in-its-systems&wi=-2936916532520794986&pt=text&vi=1682821193222&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1682821194721%7D&tim=02%3A19%3A54.722&id=8971&llvl=2&cv=20230427-7-RELEASE&
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
view
googleads4.g.doubleclick.net/pcs/ Frame E255 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssj1QI1z9MrliFyTQGk5rwBaVDIL6ZB6q5K_DnDbsozpX2RUUSieJhxkNdFdnhZVmY1GMeVAIn8QduJnkmG_cwMLtiIWNzWTdyBonrDpYQwp6d-SFs72dWATlx_hN7XqjXtpkA4ZaBKJgsLuV_akAsQK_ZjBHTA8oYIOy3wwsSly3O0yq5cwq5VnHERyo5Kcp1LTL4sZJLYPUFjWjp9pYxMqF3QcDtlz2XQthLr96gGTZ_I3wOg95vV0vEhmj9Ix1GfvcoXD-kUNL-X7vp___L5q-pXPBRKCWYd7nxbGDWKbmICrrKEjCTZK8PRiAGmATblYaSWOHAu1kyGrtAUFfO0e81ewZ__W42y44yjj8MMfX8TntnQLKNPRgXVXCfB2Xg28hfBYyYotlaLvM7xv6sY7RP3gFTDgR60F4Z7befMa_aw2Bltqy4dhEJfocSrDyw68uL6cLgY0ChHmNj4PnCIdESG00_dQ1cLg7w-exuReiGxkvEJ21K-1NMXa8JNF1XxN_gFWxKlfVbs7JNnssEPEhsOSQqVLSmyMdkxCboVuABMVYEYJuMkCmFaJogNd1iO6c2yi0dBs_nfLtvW-LRiqqTcs6pRLH7hknnwBmoVPx4N-TdB2VTaRl4ctr7HLTnn5v9wM11Ujivt6pEbBixEN1cIOA7BoQqevY7-zdqI5uFxl3breITk8r_n5ORy6ij7uVgUBXNl3Flq2NbXTabiuWKtWckbuSShOweua1DA8qmDtbOLw-O1FkexZSC3AC6FWWO6UC6yqIRBnltr2aGL2QRfcFi6zL9Ctx1lMxSf6LDac2hC3Q89Xv6CLF1PVNkiaLNt2PS-8ctza20BYegv0q9s_qxxCAYgI8SigykWeUwB6nsUnM5rgq3RF-84wIHk0j7eifLVqZKfV_-FUteYtRr7RyOsUpkFnfO9GP20ut_a0EyiCbd0eIiFgSfD4e6s0vbMT_fjTZ4SxCrOGubF12C3GNRU1-BR9qHM8XzMdUvt7XGHjRAjFX-X5eNB6OIwaJJ6fwjQFAHrJLmS7srk3DSUd_oSPOUwVysz0-LOqN5gKoo1_HrAwcdgh5SbuaoJynak7alorWrc716BIpW6c6Ow4akmx0QQP50j28UD_qZtHi1MropIKTPbNSrTr-O8_ou3qgSOo9rIG1W3CBJYq_4gz_lA0QP_xH3FjhVIBeg6CC9GZyYJJQ&sai=AMfl-YSJjj2PxgJhRrdd4Iuzu9J0vnkipwxCrcotI4pwNit18jr-fjG7mLox1_sOQ5vNk1bqHHyFTWIFjsrxauEQwFPzsnr3MUJcqFuTajk7XBiJzxwnAiMYh-qNEpwIsOwbVtWHlsLPpSn_rCxK1-6Oxiz7VdT5OKQAKoFuCLBVZp3eWeP-14w&sig=Cg0ArKJSzJyIV2gwZAOGEAE&uach_m=[UACH]&pr=9:AAABh8_1k6AF4z_qGye174wd3kxLbKdmWrHtdg&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=914&vt=11&dtpt=912&dett=2&cstd=0&cisv=r20230426.16209&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRnuitxa1GHKh0bM2yCkr9KDwdggiwkz-06O-v5BIyNcO38RxplWsx3FOMV1oFNxUN2nW0kI-TK0lQgIEJQJupkxMq-71iRBuiJjE3GJ_wlRwVKgyDNmrzaixGSsGfSXRVBTmj07IB3xPzi2hwH00qXYhjgzoNADrBnfTrH-0GzqHaUZE&dbm_d=AKAmf-AicHalYMg1HRE1RmhTrLsSyskoCi8mQHptzPXgzIK9MsjgOKVKgZc_wAPY48edc04XQwXO9cQU8RDXdfjXnaiDfcySf9z_W3PZpbqak0W0NBQq7iWM0klBE7s9lRKHipAZk0EELlc5oHtY4M4M5sAoMehG5sjE1gFW8FLcblbDJCsAinOlaFaAMsqZuxywamGDc5BwBEIY8kqa9FkkbtRlDgWibEgub7eTFOywWovn5xSgAvkyEC0baON1M5IWUZO4mrvsu6XgG7HprSJRbY0CjtU1lGWV4MrZAcarm6oXPlzSdaQ3Gee0C3bzlrXEWhlirkOJB0CB8fOR6ZSt2lHn4zniPGppmbCGXinE6lTmbKDS43FUaVG_7JIIqjLnodMyDbeNH3N278UEEklWQuFfTUw7A26ESj3R9dFrwsLBQ7CyNQ7MXv1rLMWP1aj81oVwcs1sbYA4jZImvoXINypXfNROWOOo9ZqpQFpQjSkqqvPb9XEVGar9QhdEjSk2wyHR8heYU4YYp2XDgFAIgtDGygrho4_YmewtzUYUJxGJKkZ7uAYguvV-WvqBjIsghc15J10Z4DZKpv_e6xgt9Jn2DucXLAT4FtxS-6vb4brpdDgpQ-dBnnOx1pAZAIkI5C7cGhX9a4HPXh07htGnHX76r9F-tExB8C45JHKztkhViLlyiWAdDEZgp9cFjj94PH9Bnd6CcjN9rWcSyqsqvS26A-QEtMt6q67RWWu38RSnEmyQEOkzzMafoHF2zlm0vgoecT-KYvhAkzGtt14HoSUz-wrM7kc-Qu2NqvSVUTCkH_rxdnfPSe7mAMB7khDOxljldx5bQn7E1ZF3aH1YaRgxN7NgZhxmfNEXJmi36lVgdwzgEiBl1m9fCqYmYzc7VGpxd8NUwPzMOvy9-AUjF9VJBXraJPsjeQlMCPd2gT3TrL-ymaCPE_LNBchni7gB08WTm-xQsI2fwZCfP690rX2560omNVKh284U9wbynAwnq3C29cQU58oq1nwd5iYFoC21kjwh4u9EnqHbmqgEJQnQfKyLiD9Zl6DCqE3dqgIEMTO32hSmOk2Iv-FL-O2qknnHTSymesMBcvXOXRZZpw7yKeXY1a0RrZsuE22qfCaDzqkWSdn2sGtzVSwP8j3wIfsobMXOvTaIFi-CmeEY7sjNk4nfVMNXv_93zpx9oBq1ZSFmcLDAQrtz_zGwYEp7eTrbdaxPRXodiNyTS7Q3oQTHKjdJeIIGTmseqm7sZyveR1cezTX1iHZFPYQkKkMREYCrYWGpE6hg9ODoF32Yq47_tXe7SoGEA0t3NE8ZYgx0j2zVd08ukyyMeOmWdLQeUkZv1ZbiVOtIXw1qJ2knlNeVIZMLJ4UN274hSFL8cET4nqTygn_tsnF0FJRbArgxnZTWXjhXS7mV6IjuOxYWdCSPSuyMcIen7u5AtA0L-Tht_JaCXhKTurk_VhtAoNxBhnEsZB_esZ9XJwPohad-LW8dFiYpcTPdH8JHjilf1rnTojPrZASoy_bM5jfHEVnbxx3mN371xRdhqHA_MI_3-9emjdixnbDqdoBqInuEGl81djhbGNDEwwCb2e6r1JdlZ6fdbwsUSw-iV8TR_z5loDBYBgQetvIzEcO5io0oJ7z9bWt6gm2NhEPGQg5ka-J-tLLJioWki3U-gE6umgRT-I8s1JGtIdkqTJFXC6_U0483DPRPATcn8nZ9S4lqWUkJnaWBFPs8_9mO3rc8Jp33T8IotkKj9qcPFR5kumKGsV22yhHMz_cv0Dn5hj3MbjizGp2WYRiRvtp2Dagw9c4fROWAamu-3fOPYCSmXBeojdcu8eNaN7lQ3GoUqHIpNexHrR0kBOObL1Z93krkfIp18GV9V--Sc6ImJihIkufKYBXOX9fdg23_Oap_LzTOabo6SvLkdbrIniWgjyZJv1J6xVW572f2pmu3zCNDvmzXMzns2YKvHd9T-zsX4_p1PJqAH8azW5LCYZ_mnamwnrUAdmdc6Gj9m6jK6Fz74UUsmVzAd4zzdSVVshohap8s8vqwUzwvjvtyjambpFO-vPoS5wTeBLa-WQ6-GCHB4jkCe13DrGgX7HshKStEkW_5NJPLk99jy_pspnglmnu5LwMRJl900HSJ8eVx9OewlwA8n6WfV9W0xknYXQcDDlLRLPIBATfVk-BOc_wlaZKz8arfcGo7Dfjqn4QU_oJ7vs9TnmXS5afAPUqE0K4A_mKQbwJWgSYSYa44L5mlhwtndkLp3D8-Vd0Mji3q99JYPrviaSHZcTprT64Tqbz1dKTBdDZ0fsTBimUj46sAHZtKAmnXuAAZuQWS_-27o4e3VQGdzxaHHeDUxqb8tYVp7H934oasUw8cpbx_owfs3TMOuruTGy_HyQCYXINWbRX7EIrECS486MNokRGcYYLD8btT4ul0ghBSh3p7erdeVAk_LWlOI_cr3Tg9B4dlWyIJWiNvQFjg8f9jvLGDuNH8GyO3ZNVdGoMVLh_Y0sI8P-rKUFNik6WUYW6MmZK4qq1UTxU6IpuuGmBzfCRPKNJwbAzOcy7ZiI8For_blc9UHTcrequ-bkL9PH3QRDsvxPYYwK_NSjyQbte-3yOP8h-ej-rQJqL0v_E-9cy3tjK9iIELV4iM_cEcxxkwgu9P9llBR-xY6UZZZ-yItrr70UhHh2RaBpaoAKkSKiyR8FXcYhRW-pYDlP5MFX_L1ZZqsejWG-9HrCEFc4nrgyxIYGITwzPZVJwTnQJW8fm3JkfIw_rnx_23FYUJ8rLssk_CYm8Jyt08nTlCosygWV8qPp3gaV74wtEktmDcLJaRcLDJP3N_LOjnCMpefA5vccDsRX_C_ArQ-FFrQkhCzD9wOVGS7FqZZLsM_yjbxIUeU2BIPI8Bl9J52fv9CqimAGLIoN80Bi5D-S5raunbax7H_KaUhPD3Sf05SnDn0MKpiULcc0lovgmE44v3X0theJ-ICDdBIdZ81pRd6M4Q3fJqdbB87eUUeBdoBvPjj99OE3UBejnP7Gt9U4JH6Mv4_54pUIQVJiTRFkwvmnFL20Y6yUDd4k-4r8-uavU1liODbCYw3lLK4-qFN0sAb8E9dz4oGoQQE6alMFiCuWMcxu2ZlVC15WydDGzFWrhjXFgAfjG-WSoTRYNvPeAb2F2OX9DwG0JEdl1u6cI_XoSaWzgbnC9xsbqQ-X6UwFXclPpYm54Pc2-4u66hKaYO5zlMPzU4IazDtLD_wU2GeEeh7hZsm0rXnyZCwx8y_AHhR3M6i6d8Nk4Gqqi9WvK7Kxh0XLI7xwH3qsGLsjWPXKi54JczT3aZl2K67haOxjFbL_doK_9VlqQpi_h3ljdQy-JatqSVtSY5she9yixX86dG5V4&pr=9%3AAAABh8_1k6AF4z_qGye174wd3kxLbKdmWrHtdg&cid=CAQSGwBygQiD4cNcZaiwZaeXs8hDS1YP2xNVXrZ2khgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApqMWx6SlpGdDRVHBaaurqW8tLR54MBFq-QyMfExrikrgEAHBbMjYrUofS2uGwW_cKurYXZ7_XXAQAWjMHuxAwVBgAsHBUCABwVAgAcFQIAABwm2NSNhAQVBBUEJtbUjYQEFrjUjYQEJQIVAqZCFkIWQhYoFigWKBYoFoQBABwcLBaAsYqku-yDrSoW67K12efigOelAQAAFrzZmIAEFsS-m4AEFoLapIAEFoCIoIAEFRgcFLQBFLALABUEJoQBFoQBFoQBETUOJoQBNAIALCwWkeK9r5i-5bnDARbf6pCLgO768rsBABaMwe7EDAYovNmYgAQWxL6bgAQWgIiggAQWgtqkgAQYCTQ2OTM2NTI3MBaKxgEWhAElBBZCGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FLgBFIQGABYCGANydGIA3BsCiBhNTF9GRUVfT1BUSU1JWkVSX0FQUExJRUQFZmFsc2UeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8602326844081805000&adk=613581378&idt=68&cac=0&dtd=16
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:54 GMT
pd
us-u.openx.net/w/1.0/ Frame 38CB 		593 B
402 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8501268c5970a2143146325aa4a0f20116fe32ea0935df39533f02285e031707

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
383
content-type
text/html
date
Sun, 30 Apr 2023 02:19:54 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ads
pubads.g.doubleclick.net/gampad/ Frame 89BF 		156 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F157165500%2C78059622%2FMCM_Adsolut_khaleejtimes.com%2FMCM_Adsolut_khaleejtimes.com_GZ_1.5_28.03.2023&description_url=https%3A%2F%2Fkhaleejtimes.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=215861593430626&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=580126782&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&media_url=blob%3Ahttps%253a%2F%2Fwww.khaleejtimes.com%2Fba5cf172-bb48-4628-9329-8ded80a36306&sid=A0B4B015-23AF-4368-856E-E2AAEFD21113&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi4o9b__DBIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBi4o9b__DBIAFICCGQSGQoKcHViY2lkLm9yZxi3o9b__DBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuKPW__wwSABSAghk&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&dt=1682821194750&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&scor=4055287058584798&fbidx=-1&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csync
sync.console.adtarget.com.tr/ Frame 964C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic
43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:54 GMT
Etag
7ff839d6e5a54b30
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 30 Apr 2023 02:19:54 GMT Sun, 30 Apr 2023 02:19:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic
pragma
no-cache
csync
sync.console.adtarget.com.tr/ Frame 48A8
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
43 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:54 GMT
Etag
7ff839d6e5a54b30
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 30 Apr 2023 02:19:54 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
server
nginx
csync
sync.console.adtarget.com.tr/ Frame 85C9
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
43 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:54 GMT
Etag
7ff839d6e5a54b30
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 30 Apr 2023 02:19:54 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
server
nginx
csync
sync.adtelligent.com/ Frame 1CC9
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Etag
7ff839d6e5a54b30
Content-Length
0
lotame20230117.js
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame 5371 		676 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:54 GMT
content-encoding
gzip
last-modified
Tue, 17 Jan 2023 20:00:05 GMT
server
openresty
etag
W/"63c6fe45-2a4"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 28 Apr 2028 02:19:54 GMT
um
u-iad04.e-planning.net/ Frame 5371
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D5c6c647b53171dd3%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=2a03ec88ea5b21f7&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi...
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=5c6c647b53171dd3&uid=AAAL3IeCRjuM5gN-iFHxAAAAAAA&expiration=1682907595&is_secure=true
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=5c6c647b53171dd3&uid=AAAL3IeCRjuM5gN-iFHxAAAAAAA&expiration=1682907595&is_secure=true
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=5c6c647b53171dd3&uid=AAAL3IeCRjuM5gN-iFHxAAAAAAA&expiration=1682907595&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9D94 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112333
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:54 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 7089
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Etag
91de8cda0809327e
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
/
onetag-sys.com/usync/ Frame 60FA 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 7089 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif
usync.html
eus.rubiconproject.com/ Frame 107E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:54 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 02:19:54 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7919 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112333
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:54 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame BF1A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
8d984b9bfa1fa48b4af28f4efe607a8da5578c696a883046af706772c72b5e55

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1696
Content-Type
text/html
Date
Sun, 30 Apr 2023 02:19:54 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 2E15 		1 KB
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 30 Apr 2023 02:19:54 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 09 Nov 2027 12:27:06 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
21.090
x-cf-reqid
612c0f284475ac1bfe3e26d47987e118
x-cf-tsc
1668083227
x-cf1
29080:fD.waw1:co:1585621119:cacheN.waw1-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 5091 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 8DE8 		229 B
576 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25faf4f1e6a26942f58177252d3512ea9eb880cbbb274b591049c8ebbd358647

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7bfc4d74590aa1f2-YYZ
content-encoding
br
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
server
cloudflare
vary
Origin
via
1.1 google
/
onetag-sys.com/usync/ Frame F666 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 49CD 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112333
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:54 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame B676
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Etag
91de8cda0809327e
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
csync
sync.adtelligent.com/ Frame B676 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif
csync
sync.console.adtarget.com.tr/ Frame 8420
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic
43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:54 GMT
Etag
7ff839d6e5a54b30
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 30 Apr 2023 02:19:55 GMT Sun, 30 Apr 2023 02:19:55 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=LK5U8UAZo2GVgnyxkra5&pi=admatic
pragma
no-cache
csync
sync.console.adtarget.com.tr/ Frame 91EE
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
43 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:54 GMT
Etag
7ff839d6e5a54b30
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 30 Apr 2023 02:19:55 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=4139660057828765566
server
nginx
csync
sync.console.adtarget.com.tr/ Frame DD25
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
43 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:54 GMT
Etag
7ff839d6e5a54b30
Server
Adtelligent

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 30 Apr 2023 02:19:55 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=743845&extuid=4139660057828765566
server
nginx
csync
sync.adtelligent.com/ Frame 556F
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Etag
7ff839d6e5a54b30
Content-Length
0
usync.html
eus.rubiconproject.com/ Frame A8EE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:55 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 02:19:54 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8DF4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112333
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:54 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 88BE 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
9383bd26857b252f47e2e1094de15cea4cd08d89ad767a66360debb10249daa0

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1691
Content-Type
text/html
Date
Sun, 30 Apr 2023 02:19:55 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame CAB3 		1 KB
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 09 Nov 2027 12:27:06 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
21.090
x-cf-reqid
d3fb1b5304122545aada20d3a91b475d
x-cf-tsc
1668083227
x-cf1
29080:fD.waw1:co:1585621119:cacheN.waw1-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 2A1E 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 41E8 		229 B
588 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d3920d4b8803c34a2c1c949f4659b0dbb7091043c6ec2cf9ab4d0ffc1a6a2da

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7bfc4d74a975a1f2-YYZ
content-encoding
br
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
server
cloudflare
vary
Origin
via
1.1 google
match
events-ssc.33across.com/ Frame 04D1
Redirect Chain
  • https://um.simpli.fi/33across?us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=41&xu=429FA571C8024762B89F507D54B48C58&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=41&external_user_id=429FA571C8024762B89F507D54B48C58&ts=1682821195&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=41&external_user_id=429FA571C8024762B89F507D54B48C58&ts=1682821195&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=41&external_user_id=429FA571C8024762B89F507D54B48C58&ts=1682821195&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 307D
Redirect Chain
  • https://um.simpli.fi/33across?us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=41&xu=429FA571C8024762B89F507D54B48C58&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=41&external_user_id=429FA571C8024762B89F507D54B48C58&ts=1682821195&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=41&external_user_id=429FA571C8024762B89F507D54B48C58&ts=1682821195&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=41&external_user_id=429FA571C8024762B89F507D54B48C58&ts=1682821195&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
sync
eb2.3lift.com/ Frame E9AD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
534a37f80c2e3cd1ae1116c7a7a5156db3d6eaddada8a069b2c0e41a60d18149

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1357
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:54 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
csync
sync.adtelligent.com/ Frame 2489 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJGsunjaG4FJPvmH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:54 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
setuid
ib.adnxs.com/prebid/ Frame A934 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
AN-X-Request-Uuid
11a9a186-7256-41a7-adc8-9d1e605712fd
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame A934 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
AN-X-Request-Uuid
3e0443e4-081a-4842-8e58-1633fd15dcf3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame A934
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=275eb785-370e-447e-879f-7fd6dba0d1e9&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=275eb785-370e-447e-879f-7fd6dba0d1e9&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=275eb785-370e-447e-879f-7fd6dba0d1e9&dongle=d54f&gdpr=0&gdpr_consent=
Date
Sun, 30 Apr 2023 02:19:55 GMT
Connection
keep-alive
X-CI-RTID
32993468-adb4-4a55-973a-a386f000b4ad
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame A934
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
xuid
eb2.3lift.com/ Frame A934
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-1a8d4201-03ef-5afe-6631-c047a3312fff$ip$149.56.153.189&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-1a8d4201-03ef-5afe-6631-c047a3312fff$ip$149.56.153.189&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-1a8d4201-03ef-5afe-6631-c047a3312fff$ip$149.56.153.189&dongle=4430
Date
Sun, 30 Apr 2023 02:19:55 GMT
Connection
keep-alive
Content-Length
140
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame A934 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.3.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-3-166.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame A934 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.3.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-3-166.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame A934
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3464934303237790935&dongle=d407&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=3464934303237790935&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=3464934303237790935&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame A934 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame A934
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AAAjOU7Im6EAACBud1f_9Q&dongle=bzwx&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AAAjOU7Im6EAACBud1f_9Q&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AAAjOU7Im6EAACBud1f_9Q&dongle=bzwx&gdpr=0
Date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
um
sync.e-planning.net/ Frame A934 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=3877821143472078157452&dc=4d76b6ce34af74c9&iss=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame EBD5 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BACACs52aG7wf3NuAm3WPDzypdRHwCSzfRLCQl9naWlhc8N0SJG9HNwWwiQF5ODNlZdAYNnzKv41KMmQqtEaLjYIEnkMSMBvO-xedLcoiwBIMj33tk8HLPfZibKs4lFLOQmpP3fBEd1wcpbvKXGBO_b2NTVVdQtyqtg91Sz9u199iVI_k&dbm_d=AKAmf-DF2VUhPDY4cN8YA-bdfa6go3cR9bCWOJM1rWM1B64qhP1ZqPEaqrtsvYyPoT9c2ucX-i4GjKyyLYiH_QzRgv0BW_eusYQw26DBzQEapZFlbwjiFUYFaTf3dPCmWwraoKFGov44c-AAIOX_D14a0YLDh08lCSjw8mOYVdYw3BCs4QDj8fTgPd_junhgwujcS7BO0SKzpl5ZUksMlH78RgTvYQQIlB1OpGXovC1w8Kdr8orMrZ6QmIT1KOUBUOhJeoH_mbtnvClNfxfbkHbbJLlXVyqIYY53JiEv56i2Cq4za0MkX18LWQpdGJPDZk-Hcepqw7z1pMYHclrJrT-5PIaQNntDXRSFWPFuj5UhtQC-2j_U-MmJe1-kIELMo46jCm19PXi5ZXOglAkhFp8VMB4RmfCUNpOCpfqRYNxhagUxhE9DUwDuMhugJvG3zhner2oBkgxbYZrpI8A9DsMOIAsqqsi-M4RuCmOC0rwka8Q2iKwo_NEEDaG2iRO9LgedG-CqBXoyKpfo9eU_T_Bm_ioFjKMNh6nNLw0VSUD2PpBtz69leSoyHMbiihPxThvsFMxJXDyWLJcG1R5uDWsCnKmAPWLyeQhkm_bXWwoSYxgngs_5G3KI5dgWj-0Kokb7PT3qPQmvqEvHbKmEG-NIUKQzktY3K9r0AyHCeNJH90M9CdgzNWkulFew7ydPBw-R773Sj2Hjb2amcDrIj4oFw3qt760K3gkb02ibZhRC5m1yx2ptkyg1Rx78YdG5xFXErJ8UXGW8DVIOH8lxLAwjeiRj6k30SaGV6I1IJgSdw8O3Gp0CE5wGLlK8gjbfTKUZKeCFC-YLFheQFd5cPRegmmgPJERkj1o4o7wpfU253RQ6fW5AZkLEphYN9KXHCyV6UTLM6bBuaXSRjwVMkXJOkPqYVItV65HwzSVdvKZlQOnrqoYGeMP3rMXn7C20uTBk_J9yn1HTGQjH_bOfoIqeyHG2ZuDnDm26tqIDLSaXQui-0N0n4N-rFDlXxpFiyXFX5wxzaZUYAp--ELDeSecX3ahPXj68mTh-6UWfeqAkKFPhy0vvdGHNtx14l0ayOfGFW7mt_xZeTF0GQLBwWYfLVNYu4b6HFE65-movu7cZzmusqjRkw89-bPepggU6Vt_1yZ5qfi4fwCVPlOcedGthhwtnC7hXK-55JFZoBEVSWlKX7NI2h0mAXR7aBvc3Bqaey4sLNaV-OfWbYczaW2zFrCyAVNpCZKhlSVvgGzn331HhDspN6o_RqGusjejRVtHLUAm-LkdxyGgk9P2lENUAcrFaOECOAqRl00VLA8CS6V1hiuVOHlZaJ-2M2uBA0xewHDhFtSFowvS-pI37v7k-VFmJUd1hPDg_65qYhNbq3R1oGqaHYxdlE9HRDVgAPRcQEUHl0QeKnbC4yz9HXXuLF013ebmq65UdxGoHb7LXVKrAry4Fe0Ca4Wm6EcuwrfQjJqNqD5KTDG9tBI1Ma2yqxUoxlChVw8S227i5H-nbxiegiMTPWcDfdLa2lkQPS9kq0LMbNx_WUplVKJ0StafmnBLMwaw3W-dKGj2D4YFCXvnsmLSSND11idPG_a8kvDt9Ef34r6LG_z40YztT5VM8a6oDJ7PnJ0Q-zY_XX4ull19vWPH8Gy3B1dmEK8-E20LiEyksXtizPuAPfzW2eZ1MBtBKCX9ko5Q8WOf2sbw7wCPjFyPAqAlfLSAt3wdEXPY1lZfNwfmhapE_I46b_l9Um-_46b44I39xITEEDcupPGHEJIwEBY1H7gC3OpBmH8taoGWSQGkri8WsuwJD6_A8jJlROeRAu3O-kZ8puu-wy-M1jnsKzZFJvt3cDYavqrQRBQWNVuHDFCup0xnDVmxM424kX9z_LOLNXmJGD9qCQeKZBuxJrbDnyD_udzl0SAAuBvUThzUxJ1zNDzz-4kax2tpJfa2ZSliMemdYUhn-7aIyNFhOeRLFXv9GxVXN27Xb45qdFlYF6YQ_Y7LjaRcqYfv-SbK4FEe5Wxjsspvw8x12iEuCKvxFNG5PbeTdASlhQ1uoF_vV85utHKWK-VLYexgl8fDd9bI5iOQ9GTtRe-J65I5yFhOx3yVBHHNy_L6yJmS8xTHP-baMH6xrjRaomeqoh4SbkSl_zp4kz_HmCNcDq4HDsyltqh-JA0wDCatke2T5JKVka1lQjde_oAplIk7_4ej2SwaYt1kPstZavBNCaFLOfcfR6hslg2eRmiUq1J2e3eNxbu2E_8-nwR4wdOsbO9kWx7R7FXo4AglgTnCsuR_aXqd5wpvKfb3cJaoSNuprJn8PTpO2yFIhKJ87uuEB_b2n8mdnSxnQcSaohGhRkKQShbuk57CyNxooVOZR-UI9ymUecdWTig9TvADQspw5r1Ct-j5MM28lHd0XYRFZTPe0Y6XQ99wHz9JNWHIhFod8Pumo4RVJ6jsSY9eCz26wx_Ckzac3tbYvYqPXHCoJ1XQl1lpZ14eyJhxKuBplzkTxwz-E0jl0yl74UVV1BiJcdn1qwLZbvq8z-rtKMuiUjrftOx7oAT6HN8pr8v9eRgBqPu7TwEuQumjxveban8_vLf0a8IGBHCO5uFf72I9YtwwzwNccBusQWbbAvGmzMML8XSl2h4ZEQ-ePGhkJM3eY0hkVbd1EMGctpKdKdB-1saFH282iDfErLAYsuawyWSJ2RcagCy7xYEgYzFV_ueOxOxIpjkv7GU4snuhY-YNlb1EgLPmVCR6WTqQox1q-LTzhQNqjcSRLYCyVo__UZi7Uso0Jn9Eqsn594NcNembqpLSZL7EF0n535oCE5-bw8ngfqXBEFP5dhvi1lG3o-GpwdswzqJqz_x8c8EEJMsThjB9weGvF9oT-TaestgkOOAVVlih_PBR6yAZX4MqJfwIkv-YIFOpf7H79-utAlKsZPmZTdKbZoDNjgCdaTRU5OABcdOMmHB37pkMQYJoALfaqGck1ssyhDi3oy-UQha0gTcnh_uA_DF0ZCU9GJ6oN0hKhllIRu75_A5dS2N5zyeghYSvikdRDV3zMemIjiSvRwovsz8DpMX4RBVH9vHZOX5q-BdLTbVcQObizL3QXDR3iGPSDC-ovwKa7JU-_paiEmV-n_4gP5f0KsGSH8YDaz9bDF1ook9uVUJNtUi1zDOP5pNV5SzvlQROml8_Y8VAWGSJNfp__FmaMIx6cHaC3cJ6MvqxoQQQWTdJ_TUiPTXrToRKdLBqEZLLS4kiyaDQjDVs7azHfmtrngFVA2jn6htqkssCxjAwTfiAD0ZgNFn8ycUUQm89S8B3CXD5_-r3H77T2j7dzWyX-v8kTO_1oGmrPVCeQyqKZW484HmPL6fJi-exZRJbzsOkKsUCLrFJWEmPhCr6CScT9gqBL70ErGtbnhDdY&pr=9%3AAAABh8_1j-i2qtqaA8d6nM1yIZ2u8RK1q_6SMg&cid=CAQSGwBygQiDPwXAOJ7mx88tUtyjkbUyxvfMCCXZ9RgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoYcGApFaFY0cUduNWYxHBalxZ3QvsHxgAcWn-6F96XQn6D8AQAcFti4sr7blPfjMBbBrfKM5su2ke4BABaKwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkYWRhZGFigWKBYoFigWjAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQW-tmkgAQWgIiggAQVGBwU9AMU2AQAFQQmjAEWjAEWjAERNQ4mjAE0AgAsLBbtyO3VhPGb3qABFu3cj6CbwrKFkwEAForB7sQMBii82ZiABBbEvpuABBaAiKCABBb62aSABBgJNDY5MzY1ODM3ForGARaMASUEFkYYBzMyMzY1MzQVApa6iokDEREYAk9YDHoU-AMU2gQAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbRjnAWh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ_aWQ9bG9zcyZiZD1BS0FtZi1CaDBNY1NoT1BEanBaYlJvMEpGNTYzQUZEaERRX2VCRnZnWl81WGVGVTBYMmdqTWdfdVhuMUl0WHByUlBoeW1xeUd1OGE1V0VXVlcwbTNGRURReFNLUUd0YURNcDhiNy1XZ3BHZFl0RWs0dEhRczhsVSZsb3NzX3JlYXNvbj0ke0FVQ1RJT05fTE9TU30mcHI9JHtBVUNUSU9OX1BSSUNFfQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=11977372721605669000&adk=27505019&idt=57&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
22493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EBD5 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BACACs52aG7wf3NuAm3WPDzypdRHwCSzfRLCQl9naWlhc8N0SJG9HNwWwiQF5ODNlZdAYNnzKv41KMmQqtEaLjYIEnkMSMBvO-xedLcoiwBIMj33tk8HLPfZibKs4lFLOQmpP3fBEd1wcpbvKXGBO_b2NTVVdQtyqtg91Sz9u199iVI_k&dbm_d=AKAmf-DF2VUhPDY4cN8YA-bdfa6go3cR9bCWOJM1rWM1B64qhP1ZqPEaqrtsvYyPoT9c2ucX-i4GjKyyLYiH_QzRgv0BW_eusYQw26DBzQEapZFlbwjiFUYFaTf3dPCmWwraoKFGov44c-AAIOX_D14a0YLDh08lCSjw8mOYVdYw3BCs4QDj8fTgPd_junhgwujcS7BO0SKzpl5ZUksMlH78RgTvYQQIlB1OpGXovC1w8Kdr8orMrZ6QmIT1KOUBUOhJeoH_mbtnvClNfxfbkHbbJLlXVyqIYY53JiEv56i2Cq4za0MkX18LWQpdGJPDZk-Hcepqw7z1pMYHclrJrT-5PIaQNntDXRSFWPFuj5UhtQC-2j_U-MmJe1-kIELMo46jCm19PXi5ZXOglAkhFp8VMB4RmfCUNpOCpfqRYNxhagUxhE9DUwDuMhugJvG3zhner2oBkgxbYZrpI8A9DsMOIAsqqsi-M4RuCmOC0rwka8Q2iKwo_NEEDaG2iRO9LgedG-CqBXoyKpfo9eU_T_Bm_ioFjKMNh6nNLw0VSUD2PpBtz69leSoyHMbiihPxThvsFMxJXDyWLJcG1R5uDWsCnKmAPWLyeQhkm_bXWwoSYxgngs_5G3KI5dgWj-0Kokb7PT3qPQmvqEvHbKmEG-NIUKQzktY3K9r0AyHCeNJH90M9CdgzNWkulFew7ydPBw-R773Sj2Hjb2amcDrIj4oFw3qt760K3gkb02ibZhRC5m1yx2ptkyg1Rx78YdG5xFXErJ8UXGW8DVIOH8lxLAwjeiRj6k30SaGV6I1IJgSdw8O3Gp0CE5wGLlK8gjbfTKUZKeCFC-YLFheQFd5cPRegmmgPJERkj1o4o7wpfU253RQ6fW5AZkLEphYN9KXHCyV6UTLM6bBuaXSRjwVMkXJOkPqYVItV65HwzSVdvKZlQOnrqoYGeMP3rMXn7C20uTBk_J9yn1HTGQjH_bOfoIqeyHG2ZuDnDm26tqIDLSaXQui-0N0n4N-rFDlXxpFiyXFX5wxzaZUYAp--ELDeSecX3ahPXj68mTh-6UWfeqAkKFPhy0vvdGHNtx14l0ayOfGFW7mt_xZeTF0GQLBwWYfLVNYu4b6HFE65-movu7cZzmusqjRkw89-bPepggU6Vt_1yZ5qfi4fwCVPlOcedGthhwtnC7hXK-55JFZoBEVSWlKX7NI2h0mAXR7aBvc3Bqaey4sLNaV-OfWbYczaW2zFrCyAVNpCZKhlSVvgGzn331HhDspN6o_RqGusjejRVtHLUAm-LkdxyGgk9P2lENUAcrFaOECOAqRl00VLA8CS6V1hiuVOHlZaJ-2M2uBA0xewHDhFtSFowvS-pI37v7k-VFmJUd1hPDg_65qYhNbq3R1oGqaHYxdlE9HRDVgAPRcQEUHl0QeKnbC4yz9HXXuLF013ebmq65UdxGoHb7LXVKrAry4Fe0Ca4Wm6EcuwrfQjJqNqD5KTDG9tBI1Ma2yqxUoxlChVw8S227i5H-nbxiegiMTPWcDfdLa2lkQPS9kq0LMbNx_WUplVKJ0StafmnBLMwaw3W-dKGj2D4YFCXvnsmLSSND11idPG_a8kvDt9Ef34r6LG_z40YztT5VM8a6oDJ7PnJ0Q-zY_XX4ull19vWPH8Gy3B1dmEK8-E20LiEyksXtizPuAPfzW2eZ1MBtBKCX9ko5Q8WOf2sbw7wCPjFyPAqAlfLSAt3wdEXPY1lZfNwfmhapE_I46b_l9Um-_46b44I39xITEEDcupPGHEJIwEBY1H7gC3OpBmH8taoGWSQGkri8WsuwJD6_A8jJlROeRAu3O-kZ8puu-wy-M1jnsKzZFJvt3cDYavqrQRBQWNVuHDFCup0xnDVmxM424kX9z_LOLNXmJGD9qCQeKZBuxJrbDnyD_udzl0SAAuBvUThzUxJ1zNDzz-4kax2tpJfa2ZSliMemdYUhn-7aIyNFhOeRLFXv9GxVXN27Xb45qdFlYF6YQ_Y7LjaRcqYfv-SbK4FEe5Wxjsspvw8x12iEuCKvxFNG5PbeTdASlhQ1uoF_vV85utHKWK-VLYexgl8fDd9bI5iOQ9GTtRe-J65I5yFhOx3yVBHHNy_L6yJmS8xTHP-baMH6xrjRaomeqoh4SbkSl_zp4kz_HmCNcDq4HDsyltqh-JA0wDCatke2T5JKVka1lQjde_oAplIk7_4ej2SwaYt1kPstZavBNCaFLOfcfR6hslg2eRmiUq1J2e3eNxbu2E_8-nwR4wdOsbO9kWx7R7FXo4AglgTnCsuR_aXqd5wpvKfb3cJaoSNuprJn8PTpO2yFIhKJ87uuEB_b2n8mdnSxnQcSaohGhRkKQShbuk57CyNxooVOZR-UI9ymUecdWTig9TvADQspw5r1Ct-j5MM28lHd0XYRFZTPe0Y6XQ99wHz9JNWHIhFod8Pumo4RVJ6jsSY9eCz26wx_Ckzac3tbYvYqPXHCoJ1XQl1lpZ14eyJhxKuBplzkTxwz-E0jl0yl74UVV1BiJcdn1qwLZbvq8z-rtKMuiUjrftOx7oAT6HN8pr8v9eRgBqPu7TwEuQumjxveban8_vLf0a8IGBHCO5uFf72I9YtwwzwNccBusQWbbAvGmzMML8XSl2h4ZEQ-ePGhkJM3eY0hkVbd1EMGctpKdKdB-1saFH282iDfErLAYsuawyWSJ2RcagCy7xYEgYzFV_ueOxOxIpjkv7GU4snuhY-YNlb1EgLPmVCR6WTqQox1q-LTzhQNqjcSRLYCyVo__UZi7Uso0Jn9Eqsn594NcNembqpLSZL7EF0n535oCE5-bw8ngfqXBEFP5dhvi1lG3o-GpwdswzqJqz_x8c8EEJMsThjB9weGvF9oT-TaestgkOOAVVlih_PBR6yAZX4MqJfwIkv-YIFOpf7H79-utAlKsZPmZTdKbZoDNjgCdaTRU5OABcdOMmHB37pkMQYJoALfaqGck1ssyhDi3oy-UQha0gTcnh_uA_DF0ZCU9GJ6oN0hKhllIRu75_A5dS2N5zyeghYSvikdRDV3zMemIjiSvRwovsz8DpMX4RBVH9vHZOX5q-BdLTbVcQObizL3QXDR3iGPSDC-ovwKa7JU-_paiEmV-n_4gP5f0KsGSH8YDaz9bDF1ook9uVUJNtUi1zDOP5pNV5SzvlQROml8_Y8VAWGSJNfp__FmaMIx6cHaC3cJ6MvqxoQQQWTdJ_TUiPTXrToRKdLBqEZLLS4kiyaDQjDVs7azHfmtrngFVA2jn6htqkssCxjAwTfiAD0ZgNFn8ycUUQm89S8B3CXD5_-r3H77T2j7dzWyX-v8kTO_1oGmrPVCeQyqKZW484HmPL6fJi-exZRJbzsOkKsUCLrFJWEmPhCr6CScT9gqBL70ErGtbnhDdY&pr=9%3AAAABh8_1j-i2qtqaA8d6nM1yIZ2u8RK1q_6SMg&cid=CAQSGwBygQiDPwXAOJ7mx88tUtyjkbUyxvfMCCXZ9RgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoYcGApFaFY0cUduNWYxHBalxZ3QvsHxgAcWn-6F96XQn6D8AQAcFti4sr7blPfjMBbBrfKM5su2ke4BABaKwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkYWRhZGFigWKBYoFigWjAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQW-tmkgAQWgIiggAQVGBwU9AMU2AQAFQQmjAEWjAEWjAERNQ4mjAE0AgAsLBbtyO3VhPGb3qABFu3cj6CbwrKFkwEAForB7sQMBii82ZiABBbEvpuABBaAiKCABBb62aSABBgJNDY5MzY1ODM3ForGARaMASUEFkYYBzMyMzY1MzQVApa6iokDEREYAk9YDHoU-AMU2gQAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbRjnAWh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ_aWQ9bG9zcyZiZD1BS0FtZi1CaDBNY1NoT1BEanBaYlJvMEpGNTYzQUZEaERRX2VCRnZnWl81WGVGVTBYMmdqTWdfdVhuMUl0WHByUlBoeW1xeUd1OGE1V0VXVlcwbTNGRURReFNLUUd0YURNcDhiNy1XZ3BHZFl0RWs0dEhRczhsVSZsb3NzX3JlYXNvbj0ke0FVQ1RJT05fTE9TU30mcHI9JHtBVUNUSU9OX1BSSUNFfQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=11977372721605669000&adk=27505019&idt=57&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame EBD5 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BACACs52aG7wf3NuAm3WPDzypdRHwCSzfRLCQl9naWlhc8N0SJG9HNwWwiQF5ODNlZdAYNnzKv41KMmQqtEaLjYIEnkMSMBvO-xedLcoiwBIMj33tk8HLPfZibKs4lFLOQmpP3fBEd1wcpbvKXGBO_b2NTVVdQtyqtg91Sz9u199iVI_k&dbm_d=AKAmf-DF2VUhPDY4cN8YA-bdfa6go3cR9bCWOJM1rWM1B64qhP1ZqPEaqrtsvYyPoT9c2ucX-i4GjKyyLYiH_QzRgv0BW_eusYQw26DBzQEapZFlbwjiFUYFaTf3dPCmWwraoKFGov44c-AAIOX_D14a0YLDh08lCSjw8mOYVdYw3BCs4QDj8fTgPd_junhgwujcS7BO0SKzpl5ZUksMlH78RgTvYQQIlB1OpGXovC1w8Kdr8orMrZ6QmIT1KOUBUOhJeoH_mbtnvClNfxfbkHbbJLlXVyqIYY53JiEv56i2Cq4za0MkX18LWQpdGJPDZk-Hcepqw7z1pMYHclrJrT-5PIaQNntDXRSFWPFuj5UhtQC-2j_U-MmJe1-kIELMo46jCm19PXi5ZXOglAkhFp8VMB4RmfCUNpOCpfqRYNxhagUxhE9DUwDuMhugJvG3zhner2oBkgxbYZrpI8A9DsMOIAsqqsi-M4RuCmOC0rwka8Q2iKwo_NEEDaG2iRO9LgedG-CqBXoyKpfo9eU_T_Bm_ioFjKMNh6nNLw0VSUD2PpBtz69leSoyHMbiihPxThvsFMxJXDyWLJcG1R5uDWsCnKmAPWLyeQhkm_bXWwoSYxgngs_5G3KI5dgWj-0Kokb7PT3qPQmvqEvHbKmEG-NIUKQzktY3K9r0AyHCeNJH90M9CdgzNWkulFew7ydPBw-R773Sj2Hjb2amcDrIj4oFw3qt760K3gkb02ibZhRC5m1yx2ptkyg1Rx78YdG5xFXErJ8UXGW8DVIOH8lxLAwjeiRj6k30SaGV6I1IJgSdw8O3Gp0CE5wGLlK8gjbfTKUZKeCFC-YLFheQFd5cPRegmmgPJERkj1o4o7wpfU253RQ6fW5AZkLEphYN9KXHCyV6UTLM6bBuaXSRjwVMkXJOkPqYVItV65HwzSVdvKZlQOnrqoYGeMP3rMXn7C20uTBk_J9yn1HTGQjH_bOfoIqeyHG2ZuDnDm26tqIDLSaXQui-0N0n4N-rFDlXxpFiyXFX5wxzaZUYAp--ELDeSecX3ahPXj68mTh-6UWfeqAkKFPhy0vvdGHNtx14l0ayOfGFW7mt_xZeTF0GQLBwWYfLVNYu4b6HFE65-movu7cZzmusqjRkw89-bPepggU6Vt_1yZ5qfi4fwCVPlOcedGthhwtnC7hXK-55JFZoBEVSWlKX7NI2h0mAXR7aBvc3Bqaey4sLNaV-OfWbYczaW2zFrCyAVNpCZKhlSVvgGzn331HhDspN6o_RqGusjejRVtHLUAm-LkdxyGgk9P2lENUAcrFaOECOAqRl00VLA8CS6V1hiuVOHlZaJ-2M2uBA0xewHDhFtSFowvS-pI37v7k-VFmJUd1hPDg_65qYhNbq3R1oGqaHYxdlE9HRDVgAPRcQEUHl0QeKnbC4yz9HXXuLF013ebmq65UdxGoHb7LXVKrAry4Fe0Ca4Wm6EcuwrfQjJqNqD5KTDG9tBI1Ma2yqxUoxlChVw8S227i5H-nbxiegiMTPWcDfdLa2lkQPS9kq0LMbNx_WUplVKJ0StafmnBLMwaw3W-dKGj2D4YFCXvnsmLSSND11idPG_a8kvDt9Ef34r6LG_z40YztT5VM8a6oDJ7PnJ0Q-zY_XX4ull19vWPH8Gy3B1dmEK8-E20LiEyksXtizPuAPfzW2eZ1MBtBKCX9ko5Q8WOf2sbw7wCPjFyPAqAlfLSAt3wdEXPY1lZfNwfmhapE_I46b_l9Um-_46b44I39xITEEDcupPGHEJIwEBY1H7gC3OpBmH8taoGWSQGkri8WsuwJD6_A8jJlROeRAu3O-kZ8puu-wy-M1jnsKzZFJvt3cDYavqrQRBQWNVuHDFCup0xnDVmxM424kX9z_LOLNXmJGD9qCQeKZBuxJrbDnyD_udzl0SAAuBvUThzUxJ1zNDzz-4kax2tpJfa2ZSliMemdYUhn-7aIyNFhOeRLFXv9GxVXN27Xb45qdFlYF6YQ_Y7LjaRcqYfv-SbK4FEe5Wxjsspvw8x12iEuCKvxFNG5PbeTdASlhQ1uoF_vV85utHKWK-VLYexgl8fDd9bI5iOQ9GTtRe-J65I5yFhOx3yVBHHNy_L6yJmS8xTHP-baMH6xrjRaomeqoh4SbkSl_zp4kz_HmCNcDq4HDsyltqh-JA0wDCatke2T5JKVka1lQjde_oAplIk7_4ej2SwaYt1kPstZavBNCaFLOfcfR6hslg2eRmiUq1J2e3eNxbu2E_8-nwR4wdOsbO9kWx7R7FXo4AglgTnCsuR_aXqd5wpvKfb3cJaoSNuprJn8PTpO2yFIhKJ87uuEB_b2n8mdnSxnQcSaohGhRkKQShbuk57CyNxooVOZR-UI9ymUecdWTig9TvADQspw5r1Ct-j5MM28lHd0XYRFZTPe0Y6XQ99wHz9JNWHIhFod8Pumo4RVJ6jsSY9eCz26wx_Ckzac3tbYvYqPXHCoJ1XQl1lpZ14eyJhxKuBplzkTxwz-E0jl0yl74UVV1BiJcdn1qwLZbvq8z-rtKMuiUjrftOx7oAT6HN8pr8v9eRgBqPu7TwEuQumjxveban8_vLf0a8IGBHCO5uFf72I9YtwwzwNccBusQWbbAvGmzMML8XSl2h4ZEQ-ePGhkJM3eY0hkVbd1EMGctpKdKdB-1saFH282iDfErLAYsuawyWSJ2RcagCy7xYEgYzFV_ueOxOxIpjkv7GU4snuhY-YNlb1EgLPmVCR6WTqQox1q-LTzhQNqjcSRLYCyVo__UZi7Uso0Jn9Eqsn594NcNembqpLSZL7EF0n535oCE5-bw8ngfqXBEFP5dhvi1lG3o-GpwdswzqJqz_x8c8EEJMsThjB9weGvF9oT-TaestgkOOAVVlih_PBR6yAZX4MqJfwIkv-YIFOpf7H79-utAlKsZPmZTdKbZoDNjgCdaTRU5OABcdOMmHB37pkMQYJoALfaqGck1ssyhDi3oy-UQha0gTcnh_uA_DF0ZCU9GJ6oN0hKhllIRu75_A5dS2N5zyeghYSvikdRDV3zMemIjiSvRwovsz8DpMX4RBVH9vHZOX5q-BdLTbVcQObizL3QXDR3iGPSDC-ovwKa7JU-_paiEmV-n_4gP5f0KsGSH8YDaz9bDF1ook9uVUJNtUi1zDOP5pNV5SzvlQROml8_Y8VAWGSJNfp__FmaMIx6cHaC3cJ6MvqxoQQQWTdJ_TUiPTXrToRKdLBqEZLLS4kiyaDQjDVs7azHfmtrngFVA2jn6htqkssCxjAwTfiAD0ZgNFn8ycUUQm89S8B3CXD5_-r3H77T2j7dzWyX-v8kTO_1oGmrPVCeQyqKZW484HmPL6fJi-exZRJbzsOkKsUCLrFJWEmPhCr6CScT9gqBL70ErGtbnhDdY&pr=9%3AAAABh8_1j-i2qtqaA8d6nM1yIZ2u8RK1q_6SMg&cid=CAQSGwBygQiDPwXAOJ7mx88tUtyjkbUyxvfMCCXZ9RgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoYcGApFaFY0cUduNWYxHBalxZ3QvsHxgAcWn-6F96XQn6D8AQAcFti4sr7blPfjMBbBrfKM5su2ke4BABaKwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkYWRhZGFigWKBYoFigWjAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQW-tmkgAQWgIiggAQVGBwU9AMU2AQAFQQmjAEWjAEWjAERNQ4mjAE0AgAsLBbtyO3VhPGb3qABFu3cj6CbwrKFkwEAForB7sQMBii82ZiABBbEvpuABBaAiKCABBb62aSABBgJNDY5MzY1ODM3ForGARaMASUEFkYYBzMyMzY1MzQVApa6iokDEREYAk9YDHoU-AMU2gQAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbRjnAWh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ_aWQ9bG9zcyZiZD1BS0FtZi1CaDBNY1NoT1BEanBaYlJvMEpGNTYzQUZEaERRX2VCRnZnWl81WGVGVTBYMmdqTWdfdVhuMUl0WHByUlBoeW1xeUd1OGE1V0VXVlcwbTNGRURReFNLUUd0YURNcDhiNy1XZ3BHZFl0RWs0dEhRczhsVSZsb3NzX3JlYXNvbj0ke0FVQ1RJT05fTE9TU30mcHI9JHtBVUNUSU9OX1BSSUNFfQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=11977372721605669000&adk=27505019&idt=57&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
22494
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EBD5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5R0CHYqp9iDlhLyeAXzeUn_Qx-iVRhHimd4p3u7_SQ0GovCSfJTER84EU4JJQMUIhiH1bWxJJ5oYagrpzzTxSESw3BP6qCQHG0WnfBwLmEbjan2JAWAXcFErA1wpRYt-tY4gdYmdgVoA37NTP0zsF4MQoricl73Rr5EFQ55itnrVsOIekHA5h-U6rotWqkjYQY5HpF8CaP1nSyjbpaTuEHc28lxsrzFN655zke6syCJHI8sCBx3Myoq98q_N7JwCdg0pqY4roiJZcXPeBv6eqb8K-4V-lw5h_oMMqmB2rVSYSet-n_Qm1AtOE_ojlUqgx7-fDrr0xVctlOcUMiHA00Mrws7Kr5es6TgOTUw9Ce-LDc7LPJalhabH9_V3hvffwckkz1EHkNQCC9TMV-x_E8vn_4Q2DwPiZ71gj3SwDiaSrvi7lx19LccfgWwYUS7Z13y6yf4biOdvAToHyBKshE_SViMzU_yDac8daPV206EtZB3nijb0LSr1LgFxsve5eaI-E1W-AxEmlFtvGnVpeCcA4BaUPMQv7FtcmZnecagX_Sga3vF4-SvEgWeqoNlAfIz_oMbfztVaGwsXIaXKnbQBkv3ZbuGRWcEHDPnsR_m9XWSo7mcJHw0ueF-ZOZUtws_1bXe3REEcX_xzoweMQrQLMjz2tnYnJkFPn-ZJzI2gASXgGentQTEoia8d-_1FbmHoWthtZCasQs9bWa_I2t6rZofxoKdym5xpuu2-WgRdlI3QLGG2sNPVkXvtMnS22avy4lbXId8GM3CsqWyj_Umw7Q6989VerXn_v-f81zxd4Zd7ZJe9OkptjxJB3XDcYj6p2b6nl1O7hH11AINHhRAUwjRN4NbFQZSLrQ4LZEpiTOSm8PFkyuGiD-IGe5Lxq7xWb0UTPojKAzL4Vq39ejZLtdmHQtOfB1zBNVSXD6NYoTisuLzPQq-Kv402hY5ShFa8GRU1AEYxH8oXm6zgh35v0KZi--2f__kb1JqW1xkGRO9fsLR-AwAL12UbmuM60KZB_8_RC8LHvKAESBTbG3zjneZrtmNXaZGIQbHcj8UE2Ko1x-Ogt-wuQqH960UhPQesipvbDc9LhpRDFmOCjU2PXoCdY4gVmg7zoMOc4LNbObI1Q3QloCR-B3WkjyiYdibHTn2XBrWKS-QdH2MrsFujcYIRIY4JjBVk7x95HB24gEUiAL9Is6ylBznUoQA&sai=AMfl-YTllr1-JthV4tyq2oL9_mQhhhMMRu06zw-Mt4VmiW-No8JhT0WbVcz4pwQ1uWHKLi4NjO7-S8NF3Spy_arx7X-ESVqJ3YGTBNDodYSHP8KTN-V-o1a2fnvwymH-F7cZ_CM2gwZVzuzUdJtFOhuAmR7BRt47lHz7POLhcBGqUz2r5Nb2nqQ&sig=Cg0ArKJSzHUtqPdfA-H7EAE&uach_m=[UACH]&pr=9:AAABh8_1j-i2qtqaA8d6nM1yIZ2u8RK1q_6SMg&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230426.20745&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BACACs52aG7wf3NuAm3WPDzypdRHwCSzfRLCQl9naWlhc8N0SJG9HNwWwiQF5ODNlZdAYNnzKv41KMmQqtEaLjYIEnkMSMBvO-xedLcoiwBIMj33tk8HLPfZibKs4lFLOQmpP3fBEd1wcpbvKXGBO_b2NTVVdQtyqtg91Sz9u199iVI_k&dbm_d=AKAmf-DF2VUhPDY4cN8YA-bdfa6go3cR9bCWOJM1rWM1B64qhP1ZqPEaqrtsvYyPoT9c2ucX-i4GjKyyLYiH_QzRgv0BW_eusYQw26DBzQEapZFlbwjiFUYFaTf3dPCmWwraoKFGov44c-AAIOX_D14a0YLDh08lCSjw8mOYVdYw3BCs4QDj8fTgPd_junhgwujcS7BO0SKzpl5ZUksMlH78RgTvYQQIlB1OpGXovC1w8Kdr8orMrZ6QmIT1KOUBUOhJeoH_mbtnvClNfxfbkHbbJLlXVyqIYY53JiEv56i2Cq4za0MkX18LWQpdGJPDZk-Hcepqw7z1pMYHclrJrT-5PIaQNntDXRSFWPFuj5UhtQC-2j_U-MmJe1-kIELMo46jCm19PXi5ZXOglAkhFp8VMB4RmfCUNpOCpfqRYNxhagUxhE9DUwDuMhugJvG3zhner2oBkgxbYZrpI8A9DsMOIAsqqsi-M4RuCmOC0rwka8Q2iKwo_NEEDaG2iRO9LgedG-CqBXoyKpfo9eU_T_Bm_ioFjKMNh6nNLw0VSUD2PpBtz69leSoyHMbiihPxThvsFMxJXDyWLJcG1R5uDWsCnKmAPWLyeQhkm_bXWwoSYxgngs_5G3KI5dgWj-0Kokb7PT3qPQmvqEvHbKmEG-NIUKQzktY3K9r0AyHCeNJH90M9CdgzNWkulFew7ydPBw-R773Sj2Hjb2amcDrIj4oFw3qt760K3gkb02ibZhRC5m1yx2ptkyg1Rx78YdG5xFXErJ8UXGW8DVIOH8lxLAwjeiRj6k30SaGV6I1IJgSdw8O3Gp0CE5wGLlK8gjbfTKUZKeCFC-YLFheQFd5cPRegmmgPJERkj1o4o7wpfU253RQ6fW5AZkLEphYN9KXHCyV6UTLM6bBuaXSRjwVMkXJOkPqYVItV65HwzSVdvKZlQOnrqoYGeMP3rMXn7C20uTBk_J9yn1HTGQjH_bOfoIqeyHG2ZuDnDm26tqIDLSaXQui-0N0n4N-rFDlXxpFiyXFX5wxzaZUYAp--ELDeSecX3ahPXj68mTh-6UWfeqAkKFPhy0vvdGHNtx14l0ayOfGFW7mt_xZeTF0GQLBwWYfLVNYu4b6HFE65-movu7cZzmusqjRkw89-bPepggU6Vt_1yZ5qfi4fwCVPlOcedGthhwtnC7hXK-55JFZoBEVSWlKX7NI2h0mAXR7aBvc3Bqaey4sLNaV-OfWbYczaW2zFrCyAVNpCZKhlSVvgGzn331HhDspN6o_RqGusjejRVtHLUAm-LkdxyGgk9P2lENUAcrFaOECOAqRl00VLA8CS6V1hiuVOHlZaJ-2M2uBA0xewHDhFtSFowvS-pI37v7k-VFmJUd1hPDg_65qYhNbq3R1oGqaHYxdlE9HRDVgAPRcQEUHl0QeKnbC4yz9HXXuLF013ebmq65UdxGoHb7LXVKrAry4Fe0Ca4Wm6EcuwrfQjJqNqD5KTDG9tBI1Ma2yqxUoxlChVw8S227i5H-nbxiegiMTPWcDfdLa2lkQPS9kq0LMbNx_WUplVKJ0StafmnBLMwaw3W-dKGj2D4YFCXvnsmLSSND11idPG_a8kvDt9Ef34r6LG_z40YztT5VM8a6oDJ7PnJ0Q-zY_XX4ull19vWPH8Gy3B1dmEK8-E20LiEyksXtizPuAPfzW2eZ1MBtBKCX9ko5Q8WOf2sbw7wCPjFyPAqAlfLSAt3wdEXPY1lZfNwfmhapE_I46b_l9Um-_46b44I39xITEEDcupPGHEJIwEBY1H7gC3OpBmH8taoGWSQGkri8WsuwJD6_A8jJlROeRAu3O-kZ8puu-wy-M1jnsKzZFJvt3cDYavqrQRBQWNVuHDFCup0xnDVmxM424kX9z_LOLNXmJGD9qCQeKZBuxJrbDnyD_udzl0SAAuBvUThzUxJ1zNDzz-4kax2tpJfa2ZSliMemdYUhn-7aIyNFhOeRLFXv9GxVXN27Xb45qdFlYF6YQ_Y7LjaRcqYfv-SbK4FEe5Wxjsspvw8x12iEuCKvxFNG5PbeTdASlhQ1uoF_vV85utHKWK-VLYexgl8fDd9bI5iOQ9GTtRe-J65I5yFhOx3yVBHHNy_L6yJmS8xTHP-baMH6xrjRaomeqoh4SbkSl_zp4kz_HmCNcDq4HDsyltqh-JA0wDCatke2T5JKVka1lQjde_oAplIk7_4ej2SwaYt1kPstZavBNCaFLOfcfR6hslg2eRmiUq1J2e3eNxbu2E_8-nwR4wdOsbO9kWx7R7FXo4AglgTnCsuR_aXqd5wpvKfb3cJaoSNuprJn8PTpO2yFIhKJ87uuEB_b2n8mdnSxnQcSaohGhRkKQShbuk57CyNxooVOZR-UI9ymUecdWTig9TvADQspw5r1Ct-j5MM28lHd0XYRFZTPe0Y6XQ99wHz9JNWHIhFod8Pumo4RVJ6jsSY9eCz26wx_Ckzac3tbYvYqPXHCoJ1XQl1lpZ14eyJhxKuBplzkTxwz-E0jl0yl74UVV1BiJcdn1qwLZbvq8z-rtKMuiUjrftOx7oAT6HN8pr8v9eRgBqPu7TwEuQumjxveban8_vLf0a8IGBHCO5uFf72I9YtwwzwNccBusQWbbAvGmzMML8XSl2h4ZEQ-ePGhkJM3eY0hkVbd1EMGctpKdKdB-1saFH282iDfErLAYsuawyWSJ2RcagCy7xYEgYzFV_ueOxOxIpjkv7GU4snuhY-YNlb1EgLPmVCR6WTqQox1q-LTzhQNqjcSRLYCyVo__UZi7Uso0Jn9Eqsn594NcNembqpLSZL7EF0n535oCE5-bw8ngfqXBEFP5dhvi1lG3o-GpwdswzqJqz_x8c8EEJMsThjB9weGvF9oT-TaestgkOOAVVlih_PBR6yAZX4MqJfwIkv-YIFOpf7H79-utAlKsZPmZTdKbZoDNjgCdaTRU5OABcdOMmHB37pkMQYJoALfaqGck1ssyhDi3oy-UQha0gTcnh_uA_DF0ZCU9GJ6oN0hKhllIRu75_A5dS2N5zyeghYSvikdRDV3zMemIjiSvRwovsz8DpMX4RBVH9vHZOX5q-BdLTbVcQObizL3QXDR3iGPSDC-ovwKa7JU-_paiEmV-n_4gP5f0KsGSH8YDaz9bDF1ook9uVUJNtUi1zDOP5pNV5SzvlQROml8_Y8VAWGSJNfp__FmaMIx6cHaC3cJ6MvqxoQQQWTdJ_TUiPTXrToRKdLBqEZLLS4kiyaDQjDVs7azHfmtrngFVA2jn6htqkssCxjAwTfiAD0ZgNFn8ycUUQm89S8B3CXD5_-r3H77T2j7dzWyX-v8kTO_1oGmrPVCeQyqKZW484HmPL6fJi-exZRJbzsOkKsUCLrFJWEmPhCr6CScT9gqBL70ErGtbnhDdY&pr=9%3AAAABh8_1j-i2qtqaA8d6nM1yIZ2u8RK1q_6SMg&cid=CAQSGwBygQiDPwXAOJ7mx88tUtyjkbUyxvfMCCXZ9RgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoYcGApFaFY0cUduNWYxHBalxZ3QvsHxgAcWn-6F96XQn6D8AQAcFti4sr7blPfjMBbBrfKM5su2ke4BABaKwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkYWRhZGFigWKBYoFigWjAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQW-tmkgAQWgIiggAQVGBwU9AMU2AQAFQQmjAEWjAEWjAERNQ4mjAE0AgAsLBbtyO3VhPGb3qABFu3cj6CbwrKFkwEAForB7sQMBii82ZiABBbEvpuABBaAiKCABBb62aSABBgJNDY5MzY1ODM3ForGARaMASUEFkYYBzMyMzY1MzQVApa6iokDEREYAk9YDHoU-AMU2gQAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbRjnAWh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ_aWQ9bG9zcyZiZD1BS0FtZi1CaDBNY1NoT1BEanBaYlJvMEpGNTYzQUZEaERRX2VCRnZnWl81WGVGVTBYMmdqTWdfdVhuMUl0WHByUlBoeW1xeUd1OGE1V0VXVlcwbTNGRURReFNLUUd0YURNcDhiNy1XZ3BHZFl0RWs0dEhRczhsVSZsb3NzX3JlYXNvbj0ke0FVQ1RJT05fTE9TU30mcHI9JHtBVUNUSU9OX1BSSUNFfQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=11977372721605669000&adk=27505019&idt=57&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 30 Apr 2023 02:19:55 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EBD5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BACACs52aG7wf3NuAm3WPDzypdRHwCSzfRLCQl9naWlhc8N0SJG9HNwWwiQF5ODNlZdAYNnzKv41KMmQqtEaLjYIEnkMSMBvO-xedLcoiwBIMj33tk8HLPfZibKs4lFLOQmpP3fBEd1wcpbvKXGBO_b2NTVVdQtyqtg91Sz9u199iVI_k&dbm_d=AKAmf-DF2VUhPDY4cN8YA-bdfa6go3cR9bCWOJM1rWM1B64qhP1ZqPEaqrtsvYyPoT9c2ucX-i4GjKyyLYiH_QzRgv0BW_eusYQw26DBzQEapZFlbwjiFUYFaTf3dPCmWwraoKFGov44c-AAIOX_D14a0YLDh08lCSjw8mOYVdYw3BCs4QDj8fTgPd_junhgwujcS7BO0SKzpl5ZUksMlH78RgTvYQQIlB1OpGXovC1w8Kdr8orMrZ6QmIT1KOUBUOhJeoH_mbtnvClNfxfbkHbbJLlXVyqIYY53JiEv56i2Cq4za0MkX18LWQpdGJPDZk-Hcepqw7z1pMYHclrJrT-5PIaQNntDXRSFWPFuj5UhtQC-2j_U-MmJe1-kIELMo46jCm19PXi5ZXOglAkhFp8VMB4RmfCUNpOCpfqRYNxhagUxhE9DUwDuMhugJvG3zhner2oBkgxbYZrpI8A9DsMOIAsqqsi-M4RuCmOC0rwka8Q2iKwo_NEEDaG2iRO9LgedG-CqBXoyKpfo9eU_T_Bm_ioFjKMNh6nNLw0VSUD2PpBtz69leSoyHMbiihPxThvsFMxJXDyWLJcG1R5uDWsCnKmAPWLyeQhkm_bXWwoSYxgngs_5G3KI5dgWj-0Kokb7PT3qPQmvqEvHbKmEG-NIUKQzktY3K9r0AyHCeNJH90M9CdgzNWkulFew7ydPBw-R773Sj2Hjb2amcDrIj4oFw3qt760K3gkb02ibZhRC5m1yx2ptkyg1Rx78YdG5xFXErJ8UXGW8DVIOH8lxLAwjeiRj6k30SaGV6I1IJgSdw8O3Gp0CE5wGLlK8gjbfTKUZKeCFC-YLFheQFd5cPRegmmgPJERkj1o4o7wpfU253RQ6fW5AZkLEphYN9KXHCyV6UTLM6bBuaXSRjwVMkXJOkPqYVItV65HwzSVdvKZlQOnrqoYGeMP3rMXn7C20uTBk_J9yn1HTGQjH_bOfoIqeyHG2ZuDnDm26tqIDLSaXQui-0N0n4N-rFDlXxpFiyXFX5wxzaZUYAp--ELDeSecX3ahPXj68mTh-6UWfeqAkKFPhy0vvdGHNtx14l0ayOfGFW7mt_xZeTF0GQLBwWYfLVNYu4b6HFE65-movu7cZzmusqjRkw89-bPepggU6Vt_1yZ5qfi4fwCVPlOcedGthhwtnC7hXK-55JFZoBEVSWlKX7NI2h0mAXR7aBvc3Bqaey4sLNaV-OfWbYczaW2zFrCyAVNpCZKhlSVvgGzn331HhDspN6o_RqGusjejRVtHLUAm-LkdxyGgk9P2lENUAcrFaOECOAqRl00VLA8CS6V1hiuVOHlZaJ-2M2uBA0xewHDhFtSFowvS-pI37v7k-VFmJUd1hPDg_65qYhNbq3R1oGqaHYxdlE9HRDVgAPRcQEUHl0QeKnbC4yz9HXXuLF013ebmq65UdxGoHb7LXVKrAry4Fe0Ca4Wm6EcuwrfQjJqNqD5KTDG9tBI1Ma2yqxUoxlChVw8S227i5H-nbxiegiMTPWcDfdLa2lkQPS9kq0LMbNx_WUplVKJ0StafmnBLMwaw3W-dKGj2D4YFCXvnsmLSSND11idPG_a8kvDt9Ef34r6LG_z40YztT5VM8a6oDJ7PnJ0Q-zY_XX4ull19vWPH8Gy3B1dmEK8-E20LiEyksXtizPuAPfzW2eZ1MBtBKCX9ko5Q8WOf2sbw7wCPjFyPAqAlfLSAt3wdEXPY1lZfNwfmhapE_I46b_l9Um-_46b44I39xITEEDcupPGHEJIwEBY1H7gC3OpBmH8taoGWSQGkri8WsuwJD6_A8jJlROeRAu3O-kZ8puu-wy-M1jnsKzZFJvt3cDYavqrQRBQWNVuHDFCup0xnDVmxM424kX9z_LOLNXmJGD9qCQeKZBuxJrbDnyD_udzl0SAAuBvUThzUxJ1zNDzz-4kax2tpJfa2ZSliMemdYUhn-7aIyNFhOeRLFXv9GxVXN27Xb45qdFlYF6YQ_Y7LjaRcqYfv-SbK4FEe5Wxjsspvw8x12iEuCKvxFNG5PbeTdASlhQ1uoF_vV85utHKWK-VLYexgl8fDd9bI5iOQ9GTtRe-J65I5yFhOx3yVBHHNy_L6yJmS8xTHP-baMH6xrjRaomeqoh4SbkSl_zp4kz_HmCNcDq4HDsyltqh-JA0wDCatke2T5JKVka1lQjde_oAplIk7_4ej2SwaYt1kPstZavBNCaFLOfcfR6hslg2eRmiUq1J2e3eNxbu2E_8-nwR4wdOsbO9kWx7R7FXo4AglgTnCsuR_aXqd5wpvKfb3cJaoSNuprJn8PTpO2yFIhKJ87uuEB_b2n8mdnSxnQcSaohGhRkKQShbuk57CyNxooVOZR-UI9ymUecdWTig9TvADQspw5r1Ct-j5MM28lHd0XYRFZTPe0Y6XQ99wHz9JNWHIhFod8Pumo4RVJ6jsSY9eCz26wx_Ckzac3tbYvYqPXHCoJ1XQl1lpZ14eyJhxKuBplzkTxwz-E0jl0yl74UVV1BiJcdn1qwLZbvq8z-rtKMuiUjrftOx7oAT6HN8pr8v9eRgBqPu7TwEuQumjxveban8_vLf0a8IGBHCO5uFf72I9YtwwzwNccBusQWbbAvGmzMML8XSl2h4ZEQ-ePGhkJM3eY0hkVbd1EMGctpKdKdB-1saFH282iDfErLAYsuawyWSJ2RcagCy7xYEgYzFV_ueOxOxIpjkv7GU4snuhY-YNlb1EgLPmVCR6WTqQox1q-LTzhQNqjcSRLYCyVo__UZi7Uso0Jn9Eqsn594NcNembqpLSZL7EF0n535oCE5-bw8ngfqXBEFP5dhvi1lG3o-GpwdswzqJqz_x8c8EEJMsThjB9weGvF9oT-TaestgkOOAVVlih_PBR6yAZX4MqJfwIkv-YIFOpf7H79-utAlKsZPmZTdKbZoDNjgCdaTRU5OABcdOMmHB37pkMQYJoALfaqGck1ssyhDi3oy-UQha0gTcnh_uA_DF0ZCU9GJ6oN0hKhllIRu75_A5dS2N5zyeghYSvikdRDV3zMemIjiSvRwovsz8DpMX4RBVH9vHZOX5q-BdLTbVcQObizL3QXDR3iGPSDC-ovwKa7JU-_paiEmV-n_4gP5f0KsGSH8YDaz9bDF1ook9uVUJNtUi1zDOP5pNV5SzvlQROml8_Y8VAWGSJNfp__FmaMIx6cHaC3cJ6MvqxoQQQWTdJ_TUiPTXrToRKdLBqEZLLS4kiyaDQjDVs7azHfmtrngFVA2jn6htqkssCxjAwTfiAD0ZgNFn8ycUUQm89S8B3CXD5_-r3H77T2j7dzWyX-v8kTO_1oGmrPVCeQyqKZW484HmPL6fJi-exZRJbzsOkKsUCLrFJWEmPhCr6CScT9gqBL70ErGtbnhDdY&pr=9%3AAAABh8_1j-i2qtqaA8d6nM1yIZ2u8RK1q_6SMg&cid=CAQSGwBygQiDPwXAOJ7mx88tUtyjkbUyxvfMCCXZ9RgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoYcGApFaFY0cUduNWYxHBalxZ3QvsHxgAcWn-6F96XQn6D8AQAcFti4sr7blPfjMBbBrfKM5su2ke4BABaKwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkYWRhZGFigWKBYoFigWjAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQW-tmkgAQWgIiggAQVGBwU9AMU2AQAFQQmjAEWjAEWjAERNQ4mjAE0AgAsLBbtyO3VhPGb3qABFu3cj6CbwrKFkwEAForB7sQMBii82ZiABBbEvpuABBaAiKCABBb62aSABBgJNDY5MzY1ODM3ForGARaMASUEFkYYBzMyMzY1MzQVApa6iokDEREYAk9YDHoU-AMU2gQAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbRjnAWh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ_aWQ9bG9zcyZiZD1BS0FtZi1CaDBNY1NoT1BEanBaYlJvMEpGNTYzQUZEaERRX2VCRnZnWl81WGVGVTBYMmdqTWdfdVhuMUl0WHByUlBoeW1xeUd1OGE1V0VXVlcwbTNGRURReFNLUUd0YURNcDhiNy1XZ3BHZFl0RWs0dEhRczhsVSZsb3NzX3JlYXNvbj0ke0FVQ1RJT05fTE9TU30mcHI9JHtBVUNUSU9OX1BSSUNFfQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=11977372721605669000&adk=27505019&idt=57&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 17:25:31 GMT
1271600801072509413
s0.2mdn.net/simgad/ Frame EBD5 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1271600801072509413
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f74e5e060bc6b61fd7b3fa01f48a375f4343ac3d8c0e6d383108ed850cbd9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:10:38 GMT
x-content-type-options
nosniff
age
58157
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10621
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 14:53:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 10:10:38 GMT
1271600801072509413
s0.2mdn.net/simgad/ Frame 766C 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1271600801072509413
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Avqlr4uE4x-cPZ_ow6T85JzE2dLmPY1AXTXwTu0O0cB8veytRvj45Odhb7fV67zJ--e3ydB9NohgrbMHev0AwSdv-olQ3wGPXr3l9QQTqw5blK4O60qwi_Jq1mf_SCyISa_nRgnkGM46iOu1zEAmb6qDVMbLX0B1pWtrGpFtMjqliSXdI&dbm_d=AKAmf-A4xhNZO3zHrZfZ_StV6_Y2aAlVoGh_c8Ggl7SIA-pnILtah0YYvSHOHFswqg_DU8_N1RFn3TBTHECKVFIkklWhU0NQUWvk_cPm1GfVTmPo9rqcRyrIrUr71UUynL20ADwrR60Jy_kW9s03ms27X0C4tuz4BBGZb8fJwlQFN_oCY7QXpC1PE6X594K_4pHOKUq7TkrsLDdMZcPVhPhpzRNEbsiytlDq38DIPhakzyF6Of-iMMqLdktHsORnQCIr0zxOzjCyapJ5nzYFqjmv9JPQrnrCwyc9mP1hbwQ5hEDAFE68fFt6aFJvDxlBgJ-AxAfKxyi_IqHLwz8MmPoAkbA_ZJCsM8BlrEI_Fc1rXjKQY_t1wACXtQgowZhC3I5HQyNOdQwD2xXIifmmYzxZpCBrcK4CxW4frm0ZCE8IZMYtUr66WINkf1yR51DiuH7AJbPU3ydzQPQ06MyRcYDSoJwXCf9mVz1NqzxyEsbQoBJGdgpwq15pYb3Q1Vaw_03Y4gmVA9NeVHgdP3M8hWRekJrkyrjyPktzS7YWcYzY81ObqCTzfVhFEnmFoYEPPPKc5qsqQy4Vqk42babSgPxiO2HXaXCdDTnyXKXIF2i-IKCCmyvF0uxSqute_Vk1xQ-jca6eYeseufXoe-k9TdfOA87WelT0d08_ajOUwkKUDIfdiX7F0ZjPY9Aro0sAKXea0n9zh1PV9jKdl3f-Ye1O8M-ajxPDWR7uH57pFUmiCzfMJlXN-c0ztJUTQ6i1uQ_9Me8M750_6ylH-xWssVaISdUiHoUKmJZI9XyEMgRrv6vpjE1wDChNszjrnaJoZM84CnfNwpbvVjTqgIvOd2qTm-0qqR1Bv-GxGz57lgMtmNn4w2AmbhPKDboVdEDY_MATZIRNDfsyVOt3kfEshZ4rEIITQxW8gF6AQ_H_rHbZIbVvNSyxrR8xqM88-iNdkD34mU5pvSnrxiAHJmNBgziTlC4o93rKbvFsZV1wZsNOqsEDo7Y_oZIfQxPwdAqlmrvnOT5Ji-uNn8BI2--0_YB9mqUeEQeYT2wmqOzaxoqvEep3MFjG1N-uVJJa2cdDUvnzKEzVQn48xEkmflQE8OW6naq0lp5ZqDlEaeUmlbZ98uq3yYaoEU8sah-u50pe7bOLud4OaURreruxUwf45M6vc5h5om8f6RpO_RNiFsAi2cGXEPwD-Wr1AxQMlT3u31g2_Z1iDNcdSIVu3Dgtyuq3j4Y4Qh1GTsuhNZyKyOPimfdwXUceAXQ8k0mchy6tDb8p_yPWxO7NEhJDDmJmfKUzt5jk6YrRqDnOm2Cp5kDUuTvKMQyHztNdFOxGcqH_XnmqV3JUmXH3ns4UYE--qGAaTcNUF7TMKNnKMSsaSbo9o_qGJZhdAKzxTB784okLCxNHRFQihn0sGljHE14ZwMxAdDCVyr6SbuBh-GaGKjoPTBuXpD6Uu7PTs0b2X8t4CcqVApzI3QOEEsMRcwNhg0UfsudeXzswBSzWmPR2Mb-qjFJRccyWYWeLBjgX2uN0NtXeY44Z_NdMZiklNSL__jJuPyMnipQvgK6_tMX0sgKJxQjR0dqsYQZ2EjU6-ReBG1hzgluNhPJcSMeT7ZTqD5jf_suNK8iWVYZ0--F4VdNLEDIdMxij6xVqYvp-6LZH8iqiZ5MSB3ZjtQTiXaFO0ShuhI6Qe8cxRpA_j4vCt7_wAdIe3-_-uNz0LAC4OjmVUHCj9xyoyDSj0dvOEQKB_QLhTPIp1ULDZp5FN-cwmaHPllXMIGS5Zu06T-s1e9ezSLHd3oy_A_40zyHTvb92IeqlHJ45w0sub0EzSky17XZ8nLSEHd5VfiyextljmNyMZGpBTt9tXaYab7YJOLNgggxly987Poy0peWwOyfV5k8yMMrlKT_RWxVyqTk5VNYons70qd8e90tuviyHPzfINH-JJcVCj4CD_0v8lxKTAKoScv5La1-v6q4pin6PqXydCNn4rTUMYIrmQBRIFnQt_GgR94mRzjn3fE8CzeOvjoS3jZxZDNCGlCRYHDZsWGLjQjL5ePxh4BqJEruIKvLIv_5-H8sMq6_b8wsh0WJA7jsKaeTM-J1s40k1LAULnTfhb-oG-WTYBGw3tlqi6AQphDMAKtq1hkSSyDseZWgGR5RdALDF07YswaE9YikyYWUp2GKVBLuFLOUoZ-TKQr_hy4TMfhiSBdLc2vt7ezC8WWgKUBptAJL9FSs3llM9C0HKjGqgwv1yID8FVc5U2-49TQ3XJFSeBSR8dDgrYQn1p3Xcwa3JbcALebsp_vVzZBMSZBIuzrbjiG0WzDJheEwDz3nlp3gKH1fhyJX3J65KCN8Ym8M_w_Vqmu93ZFj6-JAq2wNUwdRNoJyRX6KzZQv-jia10BSq3H0CrH7NYXsOLlGhXTh_jQkhvWkIohtsq6lElTeg5oPQVS77GCtKQ0MM7S9OqCoA9iC_7eZ3dFI3pjHuuMhQUdB0D8-psD5lEe4_CN4wPsFyO0BF83_H1BscBAG1yoSDDLoaAzKkQvS6sr7yikvBj3yBWED7AlDUOJYH6Uty4U-CSLnEJMl14EEzM_611SUDKuJB6i0Nt0mDIu7vPzwH6dzT0YhKp5ahO4qqI0FuQTzogpbPuHMS7rhv0RPWJiOmJV2VMSjihW0zAh1zIl9igdqIO_URkeNVVPdllj_qUSl9SJqqRhOg3ocviyDqhxGbNeACjNiI81NoyDMv2IlqyCBpdg1FIG4avo07zopNskxgP5ojOwE3md8Laj-UXb45HRSeE-O_dwGGB3jw9WSzhqRxFeBmBe_sB-slxAWhandG6nT3fkVHHenzQ7wMUkFGonJKGB9saT4pCKmHvcyI_Fy-An9HY8yBAL3-5yquyIBhZuS1ymB-6SF6ro7XAfwc1H4eq49BkSsfUeFJrtYSMnyUwDsVrQ7yjAz5Y73gsHllhCVu-0CqWf5APXCGs4cLf6qbaRO2eJXcyIqOzPkXdSTxc7nzujqEKrTVS1_yaef1-k7RKfkU3B4q262sma_1SPlehcqsqvShfkaSe_BGHfc4EgkXmjY1pRd6K1hV4dLCTIvbuTc8jrcnML58ATatndA85t46U9HpdMJ7ES1H8f5V29k8Ewe4Apmlf643fwkUqfBmVK7Tdb69eVoQCZfs6xrX2TKJX5-UYpSEv2DWHCVsFk0PxUcQ4yTtP3KPV95NyxVKRTRwjYlqRPctcjbISnK0EYfgZzF9MRzoo6J7T5BH5NWO0h-7opy9RHuSn0ihs8DB0PMTe5siGgUvfGuyDd1VaGxFC4lvgQyqfsMqm4lZ07Gm6OAXYinVEQYR8zHm8mWmW9KKPXHkhcqBJy0oixbzDNcBr0UYJSpKwwCAIqULAoDTE9LeFgZcCl1edXrIsLcM&pr=9%3AAAABh8_1keiyGXo_3byi5DIEkdHICDRWCzE8tw&cid=CAQSGwBygQiDZeEyw0wv5Q5SP3Y80OZ9pvy-Dt-2kxgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAogcGAo5bVFGUkUyanlNHBbr7L2yv-6n3OoBFon74OLnhbTtqgEAHBaf6uW5g6Oyj7QBFtv6we7cp7GB_wEAFozB7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFvK0qqzSz6OHxAEWpf6toe7eot7OAQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFvrZpIAEGAk0NjkzNjU4MzcWisYBFowBJQQWRhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehT4AxTaBAAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUNUanJiQVplbFhWS19lRWtVRlNUZW1ZcnRMMl81NlJjSDFGT0h0NzVuamJOTG5qYWFjb2w4cUg1cUowUDlCSUNxMmFLUVF6T0tWQV9VWU5EYTBHUUZHWkVjNWo3MTFrZDFGZXB1RENqVFBTZjdMQ1ZVJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8905270053501222000&adk=2372091703&idt=62&cac=0&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f74e5e060bc6b61fd7b3fa01f48a375f4343ac3d8c0e6d383108ed850cbd9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:10:38 GMT
x-content-type-options
nosniff
age
58157
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10621
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 14:53:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 10:10:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame 766C 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Avqlr4uE4x-cPZ_ow6T85JzE2dLmPY1AXTXwTu0O0cB8veytRvj45Odhb7fV67zJ--e3ydB9NohgrbMHev0AwSdv-olQ3wGPXr3l9QQTqw5blK4O60qwi_Jq1mf_SCyISa_nRgnkGM46iOu1zEAmb6qDVMbLX0B1pWtrGpFtMjqliSXdI&dbm_d=AKAmf-A4xhNZO3zHrZfZ_StV6_Y2aAlVoGh_c8Ggl7SIA-pnILtah0YYvSHOHFswqg_DU8_N1RFn3TBTHECKVFIkklWhU0NQUWvk_cPm1GfVTmPo9rqcRyrIrUr71UUynL20ADwrR60Jy_kW9s03ms27X0C4tuz4BBGZb8fJwlQFN_oCY7QXpC1PE6X594K_4pHOKUq7TkrsLDdMZcPVhPhpzRNEbsiytlDq38DIPhakzyF6Of-iMMqLdktHsORnQCIr0zxOzjCyapJ5nzYFqjmv9JPQrnrCwyc9mP1hbwQ5hEDAFE68fFt6aFJvDxlBgJ-AxAfKxyi_IqHLwz8MmPoAkbA_ZJCsM8BlrEI_Fc1rXjKQY_t1wACXtQgowZhC3I5HQyNOdQwD2xXIifmmYzxZpCBrcK4CxW4frm0ZCE8IZMYtUr66WINkf1yR51DiuH7AJbPU3ydzQPQ06MyRcYDSoJwXCf9mVz1NqzxyEsbQoBJGdgpwq15pYb3Q1Vaw_03Y4gmVA9NeVHgdP3M8hWRekJrkyrjyPktzS7YWcYzY81ObqCTzfVhFEnmFoYEPPPKc5qsqQy4Vqk42babSgPxiO2HXaXCdDTnyXKXIF2i-IKCCmyvF0uxSqute_Vk1xQ-jca6eYeseufXoe-k9TdfOA87WelT0d08_ajOUwkKUDIfdiX7F0ZjPY9Aro0sAKXea0n9zh1PV9jKdl3f-Ye1O8M-ajxPDWR7uH57pFUmiCzfMJlXN-c0ztJUTQ6i1uQ_9Me8M750_6ylH-xWssVaISdUiHoUKmJZI9XyEMgRrv6vpjE1wDChNszjrnaJoZM84CnfNwpbvVjTqgIvOd2qTm-0qqR1Bv-GxGz57lgMtmNn4w2AmbhPKDboVdEDY_MATZIRNDfsyVOt3kfEshZ4rEIITQxW8gF6AQ_H_rHbZIbVvNSyxrR8xqM88-iNdkD34mU5pvSnrxiAHJmNBgziTlC4o93rKbvFsZV1wZsNOqsEDo7Y_oZIfQxPwdAqlmrvnOT5Ji-uNn8BI2--0_YB9mqUeEQeYT2wmqOzaxoqvEep3MFjG1N-uVJJa2cdDUvnzKEzVQn48xEkmflQE8OW6naq0lp5ZqDlEaeUmlbZ98uq3yYaoEU8sah-u50pe7bOLud4OaURreruxUwf45M6vc5h5om8f6RpO_RNiFsAi2cGXEPwD-Wr1AxQMlT3u31g2_Z1iDNcdSIVu3Dgtyuq3j4Y4Qh1GTsuhNZyKyOPimfdwXUceAXQ8k0mchy6tDb8p_yPWxO7NEhJDDmJmfKUzt5jk6YrRqDnOm2Cp5kDUuTvKMQyHztNdFOxGcqH_XnmqV3JUmXH3ns4UYE--qGAaTcNUF7TMKNnKMSsaSbo9o_qGJZhdAKzxTB784okLCxNHRFQihn0sGljHE14ZwMxAdDCVyr6SbuBh-GaGKjoPTBuXpD6Uu7PTs0b2X8t4CcqVApzI3QOEEsMRcwNhg0UfsudeXzswBSzWmPR2Mb-qjFJRccyWYWeLBjgX2uN0NtXeY44Z_NdMZiklNSL__jJuPyMnipQvgK6_tMX0sgKJxQjR0dqsYQZ2EjU6-ReBG1hzgluNhPJcSMeT7ZTqD5jf_suNK8iWVYZ0--F4VdNLEDIdMxij6xVqYvp-6LZH8iqiZ5MSB3ZjtQTiXaFO0ShuhI6Qe8cxRpA_j4vCt7_wAdIe3-_-uNz0LAC4OjmVUHCj9xyoyDSj0dvOEQKB_QLhTPIp1ULDZp5FN-cwmaHPllXMIGS5Zu06T-s1e9ezSLHd3oy_A_40zyHTvb92IeqlHJ45w0sub0EzSky17XZ8nLSEHd5VfiyextljmNyMZGpBTt9tXaYab7YJOLNgggxly987Poy0peWwOyfV5k8yMMrlKT_RWxVyqTk5VNYons70qd8e90tuviyHPzfINH-JJcVCj4CD_0v8lxKTAKoScv5La1-v6q4pin6PqXydCNn4rTUMYIrmQBRIFnQt_GgR94mRzjn3fE8CzeOvjoS3jZxZDNCGlCRYHDZsWGLjQjL5ePxh4BqJEruIKvLIv_5-H8sMq6_b8wsh0WJA7jsKaeTM-J1s40k1LAULnTfhb-oG-WTYBGw3tlqi6AQphDMAKtq1hkSSyDseZWgGR5RdALDF07YswaE9YikyYWUp2GKVBLuFLOUoZ-TKQr_hy4TMfhiSBdLc2vt7ezC8WWgKUBptAJL9FSs3llM9C0HKjGqgwv1yID8FVc5U2-49TQ3XJFSeBSR8dDgrYQn1p3Xcwa3JbcALebsp_vVzZBMSZBIuzrbjiG0WzDJheEwDz3nlp3gKH1fhyJX3J65KCN8Ym8M_w_Vqmu93ZFj6-JAq2wNUwdRNoJyRX6KzZQv-jia10BSq3H0CrH7NYXsOLlGhXTh_jQkhvWkIohtsq6lElTeg5oPQVS77GCtKQ0MM7S9OqCoA9iC_7eZ3dFI3pjHuuMhQUdB0D8-psD5lEe4_CN4wPsFyO0BF83_H1BscBAG1yoSDDLoaAzKkQvS6sr7yikvBj3yBWED7AlDUOJYH6Uty4U-CSLnEJMl14EEzM_611SUDKuJB6i0Nt0mDIu7vPzwH6dzT0YhKp5ahO4qqI0FuQTzogpbPuHMS7rhv0RPWJiOmJV2VMSjihW0zAh1zIl9igdqIO_URkeNVVPdllj_qUSl9SJqqRhOg3ocviyDqhxGbNeACjNiI81NoyDMv2IlqyCBpdg1FIG4avo07zopNskxgP5ojOwE3md8Laj-UXb45HRSeE-O_dwGGB3jw9WSzhqRxFeBmBe_sB-slxAWhandG6nT3fkVHHenzQ7wMUkFGonJKGB9saT4pCKmHvcyI_Fy-An9HY8yBAL3-5yquyIBhZuS1ymB-6SF6ro7XAfwc1H4eq49BkSsfUeFJrtYSMnyUwDsVrQ7yjAz5Y73gsHllhCVu-0CqWf5APXCGs4cLf6qbaRO2eJXcyIqOzPkXdSTxc7nzujqEKrTVS1_yaef1-k7RKfkU3B4q262sma_1SPlehcqsqvShfkaSe_BGHfc4EgkXmjY1pRd6K1hV4dLCTIvbuTc8jrcnML58ATatndA85t46U9HpdMJ7ES1H8f5V29k8Ewe4Apmlf643fwkUqfBmVK7Tdb69eVoQCZfs6xrX2TKJX5-UYpSEv2DWHCVsFk0PxUcQ4yTtP3KPV95NyxVKRTRwjYlqRPctcjbISnK0EYfgZzF9MRzoo6J7T5BH5NWO0h-7opy9RHuSn0ihs8DB0PMTe5siGgUvfGuyDd1VaGxFC4lvgQyqfsMqm4lZ07Gm6OAXYinVEQYR8zHm8mWmW9KKPXHkhcqBJy0oixbzDNcBr0UYJSpKwwCAIqULAoDTE9LeFgZcCl1edXrIsLcM&pr=9%3AAAABh8_1keiyGXo_3byi5DIEkdHICDRWCzE8tw&cid=CAQSGwBygQiDZeEyw0wv5Q5SP3Y80OZ9pvy-Dt-2kxgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAogcGAo5bVFGUkUyanlNHBbr7L2yv-6n3OoBFon74OLnhbTtqgEAHBaf6uW5g6Oyj7QBFtv6we7cp7GB_wEAFozB7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFvK0qqzSz6OHxAEWpf6toe7eot7OAQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFvrZpIAEGAk0NjkzNjU4MzcWisYBFowBJQQWRhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehT4AxTaBAAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUNUanJiQVplbFhWS19lRWtVRlNUZW1ZcnRMMl81NlJjSDFGT0h0NzVuamJOTG5qYWFjb2w4cUg1cUowUDlCSUNxMmFLUVF6T0tWQV9VWU5EYTBHUUZHWkVjNWo3MTFrZDFGZXB1RENqVFBTZjdMQ1ZVJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8905270053501222000&adk=2372091703&idt=62&cac=0&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
22493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 766C 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Avqlr4uE4x-cPZ_ow6T85JzE2dLmPY1AXTXwTu0O0cB8veytRvj45Odhb7fV67zJ--e3ydB9NohgrbMHev0AwSdv-olQ3wGPXr3l9QQTqw5blK4O60qwi_Jq1mf_SCyISa_nRgnkGM46iOu1zEAmb6qDVMbLX0B1pWtrGpFtMjqliSXdI&dbm_d=AKAmf-A4xhNZO3zHrZfZ_StV6_Y2aAlVoGh_c8Ggl7SIA-pnILtah0YYvSHOHFswqg_DU8_N1RFn3TBTHECKVFIkklWhU0NQUWvk_cPm1GfVTmPo9rqcRyrIrUr71UUynL20ADwrR60Jy_kW9s03ms27X0C4tuz4BBGZb8fJwlQFN_oCY7QXpC1PE6X594K_4pHOKUq7TkrsLDdMZcPVhPhpzRNEbsiytlDq38DIPhakzyF6Of-iMMqLdktHsORnQCIr0zxOzjCyapJ5nzYFqjmv9JPQrnrCwyc9mP1hbwQ5hEDAFE68fFt6aFJvDxlBgJ-AxAfKxyi_IqHLwz8MmPoAkbA_ZJCsM8BlrEI_Fc1rXjKQY_t1wACXtQgowZhC3I5HQyNOdQwD2xXIifmmYzxZpCBrcK4CxW4frm0ZCE8IZMYtUr66WINkf1yR51DiuH7AJbPU3ydzQPQ06MyRcYDSoJwXCf9mVz1NqzxyEsbQoBJGdgpwq15pYb3Q1Vaw_03Y4gmVA9NeVHgdP3M8hWRekJrkyrjyPktzS7YWcYzY81ObqCTzfVhFEnmFoYEPPPKc5qsqQy4Vqk42babSgPxiO2HXaXCdDTnyXKXIF2i-IKCCmyvF0uxSqute_Vk1xQ-jca6eYeseufXoe-k9TdfOA87WelT0d08_ajOUwkKUDIfdiX7F0ZjPY9Aro0sAKXea0n9zh1PV9jKdl3f-Ye1O8M-ajxPDWR7uH57pFUmiCzfMJlXN-c0ztJUTQ6i1uQ_9Me8M750_6ylH-xWssVaISdUiHoUKmJZI9XyEMgRrv6vpjE1wDChNszjrnaJoZM84CnfNwpbvVjTqgIvOd2qTm-0qqR1Bv-GxGz57lgMtmNn4w2AmbhPKDboVdEDY_MATZIRNDfsyVOt3kfEshZ4rEIITQxW8gF6AQ_H_rHbZIbVvNSyxrR8xqM88-iNdkD34mU5pvSnrxiAHJmNBgziTlC4o93rKbvFsZV1wZsNOqsEDo7Y_oZIfQxPwdAqlmrvnOT5Ji-uNn8BI2--0_YB9mqUeEQeYT2wmqOzaxoqvEep3MFjG1N-uVJJa2cdDUvnzKEzVQn48xEkmflQE8OW6naq0lp5ZqDlEaeUmlbZ98uq3yYaoEU8sah-u50pe7bOLud4OaURreruxUwf45M6vc5h5om8f6RpO_RNiFsAi2cGXEPwD-Wr1AxQMlT3u31g2_Z1iDNcdSIVu3Dgtyuq3j4Y4Qh1GTsuhNZyKyOPimfdwXUceAXQ8k0mchy6tDb8p_yPWxO7NEhJDDmJmfKUzt5jk6YrRqDnOm2Cp5kDUuTvKMQyHztNdFOxGcqH_XnmqV3JUmXH3ns4UYE--qGAaTcNUF7TMKNnKMSsaSbo9o_qGJZhdAKzxTB784okLCxNHRFQihn0sGljHE14ZwMxAdDCVyr6SbuBh-GaGKjoPTBuXpD6Uu7PTs0b2X8t4CcqVApzI3QOEEsMRcwNhg0UfsudeXzswBSzWmPR2Mb-qjFJRccyWYWeLBjgX2uN0NtXeY44Z_NdMZiklNSL__jJuPyMnipQvgK6_tMX0sgKJxQjR0dqsYQZ2EjU6-ReBG1hzgluNhPJcSMeT7ZTqD5jf_suNK8iWVYZ0--F4VdNLEDIdMxij6xVqYvp-6LZH8iqiZ5MSB3ZjtQTiXaFO0ShuhI6Qe8cxRpA_j4vCt7_wAdIe3-_-uNz0LAC4OjmVUHCj9xyoyDSj0dvOEQKB_QLhTPIp1ULDZp5FN-cwmaHPllXMIGS5Zu06T-s1e9ezSLHd3oy_A_40zyHTvb92IeqlHJ45w0sub0EzSky17XZ8nLSEHd5VfiyextljmNyMZGpBTt9tXaYab7YJOLNgggxly987Poy0peWwOyfV5k8yMMrlKT_RWxVyqTk5VNYons70qd8e90tuviyHPzfINH-JJcVCj4CD_0v8lxKTAKoScv5La1-v6q4pin6PqXydCNn4rTUMYIrmQBRIFnQt_GgR94mRzjn3fE8CzeOvjoS3jZxZDNCGlCRYHDZsWGLjQjL5ePxh4BqJEruIKvLIv_5-H8sMq6_b8wsh0WJA7jsKaeTM-J1s40k1LAULnTfhb-oG-WTYBGw3tlqi6AQphDMAKtq1hkSSyDseZWgGR5RdALDF07YswaE9YikyYWUp2GKVBLuFLOUoZ-TKQr_hy4TMfhiSBdLc2vt7ezC8WWgKUBptAJL9FSs3llM9C0HKjGqgwv1yID8FVc5U2-49TQ3XJFSeBSR8dDgrYQn1p3Xcwa3JbcALebsp_vVzZBMSZBIuzrbjiG0WzDJheEwDz3nlp3gKH1fhyJX3J65KCN8Ym8M_w_Vqmu93ZFj6-JAq2wNUwdRNoJyRX6KzZQv-jia10BSq3H0CrH7NYXsOLlGhXTh_jQkhvWkIohtsq6lElTeg5oPQVS77GCtKQ0MM7S9OqCoA9iC_7eZ3dFI3pjHuuMhQUdB0D8-psD5lEe4_CN4wPsFyO0BF83_H1BscBAG1yoSDDLoaAzKkQvS6sr7yikvBj3yBWED7AlDUOJYH6Uty4U-CSLnEJMl14EEzM_611SUDKuJB6i0Nt0mDIu7vPzwH6dzT0YhKp5ahO4qqI0FuQTzogpbPuHMS7rhv0RPWJiOmJV2VMSjihW0zAh1zIl9igdqIO_URkeNVVPdllj_qUSl9SJqqRhOg3ocviyDqhxGbNeACjNiI81NoyDMv2IlqyCBpdg1FIG4avo07zopNskxgP5ojOwE3md8Laj-UXb45HRSeE-O_dwGGB3jw9WSzhqRxFeBmBe_sB-slxAWhandG6nT3fkVHHenzQ7wMUkFGonJKGB9saT4pCKmHvcyI_Fy-An9HY8yBAL3-5yquyIBhZuS1ymB-6SF6ro7XAfwc1H4eq49BkSsfUeFJrtYSMnyUwDsVrQ7yjAz5Y73gsHllhCVu-0CqWf5APXCGs4cLf6qbaRO2eJXcyIqOzPkXdSTxc7nzujqEKrTVS1_yaef1-k7RKfkU3B4q262sma_1SPlehcqsqvShfkaSe_BGHfc4EgkXmjY1pRd6K1hV4dLCTIvbuTc8jrcnML58ATatndA85t46U9HpdMJ7ES1H8f5V29k8Ewe4Apmlf643fwkUqfBmVK7Tdb69eVoQCZfs6xrX2TKJX5-UYpSEv2DWHCVsFk0PxUcQ4yTtP3KPV95NyxVKRTRwjYlqRPctcjbISnK0EYfgZzF9MRzoo6J7T5BH5NWO0h-7opy9RHuSn0ihs8DB0PMTe5siGgUvfGuyDd1VaGxFC4lvgQyqfsMqm4lZ07Gm6OAXYinVEQYR8zHm8mWmW9KKPXHkhcqBJy0oixbzDNcBr0UYJSpKwwCAIqULAoDTE9LeFgZcCl1edXrIsLcM&pr=9%3AAAABh8_1keiyGXo_3byi5DIEkdHICDRWCzE8tw&cid=CAQSGwBygQiDZeEyw0wv5Q5SP3Y80OZ9pvy-Dt-2kxgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAogcGAo5bVFGUkUyanlNHBbr7L2yv-6n3OoBFon74OLnhbTtqgEAHBaf6uW5g6Oyj7QBFtv6we7cp7GB_wEAFozB7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFvK0qqzSz6OHxAEWpf6toe7eot7OAQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFvrZpIAEGAk0NjkzNjU4MzcWisYBFowBJQQWRhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehT4AxTaBAAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUNUanJiQVplbFhWS19lRWtVRlNUZW1ZcnRMMl81NlJjSDFGT0h0NzVuamJOTG5qYWFjb2w4cUg1cUowUDlCSUNxMmFLUVF6T0tWQV9VWU5EYTBHUUZHWkVjNWo3MTFrZDFGZXB1RENqVFBTZjdMQ1ZVJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8905270053501222000&adk=2372091703&idt=62&cac=0&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame 766C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Avqlr4uE4x-cPZ_ow6T85JzE2dLmPY1AXTXwTu0O0cB8veytRvj45Odhb7fV67zJ--e3ydB9NohgrbMHev0AwSdv-olQ3wGPXr3l9QQTqw5blK4O60qwi_Jq1mf_SCyISa_nRgnkGM46iOu1zEAmb6qDVMbLX0B1pWtrGpFtMjqliSXdI&dbm_d=AKAmf-A4xhNZO3zHrZfZ_StV6_Y2aAlVoGh_c8Ggl7SIA-pnILtah0YYvSHOHFswqg_DU8_N1RFn3TBTHECKVFIkklWhU0NQUWvk_cPm1GfVTmPo9rqcRyrIrUr71UUynL20ADwrR60Jy_kW9s03ms27X0C4tuz4BBGZb8fJwlQFN_oCY7QXpC1PE6X594K_4pHOKUq7TkrsLDdMZcPVhPhpzRNEbsiytlDq38DIPhakzyF6Of-iMMqLdktHsORnQCIr0zxOzjCyapJ5nzYFqjmv9JPQrnrCwyc9mP1hbwQ5hEDAFE68fFt6aFJvDxlBgJ-AxAfKxyi_IqHLwz8MmPoAkbA_ZJCsM8BlrEI_Fc1rXjKQY_t1wACXtQgowZhC3I5HQyNOdQwD2xXIifmmYzxZpCBrcK4CxW4frm0ZCE8IZMYtUr66WINkf1yR51DiuH7AJbPU3ydzQPQ06MyRcYDSoJwXCf9mVz1NqzxyEsbQoBJGdgpwq15pYb3Q1Vaw_03Y4gmVA9NeVHgdP3M8hWRekJrkyrjyPktzS7YWcYzY81ObqCTzfVhFEnmFoYEPPPKc5qsqQy4Vqk42babSgPxiO2HXaXCdDTnyXKXIF2i-IKCCmyvF0uxSqute_Vk1xQ-jca6eYeseufXoe-k9TdfOA87WelT0d08_ajOUwkKUDIfdiX7F0ZjPY9Aro0sAKXea0n9zh1PV9jKdl3f-Ye1O8M-ajxPDWR7uH57pFUmiCzfMJlXN-c0ztJUTQ6i1uQ_9Me8M750_6ylH-xWssVaISdUiHoUKmJZI9XyEMgRrv6vpjE1wDChNszjrnaJoZM84CnfNwpbvVjTqgIvOd2qTm-0qqR1Bv-GxGz57lgMtmNn4w2AmbhPKDboVdEDY_MATZIRNDfsyVOt3kfEshZ4rEIITQxW8gF6AQ_H_rHbZIbVvNSyxrR8xqM88-iNdkD34mU5pvSnrxiAHJmNBgziTlC4o93rKbvFsZV1wZsNOqsEDo7Y_oZIfQxPwdAqlmrvnOT5Ji-uNn8BI2--0_YB9mqUeEQeYT2wmqOzaxoqvEep3MFjG1N-uVJJa2cdDUvnzKEzVQn48xEkmflQE8OW6naq0lp5ZqDlEaeUmlbZ98uq3yYaoEU8sah-u50pe7bOLud4OaURreruxUwf45M6vc5h5om8f6RpO_RNiFsAi2cGXEPwD-Wr1AxQMlT3u31g2_Z1iDNcdSIVu3Dgtyuq3j4Y4Qh1GTsuhNZyKyOPimfdwXUceAXQ8k0mchy6tDb8p_yPWxO7NEhJDDmJmfKUzt5jk6YrRqDnOm2Cp5kDUuTvKMQyHztNdFOxGcqH_XnmqV3JUmXH3ns4UYE--qGAaTcNUF7TMKNnKMSsaSbo9o_qGJZhdAKzxTB784okLCxNHRFQihn0sGljHE14ZwMxAdDCVyr6SbuBh-GaGKjoPTBuXpD6Uu7PTs0b2X8t4CcqVApzI3QOEEsMRcwNhg0UfsudeXzswBSzWmPR2Mb-qjFJRccyWYWeLBjgX2uN0NtXeY44Z_NdMZiklNSL__jJuPyMnipQvgK6_tMX0sgKJxQjR0dqsYQZ2EjU6-ReBG1hzgluNhPJcSMeT7ZTqD5jf_suNK8iWVYZ0--F4VdNLEDIdMxij6xVqYvp-6LZH8iqiZ5MSB3ZjtQTiXaFO0ShuhI6Qe8cxRpA_j4vCt7_wAdIe3-_-uNz0LAC4OjmVUHCj9xyoyDSj0dvOEQKB_QLhTPIp1ULDZp5FN-cwmaHPllXMIGS5Zu06T-s1e9ezSLHd3oy_A_40zyHTvb92IeqlHJ45w0sub0EzSky17XZ8nLSEHd5VfiyextljmNyMZGpBTt9tXaYab7YJOLNgggxly987Poy0peWwOyfV5k8yMMrlKT_RWxVyqTk5VNYons70qd8e90tuviyHPzfINH-JJcVCj4CD_0v8lxKTAKoScv5La1-v6q4pin6PqXydCNn4rTUMYIrmQBRIFnQt_GgR94mRzjn3fE8CzeOvjoS3jZxZDNCGlCRYHDZsWGLjQjL5ePxh4BqJEruIKvLIv_5-H8sMq6_b8wsh0WJA7jsKaeTM-J1s40k1LAULnTfhb-oG-WTYBGw3tlqi6AQphDMAKtq1hkSSyDseZWgGR5RdALDF07YswaE9YikyYWUp2GKVBLuFLOUoZ-TKQr_hy4TMfhiSBdLc2vt7ezC8WWgKUBptAJL9FSs3llM9C0HKjGqgwv1yID8FVc5U2-49TQ3XJFSeBSR8dDgrYQn1p3Xcwa3JbcALebsp_vVzZBMSZBIuzrbjiG0WzDJheEwDz3nlp3gKH1fhyJX3J65KCN8Ym8M_w_Vqmu93ZFj6-JAq2wNUwdRNoJyRX6KzZQv-jia10BSq3H0CrH7NYXsOLlGhXTh_jQkhvWkIohtsq6lElTeg5oPQVS77GCtKQ0MM7S9OqCoA9iC_7eZ3dFI3pjHuuMhQUdB0D8-psD5lEe4_CN4wPsFyO0BF83_H1BscBAG1yoSDDLoaAzKkQvS6sr7yikvBj3yBWED7AlDUOJYH6Uty4U-CSLnEJMl14EEzM_611SUDKuJB6i0Nt0mDIu7vPzwH6dzT0YhKp5ahO4qqI0FuQTzogpbPuHMS7rhv0RPWJiOmJV2VMSjihW0zAh1zIl9igdqIO_URkeNVVPdllj_qUSl9SJqqRhOg3ocviyDqhxGbNeACjNiI81NoyDMv2IlqyCBpdg1FIG4avo07zopNskxgP5ojOwE3md8Laj-UXb45HRSeE-O_dwGGB3jw9WSzhqRxFeBmBe_sB-slxAWhandG6nT3fkVHHenzQ7wMUkFGonJKGB9saT4pCKmHvcyI_Fy-An9HY8yBAL3-5yquyIBhZuS1ymB-6SF6ro7XAfwc1H4eq49BkSsfUeFJrtYSMnyUwDsVrQ7yjAz5Y73gsHllhCVu-0CqWf5APXCGs4cLf6qbaRO2eJXcyIqOzPkXdSTxc7nzujqEKrTVS1_yaef1-k7RKfkU3B4q262sma_1SPlehcqsqvShfkaSe_BGHfc4EgkXmjY1pRd6K1hV4dLCTIvbuTc8jrcnML58ATatndA85t46U9HpdMJ7ES1H8f5V29k8Ewe4Apmlf643fwkUqfBmVK7Tdb69eVoQCZfs6xrX2TKJX5-UYpSEv2DWHCVsFk0PxUcQ4yTtP3KPV95NyxVKRTRwjYlqRPctcjbISnK0EYfgZzF9MRzoo6J7T5BH5NWO0h-7opy9RHuSn0ihs8DB0PMTe5siGgUvfGuyDd1VaGxFC4lvgQyqfsMqm4lZ07Gm6OAXYinVEQYR8zHm8mWmW9KKPXHkhcqBJy0oixbzDNcBr0UYJSpKwwCAIqULAoDTE9LeFgZcCl1edXrIsLcM&pr=9%3AAAABh8_1keiyGXo_3byi5DIEkdHICDRWCzE8tw&cid=CAQSGwBygQiDZeEyw0wv5Q5SP3Y80OZ9pvy-Dt-2kxgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAogcGAo5bVFGUkUyanlNHBbr7L2yv-6n3OoBFon74OLnhbTtqgEAHBaf6uW5g6Oyj7QBFtv6we7cp7GB_wEAFozB7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFvK0qqzSz6OHxAEWpf6toe7eot7OAQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFvrZpIAEGAk0NjkzNjU4MzcWisYBFowBJQQWRhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehT4AxTaBAAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUNUanJiQVplbFhWS19lRWtVRlNUZW1ZcnRMMl81NlJjSDFGT0h0NzVuamJOTG5qYWFjb2w4cUg1cUowUDlCSUNxMmFLUVF6T0tWQV9VWU5EYTBHUUZHWkVjNWo3MTFrZDFGZXB1RENqVFBTZjdMQ1ZVJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8905270053501222000&adk=2372091703&idt=62&cac=0&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
22494
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 766C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuait9ixFzLlgsKUwZ1EX8tBdZfAXejw-VCrnquAUBsaR_M8eICLW7suicEkcdoPBhJ-5UNiSDwGUIhhQGRJht-pDiPm2Ot-oVIfzPvz6DWw3Kz33Fo_aYGhFcBp1yFujPQrFyOHH7FtNr7-4joe6SGWqDmX2heoalsEz2nxcpqjEAiuaujF4kc2lNN-nTukZr2MTpNmIu1gQzzgVK4Q8v4hRN_Cu56TI-PDYaflrFR5Qybyx1dnuAJ14dnZbatg9evTBNoX_WaIvAOkMrUNz8nBoaTaaNEnP1CsGfdBlgz1iL3aJ0XmCfLRnEFl_Im7aP9FdoIQnvXz1bpIW2a2C5mfymlCgExnS1DTc8gdR-HdpU52S4synGo9EZt0sh2GVv3rIk43r-NEpBanC8eyC4lMun63XdPJctQtEwvbvefOSs8OkYOTqQoQW7sTfszXluaKy2xlsEchO_9gHA_6KhMB8IuwXyjgRT0Q7GoOs_AAtiJ2m1U9gq32v1cjzFh1xkSfiQkWhB0NCyk_JWFApdOFVzI3SQniFwhwLqqjvs8HculSn8H6LdNjTBbkAF3G-mbHT4A7TrDOLvElFwqRWy5-u2ONKRIMnc4lvr5T_eBP-T2OYvH8ViC9qjSiB0ffI81C3sq_uhwuhclDuVAuacMHbDyveU9riC-iVIMAsH6Lb42C-1KCO4_sTWoTpaPbFxLivO7ZA-QbpJbWtYjNAW00FXOMILWhgQ-9foenq1kxH9lZBsqr-YeoTKFS49rFE1LxdD0UVmZkmzvgiQWFsFHBSniqbih4ZlFSGfHO_bastbL4UxER0wjFzDipa_23AZN6efZw6xcQCq6WmqS9GX-KQ-00q54MYpD-DzKGswLvtgGKmqI165LiFv7VtjloJZTO58BcmXNw5Qe-kH7kM3DQv3bXdCHOc5O_aplVG2oB5YTVMro5mXA3s2kK3t3uvOli1johMlQPxqNnrcBzf4ybnMDKtScYLGctZhn3CIV29PF-OKS7FVJk6BLy8lEZFxwn1mn38-cVadBshYT438Z-d4DCAf8BE5l9HC24Gn0wIW9MbHzlipkLApD-vLWz39xFwe3ZGFxXFYUiDfruuqhv1Uz9J6_CUSOOWmxZsGL0JL7yyXJoij7S1j91UD-wfuYEAwpqbSmM-ipmdyl4PtXN08M-3xQALhjoVSLDmIAMHh-YRBdnD7MRBfjHcOdy5M&sai=AMfl-YQD-InVPzRjc7ryqrEcdXvmBCa_FhGTApsCB9GbmYBJw2FOXwzInTbDs__3UC1rcXu8egmjfZSWc-AyY3-rK5G7PbS6UzIhnJaLFSM3B0070WX50ETRY9-7ZSixVXsr9tU4oxHBhbFEqsR2QZZpi7cNGbANO4si4aAI5SHB2CLkoBYb2wQ&sig=Cg0ArKJSzCy2ss9BSFPPEAE&uach_m=[UACH]&pr=9:AAABh8_1keiyGXo_3byi5DIEkdHICDRWCzE8tw&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230426.99706&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Avqlr4uE4x-cPZ_ow6T85JzE2dLmPY1AXTXwTu0O0cB8veytRvj45Odhb7fV67zJ--e3ydB9NohgrbMHev0AwSdv-olQ3wGPXr3l9QQTqw5blK4O60qwi_Jq1mf_SCyISa_nRgnkGM46iOu1zEAmb6qDVMbLX0B1pWtrGpFtMjqliSXdI&dbm_d=AKAmf-A4xhNZO3zHrZfZ_StV6_Y2aAlVoGh_c8Ggl7SIA-pnILtah0YYvSHOHFswqg_DU8_N1RFn3TBTHECKVFIkklWhU0NQUWvk_cPm1GfVTmPo9rqcRyrIrUr71UUynL20ADwrR60Jy_kW9s03ms27X0C4tuz4BBGZb8fJwlQFN_oCY7QXpC1PE6X594K_4pHOKUq7TkrsLDdMZcPVhPhpzRNEbsiytlDq38DIPhakzyF6Of-iMMqLdktHsORnQCIr0zxOzjCyapJ5nzYFqjmv9JPQrnrCwyc9mP1hbwQ5hEDAFE68fFt6aFJvDxlBgJ-AxAfKxyi_IqHLwz8MmPoAkbA_ZJCsM8BlrEI_Fc1rXjKQY_t1wACXtQgowZhC3I5HQyNOdQwD2xXIifmmYzxZpCBrcK4CxW4frm0ZCE8IZMYtUr66WINkf1yR51DiuH7AJbPU3ydzQPQ06MyRcYDSoJwXCf9mVz1NqzxyEsbQoBJGdgpwq15pYb3Q1Vaw_03Y4gmVA9NeVHgdP3M8hWRekJrkyrjyPktzS7YWcYzY81ObqCTzfVhFEnmFoYEPPPKc5qsqQy4Vqk42babSgPxiO2HXaXCdDTnyXKXIF2i-IKCCmyvF0uxSqute_Vk1xQ-jca6eYeseufXoe-k9TdfOA87WelT0d08_ajOUwkKUDIfdiX7F0ZjPY9Aro0sAKXea0n9zh1PV9jKdl3f-Ye1O8M-ajxPDWR7uH57pFUmiCzfMJlXN-c0ztJUTQ6i1uQ_9Me8M750_6ylH-xWssVaISdUiHoUKmJZI9XyEMgRrv6vpjE1wDChNszjrnaJoZM84CnfNwpbvVjTqgIvOd2qTm-0qqR1Bv-GxGz57lgMtmNn4w2AmbhPKDboVdEDY_MATZIRNDfsyVOt3kfEshZ4rEIITQxW8gF6AQ_H_rHbZIbVvNSyxrR8xqM88-iNdkD34mU5pvSnrxiAHJmNBgziTlC4o93rKbvFsZV1wZsNOqsEDo7Y_oZIfQxPwdAqlmrvnOT5Ji-uNn8BI2--0_YB9mqUeEQeYT2wmqOzaxoqvEep3MFjG1N-uVJJa2cdDUvnzKEzVQn48xEkmflQE8OW6naq0lp5ZqDlEaeUmlbZ98uq3yYaoEU8sah-u50pe7bOLud4OaURreruxUwf45M6vc5h5om8f6RpO_RNiFsAi2cGXEPwD-Wr1AxQMlT3u31g2_Z1iDNcdSIVu3Dgtyuq3j4Y4Qh1GTsuhNZyKyOPimfdwXUceAXQ8k0mchy6tDb8p_yPWxO7NEhJDDmJmfKUzt5jk6YrRqDnOm2Cp5kDUuTvKMQyHztNdFOxGcqH_XnmqV3JUmXH3ns4UYE--qGAaTcNUF7TMKNnKMSsaSbo9o_qGJZhdAKzxTB784okLCxNHRFQihn0sGljHE14ZwMxAdDCVyr6SbuBh-GaGKjoPTBuXpD6Uu7PTs0b2X8t4CcqVApzI3QOEEsMRcwNhg0UfsudeXzswBSzWmPR2Mb-qjFJRccyWYWeLBjgX2uN0NtXeY44Z_NdMZiklNSL__jJuPyMnipQvgK6_tMX0sgKJxQjR0dqsYQZ2EjU6-ReBG1hzgluNhPJcSMeT7ZTqD5jf_suNK8iWVYZ0--F4VdNLEDIdMxij6xVqYvp-6LZH8iqiZ5MSB3ZjtQTiXaFO0ShuhI6Qe8cxRpA_j4vCt7_wAdIe3-_-uNz0LAC4OjmVUHCj9xyoyDSj0dvOEQKB_QLhTPIp1ULDZp5FN-cwmaHPllXMIGS5Zu06T-s1e9ezSLHd3oy_A_40zyHTvb92IeqlHJ45w0sub0EzSky17XZ8nLSEHd5VfiyextljmNyMZGpBTt9tXaYab7YJOLNgggxly987Poy0peWwOyfV5k8yMMrlKT_RWxVyqTk5VNYons70qd8e90tuviyHPzfINH-JJcVCj4CD_0v8lxKTAKoScv5La1-v6q4pin6PqXydCNn4rTUMYIrmQBRIFnQt_GgR94mRzjn3fE8CzeOvjoS3jZxZDNCGlCRYHDZsWGLjQjL5ePxh4BqJEruIKvLIv_5-H8sMq6_b8wsh0WJA7jsKaeTM-J1s40k1LAULnTfhb-oG-WTYBGw3tlqi6AQphDMAKtq1hkSSyDseZWgGR5RdALDF07YswaE9YikyYWUp2GKVBLuFLOUoZ-TKQr_hy4TMfhiSBdLc2vt7ezC8WWgKUBptAJL9FSs3llM9C0HKjGqgwv1yID8FVc5U2-49TQ3XJFSeBSR8dDgrYQn1p3Xcwa3JbcALebsp_vVzZBMSZBIuzrbjiG0WzDJheEwDz3nlp3gKH1fhyJX3J65KCN8Ym8M_w_Vqmu93ZFj6-JAq2wNUwdRNoJyRX6KzZQv-jia10BSq3H0CrH7NYXsOLlGhXTh_jQkhvWkIohtsq6lElTeg5oPQVS77GCtKQ0MM7S9OqCoA9iC_7eZ3dFI3pjHuuMhQUdB0D8-psD5lEe4_CN4wPsFyO0BF83_H1BscBAG1yoSDDLoaAzKkQvS6sr7yikvBj3yBWED7AlDUOJYH6Uty4U-CSLnEJMl14EEzM_611SUDKuJB6i0Nt0mDIu7vPzwH6dzT0YhKp5ahO4qqI0FuQTzogpbPuHMS7rhv0RPWJiOmJV2VMSjihW0zAh1zIl9igdqIO_URkeNVVPdllj_qUSl9SJqqRhOg3ocviyDqhxGbNeACjNiI81NoyDMv2IlqyCBpdg1FIG4avo07zopNskxgP5ojOwE3md8Laj-UXb45HRSeE-O_dwGGB3jw9WSzhqRxFeBmBe_sB-slxAWhandG6nT3fkVHHenzQ7wMUkFGonJKGB9saT4pCKmHvcyI_Fy-An9HY8yBAL3-5yquyIBhZuS1ymB-6SF6ro7XAfwc1H4eq49BkSsfUeFJrtYSMnyUwDsVrQ7yjAz5Y73gsHllhCVu-0CqWf5APXCGs4cLf6qbaRO2eJXcyIqOzPkXdSTxc7nzujqEKrTVS1_yaef1-k7RKfkU3B4q262sma_1SPlehcqsqvShfkaSe_BGHfc4EgkXmjY1pRd6K1hV4dLCTIvbuTc8jrcnML58ATatndA85t46U9HpdMJ7ES1H8f5V29k8Ewe4Apmlf643fwkUqfBmVK7Tdb69eVoQCZfs6xrX2TKJX5-UYpSEv2DWHCVsFk0PxUcQ4yTtP3KPV95NyxVKRTRwjYlqRPctcjbISnK0EYfgZzF9MRzoo6J7T5BH5NWO0h-7opy9RHuSn0ihs8DB0PMTe5siGgUvfGuyDd1VaGxFC4lvgQyqfsMqm4lZ07Gm6OAXYinVEQYR8zHm8mWmW9KKPXHkhcqBJy0oixbzDNcBr0UYJSpKwwCAIqULAoDTE9LeFgZcCl1edXrIsLcM&pr=9%3AAAABh8_1keiyGXo_3byi5DIEkdHICDRWCzE8tw&cid=CAQSGwBygQiDZeEyw0wv5Q5SP3Y80OZ9pvy-Dt-2kxgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAogcGAo5bVFGUkUyanlNHBbr7L2yv-6n3OoBFon74OLnhbTtqgEAHBaf6uW5g6Oyj7QBFtv6we7cp7GB_wEAFozB7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFvK0qqzSz6OHxAEWpf6toe7eot7OAQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFvrZpIAEGAk0NjkzNjU4MzcWisYBFowBJQQWRhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehT4AxTaBAAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUNUanJiQVplbFhWS19lRWtVRlNUZW1ZcnRMMl81NlJjSDFGT0h0NzVuamJOTG5qYWFjb2w4cUg1cUowUDlCSUNxMmFLUVF6T0tWQV9VWU5EYTBHUUZHWkVjNWo3MTFrZDFGZXB1RENqVFBTZjdMQ1ZVJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8905270053501222000&adk=2372091703&idt=62&cac=0&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 30 Apr 2023 02:19:55 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 766C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Avqlr4uE4x-cPZ_ow6T85JzE2dLmPY1AXTXwTu0O0cB8veytRvj45Odhb7fV67zJ--e3ydB9NohgrbMHev0AwSdv-olQ3wGPXr3l9QQTqw5blK4O60qwi_Jq1mf_SCyISa_nRgnkGM46iOu1zEAmb6qDVMbLX0B1pWtrGpFtMjqliSXdI&dbm_d=AKAmf-A4xhNZO3zHrZfZ_StV6_Y2aAlVoGh_c8Ggl7SIA-pnILtah0YYvSHOHFswqg_DU8_N1RFn3TBTHECKVFIkklWhU0NQUWvk_cPm1GfVTmPo9rqcRyrIrUr71UUynL20ADwrR60Jy_kW9s03ms27X0C4tuz4BBGZb8fJwlQFN_oCY7QXpC1PE6X594K_4pHOKUq7TkrsLDdMZcPVhPhpzRNEbsiytlDq38DIPhakzyF6Of-iMMqLdktHsORnQCIr0zxOzjCyapJ5nzYFqjmv9JPQrnrCwyc9mP1hbwQ5hEDAFE68fFt6aFJvDxlBgJ-AxAfKxyi_IqHLwz8MmPoAkbA_ZJCsM8BlrEI_Fc1rXjKQY_t1wACXtQgowZhC3I5HQyNOdQwD2xXIifmmYzxZpCBrcK4CxW4frm0ZCE8IZMYtUr66WINkf1yR51DiuH7AJbPU3ydzQPQ06MyRcYDSoJwXCf9mVz1NqzxyEsbQoBJGdgpwq15pYb3Q1Vaw_03Y4gmVA9NeVHgdP3M8hWRekJrkyrjyPktzS7YWcYzY81ObqCTzfVhFEnmFoYEPPPKc5qsqQy4Vqk42babSgPxiO2HXaXCdDTnyXKXIF2i-IKCCmyvF0uxSqute_Vk1xQ-jca6eYeseufXoe-k9TdfOA87WelT0d08_ajOUwkKUDIfdiX7F0ZjPY9Aro0sAKXea0n9zh1PV9jKdl3f-Ye1O8M-ajxPDWR7uH57pFUmiCzfMJlXN-c0ztJUTQ6i1uQ_9Me8M750_6ylH-xWssVaISdUiHoUKmJZI9XyEMgRrv6vpjE1wDChNszjrnaJoZM84CnfNwpbvVjTqgIvOd2qTm-0qqR1Bv-GxGz57lgMtmNn4w2AmbhPKDboVdEDY_MATZIRNDfsyVOt3kfEshZ4rEIITQxW8gF6AQ_H_rHbZIbVvNSyxrR8xqM88-iNdkD34mU5pvSnrxiAHJmNBgziTlC4o93rKbvFsZV1wZsNOqsEDo7Y_oZIfQxPwdAqlmrvnOT5Ji-uNn8BI2--0_YB9mqUeEQeYT2wmqOzaxoqvEep3MFjG1N-uVJJa2cdDUvnzKEzVQn48xEkmflQE8OW6naq0lp5ZqDlEaeUmlbZ98uq3yYaoEU8sah-u50pe7bOLud4OaURreruxUwf45M6vc5h5om8f6RpO_RNiFsAi2cGXEPwD-Wr1AxQMlT3u31g2_Z1iDNcdSIVu3Dgtyuq3j4Y4Qh1GTsuhNZyKyOPimfdwXUceAXQ8k0mchy6tDb8p_yPWxO7NEhJDDmJmfKUzt5jk6YrRqDnOm2Cp5kDUuTvKMQyHztNdFOxGcqH_XnmqV3JUmXH3ns4UYE--qGAaTcNUF7TMKNnKMSsaSbo9o_qGJZhdAKzxTB784okLCxNHRFQihn0sGljHE14ZwMxAdDCVyr6SbuBh-GaGKjoPTBuXpD6Uu7PTs0b2X8t4CcqVApzI3QOEEsMRcwNhg0UfsudeXzswBSzWmPR2Mb-qjFJRccyWYWeLBjgX2uN0NtXeY44Z_NdMZiklNSL__jJuPyMnipQvgK6_tMX0sgKJxQjR0dqsYQZ2EjU6-ReBG1hzgluNhPJcSMeT7ZTqD5jf_suNK8iWVYZ0--F4VdNLEDIdMxij6xVqYvp-6LZH8iqiZ5MSB3ZjtQTiXaFO0ShuhI6Qe8cxRpA_j4vCt7_wAdIe3-_-uNz0LAC4OjmVUHCj9xyoyDSj0dvOEQKB_QLhTPIp1ULDZp5FN-cwmaHPllXMIGS5Zu06T-s1e9ezSLHd3oy_A_40zyHTvb92IeqlHJ45w0sub0EzSky17XZ8nLSEHd5VfiyextljmNyMZGpBTt9tXaYab7YJOLNgggxly987Poy0peWwOyfV5k8yMMrlKT_RWxVyqTk5VNYons70qd8e90tuviyHPzfINH-JJcVCj4CD_0v8lxKTAKoScv5La1-v6q4pin6PqXydCNn4rTUMYIrmQBRIFnQt_GgR94mRzjn3fE8CzeOvjoS3jZxZDNCGlCRYHDZsWGLjQjL5ePxh4BqJEruIKvLIv_5-H8sMq6_b8wsh0WJA7jsKaeTM-J1s40k1LAULnTfhb-oG-WTYBGw3tlqi6AQphDMAKtq1hkSSyDseZWgGR5RdALDF07YswaE9YikyYWUp2GKVBLuFLOUoZ-TKQr_hy4TMfhiSBdLc2vt7ezC8WWgKUBptAJL9FSs3llM9C0HKjGqgwv1yID8FVc5U2-49TQ3XJFSeBSR8dDgrYQn1p3Xcwa3JbcALebsp_vVzZBMSZBIuzrbjiG0WzDJheEwDz3nlp3gKH1fhyJX3J65KCN8Ym8M_w_Vqmu93ZFj6-JAq2wNUwdRNoJyRX6KzZQv-jia10BSq3H0CrH7NYXsOLlGhXTh_jQkhvWkIohtsq6lElTeg5oPQVS77GCtKQ0MM7S9OqCoA9iC_7eZ3dFI3pjHuuMhQUdB0D8-psD5lEe4_CN4wPsFyO0BF83_H1BscBAG1yoSDDLoaAzKkQvS6sr7yikvBj3yBWED7AlDUOJYH6Uty4U-CSLnEJMl14EEzM_611SUDKuJB6i0Nt0mDIu7vPzwH6dzT0YhKp5ahO4qqI0FuQTzogpbPuHMS7rhv0RPWJiOmJV2VMSjihW0zAh1zIl9igdqIO_URkeNVVPdllj_qUSl9SJqqRhOg3ocviyDqhxGbNeACjNiI81NoyDMv2IlqyCBpdg1FIG4avo07zopNskxgP5ojOwE3md8Laj-UXb45HRSeE-O_dwGGB3jw9WSzhqRxFeBmBe_sB-slxAWhandG6nT3fkVHHenzQ7wMUkFGonJKGB9saT4pCKmHvcyI_Fy-An9HY8yBAL3-5yquyIBhZuS1ymB-6SF6ro7XAfwc1H4eq49BkSsfUeFJrtYSMnyUwDsVrQ7yjAz5Y73gsHllhCVu-0CqWf5APXCGs4cLf6qbaRO2eJXcyIqOzPkXdSTxc7nzujqEKrTVS1_yaef1-k7RKfkU3B4q262sma_1SPlehcqsqvShfkaSe_BGHfc4EgkXmjY1pRd6K1hV4dLCTIvbuTc8jrcnML58ATatndA85t46U9HpdMJ7ES1H8f5V29k8Ewe4Apmlf643fwkUqfBmVK7Tdb69eVoQCZfs6xrX2TKJX5-UYpSEv2DWHCVsFk0PxUcQ4yTtP3KPV95NyxVKRTRwjYlqRPctcjbISnK0EYfgZzF9MRzoo6J7T5BH5NWO0h-7opy9RHuSn0ihs8DB0PMTe5siGgUvfGuyDd1VaGxFC4lvgQyqfsMqm4lZ07Gm6OAXYinVEQYR8zHm8mWmW9KKPXHkhcqBJy0oixbzDNcBr0UYJSpKwwCAIqULAoDTE9LeFgZcCl1edXrIsLcM&pr=9%3AAAABh8_1keiyGXo_3byi5DIEkdHICDRWCzE8tw&cid=CAQSGwBygQiDZeEyw0wv5Q5SP3Y80OZ9pvy-Dt-2kxgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAogcGAo5bVFGUkUyanlNHBbr7L2yv-6n3OoBFon74OLnhbTtqgEAHBaf6uW5g6Oyj7QBFtv6we7cp7GB_wEAFozB7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFvK0qqzSz6OHxAEWpf6toe7eot7OAQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFvrZpIAEGAk0NjkzNjU4MzcWisYBFowBJQQWRhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehT4AxTaBAAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUNUanJiQVplbFhWS19lRWtVRlNUZW1ZcnRMMl81NlJjSDFGT0h0NzVuamJOTG5qYWFjb2w4cUg1cUowUDlCSUNxMmFLUVF6T0tWQV9VWU5EYTBHUUZHWkVjNWo3MTFrZDFGZXB1RENqVFBTZjdMQ1ZVJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8905270053501222000&adk=2372091703&idt=62&cac=0&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 17:25:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2F32 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssxtnd6zU57ehj11GzJZeFeWzJ9gAKhkySFN0sYeSNkE9i_SMnyGkBQSjiu53_MxTw2uFV79At0BtMReAK36tBqJoXsAXKTVJFvw0OiKG5cJEOpuVYhYjzieGJA0_CVNN-IM0M1cSzQWcwIskHner0tXAGQzqwwTaMYMyQ85lAcikGWXhnytZLq3g1tYDfobz89FC0sP1ychtiqPLx11Sbx5c7Di0m1vBTANgk7k5dcD3BEYsVdSjHpWgsZCcg-bAAlRlVqpE5susCZWxUUA7aHZTF1BJ_pBwrKxtKdTH2vTe68jrrinu3CcOeTW8BzrKiIeZabeIKZbZ4ay_7-jg&sai=AMfl-YQQX3lX34hilsM8G0dIP_7VpcOhAqw2oDfliP-nOHqrRR02nJGv2Vzwe9XrHhqXElVxj4_jWUltwYhCqDnvsAdeaEYK52OSrlS9dOrR6io3sF5YKG4FnnYV_fz1Kw&sig=Cg0ArKJSzKhGJkoK6C3QEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:55 GMT
truncated
/ Frame 2F32 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
533424fbd54e43c8b36e4a701a23bc01e364ed58b41cb4a1cc068d58cd7674fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
um
sync.e-planning.net/ Frame F089
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=eplanning_east&khaos=LH2SAEWK-1A-5ERB
  • https://sync.e-planning.net/um?uid=LH2SAEWK-1A-5ERB&dc=9bcc91305985f0db&iss=1
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=LH2SAEWK-1A-5ERB&dc=9bcc91305985f0db&iss=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.e-planning.net/um?uid=LH2SAEWK-1A-5ERB&dc=9bcc91305985f0db&iss=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
campaign
ads62.adtelligent.com/tracking/ Frame 2F32 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/campaign?code=2001&dae=false&cec=true&speedLog=true&adid=3E5578E936E6D02F&cmpId=483421&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6D02F&aid=724993&cb=750714413
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads62.adtelligent.com/tracking/ Frame 2F32 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/campaign?code=0&adid=3E5578E936E6D02F&cmpId=483421&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6D02F&aid=724993&cb=750714413
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
pixel
googleads.g.doubleclick.net/xbbe/ Frame D221 		255 B
157 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNWioxqoE4qSG_vn1zvIW40H-dRLpVNOyl3fLmLS0UgDQ0x49vYEqztvFdkOTVsIB-Ef6v0-76YTxFrHgh4fxzwMXhzwgH38YzTt9uslrmnZzwF-ANI
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6D02F&aid=724993&cb=750714413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e24cbb615f891e35b0b58c042f59c1aa70a1c5e4a09449bf670059fbd266cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
133
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A2D4 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6D02F&aid=724993&cb=750714413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28043
x-xss-protection
0
server
cafe
etag
15270303690107644053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:55 GMT
prebid
ox-rtb-europe-west2.openx.net/win/ Frame A2D4 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ox-rtb-europe-west2.openx.net/win/prebid?p=FIRST&t=2DAABBgABAAECAAIBAAsAAgAAAZ0cGApUN3VjQ1VGUUVFHBbv292an_v6rvMBFpGz8aKOz7DEygEAHBbQvPKoio_0ppQBFsPAsPC628Px3QEAFo7B7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFrSZ0oy32piKfhaX4fDbkLu7tOkBABaOwe7EDAYovNmYgAQWxL6bgAQWgIiggAQW-tmkgAQYCTQ2OTM2NTgzNxaKxgEWjAElBBZGGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FPgDFNoEABYCGANydGIA3BsCiB5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBWZhbHNlAKw4CmZpdmVyci5jb20AAAA&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6D02F&aid=724993&cb=750714413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.143.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
98.143.102.34.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:54 GMT
via
1.1 google
server
Cowboy
vary
Origin
content-type
image/gif
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
tq8sjv8t5he1e635s1277b0ikrou7ds5
expires
Mon, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2D4 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BV3gFwJiNiIl9HoddmXKbQjN8LO_xAZ_pmDSrf48TZXw1uhi66to2ZZk1QodxDQBZksTs8F--hAhsrOk4yELN-ChhXo7XWc9eDvcJsgceaqcV01vs
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6D02F&aid=724993&cb=750714413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2D4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4549704372629151446&x=9&ct=76
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6D02F&aid=724993&cb=750714413
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fake_image.png
www.khaleejtimes.com/technology/ Frame 2F32 		150 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/technology/fake_image.png
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.75.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.75.234.ip.incapdns.net
Software
imio /
Resource Hash
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:52 GMT
via
1.1 02f97f00ddc8019c5a1aecbfc33dfaf2.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
imio
x-cdn
Imperva
x-amz-cf-pop
EWR53-C2
age
3
x-cache
Error from cloudfront
content-type
text/html
x-iinfo
14-30756958-30756963 PNYN RT(1682821186601 8154) q(0 0 0 -1) r(0 0) U24
cache-control
max-age=60
x-amz-cf-id
bwwSvgSLvpbGiOI-TbkFeC78qDgUT4ykaH0FZp2ecx5B_EeTiew3XA==
expires
60
sd
us-u.openx.net/w/1.0/ Frame 38CB
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=429FA571C8024762B89F507D54B48C58
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=429FA571C8024762B89F507D54B48C58
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=429FA571C8024762B89F507D54B48C58
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 02:19:55 GMT
sync
x.bidswitch.net/ Frame 38CB
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=03a5c911-58ab-0ce8-199e-b0280b1ac629
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=03a5c911-58ab-0ce8-199e-b0280b1ac629&_li_chk=true&previous_uuid=d79cd71aba534911984773f2b8e35abe
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=03a5c911-58ab-0ce8-199e-b0280b1ac629&previous_uuid=556886489cee4d4e88c8b0e772037a6d
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3464934303237790935
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=d79cd71a-ba53-4911-9847-73f2b8e35abe&liid=&_ct=im
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=1e31fd452a4dbee872c2ba525ab42958
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Date
Sun, 30 Apr 2023 02:19:58 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
g.pixel
aa.agkn.com/adscores/ Frame 38CB 		43 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=1f91f5eb-20bd-0d08-315a-c0a4014a95e0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-117.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 cae77502d3847ca96378af9649c50cb4.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
vxoJv6lwgecHEeoNr9_-fLJV75i9uXSXn6zr_0SHIEuWtT4TGF5h1Q==
expires
0
37274
stags.bluekai.com/site/ Frame 38CB 		62 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=24074d33-5a06-0b18-21ef-d30a1adc6775
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.229 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
2294
expires
Thu, 01 Dec 1994 16:00:00 GMT
709996.gif
id.rlcdn.com/ Frame 38CB 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 38CB
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=afbe801f-77e9-13af-ac31-07dda4414704
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=01dsag5e7kpm2
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072960&val=01dsag5e7kpm2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://us-u.openx.net/w/1.0/sd?id=537072960&val=01dsag5e7kpm2
cache-control
no-cache
cf-ray
7bfc4d794b0b4bca-YUL
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame CFD0 		0
129 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=159110&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A1CE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112332
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 13AD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Etag
91de8cda0809327e
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Expires
0
/
onetag-sys.com/usync/ Frame 2B40 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 13AD 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif
csync
sync.adtelligent.com/ Frame B6B0
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=7ff839d6e5a54b30
Date
Sun, 30 Apr 2023 02:19:54 GMT
Server
Adtelligent
Etag
7ff839d6e5a54b30
Content-Length
0
usync.html
eus.rubiconproject.com/ Frame EAC6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:55 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 02:19:55 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5BC6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5c6c647b53171dd3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112332
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 227E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D5c6c647b53171dd3%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
c618c7e9c084380a134da48648d9f0e13335c31b815a3ba773b38a5d3f31a468

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1522
Content-Type
text/html
Date
Sun, 30 Apr 2023 02:19:55 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 9157 		1 KB
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 09 Nov 2027 12:27:06 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
21.090
x-cf-reqid
afbb6d630de49b9b7306ca84d50e1266
x-cf-tsc
1668083227
x-cf1
29080:fD.waw1:co:1585621119:cacheN.waw1-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 7D26 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 9588 		229 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8672a67060014971abc05098134d02f0f36e6db12f133b26dab2aca6b460acd7

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7bfc4d760c32a1f2-YYZ
content-encoding
br
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
server
cloudflare
vary
Origin
via
1.1 google
usync.js
eus.rubiconproject.com/ Frame 107E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 17:49:36 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=55759
content-length
10020
expires
Sun, 30 Apr 2023 17:49:14 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 78A2 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=32850865&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
975541ff06da6183a79695e23f23d48c2baf116283ad084c15304722ee703cb7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
crum
dsum-sec.casalemedia.com/ Frame BF1A
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7906230784814628655
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7906230784814628655
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
efc7212c-6fe8-4b53-9b52-ca8d732035d3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BF1A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
MT3 830 785530e master ord-pixel-x3 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 02:19:54 GMT
crum
dsum-sec.casalemedia.com/ Frame BF1A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAjOU7Im6EAACBud1f_9Q&expiration=1684030795
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAjOU7Im6EAACBud1f_9Q&expiration=1684030795
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAjOU7Im6EAACBud1f_9Q&expiration=1684030795
Date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BF1A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a02:6422:e7b:c10:ea7a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame BF1A
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2403475317176069061&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2403475317176069061&gdpr=0&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=2403475317176069061&gdpr=0&gdpr_consent=
date
Sun, 30 Apr 2023 02:19:55 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame BF1A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=fYpSPiDn1PSWFi5
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=fYpSPiDn1PSWFi5
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:54 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0e80c80edc5e53ad9@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=fYpSPiDn1PSWFi5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame BF1A
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=7db5d42e-e6fd-11ed-a34e-d15af96d51e0
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=7db5d42e-e6fd-11ed-a34e-d15af96d51e0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=7db5d42e-e6fd-11ed-a34e-d15af96d51e0
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-6
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
tp_out
d.adroll.com/cm/index/ Frame BF1A 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2204:1ecc:f6d6:4f40:b36c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
um
u-iad04.e-planning.net/ Frame BF1A 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=ab9c2de71df9c853&uid=ZE3QSKiBZz7mrFv9ttLKygAA%261459
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif
csi
csi.gstatic.com/ Frame 89BF 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lh2saflx&c=5929998944819&slotId=2964999472409.5&ghmsh_eids=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ Frame 89BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.khaleejtimes.com&rs=www.khaleejtimes.com&sid=14988&t=1682821193&cip=149.56.153.189&sn=&tgt=5&osv=10&bv=112.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=631834db55e9564951409ee5&test=&d64=5588dfe224885a80108ef8795acc4402&d63=5588dfe224885a80108ef8795acc4402&aafaid=&proto=https&uid=1682821193788-914099371828-001571-011-006544&cha=0.7&stagid=&stplid=&d35=&d36=&cb=41671815981&d39=&d65=&d66=&d73=&apppkg=&d9=0000&d37=realtime&asid=6422909efce73161aa093855%7C64228f22c184158f5c08d3f4&pid=631834db55e9564951409ee5%7C5e7b9048180bd02ded4b0937&cid=633bf016a4c8d47b685fec86%7C6422904273d6a50c1601fe5a&h=8b7c5fccf4b666a57c0dc9a9d998d035a67d31a5&d9=0000&ofpr=[AVC_FLOOR]&imid=5588dfe224885a80108ef8795acc4402_172316024_452421_&e=AdError&prbdres=303
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-215.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
xuid
eb2.3lift.com/ Frame E9AD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=ghbE4tASxL6ZQcfjgxHdt9AbleKZGsDngEO1fHVZ
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=ghbE4tASxL6ZQcfjgxHdt9AbleKZGsDngEO1fHVZ
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=ghbE4tASxL6ZQcfjgxHdt9AbleKZGsDngEO1fHVZ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
xuid
eb2.3lift.com/ Frame E9AD
Redirect Chain
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://triplelift-match.dotomi.com/match/bounce/current?DotomiTest=6b296f0a127b0fe8&is_secure=true&networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAFprChOVJ8PwNWbWKJAAAAAAA&expiration=1682907595&is_secure=true&gdpr_consent=&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAFprChOVJ8PwNWbWKJAAAAAAA&expiration=1682907595&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AAAFprChOVJ8PwNWbWKJAAAAAAA&expiration=1682907595&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
xuid
eb2.3lift.com/ Frame E9AD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=5ded644d-d048-4900-9db9-f4be5bd2dfb7&dongle=3995&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=5ded644d-d048-4900-9db9-f4be5bd2dfb7&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
MT3 830 785530e master ord-pixel-x51 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eb2.3lift.com/xuid?mid=3690&xuid=5ded644d-d048-4900-9db9-f4be5bd2dfb7&dongle=3995&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 02:19:54 GMT
xuid
eb2.3lift.com/ Frame E9AD
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=5fc738f9-8cf6-4ead-96c1-1c7828490792&dongle=31ac
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=5fc738f9-8cf6-4ead-96c1-1c7828490792&dongle=31ac
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=4945&xuid=5fc738f9-8cf6-4ead-96c1-1c7828490792&dongle=31ac
date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame E9AD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZE3QSAAGdt3yhgA9&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=ZE3QSAAGdt3yhgA9&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-served-by
cache-yyz4560-YYZ
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682821196.898454,VS0,VE0
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=ZE3QSAAGdt3yhgA9&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame E9AD
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6547&xuid=LK5U8UAZo2GVgnyxkra5&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6547&xuid=LK5U8UAZo2GVgnyxkra5&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6547&xuid=LK5U8UAZo2GVgnyxkra5&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT, Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame E9AD
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=fYpSPiDn1PSWFi5&dongle=465e&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=fYpSPiDn1PSWFi5&dongle=465e&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:54 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0326d53a5183e5237@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=fYpSPiDn1PSWFi5&dongle=465e&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame E9AD
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=429FA571C8024762B89F507D54B48C58&dongle=yf3
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=429FA571C8024762B89F507D54B48C58&dongle=yf3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=429FA571C8024762B89F507D54B48C58&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 02:19:55 GMT
sync
ups.analytics.yahoo.com/ups/58382/ Frame E9AD 		0
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58382/sync?uid=3877821143472078157452&_origin=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
CookieSyncTripleLift
rtb.adentifi.com/ Frame E9AD 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.183.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-183-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
um
sync.e-planning.net/ Frame E9AD 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=3877821143472078157452&dc=4d76b6ce34af74c9&iss=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 88BE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7906230784814628655
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7906230784814628655
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ddeb2db2-18e6-4067-b07a-e8fbb42961f0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 88BE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a02:6422:e7b:c10:ea7a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB
date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 88BE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAjOU7Im6EAACBud1f_9Q&expiration=1684030795
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAjOU7Im6EAACBud1f_9Q&expiration=1684030795
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAjOU7Im6EAACBud1f_9Q&expiration=1684030795
Date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 88BE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3QSAAGdt3yhgA9
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3QSAAGdt3yhgA9
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-yyz4560-YYZ
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682821196.898430,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3QSAAGdt3yhgA9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 88BE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4139660057828765566&expiration=1684030795
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4139660057828765566&expiration=1684030795
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4139660057828765566&expiration=1684030795
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usermatchredir
ssum-sec.casalemedia.com/ Frame 88BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame 88BE 		43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.178.82 Secaucus, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-6
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum.casalemedia.com/ Frame 88BE
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=703fc64aca350fe8&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAL3IeCRjuNEwNV2RE5AAAAAAA&expiration=1682907596&is_secure=true
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAL3IeCRjuNEwNV2RE5AAAAAAA&expiration=1682907596&is_secure=true
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAL3IeCRjuNEwNV2RE5AAAAAAA&expiration=1682907596&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
um
u-iad04.e-planning.net/ Frame 88BE 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=ab9c2de71df9c853&uid=ZE3QSKiBZz7mrFv9ttLKygAA%261459
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame A8EE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 17:49:36 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=55759
content-length
10020
expires
Sun, 30 Apr 2023 17:49:14 GMT
mw
mwzeom.zeotap.com/ Frame 8DE8 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=a970d47a-dcef-4e7d-707e-6d76ff718a53&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d77cfa4a1f2-YYZ
access-control-allow-headers
*
content-length
95
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8BB8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
42971
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 14:23:44 GMT
expires
Sun, 28 Apr 2024 14:23:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
splashAdserve
adgebra.co.in/AdServing/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/AdServing/splashAdserve?p1=5823&p2=24553&p3=UAE%20news%2C%20Dubai%20news%2C%20coronavirus%2C%20Microsoft%2C%20SolarWind%2C%20malicious%20software!Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%20%20Khaleej%20Times%20Microsoft%20Corp%20said%20on%20Thursday%20it%20found%20malicious%20software%20in%20its%20systems%20related%20to%20a%20massive%20hacking%20campaign%20disclosed%20by%20US%20officials%20this%20week%2C%20addin..%20&p4=23043002&flytxt=313&preferurl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&neg=0&p5=&p8=&p10=&p12=_&p11=7&DC=2&p15=0&p16=&dynamic_trg=is_safe%3Dunsafe%40_%23flags%3Dcontroversial%40_%23cSafe%3Dcontroversial&p6=1004_565&isRtbCampaign=false&categoryKwdParameter=&categoryLanguage=2&referurl=https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems&imageCaption=&nocache=
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/AdServing/spot.js?p1=5823&p2=24553&p3=UAE%20news%2C%20Dubai%20news%2C%20coronavirus%2C%20Microsoft%2C%20SolarWind%2C%20malicious%20software!Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%20%20Khaleej%20Times%20Microsoft%20Corp%20said%20on%20Thursday%20it%20found%20malicious%20software%20in%20its%20systems%20related%20to%20a%20massive%20hacking%20campaign%20disclosed%20by%20US%20officials%20this%20week%2C%20addin..%20&p4=23043002&flytxt=313&preferurl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&neg=0&p5=&p8=&p10=&p12=_&p11=7&DC=2&p15=0&p16=&dynamic_trg=is_safe%3Dunsafe%40_%23flags%3Dcontroversial%40_%23cSafe%3Dcontroversial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
8b1f067b2ebcd200c7c87149bee7e37d78ecd4313eec70239e9afc720b0b299e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
content-encoding
gzip
via
1.1 google
vary
accept-encoding
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
content-type
text/html;charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
Content-Type, Accept, X-Requested-With,Origin, Control-Request-Method,remember-me, Access-Control-Request-Headers,Authorization, x-auth-token
5434988223629041942
s0.2mdn.net/simgad/ Frame BA8E 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5434988223629041942
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxmWEnWeLv5IygJaWOoBB_IcAjoD2AiE1egY-ENiPBElpUvVjDLvb05qWlt8g8xcVkWC-gorLQl9H_wMIQMM7xZapnz5Y6n4GEELwFnn3t-tHxAeShH_HZM9DIJKID2VSRAvokpeHHDfzNN9shmuiw9xkdnV1Th-J5_ufhMaUhu5tKjCg&dbm_d=AKAmf-DCT_gEmuFoVTLcVA3iOSK-49q7NpbW8wy2BJC1HJUnbJj3MQiGL1wI7REV2LxqzSmZQaWKA8Y8jChyWt-9UVPDWuTwjsoJURcax1mItiBJbhtPDKj4NPJEZmGIVg12nRpuZ6JufTf1AOWBxBqnsRL-AC7ijq45q7y9tB5HMbNpDkoBOpa5jnqSbeuOOzCpjOEuo22AUgMiKh5BKyWxyc2sTXxReZVPh-ZXyMM4AbxKjrt2d4yBPmTWuSlgx_r10zLHBnan5eZ8rHyrSwONYJvyvT_IpZ2XKalGqU4Sx27olUcLWXI_xRVieEE71eRUYPNGoJqwxYOwPxAnLWqtGJDM6Q-YlCVdyUrLWaKa_OJhsIEkwdrbZLk6-rxC7KrGuoKBh1aj0Tn2vnkxg1-0qDhJFcoeAur1IWI2xeDPIkCM4VRNJfD3jrBot-CqhMVQO4tD9eu8zxxeIp5BvFOn-YSxFh44oae_VAZcQuG-AUo_4NMtftegxSVPppv6EUcGaW74zZWh4al46Np3uDhVu4VzWGiS1Q6qGvaCSc5A5wAbLxqyTNmIycLvm4XkBHuXspbG95qjCLy6q1DQ7TXPelzJMgu81xFqwX2LqLqm57WFNTencJnbJb6EUjUTX66DDa4HrBp9xii3bcILbPVu5psex0VxiCqt1U43HycFnk7VefmTykWPlGUJ-9GZ1WgzyEnmfLEaAUd3V4ztwEnd6G53IEttsG0Q8wqmhs1kJYii3KRdKcwkv5sKfSQ4pUvBlnxvAsXwWtpszmMsg7grKejvCYPrrxfYNvFGvFbZPGhZHqFvEMquuz7qMSgfFpxXE1iuWwr6ZQ7Ui_nvOdydX6hz41NqhvxeL1Wz5IA8BhRwQUXF0IZGEQqSHjrz-KveJNTJz-_6fa4ZRVul37W6wDj1cpYvirR6U9TJPuPpSOV-nTXKtBb9dPXI4UPhTT2BK1Bk0nTipp6JiSLSmn0v4hMnjrGvlEZn_bUejizgg47kD1KgvFuQyzPTrf4LHMQYalkfr2jzF1PSOkeQeMIO-BnI-1BvyYwNJF_dXgcpMieMbSFbjMFYGItYi6ivk5ypiIxvk_tWztEriOrXgGiVjG_YgFqpQL6ypaWMS-JNlhchG3wEbJQyHB6mlH1Wr6qRY8-NJqh6YJlHIBFM9J_UWow-C7kTV35G6hJ6QIHO7J8oJSfLnVocxTFhat-pjjJzW5w6PAnZbqW6bYJEoe9DdIfGVmLW1gAWPoCiu3zfm3VAspcDGK9YJNrtQPcBK8AF9nM0ju_AHl3MqGbu4fzuBRl60GCHh4c8tyBJxsHAhyJk80qXscGUK9umSrAedDQbPl2oLkAPHZoC6zSIOvKUFOe_2NbRWJWVH-5X8_IEhgHYCDhtL7T_JFXZXR_CtTeje_TjFwvT1MUL89r7xjXXFu1a9PinkKBt_jCezMv1wFJwJTv3sUeuzQX2mskCFBpS_uyDmn32NF0GoeUGrHbXeO2-60tAt7tcn8xvM8TlCGVv21c5lW2_QYcqupLAhEDBMikEFzCo_eWsSnwSTsXKX7xXQ84rlTdWjQKpSelzXVemZWl6briulf_JsXmilt9jqQMFFr_n4H7qOVFInwVDBOQFr4c7gm131KVCd_s6M1j_Rrc3anf2_yQYdc1qWSIUzv9xZL2BJ6PAUz2DmkY6fJBJkEKzcpV2JjKJ9M-JRGKXa-X88qMukv0VK2ydixzKkALKIIs6QKXb6yrR8CqOss4kz9CtIBdpEvGf3o0XTTT4TShkqAB9lt0B4FzCKYDcxmdxrNa9yFWoioLTTMTNQB-rsS9SXP8GzZ41446EzrgeTe3wYa_qmRGufCGVy5xkXlgO4Z1PY2s1kvK4FvKNyBsSKO1S6hLM0gj5VusEdIxW2o17FRBk4gUExMxkRxVX5egTUvzyQZZXqVhHILJ1UuZW6cFc_xMcd4l7TzAdsM1RupjkrYwN9w_FZC2RkhrT8eiaeH0oNDe0mr0S67Ip2O59LqMNdY0-DME-9wJ9RVvMLZPXc1MNp46J2v_Pn-QfePj4ASnyndf1OCNKPoeXim-NnKU555ldiUL9qS5HLfK5lI_pFA5ghl3Ti8m4TGWg36jyaEWfVqD5ykfIQsk-BiPbi7Wda-AAPWCPhx9HyTcJSdjMSbYTD6-ckmTeC7J9HdGJf0VB_iThUNRCnAlgNNbXgl0FUg4rltNzFcWW8OgPcsAdTmHtXUyYYBFBRF5_cjWiKwchTUNKiZbz_Mk4iB71UxzdyZvBUKUzavPUtWkx-JNiF0N4vMNek5mCThZG_Tk0EwIRzl3SDO-CBsRTBvHSoJfNhvl4aSXjsagfEytgj2aaDIcUXJlmcxMPyR2CR0w8ijJyx4GMXxlmxTOuWmdQyshHJT-P5fzXZned3WbZdw8VRsR-vFREj0GTwMCAdOB2hu8GAkXaDSklb6e-JnKHtFBsOAIgJf3AZnYIRacmrWtM-ZbYdZyonSWhOT8e-o2zRyzb3C-V2_krmpacCi-68Xtr0s7yDF0g1Ldsfw6Cjj80fuEYgdGqU-aiNG1qEias9GgARSlM0cp2lg_6GjHn0aJixhe6bvD7DlI00yLKg7Tr54F-7zUA6Um2QUZA-4x32Fwj-OHuuN-JgQvpBlYMbr-0tJyLO79g4zcZe4eychlwFWwf8yC_5kNEJJgUgSSqxP3gJUFjmz_9KmMdq6rD32SriJONvU_NSrbVbNjiEhKYmLch51hFWJcHWqs9CMJeVXwgiVHI9XNjpq3EPo75RUY0jNK_OMIeYJxIDEC7a6JIe60fBQ1z8aGPNk0zib1o12p6VzdBvlInP7WaiS6XNqINRpu0BZfvC_kw66IjppBhBf4nyhADee16PNzCc1KkhkgA00T8ZrCR7J1SAhmFWnr-YBqvL86fUMo833YrGl1fhR2jDkCYV8f3EUSUmejE51p7FQrK7QeIUQz2Mp0opgygirkkenTEQzXjcpX3gTIqAXloHd75QhmlQKvdsqyo7GNurmIOPJ850sWLMlox3jylrPzISOl4HPa06io1-NRf_5TXIecPIsc-ul0ZxaS4w3a-y8uUuwt8dXYxG494Z-4VcCDPgVEKqsT52nzGy3vF68WFdG4MtCQpLl-42OyG9uhIj07rXJUmeRie4UwPptX9YqW7fcO1JAYIunB-A1vlENoEqzRtlC6eL4owX6hvkuAmIn88a4qpOnlsDg5zVWnI8uZyUqr-NEdPX9FwQLdePJy2PKBy-MX5yrLjy6fRHyhN3T4et1GBAxZ5QcR2GXaMGJQTXLLmPj2UZDyArjviCbJ26j8QwyK7h4f7hVS8ZsJZ_1vYenTArGEELsz9jKWHMKFNkK_Q9TUnsA7o89XASak&pr=9%3AAAABh8_1lAcXi4WfqyP0eii9nCY56htbhs_jbw&cid=CAQSGwBygQiDoXWWTwfO3ZLNWtDjHYVcE_tPtxIC6xgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoUcGApnNXdoM3dzMXppHBaB3aXO4_Xq_1MWwc65k_7O5rOkAQAcFpaEorL-_uevSRbTiKOB-bXCzZoBABaMwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkIWQhZCFigWKBYoFigWhAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQWgtqkgAQWgIiggAQVGBwUtAEUsAsAFQQmhAEWhAEWhAERNQ4mhAE0AgAsLBbqjbqnzvL95CkW7ZmSrOzq-dW7AQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFoLapIAEGAk0NjkzNjUyNzAWisYBFoQBJQQWQhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehS4ARSEBgAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUFoT01XNkJfR0VqUXdDN2N6eXZ0Y3NDVXROY0VNRjZIa2JLWS1na0F6SXpSZ2l6WW9HdjNJNi1PYVBjWmZxRHZsaXVKVHQ0b2FMY29qMWpRcEhVLWhZbDNlTzdGVTlyZG1VMldEZ2tkTTZyeE0yQWpJJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=17382755063370142000&adk=1703591385&idt=138&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7e27be34c9ef9b56c5e8b9a4effd52e421bd261c78bf3f029be9e06c80a21c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 23:40:29 GMT
x-content-type-options
nosniff
age
9566
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8951
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 14:54:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 23:40:29 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame BA8E 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxmWEnWeLv5IygJaWOoBB_IcAjoD2AiE1egY-ENiPBElpUvVjDLvb05qWlt8g8xcVkWC-gorLQl9H_wMIQMM7xZapnz5Y6n4GEELwFnn3t-tHxAeShH_HZM9DIJKID2VSRAvokpeHHDfzNN9shmuiw9xkdnV1Th-J5_ufhMaUhu5tKjCg&dbm_d=AKAmf-DCT_gEmuFoVTLcVA3iOSK-49q7NpbW8wy2BJC1HJUnbJj3MQiGL1wI7REV2LxqzSmZQaWKA8Y8jChyWt-9UVPDWuTwjsoJURcax1mItiBJbhtPDKj4NPJEZmGIVg12nRpuZ6JufTf1AOWBxBqnsRL-AC7ijq45q7y9tB5HMbNpDkoBOpa5jnqSbeuOOzCpjOEuo22AUgMiKh5BKyWxyc2sTXxReZVPh-ZXyMM4AbxKjrt2d4yBPmTWuSlgx_r10zLHBnan5eZ8rHyrSwONYJvyvT_IpZ2XKalGqU4Sx27olUcLWXI_xRVieEE71eRUYPNGoJqwxYOwPxAnLWqtGJDM6Q-YlCVdyUrLWaKa_OJhsIEkwdrbZLk6-rxC7KrGuoKBh1aj0Tn2vnkxg1-0qDhJFcoeAur1IWI2xeDPIkCM4VRNJfD3jrBot-CqhMVQO4tD9eu8zxxeIp5BvFOn-YSxFh44oae_VAZcQuG-AUo_4NMtftegxSVPppv6EUcGaW74zZWh4al46Np3uDhVu4VzWGiS1Q6qGvaCSc5A5wAbLxqyTNmIycLvm4XkBHuXspbG95qjCLy6q1DQ7TXPelzJMgu81xFqwX2LqLqm57WFNTencJnbJb6EUjUTX66DDa4HrBp9xii3bcILbPVu5psex0VxiCqt1U43HycFnk7VefmTykWPlGUJ-9GZ1WgzyEnmfLEaAUd3V4ztwEnd6G53IEttsG0Q8wqmhs1kJYii3KRdKcwkv5sKfSQ4pUvBlnxvAsXwWtpszmMsg7grKejvCYPrrxfYNvFGvFbZPGhZHqFvEMquuz7qMSgfFpxXE1iuWwr6ZQ7Ui_nvOdydX6hz41NqhvxeL1Wz5IA8BhRwQUXF0IZGEQqSHjrz-KveJNTJz-_6fa4ZRVul37W6wDj1cpYvirR6U9TJPuPpSOV-nTXKtBb9dPXI4UPhTT2BK1Bk0nTipp6JiSLSmn0v4hMnjrGvlEZn_bUejizgg47kD1KgvFuQyzPTrf4LHMQYalkfr2jzF1PSOkeQeMIO-BnI-1BvyYwNJF_dXgcpMieMbSFbjMFYGItYi6ivk5ypiIxvk_tWztEriOrXgGiVjG_YgFqpQL6ypaWMS-JNlhchG3wEbJQyHB6mlH1Wr6qRY8-NJqh6YJlHIBFM9J_UWow-C7kTV35G6hJ6QIHO7J8oJSfLnVocxTFhat-pjjJzW5w6PAnZbqW6bYJEoe9DdIfGVmLW1gAWPoCiu3zfm3VAspcDGK9YJNrtQPcBK8AF9nM0ju_AHl3MqGbu4fzuBRl60GCHh4c8tyBJxsHAhyJk80qXscGUK9umSrAedDQbPl2oLkAPHZoC6zSIOvKUFOe_2NbRWJWVH-5X8_IEhgHYCDhtL7T_JFXZXR_CtTeje_TjFwvT1MUL89r7xjXXFu1a9PinkKBt_jCezMv1wFJwJTv3sUeuzQX2mskCFBpS_uyDmn32NF0GoeUGrHbXeO2-60tAt7tcn8xvM8TlCGVv21c5lW2_QYcqupLAhEDBMikEFzCo_eWsSnwSTsXKX7xXQ84rlTdWjQKpSelzXVemZWl6briulf_JsXmilt9jqQMFFr_n4H7qOVFInwVDBOQFr4c7gm131KVCd_s6M1j_Rrc3anf2_yQYdc1qWSIUzv9xZL2BJ6PAUz2DmkY6fJBJkEKzcpV2JjKJ9M-JRGKXa-X88qMukv0VK2ydixzKkALKIIs6QKXb6yrR8CqOss4kz9CtIBdpEvGf3o0XTTT4TShkqAB9lt0B4FzCKYDcxmdxrNa9yFWoioLTTMTNQB-rsS9SXP8GzZ41446EzrgeTe3wYa_qmRGufCGVy5xkXlgO4Z1PY2s1kvK4FvKNyBsSKO1S6hLM0gj5VusEdIxW2o17FRBk4gUExMxkRxVX5egTUvzyQZZXqVhHILJ1UuZW6cFc_xMcd4l7TzAdsM1RupjkrYwN9w_FZC2RkhrT8eiaeH0oNDe0mr0S67Ip2O59LqMNdY0-DME-9wJ9RVvMLZPXc1MNp46J2v_Pn-QfePj4ASnyndf1OCNKPoeXim-NnKU555ldiUL9qS5HLfK5lI_pFA5ghl3Ti8m4TGWg36jyaEWfVqD5ykfIQsk-BiPbi7Wda-AAPWCPhx9HyTcJSdjMSbYTD6-ckmTeC7J9HdGJf0VB_iThUNRCnAlgNNbXgl0FUg4rltNzFcWW8OgPcsAdTmHtXUyYYBFBRF5_cjWiKwchTUNKiZbz_Mk4iB71UxzdyZvBUKUzavPUtWkx-JNiF0N4vMNek5mCThZG_Tk0EwIRzl3SDO-CBsRTBvHSoJfNhvl4aSXjsagfEytgj2aaDIcUXJlmcxMPyR2CR0w8ijJyx4GMXxlmxTOuWmdQyshHJT-P5fzXZned3WbZdw8VRsR-vFREj0GTwMCAdOB2hu8GAkXaDSklb6e-JnKHtFBsOAIgJf3AZnYIRacmrWtM-ZbYdZyonSWhOT8e-o2zRyzb3C-V2_krmpacCi-68Xtr0s7yDF0g1Ldsfw6Cjj80fuEYgdGqU-aiNG1qEias9GgARSlM0cp2lg_6GjHn0aJixhe6bvD7DlI00yLKg7Tr54F-7zUA6Um2QUZA-4x32Fwj-OHuuN-JgQvpBlYMbr-0tJyLO79g4zcZe4eychlwFWwf8yC_5kNEJJgUgSSqxP3gJUFjmz_9KmMdq6rD32SriJONvU_NSrbVbNjiEhKYmLch51hFWJcHWqs9CMJeVXwgiVHI9XNjpq3EPo75RUY0jNK_OMIeYJxIDEC7a6JIe60fBQ1z8aGPNk0zib1o12p6VzdBvlInP7WaiS6XNqINRpu0BZfvC_kw66IjppBhBf4nyhADee16PNzCc1KkhkgA00T8ZrCR7J1SAhmFWnr-YBqvL86fUMo833YrGl1fhR2jDkCYV8f3EUSUmejE51p7FQrK7QeIUQz2Mp0opgygirkkenTEQzXjcpX3gTIqAXloHd75QhmlQKvdsqyo7GNurmIOPJ850sWLMlox3jylrPzISOl4HPa06io1-NRf_5TXIecPIsc-ul0ZxaS4w3a-y8uUuwt8dXYxG494Z-4VcCDPgVEKqsT52nzGy3vF68WFdG4MtCQpLl-42OyG9uhIj07rXJUmeRie4UwPptX9YqW7fcO1JAYIunB-A1vlENoEqzRtlC6eL4owX6hvkuAmIn88a4qpOnlsDg5zVWnI8uZyUqr-NEdPX9FwQLdePJy2PKBy-MX5yrLjy6fRHyhN3T4et1GBAxZ5QcR2GXaMGJQTXLLmPj2UZDyArjviCbJ26j8QwyK7h4f7hVS8ZsJZ_1vYenTArGEELsz9jKWHMKFNkK_Q9TUnsA7o89XASak&pr=9%3AAAABh8_1lAcXi4WfqyP0eii9nCY56htbhs_jbw&cid=CAQSGwBygQiDoXWWTwfO3ZLNWtDjHYVcE_tPtxIC6xgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoUcGApnNXdoM3dzMXppHBaB3aXO4_Xq_1MWwc65k_7O5rOkAQAcFpaEorL-_uevSRbTiKOB-bXCzZoBABaMwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkIWQhZCFigWKBYoFigWhAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQWgtqkgAQWgIiggAQVGBwUtAEUsAsAFQQmhAEWhAEWhAERNQ4mhAE0AgAsLBbqjbqnzvL95CkW7ZmSrOzq-dW7AQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFoLapIAEGAk0NjkzNjUyNzAWisYBFoQBJQQWQhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehS4ARSEBgAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUFoT01XNkJfR0VqUXdDN2N6eXZ0Y3NDVXROY0VNRjZIa2JLWS1na0F6SXpSZ2l6WW9HdjNJNi1PYVBjWmZxRHZsaXVKVHQ0b2FMY29qMWpRcEhVLWhZbDNlTzdGVTlyZG1VMldEZ2tkTTZyeE0yQWpJJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=17382755063370142000&adk=1703591385&idt=138&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
22493
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BA8E 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxmWEnWeLv5IygJaWOoBB_IcAjoD2AiE1egY-ENiPBElpUvVjDLvb05qWlt8g8xcVkWC-gorLQl9H_wMIQMM7xZapnz5Y6n4GEELwFnn3t-tHxAeShH_HZM9DIJKID2VSRAvokpeHHDfzNN9shmuiw9xkdnV1Th-J5_ufhMaUhu5tKjCg&dbm_d=AKAmf-DCT_gEmuFoVTLcVA3iOSK-49q7NpbW8wy2BJC1HJUnbJj3MQiGL1wI7REV2LxqzSmZQaWKA8Y8jChyWt-9UVPDWuTwjsoJURcax1mItiBJbhtPDKj4NPJEZmGIVg12nRpuZ6JufTf1AOWBxBqnsRL-AC7ijq45q7y9tB5HMbNpDkoBOpa5jnqSbeuOOzCpjOEuo22AUgMiKh5BKyWxyc2sTXxReZVPh-ZXyMM4AbxKjrt2d4yBPmTWuSlgx_r10zLHBnan5eZ8rHyrSwONYJvyvT_IpZ2XKalGqU4Sx27olUcLWXI_xRVieEE71eRUYPNGoJqwxYOwPxAnLWqtGJDM6Q-YlCVdyUrLWaKa_OJhsIEkwdrbZLk6-rxC7KrGuoKBh1aj0Tn2vnkxg1-0qDhJFcoeAur1IWI2xeDPIkCM4VRNJfD3jrBot-CqhMVQO4tD9eu8zxxeIp5BvFOn-YSxFh44oae_VAZcQuG-AUo_4NMtftegxSVPppv6EUcGaW74zZWh4al46Np3uDhVu4VzWGiS1Q6qGvaCSc5A5wAbLxqyTNmIycLvm4XkBHuXspbG95qjCLy6q1DQ7TXPelzJMgu81xFqwX2LqLqm57WFNTencJnbJb6EUjUTX66DDa4HrBp9xii3bcILbPVu5psex0VxiCqt1U43HycFnk7VefmTykWPlGUJ-9GZ1WgzyEnmfLEaAUd3V4ztwEnd6G53IEttsG0Q8wqmhs1kJYii3KRdKcwkv5sKfSQ4pUvBlnxvAsXwWtpszmMsg7grKejvCYPrrxfYNvFGvFbZPGhZHqFvEMquuz7qMSgfFpxXE1iuWwr6ZQ7Ui_nvOdydX6hz41NqhvxeL1Wz5IA8BhRwQUXF0IZGEQqSHjrz-KveJNTJz-_6fa4ZRVul37W6wDj1cpYvirR6U9TJPuPpSOV-nTXKtBb9dPXI4UPhTT2BK1Bk0nTipp6JiSLSmn0v4hMnjrGvlEZn_bUejizgg47kD1KgvFuQyzPTrf4LHMQYalkfr2jzF1PSOkeQeMIO-BnI-1BvyYwNJF_dXgcpMieMbSFbjMFYGItYi6ivk5ypiIxvk_tWztEriOrXgGiVjG_YgFqpQL6ypaWMS-JNlhchG3wEbJQyHB6mlH1Wr6qRY8-NJqh6YJlHIBFM9J_UWow-C7kTV35G6hJ6QIHO7J8oJSfLnVocxTFhat-pjjJzW5w6PAnZbqW6bYJEoe9DdIfGVmLW1gAWPoCiu3zfm3VAspcDGK9YJNrtQPcBK8AF9nM0ju_AHl3MqGbu4fzuBRl60GCHh4c8tyBJxsHAhyJk80qXscGUK9umSrAedDQbPl2oLkAPHZoC6zSIOvKUFOe_2NbRWJWVH-5X8_IEhgHYCDhtL7T_JFXZXR_CtTeje_TjFwvT1MUL89r7xjXXFu1a9PinkKBt_jCezMv1wFJwJTv3sUeuzQX2mskCFBpS_uyDmn32NF0GoeUGrHbXeO2-60tAt7tcn8xvM8TlCGVv21c5lW2_QYcqupLAhEDBMikEFzCo_eWsSnwSTsXKX7xXQ84rlTdWjQKpSelzXVemZWl6briulf_JsXmilt9jqQMFFr_n4H7qOVFInwVDBOQFr4c7gm131KVCd_s6M1j_Rrc3anf2_yQYdc1qWSIUzv9xZL2BJ6PAUz2DmkY6fJBJkEKzcpV2JjKJ9M-JRGKXa-X88qMukv0VK2ydixzKkALKIIs6QKXb6yrR8CqOss4kz9CtIBdpEvGf3o0XTTT4TShkqAB9lt0B4FzCKYDcxmdxrNa9yFWoioLTTMTNQB-rsS9SXP8GzZ41446EzrgeTe3wYa_qmRGufCGVy5xkXlgO4Z1PY2s1kvK4FvKNyBsSKO1S6hLM0gj5VusEdIxW2o17FRBk4gUExMxkRxVX5egTUvzyQZZXqVhHILJ1UuZW6cFc_xMcd4l7TzAdsM1RupjkrYwN9w_FZC2RkhrT8eiaeH0oNDe0mr0S67Ip2O59LqMNdY0-DME-9wJ9RVvMLZPXc1MNp46J2v_Pn-QfePj4ASnyndf1OCNKPoeXim-NnKU555ldiUL9qS5HLfK5lI_pFA5ghl3Ti8m4TGWg36jyaEWfVqD5ykfIQsk-BiPbi7Wda-AAPWCPhx9HyTcJSdjMSbYTD6-ckmTeC7J9HdGJf0VB_iThUNRCnAlgNNbXgl0FUg4rltNzFcWW8OgPcsAdTmHtXUyYYBFBRF5_cjWiKwchTUNKiZbz_Mk4iB71UxzdyZvBUKUzavPUtWkx-JNiF0N4vMNek5mCThZG_Tk0EwIRzl3SDO-CBsRTBvHSoJfNhvl4aSXjsagfEytgj2aaDIcUXJlmcxMPyR2CR0w8ijJyx4GMXxlmxTOuWmdQyshHJT-P5fzXZned3WbZdw8VRsR-vFREj0GTwMCAdOB2hu8GAkXaDSklb6e-JnKHtFBsOAIgJf3AZnYIRacmrWtM-ZbYdZyonSWhOT8e-o2zRyzb3C-V2_krmpacCi-68Xtr0s7yDF0g1Ldsfw6Cjj80fuEYgdGqU-aiNG1qEias9GgARSlM0cp2lg_6GjHn0aJixhe6bvD7DlI00yLKg7Tr54F-7zUA6Um2QUZA-4x32Fwj-OHuuN-JgQvpBlYMbr-0tJyLO79g4zcZe4eychlwFWwf8yC_5kNEJJgUgSSqxP3gJUFjmz_9KmMdq6rD32SriJONvU_NSrbVbNjiEhKYmLch51hFWJcHWqs9CMJeVXwgiVHI9XNjpq3EPo75RUY0jNK_OMIeYJxIDEC7a6JIe60fBQ1z8aGPNk0zib1o12p6VzdBvlInP7WaiS6XNqINRpu0BZfvC_kw66IjppBhBf4nyhADee16PNzCc1KkhkgA00T8ZrCR7J1SAhmFWnr-YBqvL86fUMo833YrGl1fhR2jDkCYV8f3EUSUmejE51p7FQrK7QeIUQz2Mp0opgygirkkenTEQzXjcpX3gTIqAXloHd75QhmlQKvdsqyo7GNurmIOPJ850sWLMlox3jylrPzISOl4HPa06io1-NRf_5TXIecPIsc-ul0ZxaS4w3a-y8uUuwt8dXYxG494Z-4VcCDPgVEKqsT52nzGy3vF68WFdG4MtCQpLl-42OyG9uhIj07rXJUmeRie4UwPptX9YqW7fcO1JAYIunB-A1vlENoEqzRtlC6eL4owX6hvkuAmIn88a4qpOnlsDg5zVWnI8uZyUqr-NEdPX9FwQLdePJy2PKBy-MX5yrLjy6fRHyhN3T4et1GBAxZ5QcR2GXaMGJQTXLLmPj2UZDyArjviCbJ26j8QwyK7h4f7hVS8ZsJZ_1vYenTArGEELsz9jKWHMKFNkK_Q9TUnsA7o89XASak&pr=9%3AAAABh8_1lAcXi4WfqyP0eii9nCY56htbhs_jbw&cid=CAQSGwBygQiDoXWWTwfO3ZLNWtDjHYVcE_tPtxIC6xgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoUcGApnNXdoM3dzMXppHBaB3aXO4_Xq_1MWwc65k_7O5rOkAQAcFpaEorL-_uevSRbTiKOB-bXCzZoBABaMwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkIWQhZCFigWKBYoFigWhAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQWgtqkgAQWgIiggAQVGBwUtAEUsAsAFQQmhAEWhAEWhAERNQ4mhAE0AgAsLBbqjbqnzvL95CkW7ZmSrOzq-dW7AQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFoLapIAEGAk0NjkzNjUyNzAWisYBFoQBJQQWQhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehS4ARSEBgAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUFoT01XNkJfR0VqUXdDN2N6eXZ0Y3NDVXROY0VNRjZIa2JLWS1na0F6SXpSZ2l6WW9HdjNJNi1PYVBjWmZxRHZsaXVKVHQ0b2FMY29qMWpRcEhVLWhZbDNlTzdGVTlyZG1VMldEZ2tkTTZyeE0yQWpJJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=17382755063370142000&adk=1703591385&idt=138&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:55 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame BA8E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxmWEnWeLv5IygJaWOoBB_IcAjoD2AiE1egY-ENiPBElpUvVjDLvb05qWlt8g8xcVkWC-gorLQl9H_wMIQMM7xZapnz5Y6n4GEELwFnn3t-tHxAeShH_HZM9DIJKID2VSRAvokpeHHDfzNN9shmuiw9xkdnV1Th-J5_ufhMaUhu5tKjCg&dbm_d=AKAmf-DCT_gEmuFoVTLcVA3iOSK-49q7NpbW8wy2BJC1HJUnbJj3MQiGL1wI7REV2LxqzSmZQaWKA8Y8jChyWt-9UVPDWuTwjsoJURcax1mItiBJbhtPDKj4NPJEZmGIVg12nRpuZ6JufTf1AOWBxBqnsRL-AC7ijq45q7y9tB5HMbNpDkoBOpa5jnqSbeuOOzCpjOEuo22AUgMiKh5BKyWxyc2sTXxReZVPh-ZXyMM4AbxKjrt2d4yBPmTWuSlgx_r10zLHBnan5eZ8rHyrSwONYJvyvT_IpZ2XKalGqU4Sx27olUcLWXI_xRVieEE71eRUYPNGoJqwxYOwPxAnLWqtGJDM6Q-YlCVdyUrLWaKa_OJhsIEkwdrbZLk6-rxC7KrGuoKBh1aj0Tn2vnkxg1-0qDhJFcoeAur1IWI2xeDPIkCM4VRNJfD3jrBot-CqhMVQO4tD9eu8zxxeIp5BvFOn-YSxFh44oae_VAZcQuG-AUo_4NMtftegxSVPppv6EUcGaW74zZWh4al46Np3uDhVu4VzWGiS1Q6qGvaCSc5A5wAbLxqyTNmIycLvm4XkBHuXspbG95qjCLy6q1DQ7TXPelzJMgu81xFqwX2LqLqm57WFNTencJnbJb6EUjUTX66DDa4HrBp9xii3bcILbPVu5psex0VxiCqt1U43HycFnk7VefmTykWPlGUJ-9GZ1WgzyEnmfLEaAUd3V4ztwEnd6G53IEttsG0Q8wqmhs1kJYii3KRdKcwkv5sKfSQ4pUvBlnxvAsXwWtpszmMsg7grKejvCYPrrxfYNvFGvFbZPGhZHqFvEMquuz7qMSgfFpxXE1iuWwr6ZQ7Ui_nvOdydX6hz41NqhvxeL1Wz5IA8BhRwQUXF0IZGEQqSHjrz-KveJNTJz-_6fa4ZRVul37W6wDj1cpYvirR6U9TJPuPpSOV-nTXKtBb9dPXI4UPhTT2BK1Bk0nTipp6JiSLSmn0v4hMnjrGvlEZn_bUejizgg47kD1KgvFuQyzPTrf4LHMQYalkfr2jzF1PSOkeQeMIO-BnI-1BvyYwNJF_dXgcpMieMbSFbjMFYGItYi6ivk5ypiIxvk_tWztEriOrXgGiVjG_YgFqpQL6ypaWMS-JNlhchG3wEbJQyHB6mlH1Wr6qRY8-NJqh6YJlHIBFM9J_UWow-C7kTV35G6hJ6QIHO7J8oJSfLnVocxTFhat-pjjJzW5w6PAnZbqW6bYJEoe9DdIfGVmLW1gAWPoCiu3zfm3VAspcDGK9YJNrtQPcBK8AF9nM0ju_AHl3MqGbu4fzuBRl60GCHh4c8tyBJxsHAhyJk80qXscGUK9umSrAedDQbPl2oLkAPHZoC6zSIOvKUFOe_2NbRWJWVH-5X8_IEhgHYCDhtL7T_JFXZXR_CtTeje_TjFwvT1MUL89r7xjXXFu1a9PinkKBt_jCezMv1wFJwJTv3sUeuzQX2mskCFBpS_uyDmn32NF0GoeUGrHbXeO2-60tAt7tcn8xvM8TlCGVv21c5lW2_QYcqupLAhEDBMikEFzCo_eWsSnwSTsXKX7xXQ84rlTdWjQKpSelzXVemZWl6briulf_JsXmilt9jqQMFFr_n4H7qOVFInwVDBOQFr4c7gm131KVCd_s6M1j_Rrc3anf2_yQYdc1qWSIUzv9xZL2BJ6PAUz2DmkY6fJBJkEKzcpV2JjKJ9M-JRGKXa-X88qMukv0VK2ydixzKkALKIIs6QKXb6yrR8CqOss4kz9CtIBdpEvGf3o0XTTT4TShkqAB9lt0B4FzCKYDcxmdxrNa9yFWoioLTTMTNQB-rsS9SXP8GzZ41446EzrgeTe3wYa_qmRGufCGVy5xkXlgO4Z1PY2s1kvK4FvKNyBsSKO1S6hLM0gj5VusEdIxW2o17FRBk4gUExMxkRxVX5egTUvzyQZZXqVhHILJ1UuZW6cFc_xMcd4l7TzAdsM1RupjkrYwN9w_FZC2RkhrT8eiaeH0oNDe0mr0S67Ip2O59LqMNdY0-DME-9wJ9RVvMLZPXc1MNp46J2v_Pn-QfePj4ASnyndf1OCNKPoeXim-NnKU555ldiUL9qS5HLfK5lI_pFA5ghl3Ti8m4TGWg36jyaEWfVqD5ykfIQsk-BiPbi7Wda-AAPWCPhx9HyTcJSdjMSbYTD6-ckmTeC7J9HdGJf0VB_iThUNRCnAlgNNbXgl0FUg4rltNzFcWW8OgPcsAdTmHtXUyYYBFBRF5_cjWiKwchTUNKiZbz_Mk4iB71UxzdyZvBUKUzavPUtWkx-JNiF0N4vMNek5mCThZG_Tk0EwIRzl3SDO-CBsRTBvHSoJfNhvl4aSXjsagfEytgj2aaDIcUXJlmcxMPyR2CR0w8ijJyx4GMXxlmxTOuWmdQyshHJT-P5fzXZned3WbZdw8VRsR-vFREj0GTwMCAdOB2hu8GAkXaDSklb6e-JnKHtFBsOAIgJf3AZnYIRacmrWtM-ZbYdZyonSWhOT8e-o2zRyzb3C-V2_krmpacCi-68Xtr0s7yDF0g1Ldsfw6Cjj80fuEYgdGqU-aiNG1qEias9GgARSlM0cp2lg_6GjHn0aJixhe6bvD7DlI00yLKg7Tr54F-7zUA6Um2QUZA-4x32Fwj-OHuuN-JgQvpBlYMbr-0tJyLO79g4zcZe4eychlwFWwf8yC_5kNEJJgUgSSqxP3gJUFjmz_9KmMdq6rD32SriJONvU_NSrbVbNjiEhKYmLch51hFWJcHWqs9CMJeVXwgiVHI9XNjpq3EPo75RUY0jNK_OMIeYJxIDEC7a6JIe60fBQ1z8aGPNk0zib1o12p6VzdBvlInP7WaiS6XNqINRpu0BZfvC_kw66IjppBhBf4nyhADee16PNzCc1KkhkgA00T8ZrCR7J1SAhmFWnr-YBqvL86fUMo833YrGl1fhR2jDkCYV8f3EUSUmejE51p7FQrK7QeIUQz2Mp0opgygirkkenTEQzXjcpX3gTIqAXloHd75QhmlQKvdsqyo7GNurmIOPJ850sWLMlox3jylrPzISOl4HPa06io1-NRf_5TXIecPIsc-ul0ZxaS4w3a-y8uUuwt8dXYxG494Z-4VcCDPgVEKqsT52nzGy3vF68WFdG4MtCQpLl-42OyG9uhIj07rXJUmeRie4UwPptX9YqW7fcO1JAYIunB-A1vlENoEqzRtlC6eL4owX6hvkuAmIn88a4qpOnlsDg5zVWnI8uZyUqr-NEdPX9FwQLdePJy2PKBy-MX5yrLjy6fRHyhN3T4et1GBAxZ5QcR2GXaMGJQTXLLmPj2UZDyArjviCbJ26j8QwyK7h4f7hVS8ZsJZ_1vYenTArGEELsz9jKWHMKFNkK_Q9TUnsA7o89XASak&pr=9%3AAAABh8_1lAcXi4WfqyP0eii9nCY56htbhs_jbw&cid=CAQSGwBygQiDoXWWTwfO3ZLNWtDjHYVcE_tPtxIC6xgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoUcGApnNXdoM3dzMXppHBaB3aXO4_Xq_1MWwc65k_7O5rOkAQAcFpaEorL-_uevSRbTiKOB-bXCzZoBABaMwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkIWQhZCFigWKBYoFigWhAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQWgtqkgAQWgIiggAQVGBwUtAEUsAsAFQQmhAEWhAEWhAERNQ4mhAE0AgAsLBbqjbqnzvL95CkW7ZmSrOzq-dW7AQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFoLapIAEGAk0NjkzNjUyNzAWisYBFoQBJQQWQhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehS4ARSEBgAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUFoT01XNkJfR0VqUXdDN2N6eXZ0Y3NDVXROY0VNRjZIa2JLWS1na0F6SXpSZ2l6WW9HdjNJNi1PYVBjWmZxRHZsaXVKVHQ0b2FMY29qMWpRcEhVLWhZbDNlTzdGVTlyZG1VMldEZ2tkTTZyeE0yQWpJJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=17382755063370142000&adk=1703591385&idt=138&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
22494
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame BA8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfIN9f-FBLeY-oy2GAnXVIm8AX7ohhQPuxaxVLa7NlBZkdAM2ls1L0kAz9j1TMX-tpKgekEr0QoCQlWutU_Awx78DtWqGmplhCA1L3LYFyrx_SzqI6hGSHFRE6bVjjrdFWjZwFNbPCoNMzJJZVmJNj9rzVdhYPBjA9Qbdec0w0Atp-h5su6xDJ2dl6OcVM2Y10AJ3ID4nzaFhdKwrx_nT8iwgCzZu0vNjB0d7n74khHfjTHno8ss15u0IX1XuAtqq--YkgEm7wPBDWj1xNVqvdOOAfkd-raNm7px14AlgnqWX5CXqfgPh_-Cg5AbuIFsic4ygUYwFD1LXbTEcOqvfA8QL1weYpKOLlfPtD00QxNI5KSK8O6nJEKP5Up95MjuHE_qWjCseI28k77pYwA-eC6N-W55phtjKBdh09IcvwRfX6rxbGVogIgy-3VQHmw3jmU1KV0cz3Zc2U0XvtokAUgOsBlVk9x3FOV6rkS1KFJ1DGFOPTkZKzzb0vlZhDPMs87Q9J1Y5lI9OtpmxwRbx5x2tthvrk8RLfcj8Cbpvf3c8b3_mBCVp5fHF2B06Cst6Nv31NrxP9UcNz5kZKEjtG2kH3gSY_Db9032bZx7enGeOYdkhX3nK51maqtbLhVWbjpfGGhJw5W6rep8JAcnkEeIBRRR4Ruq9ZhyjMhuZ_rD4Y7lO68oxzeAYFes0gKb4Qi1XcNSZrJJYHYLn9l_Cm9ECs0sYDxaGGB9qpATfgwHGaQ3EhLMlVS-g99UOoEdeZr91ggY7ttancCAbmQDIcz0qYDy5DJTZ_MfbH7GfiqD5mI6N4jtu4kFEYF4pUvyx1vypgR5b9e8PkFFx_lkbUMIm1GVoeRNSVUHQTf9b78L53AXvey_8h-oH1pPeDsfakKG75QV1DoDETyF5TBOB6puyrxhpArPFNAONRTL4doFCmwt0vNvzZ7MyZudnOZg7Wd5rqPRJxzAOs3pOlygL1IzMIh2ZaDh9K45f33YKp003ftgQEeaWlKXAxKjARsbckzQtA_FPiVnw8Q6cblfSZovFtoyKpH-T8k1LUpkNl89XkpN1EMvAefkEdutlkOQtk0Zzs_WL5-X6QfIqXOU9Yh87d550ONXUVelIxs3P_PfiqpIW3BFEWcnC8lpJ7TlwXRI74rGt4BsYK9OsOVl0ORDp5p6NcdLQne8hof4NTQfAd1NdQlZSbd_Ug&sai=AMfl-YQSUiAH-0xoutTqbKS0FJERGP0Zug4x7DcZTV0fFmokJ_aFrZWejH5iRpAwVEsDpBGD6BsBpUzEQHGV_2uFmPo-DiqBDDSICJ3W8VXl3u3vMx-i9rtIG9a_vQE8rZZv4MkTtEvHIFlyXI5NIvOoy-IdqYa_9fYpYgrSVgLLnnnLZKZZpY8&sig=Cg0ArKJSzKJePzwzH0VeEAE&uach_m=[UACH]&pr=9:AAABh8_1lAcXi4WfqyP0eii9nCY56htbhs_jbw&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230426.95774&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxmWEnWeLv5IygJaWOoBB_IcAjoD2AiE1egY-ENiPBElpUvVjDLvb05qWlt8g8xcVkWC-gorLQl9H_wMIQMM7xZapnz5Y6n4GEELwFnn3t-tHxAeShH_HZM9DIJKID2VSRAvokpeHHDfzNN9shmuiw9xkdnV1Th-J5_ufhMaUhu5tKjCg&dbm_d=AKAmf-DCT_gEmuFoVTLcVA3iOSK-49q7NpbW8wy2BJC1HJUnbJj3MQiGL1wI7REV2LxqzSmZQaWKA8Y8jChyWt-9UVPDWuTwjsoJURcax1mItiBJbhtPDKj4NPJEZmGIVg12nRpuZ6JufTf1AOWBxBqnsRL-AC7ijq45q7y9tB5HMbNpDkoBOpa5jnqSbeuOOzCpjOEuo22AUgMiKh5BKyWxyc2sTXxReZVPh-ZXyMM4AbxKjrt2d4yBPmTWuSlgx_r10zLHBnan5eZ8rHyrSwONYJvyvT_IpZ2XKalGqU4Sx27olUcLWXI_xRVieEE71eRUYPNGoJqwxYOwPxAnLWqtGJDM6Q-YlCVdyUrLWaKa_OJhsIEkwdrbZLk6-rxC7KrGuoKBh1aj0Tn2vnkxg1-0qDhJFcoeAur1IWI2xeDPIkCM4VRNJfD3jrBot-CqhMVQO4tD9eu8zxxeIp5BvFOn-YSxFh44oae_VAZcQuG-AUo_4NMtftegxSVPppv6EUcGaW74zZWh4al46Np3uDhVu4VzWGiS1Q6qGvaCSc5A5wAbLxqyTNmIycLvm4XkBHuXspbG95qjCLy6q1DQ7TXPelzJMgu81xFqwX2LqLqm57WFNTencJnbJb6EUjUTX66DDa4HrBp9xii3bcILbPVu5psex0VxiCqt1U43HycFnk7VefmTykWPlGUJ-9GZ1WgzyEnmfLEaAUd3V4ztwEnd6G53IEttsG0Q8wqmhs1kJYii3KRdKcwkv5sKfSQ4pUvBlnxvAsXwWtpszmMsg7grKejvCYPrrxfYNvFGvFbZPGhZHqFvEMquuz7qMSgfFpxXE1iuWwr6ZQ7Ui_nvOdydX6hz41NqhvxeL1Wz5IA8BhRwQUXF0IZGEQqSHjrz-KveJNTJz-_6fa4ZRVul37W6wDj1cpYvirR6U9TJPuPpSOV-nTXKtBb9dPXI4UPhTT2BK1Bk0nTipp6JiSLSmn0v4hMnjrGvlEZn_bUejizgg47kD1KgvFuQyzPTrf4LHMQYalkfr2jzF1PSOkeQeMIO-BnI-1BvyYwNJF_dXgcpMieMbSFbjMFYGItYi6ivk5ypiIxvk_tWztEriOrXgGiVjG_YgFqpQL6ypaWMS-JNlhchG3wEbJQyHB6mlH1Wr6qRY8-NJqh6YJlHIBFM9J_UWow-C7kTV35G6hJ6QIHO7J8oJSfLnVocxTFhat-pjjJzW5w6PAnZbqW6bYJEoe9DdIfGVmLW1gAWPoCiu3zfm3VAspcDGK9YJNrtQPcBK8AF9nM0ju_AHl3MqGbu4fzuBRl60GCHh4c8tyBJxsHAhyJk80qXscGUK9umSrAedDQbPl2oLkAPHZoC6zSIOvKUFOe_2NbRWJWVH-5X8_IEhgHYCDhtL7T_JFXZXR_CtTeje_TjFwvT1MUL89r7xjXXFu1a9PinkKBt_jCezMv1wFJwJTv3sUeuzQX2mskCFBpS_uyDmn32NF0GoeUGrHbXeO2-60tAt7tcn8xvM8TlCGVv21c5lW2_QYcqupLAhEDBMikEFzCo_eWsSnwSTsXKX7xXQ84rlTdWjQKpSelzXVemZWl6briulf_JsXmilt9jqQMFFr_n4H7qOVFInwVDBOQFr4c7gm131KVCd_s6M1j_Rrc3anf2_yQYdc1qWSIUzv9xZL2BJ6PAUz2DmkY6fJBJkEKzcpV2JjKJ9M-JRGKXa-X88qMukv0VK2ydixzKkALKIIs6QKXb6yrR8CqOss4kz9CtIBdpEvGf3o0XTTT4TShkqAB9lt0B4FzCKYDcxmdxrNa9yFWoioLTTMTNQB-rsS9SXP8GzZ41446EzrgeTe3wYa_qmRGufCGVy5xkXlgO4Z1PY2s1kvK4FvKNyBsSKO1S6hLM0gj5VusEdIxW2o17FRBk4gUExMxkRxVX5egTUvzyQZZXqVhHILJ1UuZW6cFc_xMcd4l7TzAdsM1RupjkrYwN9w_FZC2RkhrT8eiaeH0oNDe0mr0S67Ip2O59LqMNdY0-DME-9wJ9RVvMLZPXc1MNp46J2v_Pn-QfePj4ASnyndf1OCNKPoeXim-NnKU555ldiUL9qS5HLfK5lI_pFA5ghl3Ti8m4TGWg36jyaEWfVqD5ykfIQsk-BiPbi7Wda-AAPWCPhx9HyTcJSdjMSbYTD6-ckmTeC7J9HdGJf0VB_iThUNRCnAlgNNbXgl0FUg4rltNzFcWW8OgPcsAdTmHtXUyYYBFBRF5_cjWiKwchTUNKiZbz_Mk4iB71UxzdyZvBUKUzavPUtWkx-JNiF0N4vMNek5mCThZG_Tk0EwIRzl3SDO-CBsRTBvHSoJfNhvl4aSXjsagfEytgj2aaDIcUXJlmcxMPyR2CR0w8ijJyx4GMXxlmxTOuWmdQyshHJT-P5fzXZned3WbZdw8VRsR-vFREj0GTwMCAdOB2hu8GAkXaDSklb6e-JnKHtFBsOAIgJf3AZnYIRacmrWtM-ZbYdZyonSWhOT8e-o2zRyzb3C-V2_krmpacCi-68Xtr0s7yDF0g1Ldsfw6Cjj80fuEYgdGqU-aiNG1qEias9GgARSlM0cp2lg_6GjHn0aJixhe6bvD7DlI00yLKg7Tr54F-7zUA6Um2QUZA-4x32Fwj-OHuuN-JgQvpBlYMbr-0tJyLO79g4zcZe4eychlwFWwf8yC_5kNEJJgUgSSqxP3gJUFjmz_9KmMdq6rD32SriJONvU_NSrbVbNjiEhKYmLch51hFWJcHWqs9CMJeVXwgiVHI9XNjpq3EPo75RUY0jNK_OMIeYJxIDEC7a6JIe60fBQ1z8aGPNk0zib1o12p6VzdBvlInP7WaiS6XNqINRpu0BZfvC_kw66IjppBhBf4nyhADee16PNzCc1KkhkgA00T8ZrCR7J1SAhmFWnr-YBqvL86fUMo833YrGl1fhR2jDkCYV8f3EUSUmejE51p7FQrK7QeIUQz2Mp0opgygirkkenTEQzXjcpX3gTIqAXloHd75QhmlQKvdsqyo7GNurmIOPJ850sWLMlox3jylrPzISOl4HPa06io1-NRf_5TXIecPIsc-ul0ZxaS4w3a-y8uUuwt8dXYxG494Z-4VcCDPgVEKqsT52nzGy3vF68WFdG4MtCQpLl-42OyG9uhIj07rXJUmeRie4UwPptX9YqW7fcO1JAYIunB-A1vlENoEqzRtlC6eL4owX6hvkuAmIn88a4qpOnlsDg5zVWnI8uZyUqr-NEdPX9FwQLdePJy2PKBy-MX5yrLjy6fRHyhN3T4et1GBAxZ5QcR2GXaMGJQTXLLmPj2UZDyArjviCbJ26j8QwyK7h4f7hVS8ZsJZ_1vYenTArGEELsz9jKWHMKFNkK_Q9TUnsA7o89XASak&pr=9%3AAAABh8_1lAcXi4WfqyP0eii9nCY56htbhs_jbw&cid=CAQSGwBygQiDoXWWTwfO3ZLNWtDjHYVcE_tPtxIC6xgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoUcGApnNXdoM3dzMXppHBaB3aXO4_Xq_1MWwc65k_7O5rOkAQAcFpaEorL-_uevSRbTiKOB-bXCzZoBABaMwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkIWQhZCFigWKBYoFigWhAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQWgtqkgAQWgIiggAQVGBwUtAEUsAsAFQQmhAEWhAEWhAERNQ4mhAE0AgAsLBbqjbqnzvL95CkW7ZmSrOzq-dW7AQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFoLapIAEGAk0NjkzNjUyNzAWisYBFoQBJQQWQhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehS4ARSEBgAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUFoT01XNkJfR0VqUXdDN2N6eXZ0Y3NDVXROY0VNRjZIa2JLWS1na0F6SXpSZ2l6WW9HdjNJNi1PYVBjWmZxRHZsaXVKVHQ0b2FMY29qMWpRcEhVLWhZbDNlTzdGVTlyZG1VMldEZ2tkTTZyeE0yQWpJJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=17382755063370142000&adk=1703591385&idt=138&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 30 Apr 2023 02:19:55 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BA8E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxmWEnWeLv5IygJaWOoBB_IcAjoD2AiE1egY-ENiPBElpUvVjDLvb05qWlt8g8xcVkWC-gorLQl9H_wMIQMM7xZapnz5Y6n4GEELwFnn3t-tHxAeShH_HZM9DIJKID2VSRAvokpeHHDfzNN9shmuiw9xkdnV1Th-J5_ufhMaUhu5tKjCg&dbm_d=AKAmf-DCT_gEmuFoVTLcVA3iOSK-49q7NpbW8wy2BJC1HJUnbJj3MQiGL1wI7REV2LxqzSmZQaWKA8Y8jChyWt-9UVPDWuTwjsoJURcax1mItiBJbhtPDKj4NPJEZmGIVg12nRpuZ6JufTf1AOWBxBqnsRL-AC7ijq45q7y9tB5HMbNpDkoBOpa5jnqSbeuOOzCpjOEuo22AUgMiKh5BKyWxyc2sTXxReZVPh-ZXyMM4AbxKjrt2d4yBPmTWuSlgx_r10zLHBnan5eZ8rHyrSwONYJvyvT_IpZ2XKalGqU4Sx27olUcLWXI_xRVieEE71eRUYPNGoJqwxYOwPxAnLWqtGJDM6Q-YlCVdyUrLWaKa_OJhsIEkwdrbZLk6-rxC7KrGuoKBh1aj0Tn2vnkxg1-0qDhJFcoeAur1IWI2xeDPIkCM4VRNJfD3jrBot-CqhMVQO4tD9eu8zxxeIp5BvFOn-YSxFh44oae_VAZcQuG-AUo_4NMtftegxSVPppv6EUcGaW74zZWh4al46Np3uDhVu4VzWGiS1Q6qGvaCSc5A5wAbLxqyTNmIycLvm4XkBHuXspbG95qjCLy6q1DQ7TXPelzJMgu81xFqwX2LqLqm57WFNTencJnbJb6EUjUTX66DDa4HrBp9xii3bcILbPVu5psex0VxiCqt1U43HycFnk7VefmTykWPlGUJ-9GZ1WgzyEnmfLEaAUd3V4ztwEnd6G53IEttsG0Q8wqmhs1kJYii3KRdKcwkv5sKfSQ4pUvBlnxvAsXwWtpszmMsg7grKejvCYPrrxfYNvFGvFbZPGhZHqFvEMquuz7qMSgfFpxXE1iuWwr6ZQ7Ui_nvOdydX6hz41NqhvxeL1Wz5IA8BhRwQUXF0IZGEQqSHjrz-KveJNTJz-_6fa4ZRVul37W6wDj1cpYvirR6U9TJPuPpSOV-nTXKtBb9dPXI4UPhTT2BK1Bk0nTipp6JiSLSmn0v4hMnjrGvlEZn_bUejizgg47kD1KgvFuQyzPTrf4LHMQYalkfr2jzF1PSOkeQeMIO-BnI-1BvyYwNJF_dXgcpMieMbSFbjMFYGItYi6ivk5ypiIxvk_tWztEriOrXgGiVjG_YgFqpQL6ypaWMS-JNlhchG3wEbJQyHB6mlH1Wr6qRY8-NJqh6YJlHIBFM9J_UWow-C7kTV35G6hJ6QIHO7J8oJSfLnVocxTFhat-pjjJzW5w6PAnZbqW6bYJEoe9DdIfGVmLW1gAWPoCiu3zfm3VAspcDGK9YJNrtQPcBK8AF9nM0ju_AHl3MqGbu4fzuBRl60GCHh4c8tyBJxsHAhyJk80qXscGUK9umSrAedDQbPl2oLkAPHZoC6zSIOvKUFOe_2NbRWJWVH-5X8_IEhgHYCDhtL7T_JFXZXR_CtTeje_TjFwvT1MUL89r7xjXXFu1a9PinkKBt_jCezMv1wFJwJTv3sUeuzQX2mskCFBpS_uyDmn32NF0GoeUGrHbXeO2-60tAt7tcn8xvM8TlCGVv21c5lW2_QYcqupLAhEDBMikEFzCo_eWsSnwSTsXKX7xXQ84rlTdWjQKpSelzXVemZWl6briulf_JsXmilt9jqQMFFr_n4H7qOVFInwVDBOQFr4c7gm131KVCd_s6M1j_Rrc3anf2_yQYdc1qWSIUzv9xZL2BJ6PAUz2DmkY6fJBJkEKzcpV2JjKJ9M-JRGKXa-X88qMukv0VK2ydixzKkALKIIs6QKXb6yrR8CqOss4kz9CtIBdpEvGf3o0XTTT4TShkqAB9lt0B4FzCKYDcxmdxrNa9yFWoioLTTMTNQB-rsS9SXP8GzZ41446EzrgeTe3wYa_qmRGufCGVy5xkXlgO4Z1PY2s1kvK4FvKNyBsSKO1S6hLM0gj5VusEdIxW2o17FRBk4gUExMxkRxVX5egTUvzyQZZXqVhHILJ1UuZW6cFc_xMcd4l7TzAdsM1RupjkrYwN9w_FZC2RkhrT8eiaeH0oNDe0mr0S67Ip2O59LqMNdY0-DME-9wJ9RVvMLZPXc1MNp46J2v_Pn-QfePj4ASnyndf1OCNKPoeXim-NnKU555ldiUL9qS5HLfK5lI_pFA5ghl3Ti8m4TGWg36jyaEWfVqD5ykfIQsk-BiPbi7Wda-AAPWCPhx9HyTcJSdjMSbYTD6-ckmTeC7J9HdGJf0VB_iThUNRCnAlgNNbXgl0FUg4rltNzFcWW8OgPcsAdTmHtXUyYYBFBRF5_cjWiKwchTUNKiZbz_Mk4iB71UxzdyZvBUKUzavPUtWkx-JNiF0N4vMNek5mCThZG_Tk0EwIRzl3SDO-CBsRTBvHSoJfNhvl4aSXjsagfEytgj2aaDIcUXJlmcxMPyR2CR0w8ijJyx4GMXxlmxTOuWmdQyshHJT-P5fzXZned3WbZdw8VRsR-vFREj0GTwMCAdOB2hu8GAkXaDSklb6e-JnKHtFBsOAIgJf3AZnYIRacmrWtM-ZbYdZyonSWhOT8e-o2zRyzb3C-V2_krmpacCi-68Xtr0s7yDF0g1Ldsfw6Cjj80fuEYgdGqU-aiNG1qEias9GgARSlM0cp2lg_6GjHn0aJixhe6bvD7DlI00yLKg7Tr54F-7zUA6Um2QUZA-4x32Fwj-OHuuN-JgQvpBlYMbr-0tJyLO79g4zcZe4eychlwFWwf8yC_5kNEJJgUgSSqxP3gJUFjmz_9KmMdq6rD32SriJONvU_NSrbVbNjiEhKYmLch51hFWJcHWqs9CMJeVXwgiVHI9XNjpq3EPo75RUY0jNK_OMIeYJxIDEC7a6JIe60fBQ1z8aGPNk0zib1o12p6VzdBvlInP7WaiS6XNqINRpu0BZfvC_kw66IjppBhBf4nyhADee16PNzCc1KkhkgA00T8ZrCR7J1SAhmFWnr-YBqvL86fUMo833YrGl1fhR2jDkCYV8f3EUSUmejE51p7FQrK7QeIUQz2Mp0opgygirkkenTEQzXjcpX3gTIqAXloHd75QhmlQKvdsqyo7GNurmIOPJ850sWLMlox3jylrPzISOl4HPa06io1-NRf_5TXIecPIsc-ul0ZxaS4w3a-y8uUuwt8dXYxG494Z-4VcCDPgVEKqsT52nzGy3vF68WFdG4MtCQpLl-42OyG9uhIj07rXJUmeRie4UwPptX9YqW7fcO1JAYIunB-A1vlENoEqzRtlC6eL4owX6hvkuAmIn88a4qpOnlsDg5zVWnI8uZyUqr-NEdPX9FwQLdePJy2PKBy-MX5yrLjy6fRHyhN3T4et1GBAxZ5QcR2GXaMGJQTXLLmPj2UZDyArjviCbJ26j8QwyK7h4f7hVS8ZsJZ_1vYenTArGEELsz9jKWHMKFNkK_Q9TUnsA7o89XASak&pr=9%3AAAABh8_1lAcXi4WfqyP0eii9nCY56htbhs_jbw&cid=CAQSGwBygQiDoXWWTwfO3ZLNWtDjHYVcE_tPtxIC6xgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoUcGApnNXdoM3dzMXppHBaB3aXO4_Xq_1MWwc65k_7O5rOkAQAcFpaEorL-_uevSRbTiKOB-bXCzZoBABaMwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkIWQhZCFigWKBYoFigWhAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQWgtqkgAQWgIiggAQVGBwUtAEUsAsAFQQmhAEWhAEWhAERNQ4mhAE0AgAsLBbqjbqnzvL95CkW7ZmSrOzq-dW7AQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFoLapIAEGAk0NjkzNjUyNzAWisYBFoQBJQQWQhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehS4ARSEBgAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUFoT01XNkJfR0VqUXdDN2N6eXZ0Y3NDVXROY0VNRjZIa2JLWS1na0F6SXpSZ2l6WW9HdjNJNi1PYVBjWmZxRHZsaXVKVHQ0b2FMY29qMWpRcEhVLWhZbDNlTzdGVTlyZG1VMldEZ2tkTTZyeE0yQWpJJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=17382755063370142000&adk=1703591385&idt=138&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32064
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 17:25:31 GMT
mw
mwzeom.zeotap.com/ Frame 41E8 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=f79fdf4b-5c12-40ae-4e10-0d404cced208&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d78b941a1f2-YYZ
access-control-allow-headers
*
content-length
95
impression
ads62.adtelligent.com/tracking/ Frame 2F32 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/impression?creativeType=&inViewEnabled=undefined&inViewEvent=undefined&inViewSec=undefined&width=0&height=0&cmpId=483421&nestedLevel=0&tti=1590&ttiFromStart=427&isHeadless=false&adid=3E5578E936E6D02F&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6D02F&aid=724993&cb=750714413
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame FA0E 		631 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54770247&p=159110&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0daecfd72e20d17ad9731113b50578cd3ba20ff5f04bd1b4f728236211b04a1a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 30 Apr 2023 02:19:54 GMT
content-length
631
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D221
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&gdpr=0&redir=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1rYTFRczZCRTJ1SFBHZmxMSWhSNF9hSGlhbHVpbG8uX35B&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1rYTFRczZCRTJ1SFBHZmxMSWhSNF9hSGlhbHVpbG8uX35B&gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNWioxqoE4qSG_vn1zvIW40H-dRLpVNOyl3fLmLS0UgDQ0x49vYEqztvFdkOTVsIB-Ef6v0-76YTxFrHgh4fxzwMXhzwgH38YzTt9uslrmnZzwF-ANI
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1rYTFRczZCRTJ1SFBHZmxMSWhSNF9hSGlhbHVpbG8uX35B&gdpr=0
date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ibs:dpid=771&dpuuid=CAESEIMXXLl8B62eBmdsI6ji_DM&google_cver=1
dpm.demdex.net/ Frame D221
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIMXXLl8B62eBmdsI6ji_DM&google_cver=1?gdpr=0
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIMXXLl8B62eBmdsI6ji_DM&google_cver=1?gdpr=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjN6OffATAB&v=APEucNWioxqoE4qSG_vn1zvIW40H-dRLpVNOyl3fLmLS0UgDQ0x49vYEqztvFdkOTVsIB-Ef6v0-76YTxFrHgh4fxzwMXhzwgH38YzTt9uslrmnZzwF-ANI
Protocol
HTTP/1.1
Server
44.198.21.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-21-48.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v047-0f4486c53.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
W1idaRUpTxQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIMXXLl8B62eBmdsI6ji_DM&google_cver=1?gdpr=0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 227E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7906230784814628655
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7906230784814628655
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D5c6c647b53171dd3%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
659230d5-2da4-41cd-a90d-eb4a7b199bf9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7906230784814628655
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 227E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAjOU7Im6EAACBud1f_9Q&expiration=1684030795
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAjOU7Im6EAACBud1f_9Q&expiration=1684030795
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D5c6c647b53171dd3%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAAjOU7Im6EAACBud1f_9Q&expiration=1684030795
Date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 227E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3QSAAGdt3yhgA9
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3QSAAGdt3yhgA9
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D5c6c647b53171dd3%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-yyz4560-YYZ
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682821196.138088,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZE3QSAAGdt3yhgA9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 227E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D5c6c647b53171dd3%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
MT3 830 785530e master ord-pixel-x50 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 02:19:55 GMT
crum
dsum-sec.casalemedia.com/ Frame 227E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4139660057828765566&expiration=1684030796
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4139660057828765566&expiration=1684030796
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D5c6c647b53171dd3%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=4139660057828765566&expiration=1684030796
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum.casalemedia.com/ Frame 227E
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=7fd7cc0b-465c-4695-8bfe-08207b90870e
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=7fd7cc0b-465c-4695-8bfe-08207b90870e
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D5c6c647b53171dd3%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:46 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=7fd7cc0b-465c-4695-8bfe-08207b90870e
cache-control
private,no-cache
content-length
222
expires
-1
crum
dsum.casalemedia.com/ Frame 227E
Redirect Chain
  • https://match.deepintent.com/usersync/113
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_bb7fe3469a6e4f3c81420
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_bb7fe3469a6e4f3c81420
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D5c6c647b53171dd3%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_bb7fe3469a6e4f3c81420
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
crum
dsum-sec.casalemedia.com/ Frame 227E
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=63a13001-1751-4eb2-a70a-aa6ea39a6000&expiration=1714443596
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=63a13001-1751-4eb2-a70a-aa6ea39a6000&expiration=1714443596
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D5c6c647b53171dd3%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=63a13001-1751-4eb2-a70a-aa6ea39a6000&expiration=1714443596
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
um
u-iad04.e-planning.net/ Frame 227E 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=5c6c647b53171dd3&uid=ZE3QSKiBZz7mrFv9ttLKygAA%261459
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D5c6c647b53171dd3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:56 GMT
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame EAC6 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 17:49:36 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=55759
content-length
10020
expires
Sun, 30 Apr 2023 17:49:14 GMT
prebid
id5-sync.com/api/config/ 		135 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		108 B
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
7eba2d1aee4ce3a8fdc009639f3f545abe7dace06663d15651555b01f7bad873

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 30 May 2023 02:19:55 GMT
sync
eb2.3lift.com/ Frame 95F4 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
1ae977aeb162a1ae38e0b0d77dd9197e4311dd569ca9fed5a65ab67a67304852

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1270
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
us-u.openx.net/w/1.0/ Frame 7F4E 		823 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6aebeeb6bf1ba8322c350b3c1af7b20059e35ace343c7afdc4be63fa73f83f65

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
491
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
checksync.php
contextual.media.net/ Frame 976F 		37 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b210a349897ccfa6438232313c7ca253103e9c49d7dc5a27cbb77739649b8c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
12269
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:55 GMT
expires
Tue, 02 May 2023 02:19:55 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
s.adtelligent.com/ Frame 8432 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.90 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4d103aa6459418648cbe913c21965506dec88b052033c15ece5c5800e39f7e34

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
943
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Adtelligent
X-Robots-Tag
noindex
beacon
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13413210
  • https://ce.lijit.com/beacon?informer=13413210
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13413210
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
5dfe43a24f1392a0ea547b694951366354468b92f2ebfb4ef1881f8c043e2a94

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
1069
Content-Type
text/html
Date
Sun, 30 Apr 2023 02:19:55 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13413210
sspmatch-iframe
ads.betweendigital.com/ Frame 2FCF 		604 B
774 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
010e56690a5c7cda58de0835bf7f553df2c11f4b3dfe38b2a28600e57a920596

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
604
content-type
text/html
sync-all.html
adxbid.info/ Frame 7912 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b4ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
034fecfb35c0ab9c11987eb422fa877340902626e79f77ceb52da51894356e1b

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7bfc4d7a5d5718f2-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:55 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AMtcBSwycj0ky9tDo%2B%2B%2BhAcxICU0aGxrQOuW363HQIueeGXNaFbpks4fuaxIIxQQmcd65n2xdj3U%2F35iF6rsF9MqzutROxhJlz6mqoyEuE34zuFL7Hx%2BO%2ByHLb8YgX2JfVMBmMROdjqu%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sync
eb2.3lift.com/ Frame A088 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
1ae977aeb162a1ae38e0b0d77dd9197e4311dd569ca9fed5a65ab67a67304852

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1270
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pd
us-u.openx.net/w/1.0/ Frame 7CC8 		823 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
6aebeeb6bf1ba8322c350b3c1af7b20059e35ace343c7afdc4be63fa73f83f65

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
491
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ce.lijit.com/ Frame E493
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13413210
  • https://ce.lijit.com/beacon?informer=13413210
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13413210
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
14c479e76866a9044b466ca184294cceec6728f3b81c0ec8f2f501312247d7ae

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
1067
Content-Type
text/html
Date
Sun, 30 Apr 2023 02:19:55 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13413210
sspmatch-iframe
ads.betweendigital.com/ Frame FC84 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
sync
eb2.3lift.com/ Frame 222E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
1ae977aeb162a1ae38e0b0d77dd9197e4311dd569ca9fed5a65ab67a67304852

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1270
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame 244E 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1682821191911
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sspmatch-iframe
ads.betweendigital.com/ Frame 8266 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
sync
eb2.3lift.com/ Frame 4251 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
0adad93e9361da7b723fe7331f055359aa69baf37b6aecd98cf5a8d238a3492d

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1250
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
csync
sync.adtelligent.com/ Frame 6010
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
43 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:54 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
c22cb9df-9b6b-4058-ad48-bbf5bae4566f
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 30 Apr 2023 02:19:55 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7906230784814628655
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
pd
us-u.openx.net/w/1.0/ Frame 8F6F 		1 KB
673 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0d163df83c666ecaacb3dfb44ff300031b8581c194d107d276b7808432307c12

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
654
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
beacon
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13413210
  • https://ce.lijit.com/beacon?informer=13413210
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13413210
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
44bd9bc6aed7818f4de86e2df1a0684fcf3265ade3e502076c3d8cc41f77d993

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
1070
Content-Type
text/html
Date
Sun, 30 Apr 2023 02:19:55 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13413210
pd
us-u.openx.net/w/1.0/ Frame 89B3 		1 KB
673 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0d163df83c666ecaacb3dfb44ff300031b8581c194d107d276b7808432307c12

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
654
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
us-u.openx.net/w/1.0/ Frame 341B 		1 KB
673 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0d163df83c666ecaacb3dfb44ff300031b8581c194d107d276b7808432307c12

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
654
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
us-u.openx.net/w/1.0/ Frame BBCE 		1 KB
673 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0d163df83c666ecaacb3dfb44ff300031b8581c194d107d276b7808432307c12

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
654
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame 34DD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
0adad93e9361da7b723fe7331f055359aa69baf37b6aecd98cf5a8d238a3492d

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1250
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
ads.us.e-planning.net/uspd/1/ Frame 0CA1 		1 KB
922 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
f875fd7b83a150ab400d3a8001a78e3fd605e37fec4e2ab179c5699b7adbd444

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
expires
Sun, 30 Apr 2023 02:19:55 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1212
beacon
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://ap.lijit.com/beacon?informer=13413210
  • https://ce.lijit.com/beacon?informer=13413210
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=13413210
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b22c24181aef4c86592047882219df2c54ed375b8eb626406bfe680932a847d9

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
1064
Content-Type
text/html
Date
Sun, 30 Apr 2023 02:19:55 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon?informer=13413210
sync
eb2.3lift.com/ Frame 94A5 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
0adad93e9361da7b723fe7331f055359aa69baf37b6aecd98cf5a8d238a3492d

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1250
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dsmartadserver
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=109c1fce-ad74-46c0-b5d3-0584821c0883&ssp=smartadserver
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Date
Sun, 30 Apr 2023 02:19:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=169a826d-feb3-09f5-1c8a-f212a79fdc00
43 B
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=169a826d-feb3-09f5-1c8a-f212a79fdc00
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sun, 30 Apr 2023 02:19:55 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=169a826d-feb3-09f5-1c8a-f212a79fdc00
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?&rd=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D91%26partneruserid%3D%23PM_USER_ID%26gdpr%3DPM_GDPR%26gdpr_conse...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
43 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=91&partneruserid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DS...
  • https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2403475317176069061&gdpr=0&gdpr_consent=
68 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2403475317176069061&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
54.205.236.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-236-63.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=98KUz37ype9D3X2sf9ovgeTt&source_user_id=2403475317176069061&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4139660057828765566&gdpr=0&gdpr_consent=
43 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4139660057828765566&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4139660057828765566&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
43 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=75&issi=1&partneruserid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
299
mw
mwzeom.zeotap.com/ Frame 9588 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=a7220e2b-fcdb-4cc6-7f78-df4647c54683&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d7a3c2ca1f2-YYZ
access-control-allow-headers
*
content-length
95
pd
us-u.openx.net/w/1.0/ Frame 0494 		626 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a9dc555be897bfea533415a9c5f7c66cbbee4a0083a7ea7c301355d871db9d29

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
407
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
googleads4.g.doubleclick.net/pcs/ Frame EBD5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu5R0CHYqp9iDlhLyeAXzeUn_Qx-iVRhHimd4p3u7_SQ0GovCSfJTER84EU4JJQMUIhiH1bWxJJ5oYagrpzzTxSESw3BP6qCQHG0WnfBwLmEbjan2JAWAXcFErA1wpRYt-tY4gdYmdgVoA37NTP0zsF4MQoricl73Rr5EFQ55itnrVsOIekHA5h-U6rotWqkjYQY5HpF8CaP1nSyjbpaTuEHc28lxsrzFN655zke6syCJHI8sCBx3Myoq98q_N7JwCdg0pqY4roiJZcXPeBv6eqb8K-4V-lw5h_oMMqmB2rVSYSet-n_Qm1AtOE_ojlUqgx7-fDrr0xVctlOcUMiHA00Mrws7Kr5es6TgOTUw9Ce-LDc7LPJalhabH9_V3hvffwckkz1EHkNQCC9TMV-x_E8vn_4Q2DwPiZ71gj3SwDiaSrvi7lx19LccfgWwYUS7Z13y6yf4biOdvAToHyBKshE_SViMzU_yDac8daPV206EtZB3nijb0LSr1LgFxsve5eaI-E1W-AxEmlFtvGnVpeCcA4BaUPMQv7FtcmZnecagX_Sga3vF4-SvEgWeqoNlAfIz_oMbfztVaGwsXIaXKnbQBkv3ZbuGRWcEHDPnsR_m9XWSo7mcJHw0ueF-ZOZUtws_1bXe3REEcX_xzoweMQrQLMjz2tnYnJkFPn-ZJzI2gASXgGentQTEoia8d-_1FbmHoWthtZCasQs9bWa_I2t6rZofxoKdym5xpuu2-WgRdlI3QLGG2sNPVkXvtMnS22avy4lbXId8GM3CsqWyj_Umw7Q6989VerXn_v-f81zxd4Zd7ZJe9OkptjxJB3XDcYj6p2b6nl1O7hH11AINHhRAUwjRN4NbFQZSLrQ4LZEpiTOSm8PFkyuGiD-IGe5Lxq7xWb0UTPojKAzL4Vq39ejZLtdmHQtOfB1zBNVSXD6NYoTisuLzPQq-Kv402hY5ShFa8GRU1AEYxH8oXm6zgh35v0KZi--2f__kb1JqW1xkGRO9fsLR-AwAL12UbmuM60KZB_8_RC8LHvKAESBTbG3zjneZrtmNXaZGIQbHcj8UE2Ko1x-Ogt-wuQqH960UhPQesipvbDc9LhpRDFmOCjU2PXoCdY4gVmg7zoMOc4LNbObI1Q3QloCR-B3WkjyiYdibHTn2XBrWKS-QdH2MrsFujcYIRIY4JjBVk7x95HB24gEUiAL9Is6ylBznUoQA&sai=AMfl-YTllr1-JthV4tyq2oL9_mQhhhMMRu06zw-Mt4VmiW-No8JhT0WbVcz4pwQ1uWHKLi4NjO7-S8NF3Spy_arx7X-ESVqJ3YGTBNDodYSHP8KTN-V-o1a2fnvwymH-F7cZ_CM2gwZVzuzUdJtFOhuAmR7BRt47lHz7POLhcBGqUz2r5Nb2nqQ&sig=Cg0ArKJSzHUtqPdfA-H7EAE&uach_m=[UACH]&pr=9:AAABh8_1j-i2qtqaA8d6nM1yIZ2u8RK1q_6SMg&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=880&vt=11&dtpt=879&dett=2&cstd=0&cisv=r20230426.20745&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BACACs52aG7wf3NuAm3WPDzypdRHwCSzfRLCQl9naWlhc8N0SJG9HNwWwiQF5ODNlZdAYNnzKv41KMmQqtEaLjYIEnkMSMBvO-xedLcoiwBIMj33tk8HLPfZibKs4lFLOQmpP3fBEd1wcpbvKXGBO_b2NTVVdQtyqtg91Sz9u199iVI_k&dbm_d=AKAmf-DF2VUhPDY4cN8YA-bdfa6go3cR9bCWOJM1rWM1B64qhP1ZqPEaqrtsvYyPoT9c2ucX-i4GjKyyLYiH_QzRgv0BW_eusYQw26DBzQEapZFlbwjiFUYFaTf3dPCmWwraoKFGov44c-AAIOX_D14a0YLDh08lCSjw8mOYVdYw3BCs4QDj8fTgPd_junhgwujcS7BO0SKzpl5ZUksMlH78RgTvYQQIlB1OpGXovC1w8Kdr8orMrZ6QmIT1KOUBUOhJeoH_mbtnvClNfxfbkHbbJLlXVyqIYY53JiEv56i2Cq4za0MkX18LWQpdGJPDZk-Hcepqw7z1pMYHclrJrT-5PIaQNntDXRSFWPFuj5UhtQC-2j_U-MmJe1-kIELMo46jCm19PXi5ZXOglAkhFp8VMB4RmfCUNpOCpfqRYNxhagUxhE9DUwDuMhugJvG3zhner2oBkgxbYZrpI8A9DsMOIAsqqsi-M4RuCmOC0rwka8Q2iKwo_NEEDaG2iRO9LgedG-CqBXoyKpfo9eU_T_Bm_ioFjKMNh6nNLw0VSUD2PpBtz69leSoyHMbiihPxThvsFMxJXDyWLJcG1R5uDWsCnKmAPWLyeQhkm_bXWwoSYxgngs_5G3KI5dgWj-0Kokb7PT3qPQmvqEvHbKmEG-NIUKQzktY3K9r0AyHCeNJH90M9CdgzNWkulFew7ydPBw-R773Sj2Hjb2amcDrIj4oFw3qt760K3gkb02ibZhRC5m1yx2ptkyg1Rx78YdG5xFXErJ8UXGW8DVIOH8lxLAwjeiRj6k30SaGV6I1IJgSdw8O3Gp0CE5wGLlK8gjbfTKUZKeCFC-YLFheQFd5cPRegmmgPJERkj1o4o7wpfU253RQ6fW5AZkLEphYN9KXHCyV6UTLM6bBuaXSRjwVMkXJOkPqYVItV65HwzSVdvKZlQOnrqoYGeMP3rMXn7C20uTBk_J9yn1HTGQjH_bOfoIqeyHG2ZuDnDm26tqIDLSaXQui-0N0n4N-rFDlXxpFiyXFX5wxzaZUYAp--ELDeSecX3ahPXj68mTh-6UWfeqAkKFPhy0vvdGHNtx14l0ayOfGFW7mt_xZeTF0GQLBwWYfLVNYu4b6HFE65-movu7cZzmusqjRkw89-bPepggU6Vt_1yZ5qfi4fwCVPlOcedGthhwtnC7hXK-55JFZoBEVSWlKX7NI2h0mAXR7aBvc3Bqaey4sLNaV-OfWbYczaW2zFrCyAVNpCZKhlSVvgGzn331HhDspN6o_RqGusjejRVtHLUAm-LkdxyGgk9P2lENUAcrFaOECOAqRl00VLA8CS6V1hiuVOHlZaJ-2M2uBA0xewHDhFtSFowvS-pI37v7k-VFmJUd1hPDg_65qYhNbq3R1oGqaHYxdlE9HRDVgAPRcQEUHl0QeKnbC4yz9HXXuLF013ebmq65UdxGoHb7LXVKrAry4Fe0Ca4Wm6EcuwrfQjJqNqD5KTDG9tBI1Ma2yqxUoxlChVw8S227i5H-nbxiegiMTPWcDfdLa2lkQPS9kq0LMbNx_WUplVKJ0StafmnBLMwaw3W-dKGj2D4YFCXvnsmLSSND11idPG_a8kvDt9Ef34r6LG_z40YztT5VM8a6oDJ7PnJ0Q-zY_XX4ull19vWPH8Gy3B1dmEK8-E20LiEyksXtizPuAPfzW2eZ1MBtBKCX9ko5Q8WOf2sbw7wCPjFyPAqAlfLSAt3wdEXPY1lZfNwfmhapE_I46b_l9Um-_46b44I39xITEEDcupPGHEJIwEBY1H7gC3OpBmH8taoGWSQGkri8WsuwJD6_A8jJlROeRAu3O-kZ8puu-wy-M1jnsKzZFJvt3cDYavqrQRBQWNVuHDFCup0xnDVmxM424kX9z_LOLNXmJGD9qCQeKZBuxJrbDnyD_udzl0SAAuBvUThzUxJ1zNDzz-4kax2tpJfa2ZSliMemdYUhn-7aIyNFhOeRLFXv9GxVXN27Xb45qdFlYF6YQ_Y7LjaRcqYfv-SbK4FEe5Wxjsspvw8x12iEuCKvxFNG5PbeTdASlhQ1uoF_vV85utHKWK-VLYexgl8fDd9bI5iOQ9GTtRe-J65I5yFhOx3yVBHHNy_L6yJmS8xTHP-baMH6xrjRaomeqoh4SbkSl_zp4kz_HmCNcDq4HDsyltqh-JA0wDCatke2T5JKVka1lQjde_oAplIk7_4ej2SwaYt1kPstZavBNCaFLOfcfR6hslg2eRmiUq1J2e3eNxbu2E_8-nwR4wdOsbO9kWx7R7FXo4AglgTnCsuR_aXqd5wpvKfb3cJaoSNuprJn8PTpO2yFIhKJ87uuEB_b2n8mdnSxnQcSaohGhRkKQShbuk57CyNxooVOZR-UI9ymUecdWTig9TvADQspw5r1Ct-j5MM28lHd0XYRFZTPe0Y6XQ99wHz9JNWHIhFod8Pumo4RVJ6jsSY9eCz26wx_Ckzac3tbYvYqPXHCoJ1XQl1lpZ14eyJhxKuBplzkTxwz-E0jl0yl74UVV1BiJcdn1qwLZbvq8z-rtKMuiUjrftOx7oAT6HN8pr8v9eRgBqPu7TwEuQumjxveban8_vLf0a8IGBHCO5uFf72I9YtwwzwNccBusQWbbAvGmzMML8XSl2h4ZEQ-ePGhkJM3eY0hkVbd1EMGctpKdKdB-1saFH282iDfErLAYsuawyWSJ2RcagCy7xYEgYzFV_ueOxOxIpjkv7GU4snuhY-YNlb1EgLPmVCR6WTqQox1q-LTzhQNqjcSRLYCyVo__UZi7Uso0Jn9Eqsn594NcNembqpLSZL7EF0n535oCE5-bw8ngfqXBEFP5dhvi1lG3o-GpwdswzqJqz_x8c8EEJMsThjB9weGvF9oT-TaestgkOOAVVlih_PBR6yAZX4MqJfwIkv-YIFOpf7H79-utAlKsZPmZTdKbZoDNjgCdaTRU5OABcdOMmHB37pkMQYJoALfaqGck1ssyhDi3oy-UQha0gTcnh_uA_DF0ZCU9GJ6oN0hKhllIRu75_A5dS2N5zyeghYSvikdRDV3zMemIjiSvRwovsz8DpMX4RBVH9vHZOX5q-BdLTbVcQObizL3QXDR3iGPSDC-ovwKa7JU-_paiEmV-n_4gP5f0KsGSH8YDaz9bDF1ook9uVUJNtUi1zDOP5pNV5SzvlQROml8_Y8VAWGSJNfp__FmaMIx6cHaC3cJ6MvqxoQQQWTdJ_TUiPTXrToRKdLBqEZLLS4kiyaDQjDVs7azHfmtrngFVA2jn6htqkssCxjAwTfiAD0ZgNFn8ycUUQm89S8B3CXD5_-r3H77T2j7dzWyX-v8kTO_1oGmrPVCeQyqKZW484HmPL6fJi-exZRJbzsOkKsUCLrFJWEmPhCr6CScT9gqBL70ErGtbnhDdY&pr=9%3AAAABh8_1j-i2qtqaA8d6nM1yIZ2u8RK1q_6SMg&cid=CAQSGwBygQiDPwXAOJ7mx88tUtyjkbUyxvfMCCXZ9RgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoYcGApFaFY0cUduNWYxHBalxZ3QvsHxgAcWn-6F96XQn6D8AQAcFti4sr7blPfjMBbBrfKM5su2ke4BABaKwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkYWRhZGFigWKBYoFigWjAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQW-tmkgAQWgIiggAQVGBwU9AMU2AQAFQQmjAEWjAEWjAERNQ4mjAE0AgAsLBbtyO3VhPGb3qABFu3cj6CbwrKFkwEAForB7sQMBii82ZiABBbEvpuABBaAiKCABBb62aSABBgJNDY5MzY1ODM3ForGARaMASUEFkYYBzMyMzY1MzQVApa6iokDEREYAk9YDHoU-AMU2gQAFgIYA3J0YgDcGwKIGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZR5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIArDgKZml2ZXJyLmNvbRjnAWh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQ_aWQ9bG9zcyZiZD1BS0FtZi1CaDBNY1NoT1BEanBaYlJvMEpGNTYzQUZEaERRX2VCRnZnWl81WGVGVTBYMmdqTWdfdVhuMUl0WHByUlBoeW1xeUd1OGE1V0VXVlcwbTNGRURReFNLUUd0YURNcDhiNy1XZ3BHZFl0RWs0dEhRczhsVSZsb3NzX3JlYXNvbj0ke0FVQ1RJT05fTE9TU30mcHI9JHtBVUNUSU9OX1BSSUNFfQAAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=11977372721605669000&adk=27505019&idt=57&cac=0&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:55 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 766C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuait9ixFzLlgsKUwZ1EX8tBdZfAXejw-VCrnquAUBsaR_M8eICLW7suicEkcdoPBhJ-5UNiSDwGUIhhQGRJht-pDiPm2Ot-oVIfzPvz6DWw3Kz33Fo_aYGhFcBp1yFujPQrFyOHH7FtNr7-4joe6SGWqDmX2heoalsEz2nxcpqjEAiuaujF4kc2lNN-nTukZr2MTpNmIu1gQzzgVK4Q8v4hRN_Cu56TI-PDYaflrFR5Qybyx1dnuAJ14dnZbatg9evTBNoX_WaIvAOkMrUNz8nBoaTaaNEnP1CsGfdBlgz1iL3aJ0XmCfLRnEFl_Im7aP9FdoIQnvXz1bpIW2a2C5mfymlCgExnS1DTc8gdR-HdpU52S4synGo9EZt0sh2GVv3rIk43r-NEpBanC8eyC4lMun63XdPJctQtEwvbvefOSs8OkYOTqQoQW7sTfszXluaKy2xlsEchO_9gHA_6KhMB8IuwXyjgRT0Q7GoOs_AAtiJ2m1U9gq32v1cjzFh1xkSfiQkWhB0NCyk_JWFApdOFVzI3SQniFwhwLqqjvs8HculSn8H6LdNjTBbkAF3G-mbHT4A7TrDOLvElFwqRWy5-u2ONKRIMnc4lvr5T_eBP-T2OYvH8ViC9qjSiB0ffI81C3sq_uhwuhclDuVAuacMHbDyveU9riC-iVIMAsH6Lb42C-1KCO4_sTWoTpaPbFxLivO7ZA-QbpJbWtYjNAW00FXOMILWhgQ-9foenq1kxH9lZBsqr-YeoTKFS49rFE1LxdD0UVmZkmzvgiQWFsFHBSniqbih4ZlFSGfHO_bastbL4UxER0wjFzDipa_23AZN6efZw6xcQCq6WmqS9GX-KQ-00q54MYpD-DzKGswLvtgGKmqI165LiFv7VtjloJZTO58BcmXNw5Qe-kH7kM3DQv3bXdCHOc5O_aplVG2oB5YTVMro5mXA3s2kK3t3uvOli1johMlQPxqNnrcBzf4ybnMDKtScYLGctZhn3CIV29PF-OKS7FVJk6BLy8lEZFxwn1mn38-cVadBshYT438Z-d4DCAf8BE5l9HC24Gn0wIW9MbHzlipkLApD-vLWz39xFwe3ZGFxXFYUiDfruuqhv1Uz9J6_CUSOOWmxZsGL0JL7yyXJoij7S1j91UD-wfuYEAwpqbSmM-ipmdyl4PtXN08M-3xQALhjoVSLDmIAMHh-YRBdnD7MRBfjHcOdy5M&sai=AMfl-YQD-InVPzRjc7ryqrEcdXvmBCa_FhGTApsCB9GbmYBJw2FOXwzInTbDs__3UC1rcXu8egmjfZSWc-AyY3-rK5G7PbS6UzIhnJaLFSM3B0070WX50ETRY9-7ZSixVXsr9tU4oxHBhbFEqsR2QZZpi7cNGbANO4si4aAI5SHB2CLkoBYb2wQ&sig=Cg0ArKJSzCy2ss9BSFPPEAE&uach_m=[UACH]&pr=9:AAABh8_1keiyGXo_3byi5DIEkdHICDRWCzE8tw&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=868&vt=11&dtpt=867&dett=2&cstd=0&cisv=r20230426.99706&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Avqlr4uE4x-cPZ_ow6T85JzE2dLmPY1AXTXwTu0O0cB8veytRvj45Odhb7fV67zJ--e3ydB9NohgrbMHev0AwSdv-olQ3wGPXr3l9QQTqw5blK4O60qwi_Jq1mf_SCyISa_nRgnkGM46iOu1zEAmb6qDVMbLX0B1pWtrGpFtMjqliSXdI&dbm_d=AKAmf-A4xhNZO3zHrZfZ_StV6_Y2aAlVoGh_c8Ggl7SIA-pnILtah0YYvSHOHFswqg_DU8_N1RFn3TBTHECKVFIkklWhU0NQUWvk_cPm1GfVTmPo9rqcRyrIrUr71UUynL20ADwrR60Jy_kW9s03ms27X0C4tuz4BBGZb8fJwlQFN_oCY7QXpC1PE6X594K_4pHOKUq7TkrsLDdMZcPVhPhpzRNEbsiytlDq38DIPhakzyF6Of-iMMqLdktHsORnQCIr0zxOzjCyapJ5nzYFqjmv9JPQrnrCwyc9mP1hbwQ5hEDAFE68fFt6aFJvDxlBgJ-AxAfKxyi_IqHLwz8MmPoAkbA_ZJCsM8BlrEI_Fc1rXjKQY_t1wACXtQgowZhC3I5HQyNOdQwD2xXIifmmYzxZpCBrcK4CxW4frm0ZCE8IZMYtUr66WINkf1yR51DiuH7AJbPU3ydzQPQ06MyRcYDSoJwXCf9mVz1NqzxyEsbQoBJGdgpwq15pYb3Q1Vaw_03Y4gmVA9NeVHgdP3M8hWRekJrkyrjyPktzS7YWcYzY81ObqCTzfVhFEnmFoYEPPPKc5qsqQy4Vqk42babSgPxiO2HXaXCdDTnyXKXIF2i-IKCCmyvF0uxSqute_Vk1xQ-jca6eYeseufXoe-k9TdfOA87WelT0d08_ajOUwkKUDIfdiX7F0ZjPY9Aro0sAKXea0n9zh1PV9jKdl3f-Ye1O8M-ajxPDWR7uH57pFUmiCzfMJlXN-c0ztJUTQ6i1uQ_9Me8M750_6ylH-xWssVaISdUiHoUKmJZI9XyEMgRrv6vpjE1wDChNszjrnaJoZM84CnfNwpbvVjTqgIvOd2qTm-0qqR1Bv-GxGz57lgMtmNn4w2AmbhPKDboVdEDY_MATZIRNDfsyVOt3kfEshZ4rEIITQxW8gF6AQ_H_rHbZIbVvNSyxrR8xqM88-iNdkD34mU5pvSnrxiAHJmNBgziTlC4o93rKbvFsZV1wZsNOqsEDo7Y_oZIfQxPwdAqlmrvnOT5Ji-uNn8BI2--0_YB9mqUeEQeYT2wmqOzaxoqvEep3MFjG1N-uVJJa2cdDUvnzKEzVQn48xEkmflQE8OW6naq0lp5ZqDlEaeUmlbZ98uq3yYaoEU8sah-u50pe7bOLud4OaURreruxUwf45M6vc5h5om8f6RpO_RNiFsAi2cGXEPwD-Wr1AxQMlT3u31g2_Z1iDNcdSIVu3Dgtyuq3j4Y4Qh1GTsuhNZyKyOPimfdwXUceAXQ8k0mchy6tDb8p_yPWxO7NEhJDDmJmfKUzt5jk6YrRqDnOm2Cp5kDUuTvKMQyHztNdFOxGcqH_XnmqV3JUmXH3ns4UYE--qGAaTcNUF7TMKNnKMSsaSbo9o_qGJZhdAKzxTB784okLCxNHRFQihn0sGljHE14ZwMxAdDCVyr6SbuBh-GaGKjoPTBuXpD6Uu7PTs0b2X8t4CcqVApzI3QOEEsMRcwNhg0UfsudeXzswBSzWmPR2Mb-qjFJRccyWYWeLBjgX2uN0NtXeY44Z_NdMZiklNSL__jJuPyMnipQvgK6_tMX0sgKJxQjR0dqsYQZ2EjU6-ReBG1hzgluNhPJcSMeT7ZTqD5jf_suNK8iWVYZ0--F4VdNLEDIdMxij6xVqYvp-6LZH8iqiZ5MSB3ZjtQTiXaFO0ShuhI6Qe8cxRpA_j4vCt7_wAdIe3-_-uNz0LAC4OjmVUHCj9xyoyDSj0dvOEQKB_QLhTPIp1ULDZp5FN-cwmaHPllXMIGS5Zu06T-s1e9ezSLHd3oy_A_40zyHTvb92IeqlHJ45w0sub0EzSky17XZ8nLSEHd5VfiyextljmNyMZGpBTt9tXaYab7YJOLNgggxly987Poy0peWwOyfV5k8yMMrlKT_RWxVyqTk5VNYons70qd8e90tuviyHPzfINH-JJcVCj4CD_0v8lxKTAKoScv5La1-v6q4pin6PqXydCNn4rTUMYIrmQBRIFnQt_GgR94mRzjn3fE8CzeOvjoS3jZxZDNCGlCRYHDZsWGLjQjL5ePxh4BqJEruIKvLIv_5-H8sMq6_b8wsh0WJA7jsKaeTM-J1s40k1LAULnTfhb-oG-WTYBGw3tlqi6AQphDMAKtq1hkSSyDseZWgGR5RdALDF07YswaE9YikyYWUp2GKVBLuFLOUoZ-TKQr_hy4TMfhiSBdLc2vt7ezC8WWgKUBptAJL9FSs3llM9C0HKjGqgwv1yID8FVc5U2-49TQ3XJFSeBSR8dDgrYQn1p3Xcwa3JbcALebsp_vVzZBMSZBIuzrbjiG0WzDJheEwDz3nlp3gKH1fhyJX3J65KCN8Ym8M_w_Vqmu93ZFj6-JAq2wNUwdRNoJyRX6KzZQv-jia10BSq3H0CrH7NYXsOLlGhXTh_jQkhvWkIohtsq6lElTeg5oPQVS77GCtKQ0MM7S9OqCoA9iC_7eZ3dFI3pjHuuMhQUdB0D8-psD5lEe4_CN4wPsFyO0BF83_H1BscBAG1yoSDDLoaAzKkQvS6sr7yikvBj3yBWED7AlDUOJYH6Uty4U-CSLnEJMl14EEzM_611SUDKuJB6i0Nt0mDIu7vPzwH6dzT0YhKp5ahO4qqI0FuQTzogpbPuHMS7rhv0RPWJiOmJV2VMSjihW0zAh1zIl9igdqIO_URkeNVVPdllj_qUSl9SJqqRhOg3ocviyDqhxGbNeACjNiI81NoyDMv2IlqyCBpdg1FIG4avo07zopNskxgP5ojOwE3md8Laj-UXb45HRSeE-O_dwGGB3jw9WSzhqRxFeBmBe_sB-slxAWhandG6nT3fkVHHenzQ7wMUkFGonJKGB9saT4pCKmHvcyI_Fy-An9HY8yBAL3-5yquyIBhZuS1ymB-6SF6ro7XAfwc1H4eq49BkSsfUeFJrtYSMnyUwDsVrQ7yjAz5Y73gsHllhCVu-0CqWf5APXCGs4cLf6qbaRO2eJXcyIqOzPkXdSTxc7nzujqEKrTVS1_yaef1-k7RKfkU3B4q262sma_1SPlehcqsqvShfkaSe_BGHfc4EgkXmjY1pRd6K1hV4dLCTIvbuTc8jrcnML58ATatndA85t46U9HpdMJ7ES1H8f5V29k8Ewe4Apmlf643fwkUqfBmVK7Tdb69eVoQCZfs6xrX2TKJX5-UYpSEv2DWHCVsFk0PxUcQ4yTtP3KPV95NyxVKRTRwjYlqRPctcjbISnK0EYfgZzF9MRzoo6J7T5BH5NWO0h-7opy9RHuSn0ihs8DB0PMTe5siGgUvfGuyDd1VaGxFC4lvgQyqfsMqm4lZ07Gm6OAXYinVEQYR8zHm8mWmW9KKPXHkhcqBJy0oixbzDNcBr0UYJSpKwwCAIqULAoDTE9LeFgZcCl1edXrIsLcM&pr=9%3AAAABh8_1keiyGXo_3byi5DIEkdHICDRWCzE8tw&cid=CAQSGwBygQiDZeEyw0wv5Q5SP3Y80OZ9pvy-Dt-2kxgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAogcGAo5bVFGUkUyanlNHBbr7L2yv-6n3OoBFon74OLnhbTtqgEAHBaf6uW5g6Oyj7QBFtv6we7cp7GB_wEAFozB7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFvK0qqzSz6OHxAEWpf6toe7eot7OAQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFvrZpIAEGAk0NjkzNjU4MzcWisYBFowBJQQWRhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehT4AxTaBAAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUNUanJiQVplbFhWS19lRWtVRlNUZW1ZcnRMMl81NlJjSDFGT0h0NzVuamJOTG5qYWFjb2w4cUg1cUowUDlCSUNxMmFLUVF6T0tWQV9VWU5EYTBHUUZHWkVjNWo3MTFrZDFGZXB1RENqVFBTZjdMQ1ZVJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=8905270053501222000&adk=2372091703&idt=62&cac=0&dtd=44
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:55 GMT
pd
us-u.openx.net/w/1.0/ Frame 271D 		626 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a9dc555be897bfea533415a9c5f7c66cbbee4a0083a7ea7c301355d871db9d29

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
407
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ads
pubads.g.doubleclick.net/gampad/ Frame 89BF 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22059416475%2C78059622%2Fkhaleejtimes.com_PS_MCM_1.7_28.03.2023&description_url=https%3A%2F%2Fkhaleejtimes.com&tfcd=0&npa=0&sz=1x1%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=215861593430626&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=580126782&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&media_url=blob%3Ahttps%253a%2F%2Fwww.khaleejtimes.com%2Fba5cf172-bb48-4628-9329-8ded80a36306&sid=A0B4B015-23AF-4368-856E-E2AAEFD21113&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi4o9b__DBIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBi4o9b__DBIAFICCGQSGQoKcHViY2lkLm9yZxi3o9b__DBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuKPW__wwSABSAghk&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&dt=1682821195930&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&scor=4055287058584798&fbidx=-1&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6E02 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
42971
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 14:23:44 GMT
expires
Sun, 28 Apr 2024 14:23:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
onetag-sys.com/usync/ Frame 1939 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync.html
s.adtelligent.com/ Frame F966 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.151.11.90 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4d103aa6459418648cbe913c21965506dec88b052033c15ece5c5800e39f7e34

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
943
Content-Type
text/html; charset=UTF-8
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
de.tynt.com/deb/ Frame C2A2
Redirect Chain
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
75 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
75
content-type
text/html
date
Sun, 30 Apr 2023 02:19:55 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-length
171
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:56 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F5CB 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112331
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:56 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 2F32
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.44%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=1186132776
  • https://sync.1rx.io/usersync3/mediamathtest/2069.44/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-25e123c1-91dd-4efb-b23f...
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
Tengine
ETag
RX25e123c191dd4efbb23f8cb41c34b8bd005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Content-Type
text/html
Connection
keep-alive
sync
vid.vidoomy.com/ Frame 2F32 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
speed
ads62.adtelligent.com/tracking/ Frame 2F32 		43 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads62.adtelligent.com/tracking/speed?network=567&queue=414
Requested by
Host: ads62.adtelligent.com
URL: https://ads62.adtelligent.com/display/?adid=3E5578E936E6D02F&aid=724993&cb=750714413
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:55 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2D4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2392993802319&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2D4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2392993802319&version=m202301230201&ct=76&x=9&cor=4549704372629151000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A2D4 		72 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7YSC3dGILeFHvsEbFEslX_JNHcyrlxoMUXXQaZmwM3DqDPWs24SK_cEtCQ_J-EfH6s-UEq812mlCK8w5V6bSE_ZVWLqdXPGLnJHnwLfKAX6LP3fairxRb9xNGsbww4cbH7NAvgOP07TbrPCNzRvOo64D7oopLBHs-OYszbCreDKY53jo&dbm_d=AKAmf-APZnjP-1R7z2BnnH-gns_dRr9Z0poCY2R7Xn1AMc2IlvMlMs3hXoJL8YnBnUpq4ogWfV47VzAx6OzWc3iRF3kJaa275GzEB6NlHaJz2yFNyj-QV9LwecShrL852ynOB4WI9f65yypW5aB38TnbWdKS3YLxG_zr9f4rCoBZhr7z4LPs9hULEbXYR-b3gaUm14g3RQefGzzS5R1QA8PqtgJjMjj42N57iOPGN5fX5apJxoEpHBWBdcB9peD7XhPra1uOk05jD-uXa1sMDoSnGyj0qoAy7kpAKWYz5J0Qq3USkoKMf2BckVci6Tez24ghEHyKSUkejdwgvvDQ8Ck--Gr2PafccRnAFOWUzBRHqzm1XAJS6Mf-L3IQFzIv-n4jnnWKc6tM0vt_Cx7_rJ8nT41b5LDjrpHu_TR9BDLZWlPa54Bu2EEysf6tTDJt8eHK5VBd7PXC9Hyrw5YkRfLREgLow2vZDURFOTPGyOaeG47jh768-h1_fTPhR05k942BczcetFmCol2w2KN18WqLHSnZdeJaZBxhIQTOicX0l-nxYfxAdiasEHoMKFxfqfLwsyDnBC7iRFRDCOpLdwnZdHF-y643iu7lV4VqBWqE11pRp3eMUQ2RSIHi_y8NF-Ela0XDpVeyLRJ1GXwPM7JfHknvapL35HpZEBLx9JKYXp9O1WGhsPPtUg15b_YSi3Wgaq0FoMukQAZyQPlMECjfjPJ52LtBg4g_XYx6SHFCv1utZ0B8ffx7vcFou2B3Cg4mE3gfOjouJQokMHs_-Gq5O7hfQhQmUOhD9PH8zcrsPqL0liYQRR-jSNByWIYayGQng6vNkaA1siqvd6U3cf1TGEEdgIkPY53yVx0B9fWuupRRBNuNNLq_K3niwMnGOLyynMU_JaHvHkZB3iwfm9aIDfZ1arAwpr0Ozu1tjRWkmy1F50tFQ9AIZccKL7Z9F_QmKBByCktCHJBw92LjXDmsP5MZ8D2HwCbA80If0dOIr72fkIOEofV6yZFiNcELbdPK6q4puprM3z3x2x5xBaKQDPfUtIFnp-GctIic5hCeFjBR_cJMdRU4FXK7_6xubpjBx3IO-2z5a6ynSyHSzjCS5yUY_xt5G6I71Vd5Kevba-7OHIJkKvQT3X6bhHYwD_eR9qalDeaLLGEghKIvQwgQHWOKR0l0_E3P_gQTLNymm_OFhmi4FEUGhTzOkaC1KUsNX8hZhOeUl_fU0IoFIEaygsxxhrcvN12beczavz_lkKTsjHzS1XL8lz2PFQft5WnGXv2HU5FY8RVvH8r7LMuOKSAHwoXv3JYBrSea3knY7-Hvz8Ovc9pkQUS5Ta_6YkAkJRuT8VLVqqnYRLz5cBHviVDhO-_KDoME_pS4Qt-1WHiU0WHGbeEAr2n4XOj1Y-vZIl6cfTEYlzInkO4veR2h38FLLxo0JRGS8TYKu5Bumeq8Mngu5QzpCQl8A51XK6nZ9MfOkhO8mBdAbibxl1TvX43NDZWEMpfdG2NE5SGc6uQE4QyVlt5xtNoZbUS8B9jF066rp94j1uWOqrq3f3GKB1XuQfbtPdm8sI0mDD8TE5EwLZamsKv4QloiE50rO4aC5jO0z3O1dKNKsCajb3ei9BIFxqUsFyLpznk_IxJxzAztN-janzuNegyq_37QK2KPqViVeGN9v3uJZLxWrjDrB_d_CLBqInvwwtaDgaaaBDQleoAOxQArUfCV0pexoiU5ra3V69WF85xCsIOoIuEJXkvp0k48hZeV-kffEico-MEaLEMBFY4-ZOSbfAxchQzp8gfuyFtMCqxyzfrV7AiwezeqZUl-yg_pUhW_5bZQLWu72Y3bY8HiUaTcCSxPQ4NzxhN5Q6IhJeRYDFVX9qSvCHEbXGUPvbKE-TxhCsALc6m9d7YrWB6Y5tRacIN9mEmkAw8K7INONnhdK1sXEWVDFwpYn2y8nJy6jwPyx0XN0ZR6jltatr-_EGtxz5eNznLMmVmvPKeiQBwM2_KAdACZpf2Jo14xgWvQW7cU2wIjoXUod8jEVR3i2SSi20ucVOdbegD3RIz6T52NpV9rMB-4I3O6JtlwPTN8y-f4x22Fs4XXf9wS_KB6HZLRLisiVeSigscFvd2eQCqtv7xBJH3ZzK_hVOYfnn9MkE94C22cT4T3zvFHnpk40DwDMmbCazEcE2-Wz1iq3aqlKvFAFNTrb_erzl-BkD9yfgaq3ML--6a2mOFQOoNkfbcFcqAMyWUVAG6z97CTHFBdzM6AOk06AbQ8qRaW8x5CAZUTugN8FOJ7LuFZFtiJuAVav73GMOJqEv7Hh1x4JZUfvw96UBrkVanjejE6LpL5tGjC9bZycFWOSbcniWhCsN5SiPlZNGqCTxkkDwB8l0yiQ7KyO7l47CbfpvWNCMS-qXTUR2nGKR5hzGR44vGCbNrOTmrxy_Bfw-5qRmi9WOHVKxTw0PiEb66H-QEYv7Oe-75ayRHELJrWITw53o6lCrF6s0L9_qwFrEkMA9RpGfGEtVO5IJggYpd3BlBnEERpzmt6qEQVELqeNT_O1IIBAVGD6lctXvrDfIQ3uA4duFGLkB9gGCpEhCvfDeMBX8wVylZjkrLRrwj99Zl5x57ienj8zT18El07P4rf7AiKcX-6oHGBaGt_zGX-TaNWH0p3yQnZpSBWI95ftWAkW2czUrClanDrfxCmULwo5QTcUUrxtlLczLISzmVv_LCjRdNK5bgA4Yf9zD0rgJnr1X8ptgU5D0WFeDBIVwl8XogWRa5mhe9NlzmpNIymJwV7uW1lydE99fn_3aSjYX8JW7GUTNzhxE1lmChclXiMriJ-oQKqOLth-rhmXnLHGatrjOF5yv0fKS-jKtGD1kjkon4H2_jY3vaV6PE8Wxp0Gzpu_kFSXpaxqy773qhSsZ1romadZDDv9bTdXPQ3tyNG3iTMksIBD_RF0WMOnHOyAkjCT8w_YTaU5U_9mw-6xu2mO2EiP-z5uEFIEwWzJTcLJfWfXvzyFQJHQpGzmZxKdm_cUmZQIcRCFkYFV5aVrcWMZ8L-WfRpfIhLqutzBDc8fPEPX5ymItama2KLsfcyu2wN0K5Mk8gTR7qLzs09IFvUhV2dMtkwxohRlyEeiATA8lWi0xT65rwYmzrBbBbZIrZcoXx3GATGYa4TwqTw0Vj1yxy2HWS0inKrRzyqUuTGj4RjtFnZRewEQBmk1eBJH2ZbuiLW0Dj7UW9QGKoqyKE7Q0_cIBlXTVN2_qDSqEFipzQZ18b81DFHACuMMu3GcaMCeyePaVivP4inYoVBWpMfpu_b0tjUE-8E9TVBzLLhvhgar0-3uZW7px4XCxNtS1_1LLeBjIGiqXlA-tFjPuHaneqTzdA5VCq9-thuppxg5JauPw8kwyVGARNJwtemeMph&pr=9%3AAAABh8_1mGH0exkkMkdQNphuls0OByY1yrntcg&cid=CAQSGwBygQiDM64aC8-NZ0lcpTe959JKkGvi6zH6GhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApUN3VjQ1VGUUVFHBbv292an_v6rvMBFpGz8aKOz7DEygEAHBbQvPKoio_0ppQBFsPAsPC628Px3QEAFo7B7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFrSZ0oy32piKfhaX4fDbkLu7tOkBABaOwe7EDAYovNmYgAQWxL6bgAQWgIiggAQW-tmkgAQYCTQ2OTM2NTgzNxaKxgEWjAElBBZGGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FPgDFNoEABYCGANydGIA3BsCiB5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBWZhbHNlAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=4549704372629151000&adk=3855065083&idt=68&cac=0&dtd=60
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
562d6598bbd6721a7bf5ddfeac9d1bdfd9dd1649fa872b447421e349f479728c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35214
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
eb2.3lift.com/ Frame D83B 		538 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
1ac774570f935e6930359641bba8ab5dbb7897c71bdbbbb88b65896804ff619b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
538
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:56 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
csync
sync.adtelligent.com/ Frame 186F 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJGsunjaG4FJPvmH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:55 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
bulk
trc.taboola.com/khaleejtimesmena-p13238197/log/3/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/khaleejtimesmena-p13238197/log/3/bulk?route=US%3AUS%3AV&lti=deflated&bulkSize=9
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230427-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
13
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 varnish
x-served-by
cache-yul12822-YUL
server
nginx
x-timer
S1682821196.147777,VS0,VE13
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.khaleejtimes.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sync
eb2.3lift.com/ Frame 7796 		538 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
1ac774570f935e6930359641bba8ab5dbb7897c71bdbbbb88b65896804ff619b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
538
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:56 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
csync
sync.adtelligent.com/ Frame F027 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJGsunjaG4FJPvmH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:55 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
sync
eb2.3lift.com/ Frame 844A 		538 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
1ac774570f935e6930359641bba8ab5dbb7897c71bdbbbb88b65896804ff619b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
538
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:56 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
csync
sync.adtelligent.com/ Frame D764 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJGsunjaG4FJPvmH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:55 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
xuid
eb2.3lift.com/ Frame 95F4
Redirect Chain
  • https://csync.loopme.me/?pubid=11002&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6126&xuid=92e3d4d5-9716-4f5e-b708-bda9da8c9680&dongle=9e4f&gdpr
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6126&xuid=92e3d4d5-9716-4f5e-b708-bda9da8c9680&dongle=9e4f&gdpr
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6126&xuid=92e3d4d5-9716-4f5e-b708-bda9da8c9680&dongle=9e4f&gdpr
date
Sun, 30 Apr 2023 02:19:56 GMT
server
_
content-length
0
xuid
eb2.3lift.com/ Frame 95F4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1245&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7354&xuid=4139660057828765566&dongle=AD20&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=4139660057828765566&dongle=AD20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eb2.3lift.com/xuid?mid=7354&xuid=4139660057828765566&dongle=AD20&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
xuid
eb2.3lift.com/ Frame 95F4
Redirect Chain
  • https://sid.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab
  • https://sid.storygize.net/csr?r=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3396%26xuid%3D42fd1fa5-c3cb-473b-9b63-c44b55682ec7%26dongle%3Dc7e1
  • https://eb2.3lift.com/xuid?mid=3396&xuid=42fd1fa5-c3cb-473b-9b63-c44b55682ec7&dongle=c7e1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3396&xuid=42fd1fa5-c3cb-473b-9b63-c44b55682ec7&dongle=c7e1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3396&xuid=42fd1fa5-c3cb-473b-9b63-c44b55682ec7&dongle=c7e1
date
Sun, 30 Apr 2023 02:19:57 GMT
content-length
0
xuid
eb2.3lift.com/ Frame 95F4
Redirect Chain
  • https://p.rfihub.com/cm?pub=36497&in=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7414&xuid=978477414437337801&dongle=U48
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7414&xuid=978477414437337801&dongle=U48
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=7414&xuid=978477414437337801&dongle=U48
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
xuid
eb2.3lift.com/ Frame 95F4
Redirect Chain
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dn0h9TTaSFk0n%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-9dmrt
expires
-1
pixel
cm.smadex.com/ Frame 95F4 		0
0
xuid
eb2.3lift.com/ Frame 95F4
Redirect Chain
  • https://match.deepintent.com/usersync/140?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7596&xuid=di_bb7fe3469a6e4f3c81420&dongle=fg7
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7596&xuid=di_bb7fe3469a6e4f3c81420&dongle=fg7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7596&xuid=di_bb7fe3469a6e4f3c81420&dongle=fg7
date
Sun, 30 Apr 2023 02:19:56 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
757c0557066e95cfd4c7
aax-eu.amazon-adsystem.com/s/x/ Frame 95F4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
value=3877821143472078157452
sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/ Frame 95F4
Redirect Chain
  • https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=3877821143472078157452
  • https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3877821143472078157452
43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
54.153.252.43 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-153-252-43.ap-southeast-2.compute.amazonaws.com
Software
Match/7617.95c0863b8ad718fc9bc2c258bb2b703bed1a564b (i-0bf2dfeba5f49157c) /
Resource Hash
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
server
Match/7617.95c0863b8ad718fc9bc2c258bb2b703bed1a564b (i-0bf2dfeba5f49157c)
p3p
CP="NOI NID ADMa PSAa OUR BUS COM NAV"
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
43
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
Match/7617.95c0863b8ad718fc9bc2c258bb2b703bed1a564b (i-0dc228b41177da1df)
p3p
CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3877821143472078157452
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
expires
-1
usermatch
usersync.getpublica.com/ Frame 95F4 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=triplelift&TripleLiftID=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.231.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-231-183.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Length
0
Vary
Origin
Expires
0
csync
sync.adtelligent.com/ Frame 7F4E
Redirect Chain
  • https://sync.1rx.io/usersync/openx/902505f7-14c4-04f2-0bf5-15c627344bba
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-25e123c1-91dd-4efb-b23f...
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Tengine
ETag
RX25e123c191dd4efbb23f8cb41c34b8bd005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Content-Type
text/html
Connection
keep-alive
sd
us-u.openx.net/w/1.0/ Frame 7F4E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAjOU7Im6EAACBud1f_9Q
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAjOU7Im6EAACBud1f_9Q
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAjOU7Im6EAACBud1f_9Q
Date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 7F4E 		61 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=opx&ovsid=cb3f7c0a-c471-0c79-3857-32403363951a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 02:19:56 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 02:19:56 GMT
sd
us-u.openx.net/w/1.0/ Frame 7F4E
Redirect Chain
  • https://oxp.mxptint.net/OpenX.ashx
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33645_101EA6830_8FA46364
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33645_101EA6830_8FA46364
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33645_101EA6830_8FA46364
Date
Sun, 30 Apr 2023 02:19:56 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-365825951; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
195
Content-Type
text/html; charset=utf-8
sync
s.cpx.to/ Frame 7F4E 		95 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=432e3986-53d9-0a96-398e-b482801b1844&dsp=OPENX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.49.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-49-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Sun, 30 Apr 2023 02:19:57 GMT
Content-Type
image/png
Connection
keep-alive
Content-Length
95
expires
Sun, 30 Apr 2023 02:19:57 GMT
sd
us-u.openx.net/w/1.0/ Frame 7F4E
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=fYpSPiDn1PSWFi5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=fYpSPiDn1PSWFi5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0a06c616171ab44f5@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=fYpSPiDn1PSWFi5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7F4E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4139660057828765566
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4139660057828765566
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4139660057828765566
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame 7F4E
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=uB3sZ-oZ7DujSu9muRr1MuoQvWejEehiukiIRTEq
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=uB3sZ-oZ7DujSu9muRr1MuoQvWejEehiukiIRTEq
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=uB3sZ-oZ7DujSu9muRr1MuoQvWejEehiukiIRTEq
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7F4E
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=openx&bidswitch_custom_parameter=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=13a9ab20ca47528906189634db924386&expires=30&ssp=openx&bsw_param=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 30 Apr 2023 02:19:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 7F4E
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=978477414437337801
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=978477414437337801
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=978477414437337801
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
xuid
eb2.3lift.com/ Frame A088
Redirect Chain
  • https://csync.loopme.me/?pubid=11002&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6126&xuid=92e3d4d5-9716-4f5e-b708-bda9da8c9680&dongle=9e4f&gdpr
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6126&xuid=92e3d4d5-9716-4f5e-b708-bda9da8c9680&dongle=9e4f&gdpr
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6126&xuid=92e3d4d5-9716-4f5e-b708-bda9da8c9680&dongle=9e4f&gdpr
date
Sun, 30 Apr 2023 02:19:56 GMT
server
_
content-length
0
xuid
eb2.3lift.com/ Frame A088
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1245&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7354&xuid=4139660057828765566&dongle=AD20&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=4139660057828765566&dongle=AD20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eb2.3lift.com/xuid?mid=7354&xuid=4139660057828765566&dongle=AD20&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
xuid
eb2.3lift.com/ Frame A088
Redirect Chain
  • https://sid.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab
  • https://sid.storygize.net/csr?r=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3396%26xuid%3Dc46b7bec-929d-4934-b270-6a180796d2f4%26dongle%3Dc7e1
  • https://eb2.3lift.com/xuid?mid=3396&xuid=c46b7bec-929d-4934-b270-6a180796d2f4&dongle=c7e1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3396&xuid=c46b7bec-929d-4934-b270-6a180796d2f4&dongle=c7e1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3396&xuid=c46b7bec-929d-4934-b270-6a180796d2f4&dongle=c7e1
date
Sun, 30 Apr 2023 02:19:57 GMT
content-length
0
xuid
eb2.3lift.com/ Frame A088
Redirect Chain
  • https://p.rfihub.com/cm?pub=36497&in=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7414&xuid=978477414437337801&dongle=U48
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7414&xuid=978477414437337801&dongle=U48
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=7414&xuid=978477414437337801&dongle=U48
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
xuid
eb2.3lift.com/ Frame A088
Redirect Chain
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dn0h9TTaSFk0n%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-9dmrt
expires
-1
pixel
cm.smadex.com/ Frame A088 		0
0
xuid
eb2.3lift.com/ Frame A088
Redirect Chain
  • https://match.deepintent.com/usersync/140?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7596&xuid=di_bb7fe3469a6e4f3c81420&dongle=fg7
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7596&xuid=di_bb7fe3469a6e4f3c81420&dongle=fg7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7596&xuid=di_bb7fe3469a6e4f3c81420&dongle=fg7
date
Sun, 30 Apr 2023 02:19:55 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
757c0557066e95cfd4c7
aax-eu.amazon-adsystem.com/s/x/ Frame A088 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
value=3877821143472078157452
sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/ Frame A088
Redirect Chain
  • https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=3877821143472078157452
  • https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3877821143472078157452
43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
54.153.252.43 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-153-252-43.ap-southeast-2.compute.amazonaws.com
Software
Match/7617.95c0863b8ad718fc9bc2c258bb2b703bed1a564b (i-02ad02cd7b16ccafa) /
Resource Hash
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
server
Match/7617.95c0863b8ad718fc9bc2c258bb2b703bed1a564b (i-02ad02cd7b16ccafa)
p3p
CP="NOI NID ADMa PSAa OUR BUS COM NAV"
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
43
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
Match/7617.95c0863b8ad718fc9bc2c258bb2b703bed1a564b (i-03997b7ffa846ce0b)
p3p
CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3877821143472078157452
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
expires
-1
usermatch
usersync.getpublica.com/ Frame A088 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=triplelift&TripleLiftID=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.231.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-231-183.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Length
0
Vary
Origin
Expires
0
csync
sync.adtelligent.com/ Frame 7CC8
Redirect Chain
  • https://sync.1rx.io/usersync/openx/902505f7-14c4-04f2-0bf5-15c627344bba
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-25e123c1-91dd-4efb-b23f...
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Tengine
ETag
RX25e123c191dd4efbb23f8cb41c34b8bd005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Content-Type
text/html
Connection
keep-alive
sd
us-u.openx.net/w/1.0/ Frame 7CC8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAjOU7Im6EAACBud1f_9Q
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAjOU7Im6EAACBud1f_9Q
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AAAjOU7Im6EAACBud1f_9Q
Date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 7CC8 		61 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=opx&ovsid=cb3f7c0a-c471-0c79-3857-32403363951a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 02:19:56 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 02:19:56 GMT
sd
us-u.openx.net/w/1.0/ Frame 7CC8
Redirect Chain
  • https://oxp.mxptint.net/OpenX.ashx
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33645_101EA6830_8FA46364
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33645_101EA6830_8FA46364
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R33645_101EA6830_8FA46364
Date
Sun, 30 Apr 2023 02:19:56 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-365825951; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
195
Content-Type
text/html; charset=utf-8
sync
s.cpx.to/ Frame 7CC8 		95 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=432e3986-53d9-0a96-398e-b482801b1844&dsp=OPENX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.49.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-49-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
Date
Sun, 30 Apr 2023 02:19:57 GMT
Content-Type
image/png
Connection
keep-alive
Content-Length
95
expires
Sun, 30 Apr 2023 02:19:57 GMT
sd
us-u.openx.net/w/1.0/ Frame 7CC8
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=fYpSPiDn1PSWFi5
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=fYpSPiDn1PSWFi5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-05e7e34dc077f730b@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=fYpSPiDn1PSWFi5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7CC8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4139660057828765566
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4139660057828765566
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4139660057828765566
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame 7CC8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=uB3sZ-oZ7DujSu9muRr1MuoQvWejEehiukiIRTEq
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=uB3sZ-oZ7DujSu9muRr1MuoQvWejEehiukiIRTEq
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=uB3sZ-oZ7DujSu9muRr1MuoQvWejEehiukiIRTEq
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7CC8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=openx&bsw_custom_parameter=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=ea2faf13-0f1d-45a8-830a-a62f4301fb57&expires=1&user_group=5&ssp=openx&bsw_param=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&gdpr_pd=
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 30 Apr 2023 02:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 7CC8
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=978477414437337801
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=978477414437337801
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=978477414437337801
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
xuid
eb2.3lift.com/ Frame 222E
Redirect Chain
  • https://csync.loopme.me/?pubid=11002&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6126&xuid=92e3d4d5-9716-4f5e-b708-bda9da8c9680&dongle=9e4f&gdpr
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6126&xuid=92e3d4d5-9716-4f5e-b708-bda9da8c9680&dongle=9e4f&gdpr
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6126&xuid=92e3d4d5-9716-4f5e-b708-bda9da8c9680&dongle=9e4f&gdpr
date
Sun, 30 Apr 2023 02:19:56 GMT
server
_
content-length
0
xuid
eb2.3lift.com/ Frame 222E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1245&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7354&xuid=4139660057828765566&dongle=AD20&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=4139660057828765566&dongle=AD20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eb2.3lift.com/xuid?mid=7354&xuid=4139660057828765566&dongle=AD20&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
xuid
eb2.3lift.com/ Frame 222E
Redirect Chain
  • https://sid.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab
  • https://sid.storygize.net/csr?r=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3396%26xuid%3D89e7d06b-ceed-4d9e-8877-857c93b04dbc%26dongle%3Dc7e1
  • https://eb2.3lift.com/xuid?mid=3396&xuid=89e7d06b-ceed-4d9e-8877-857c93b04dbc&dongle=c7e1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3396&xuid=89e7d06b-ceed-4d9e-8877-857c93b04dbc&dongle=c7e1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3396&xuid=89e7d06b-ceed-4d9e-8877-857c93b04dbc&dongle=c7e1
date
Sun, 30 Apr 2023 02:19:57 GMT
content-length
0
xuid
eb2.3lift.com/ Frame 222E
Redirect Chain
  • https://p.rfihub.com/cm?pub=36497&in=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7414&xuid=978477414437337801&dongle=U48
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7414&xuid=978477414437337801&dongle=U48
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=7414&xuid=978477414437337801&dongle=U48
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
xuid
eb2.3lift.com/ Frame 222E
Redirect Chain
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dn0h9TTaSFk0n%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-9dmrt
expires
-1
pixel
cm.smadex.com/ Frame 222E 		0
0
xuid
eb2.3lift.com/ Frame 222E
Redirect Chain
  • https://match.deepintent.com/usersync/140?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7596&xuid=di_bb7fe3469a6e4f3c81420&dongle=fg7
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7596&xuid=di_bb7fe3469a6e4f3c81420&dongle=fg7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7596&xuid=di_bb7fe3469a6e4f3c81420&dongle=fg7
date
Sun, 30 Apr 2023 02:19:56 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
757c0557066e95cfd4c7
aax-eu.amazon-adsystem.com/s/x/ Frame 222E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
value=3877821143472078157452
sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/ Frame 222E
Redirect Chain
  • https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=3877821143472078157452
  • https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3877821143472078157452
43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
54.153.252.43 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-153-252-43.ap-southeast-2.compute.amazonaws.com
Software
Match/7617.95c0863b8ad718fc9bc2c258bb2b703bed1a564b (i-02faba2c7c0e6f8b0) /
Resource Hash
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
server
Match/7617.95c0863b8ad718fc9bc2c258bb2b703bed1a564b (i-02faba2c7c0e6f8b0)
p3p
CP="NOI NID ADMa PSAa OUR BUS COM NAV"
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
43
expires
-1

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
Match/7617.95c0863b8ad718fc9bc2c258bb2b703bed1a564b (i-0bf2dfeba5f49157c)
p3p
CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=3877821143472078157452
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
expires
-1
usermatch
usersync.getpublica.com/ Frame 222E 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=triplelift&TripleLiftID=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.231.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-231-183.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Content-Length
0
Vary
Origin
Expires
0
xuid
eb2.3lift.com/ Frame 4251
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=23&uid=3877821143472078157452&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3391&xuid=773702615066&dongle=6f30
37 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3391&xuid=773702615066&dongle=6f30
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3391&xuid=773702615066&dongle=6f30
Content-Length
0
xuid
eb2.3lift.com/ Frame 4251
Redirect Chain
  • https://sync.1rx.io/usersync2/triplelift
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2047%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7965400686
  • https://sync.1rx.io/usersync3/mediamathtest/2047/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4070%26xuid%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005%2...
  • https://eb2.3lift.com/xuid?mid=4070&xuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&dongle=2dcc
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&dongle=2dcc
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sun, 30 Apr 2023 02:19:58 GMT
Server
Tengine
ETag
RX25e123c191dd4efbb23f8cb41c34b8bd005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&dongle=2dcc
Content-Type
text/html
Connection
keep-alive
xuid
eb2.3lift.com/ Frame 4251
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7976%26xuid%3D%23PM_USER_ID%26dongle%3Du6nf%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7976&xuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&dongle=u6nf&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7976&xuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&dongle=u6nf&gdpr=0&gdpr_consent=
date
Sun, 30 Apr 2023 02:19:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
xuid
eb2.3lift.com/ Frame 4251
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4557%26xuid%3D[sas_uid]%26dongle%3D7044%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4557&xuid=2403475317176069061&dongle=7044&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4557&xuid=2403475317176069061&dongle=7044&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4557&xuid=2403475317176069061&dongle=7044&gdpr=0&gdpr_consent=
date
Sun, 30 Apr 2023 02:19:55 GMT
content-length
0
us.gif
sync.go.sonobi.com/ Frame 4251 		49 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-34
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 4251
Redirect Chain
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dn0h9TTaSFk0n%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-9dmrt
expires
-1
dcm
s.amazon-adsystem.com/ Frame 4251
Redirect Chain
  • https://cs.mobfox.com/716e10ddd83b1d85fd9cf6dad49829dd.gif?puid=[UID]
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156451&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156451%26pmc%3DPM_PMC%26pr%3Dhttps...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr_consent=%5BGDPR_CONSENT%5D&partnerID=156451&pmc=1&pr=https%3A%2F%2Fcs.mobfox.com%2Fffdab1eda43dfa0004e011a7d40b5fd7.gif%3Fpuid%3DD25146A7-FA5A-44E2-80...
  • https://cs.mobfox.com/ffdab1eda43dfa0004e011a7d40b5fd7.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
  • https://s.amazon-adsystem.com/dcm?pid=c0257981-db57-443e-8ca1-0cec51969887&id=71618fec-dbef-41c1-8812-fbb7225e4849
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=c0257981-db57-443e-8ca1-0cec51969887&id=71618fec-dbef-41c1-8812-fbb7225e4849
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JHBSJBQP3RVQPGKMP2Y9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Location
https://s.amazon-adsystem.com/dcm?pid=c0257981-db57-443e-8ca1-0cec51969887&id=71618fec-dbef-41c1-8812-fbb7225e4849
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
p.adsymptotic.com/d/px/ Frame 4251 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16259&_psign=b376958ac9baec8bbf182ce1504b7fee&_puuid=3877821143472078157452&gdpr=0&consent=&_redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6891%26xuid%3D%24%7BUUID%7D%26dongle%3D2b64
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.60.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
27021
tags.bluekai.com/site/ Frame 4251 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/27021?&id=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.229 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
ibs:dpid=72352&dpuuid=3877821143472078157452
dpm.demdex.net/ Frame 4251 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.21.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-21-48.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v047-01b0e656f.edge-va6.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bTVJvUlMRxU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sd
us-u.openx.net/w/1.0/ Frame 8F6F
Redirect Chain
  • https://ad.mrtnsvr.com/sync/openx
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540245193%26val%3D%23PM_USER_ID
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
date
Sun, 30 Apr 2023 02:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
merge
ce.lijit.com/ Frame 8F6F 		43 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=6ffdcb55-85c5-0c94-1ca4-fa88f93d3894
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 8F6F
Redirect Chain
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=7df35828-c3f6-0083-01d6-a6b331283fc1&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687623
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687623
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687623
Content-Length
0
v1
openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/ Frame 8F6F 		0
0
openx
tr.blismedia.com/v1/api/sync/ Frame 8F6F 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
us-u.openx.net/w/1.0/ Frame 8F6F
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=1f62b228ed2b0fe8&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAFprChOVJ8egMxxzO2AAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAFprChOVJ8egMxxzO2AAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAFprChOVJ8egMxxzO2AAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 8F6F
Redirect Chain
  • https://px.owneriq.net/eox
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7361075961987999054&uid=Q7361075961987999054&ref=%2Feox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075961987999054
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075961987999054
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075961987999054
Content-Type
text/html
Cache-Control
max-age=27550
Connection
keep-alive
Content-Length
154
CookieSyncOpenX
rtb.adentifi.com/ Frame 8F6F 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncOpenX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.183.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-183-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
/
csync.loopme.me/ Frame 8F6F 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1285&vt=e6b239c5-c9a1-021c-0613-475e312b9ff4&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.153.92 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
92.153.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
server
_
sd
us-u.openx.net/w/1.0/ Frame 8F6F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=0a286428-fa0e-0f07-2c43-f2c97352fffa
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
2000
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7bfc4d834e37ecea-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 89B3
Redirect Chain
  • https://ad.mrtnsvr.com/sync/openx
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540245193%26val%3D%23PM_USER_ID
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
date
Sun, 30 Apr 2023 02:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
merge
ce.lijit.com/ Frame 89B3 		43 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=6ffdcb55-85c5-0c94-1ca4-fa88f93d3894
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 89B3
Redirect Chain
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=7df35828-c3f6-0083-01d6-a6b331283fc1&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687624
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687624
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687624
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 89B3
Redirect Chain
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_9f2773ac-eb15-4bab-a1a1-5f7d27750bb9
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_9f2773ac-eb15-4bab-a1a1-5f7d27750bb9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_9f2773ac-eb15-4bab-a1a1-5f7d27750bb9
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
openx
tr.blismedia.com/v1/api/sync/ Frame 89B3 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
us-u.openx.net/w/1.0/ Frame 89B3
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=7938789621ec21f7&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAL3IeCRjuNNwNODAdYAAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAL3IeCRjuNNwNODAdYAAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAL3IeCRjuNNwNODAdYAAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 89B3
Redirect Chain
  • https://px.owneriq.net/eox
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7361075961319417013&uid=Q7361075961319417013&ref=%2Feox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075961319417013
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075961319417013
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075961319417013
Content-Type
text/html
Cache-Control
max-age=27550
Connection
keep-alive
Content-Length
154
CookieSyncOpenX
rtb.adentifi.com/ Frame 89B3 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncOpenX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.183.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-183-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
/
csync.loopme.me/ Frame 89B3 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1285&vt=e6b239c5-c9a1-021c-0613-475e312b9ff4&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.153.92 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
92.153.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
server
_
sd
us-u.openx.net/w/1.0/ Frame 89B3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=0a286428-fa0e-0f07-2c43-f2c97352fffa
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
1293
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7bfc4d839ea7ecea-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BBCE
Redirect Chain
  • https://ad.mrtnsvr.com/sync/openx
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540245193%26val%3D%23PM_USER_ID
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
date
Sun, 30 Apr 2023 02:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
merge
ce.lijit.com/ Frame BBCE 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=6ffdcb55-85c5-0c94-1ca4-fa88f93d3894
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BBCE
Redirect Chain
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=7df35828-c3f6-0083-01d6-a6b331283fc1&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687624
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687624
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687624
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame BBCE
Redirect Chain
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_857b88dc-1703-4115-bae2-68327285501f
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_857b88dc-1703-4115-bae2-68327285501f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_857b88dc-1703-4115-bae2-68327285501f
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
openx
tr.blismedia.com/v1/api/sync/ Frame BBCE 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
us-u.openx.net/w/1.0/ Frame BBCE
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=3dba5dedf9a72163&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAMERwH02NB8QNh3Qt0AAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAMERwH02NB8QNh3Qt0AAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAMERwH02NB8QNh3Qt0AAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame BBCE
Redirect Chain
  • https://px.owneriq.net/eox
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7361075971225854608&uid=Q7361075971225854608&ref=%2Feox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075971225854608
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075971225854608
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075971225854608
Content-Type
text/html
Cache-Control
max-age=27550
Connection
keep-alive
Content-Length
154
CookieSyncOpenX
rtb.adentifi.com/ Frame BBCE 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncOpenX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.183.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-183-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
/
csync.loopme.me/ Frame BBCE 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1285&vt=e6b239c5-c9a1-021c-0613-475e312b9ff4&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.153.92 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
92.153.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
server
_
sd
us-u.openx.net/w/1.0/ Frame BBCE
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=0a286428-fa0e-0f07-2c43-f2c97352fffa
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
493
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7bfc4d83aeb4ecea-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 341B
Redirect Chain
  • https://ad.mrtnsvr.com/sync/openx
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540245193%26val%3D%23PM_USER_ID
  • https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C
date
Sun, 30 Apr 2023 02:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
merge
ce.lijit.com/ Frame 341B 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=6ffdcb55-85c5-0c94-1ca4-fa88f93d3894
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 341B
Redirect Chain
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=7df35828-c3f6-0083-01d6-a6b331283fc1&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687624
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687624
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537123500&val=773702687624
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 341B
Redirect Chain
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_8ee4fae7-01e7-4502-8997-210ac70b1164
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_8ee4fae7-01e7-4502-8997-210ac70b1164
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_8ee4fae7-01e7-4502-8997-210ac70b1164
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
openx
tr.blismedia.com/v1/api/sync/ Frame 341B 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/openx
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sd
us-u.openx.net/w/1.0/ Frame 341B
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://openx2-match.dotomi.com/match/bounce/current?DotomiTest=3c1b993ab8092191&is_secure=true&networkId=15900&version=1&nuid=%7BOX_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAL7N8vOLFDJANrWAFSAAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAL7N8vOLFDJANrWAFSAAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AAAL7N8vOLFDJANrWAFSAAAAAAA&expiration=1682907597&nuid={OX_USER_ID}&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 341B
Redirect Chain
  • https://px.owneriq.net/eox
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fus-u.openx.net%2fw%2f1.0%2fsd%3fid%3d537073059%26val%3dQ7361075971502906703&uid=Q7361075971502906703&ref=%2Feox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075971502906703
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075971502906703
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7361075971502906703
Content-Type
text/html
Cache-Control
max-age=27550
Connection
keep-alive
Content-Length
154
CookieSyncOpenX
rtb.adentifi.com/ Frame 341B 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncOpenX
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.183.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-183-31.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
/
csync.loopme.me/ Frame 341B 		0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1285&vt=e6b239c5-c9a1-021c-0613-475e312b9ff4&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.153.92 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
92.153.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
server
_
sd
us-u.openx.net/w/1.0/ Frame 341B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=0a286428-fa0e-0f07-2c43-f2c97352fffa
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=10&ph=3c68a574-16fc-4af6-ae85-164343aad03a&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
2473
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662259301801937
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7bfc4d83aeb5ecea-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 34DD
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=23&uid=3877821143472078157452&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3391&xuid=773702615066&dongle=6f30
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3391&xuid=773702615066&dongle=6f30
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3391&xuid=773702615066&dongle=6f30
Content-Length
0
xuid
eb2.3lift.com/ Frame 34DD
Redirect Chain
  • https://sync.1rx.io/usersync2/triplelift
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2047%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=7465388568
  • https://sync.1rx.io/usersync3/mediamathtest/2047/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4070%26xuid%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005%2...
  • https://eb2.3lift.com/xuid?mid=4070&xuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&dongle=2dcc
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&dongle=2dcc
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sun, 30 Apr 2023 02:19:58 GMT
Server
Tengine
ETag
RX25e123c191dd4efbb23f8cb41c34b8bd005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&dongle=2dcc
Content-Type
text/html
Connection
keep-alive
xuid
eb2.3lift.com/ Frame 34DD
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7976%26xuid%3D%23PM_USER_ID%26dongle%3Du6nf%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7976&xuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&dongle=u6nf&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7976&xuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&dongle=u6nf&gdpr=0&gdpr_consent=
date
Sun, 30 Apr 2023 02:19:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
xuid
eb2.3lift.com/ Frame 34DD
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4557%26xuid%3D[sas_uid]%26dongle%3D7044%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4557&xuid=2403475317176069061&dongle=7044&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4557&xuid=2403475317176069061&dongle=7044&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4557&xuid=2403475317176069061&dongle=7044&gdpr=0&gdpr_consent=
date
Sun, 30 Apr 2023 02:19:56 GMT
content-length
0
us.gif
sync.go.sonobi.com/ Frame 34DD 		49 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-34
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 34DD
Redirect Chain
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dn0h9TTaSFk0n%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-9dmrt
expires
-1
match
dm-us.hybrid.ai/ Frame 34DD
Redirect Chain
  • https://cs.mobfox.com/716e10ddd83b1d85fd9cf6dad49829dd.gif?puid=[UID]
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156451&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156451%26pmc%3DPM_PMC%26pr%3Dhttps...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr_consent=%5BGDPR_CONSENT%5D&partnerID=156451&pmc=1&pr=https%3A%2F%2Fcs.mobfox.com%2Fffdab1eda43dfa0004e011a7d40b5fd7.gif%3Fpuid%3DD25146A7-FA5A-44E2-80...
  • https://cs.mobfox.com/ffdab1eda43dfa0004e011a7d40b5fd7.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
  • https://dm-us.hybrid.ai/match?id=9c1c6b90-f51a-4f3f-9fb1-96ff1fe02e31
0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm-us.hybrid.ai/match?id=9c1c6b90-f51a-4f3f-9fb1-96ff1fe02e31
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
37.18.24.16 Berlin, Germany, ASN205675 (HYBRID-AS, DE),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
https://eb2.3lift.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
422
x-xss-protection
1; mode=block
expires
-1

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Location
https://dm-us.hybrid.ai/match?id=9c1c6b90-f51a-4f3f-9fb1-96ff1fe02e31
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
p.adsymptotic.com/d/px/ Frame 34DD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16259&_psign=b376958ac9baec8bbf182ce1504b7fee&_puuid=3877821143472078157452&gdpr=0&consent=&_redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6891%26xuid%3D%24%7BUUID%7D%26dongle%3D2b64
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.60.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
27021
tags.bluekai.com/site/ Frame 34DD 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/27021?&id=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.229 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
ibs:dpid=72352&dpuuid=3877821143472078157452
dpm.demdex.net/ Frame 34DD 		42 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.21.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-21-48.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v047-08e85cb02.edge-va6.demdex.com 12 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
xd4IJrsbRlM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
xuid
eb2.3lift.com/ Frame 94A5
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=23&uid=3877821143472078157452&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3391&xuid=773702615066&dongle=6f30
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3391&xuid=773702615066&dongle=6f30
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3391&xuid=773702615066&dongle=6f30
Content-Length
0
xuid
eb2.3lift.com/ Frame 94A5
Redirect Chain
  • https://sync.1rx.io/usersync2/triplelift
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2047%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=3464501808
  • https://sync.1rx.io/usersync3/mediamathtest/2047/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4070%26xuid%3DRX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005%2...
  • https://eb2.3lift.com/xuid?mid=4070&xuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&dongle=2dcc
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&dongle=2dcc
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sun, 30 Apr 2023 02:19:58 GMT
Server
Tengine
ETag
RX25e123c191dd4efbb23f8cb41c34b8bd005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&dongle=2dcc
Content-Type
text/html
Connection
keep-alive
xuid
eb2.3lift.com/ Frame 94A5
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7976%26xuid%3D%23PM_USER_ID%26dongle%3Du6nf%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7976&xuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&dongle=u6nf&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7976&xuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&dongle=u6nf&gdpr=0&gdpr_consent=
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
xuid
eb2.3lift.com/ Frame 94A5
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4557%26xuid%3D[sas_uid]%26dongle%3D7044%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4557&xuid=2403475317176069061&dongle=7044&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4557&xuid=2403475317176069061&dongle=7044&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4557&xuid=2403475317176069061&dongle=7044&gdpr=0&gdpr_consent=
date
Sun, 30 Apr 2023 02:19:56 GMT
content-length
0
us.gif
sync.go.sonobi.com/ Frame 94A5 		49 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-34
Content-Type
image/gif
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 94A5
Redirect Chain
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dn0h9TTaSFk0n%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://eb2.3lift.com/xuid?mid=2636&xuid=n0h9TTaSFk0n&dongle=8bee&gdpr=0&gdpr_consent=
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-9dmrt
expires
-1
match
dm-us.hybrid.ai/ Frame 94A5
Redirect Chain
  • https://cs.mobfox.com/716e10ddd83b1d85fd9cf6dad49829dd.gif?puid=[UID]
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156451&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D156451%26pmc%3DPM_PMC%26pr%3Dhttps...
  • https://image4.pubmatic.com/AdServer/SPug?gdpr_consent=%5BGDPR_CONSENT%5D&partnerID=156451&pmc=1&pr=https%3A%2F%2Fcs.mobfox.com%2Fffdab1eda43dfa0004e011a7d40b5fd7.gif%3Fpuid%3DD25146A7-FA5A-44E2-80...
  • https://cs.mobfox.com/ffdab1eda43dfa0004e011a7d40b5fd7.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
  • https://dm-us.hybrid.ai/match?id=2fafe7fb-d2de-4764-aaa8-146875d9c194
0
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm-us.hybrid.ai/match?id=2fafe7fb-d2de-4764-aaa8-146875d9c194
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
37.18.24.16 Berlin, Germany, ASN205675 (HYBRID-AS, DE),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
https://eb2.3lift.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
423
x-xss-protection
1; mode=block
expires
-1

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
Location
https://dm-us.hybrid.ai/match?id=2fafe7fb-d2de-4764-aaa8-146875d9c194
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
/
p.adsymptotic.com/d/px/ Frame 94A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16259&_psign=b376958ac9baec8bbf182ce1504b7fee&_puuid=3877821143472078157452&gdpr=0&consent=&_redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6891%26xuid%3D%24%7BUUID%7D%26dongle%3D2b64
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.60.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
27021
tags.bluekai.com/site/ Frame 94A5 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/27021?&id=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.100.229 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-100-229.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
ibs:dpid=72352&dpuuid=3877821143472078157452
dpm.demdex.net/ Frame 94A5 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.21.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-21-48.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v047-0d31c5966.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4Q/cfPWwSyI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
lotame20230117.js
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame 0CA1 		676 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.242 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:55 GMT
content-encoding
gzip
last-modified
Tue, 17 Jan 2023 20:00:05 GMT
server
openresty
etag
W/"63c6fe45-2a4"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 28 Apr 2028 02:19:55 GMT
um
u-iad04.e-planning.net/ Frame 0CA1
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D0855814426be387e%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=57784bd674392191&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi...
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=0855814426be387e&uid=AAAL7N8vOLFDEQNYVSH4AAAAAAA&expiration=1682907597&is_secure=true
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=0855814426be387e&uid=AAAL7N8vOLFDEQNYVSH4AAAAAAA&expiration=1682907597&is_secure=true
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:57 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=0855814426be387e&uid=AAAL7N8vOLFDEQNYVSH4AAAAAAA&expiration=1682907597&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
next-up-widget.20230427-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230427-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/khaleejtimesmena-p13238197/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c62cb8e9ce2c4f1184d649ed105e7804631ccc8a9e70158596318c935afb033

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
TMIFuHnJ_IYn2reIuLueRjwttxiAehDv
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:56 GMT
x-amz-request-id
BVPSWBP73538ZDV3
age
150901
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
Ed2FpJ8GdCGUpqWrC6oH20SbvKRqC91+JBDnQ8psG5jC4YJWMOZqcvTDa1HE7MIoYEz7Q38EYAc=
x-served-by
cache-yul12822-YUL
last-modified
Fri, 28 Apr 2023 08:24:45 GMT
server
AmazonS3
x-timer
S1682821197.549853,VS0,VE0
etag
"aaeee13dd8edfebced13727f29ce8544"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
11
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
11583
spa-detector.20230427-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230427-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/khaleejtimesmena-p13238197/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c28ee863ec98028922af754b8f10e8fbd8d9563c4f159debcb860be5774f6643

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
NzvEFxz.B3zu0dJkfY6bXMqj.43bxoDP
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:56 GMT
x-amz-request-id
1ZHS75RGTF6H7YXS
age
150904
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
810
x-amz-id-2
/vhgbbP1xl6dYlvP/EfToWKQ9O+/hGWDSnWkq6eO20++lv3biSgG7BhodYKC36Z/gMt/MdTvXwQ=
x-served-by
cache-yul12822-YUL
last-modified
Fri, 28 Apr 2023 08:24:51 GMT
server
AmazonS3
x-timer
S1682821197.549817,VS0,VE0
etag
"d6aaac70ca4999be096449fc3d9d9673"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
11
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
84537
supply-feature
us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/supply-feature?route=US:US:V&lti=deflated&ri=739236eba8fe3fe462a6a91e72965c6c&sd=v2_cee9076c1765ae81151a2dad5d03f2fa_5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9_1682821193_1682821193_CNawjgYQhNdFGIa81v_8MCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABowPup8duG3vbwAXAB&ui=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&pi=/tech/microsoft-says-it-found-malicious-software-in-its-systems&wi=-2936916532520794986&pt=text&vi=1682821193222&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=02%3A19%3A56.418&id=9659&llvl=2&cv=20230427-7-RELEASE&
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/abtests?route=US:US:V&lti=deflated&ri=739236eba8fe3fe462a6a91e72965c6c&sd=v2_cee9076c1765ae81151a2dad5d03f2fa_5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9_1682821193_1682821193_CNawjgYQhNdFGIa81v_8MCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABowPup8duG3vbwAXAB&ui=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&pi=/tech/microsoft-says-it-found-malicious-software-in-its-systems&wi=-2936916532520794986&pt=text&vi=1682821193222&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1682821196419%7D&tim=02%3A19%3A56.420&id=356&llvl=2&cv=20230427-7-RELEASE&
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/supply-feature?route=US:US:V&lti=deflated&ri=739236eba8fe3fe462a6a91e72965c6c&sd=v2_cee9076c1765ae81151a2dad5d03f2fa_5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9_1682821193_1682821193_CNawjgYQhNdFGIa81v_8MCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABowPup8duG3vbwAXAB&ui=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&pi=/tech/microsoft-says-it-found-malicious-software-in-its-systems&wi=-2936916532520794986&pt=text&vi=1682821193222&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=02%3A19%3A56.422&id=8069&llvl=2&cv=20230427-7-RELEASE&
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-trc-events.taboola.com/khaleejtimesmena-p13238197/log/3/abtests?route=US:US:V&lti=deflated&ri=739236eba8fe3fe462a6a91e72965c6c&sd=v2_cee9076c1765ae81151a2dad5d03f2fa_5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9_1682821193_1682821193_CNawjgYQhNdFGIa81v_8MCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABowPup8duG3vbwAXAB&ui=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&pi=/tech/microsoft-says-it-found-malicious-software-in-its-systems&wi=-2936916532520794986&pt=text&vi=1682821193222&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1682821196463%7D&tim=02%3A19%3A56.463&id=5733&llvl=2&cv=20230427-7-RELEASE&
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
match
ads.betweendigital.com/ Frame 2FCF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D4e88baf9-60d2-4b7a-980c-5c1c7c62d27...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=5ded644d-d048-4900-9db9-f4be5bd2dfb7&expires=30&ssp=between&bsw_param=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
Date
Sun, 30 Apr 2023 02:19:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ads.betweendigital.com/ Frame 2FCF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS04RGpJSFBWRTJ1RlIydU9Lc1c0T0M5WENtOUZoU3EyUVU5ZGp6RVUtfkE%3D&gdpr=0
68 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS04RGpJSFBWRTJ1RlIydU9Lc1c0T0M5WENtOUZoU3EyUVU5ZGp6RVUtfkE%3D&gdpr=0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://ads.betweendigital.com/match?bidder_id=251&external_user_id=eS04RGpJSFBWRTJ1RlIydU9Lc1c0T0M5WENtOUZoU3EyUVU5ZGp6RVUtfkE%3D&gdpr=0
date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
ads.betweendigital.com/ Frame 2FCF
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uL4sb4hLhO5f.AikABlGHz_WuLA
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uL4sb4hLhO5f.AikABlGHz_WuLA
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
server
nginx
x-backend-id
f3-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=uL4sb4hLhO5f.AikABlGHz_WuLA
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
btw
sync.dmp.otm-r.com/match/ Frame 2FCF 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/btw?id=caa4e1f7-081e-5278-9695-c2ccf2d81289
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
116.202.236.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.228.236.202.116.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:57 GMT
server
nginx/1.17.10
sd
us-u.openx.net/w/1.0/ Frame 0494
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=openx&id=
  • https://us-u.openx.net/w/1.0/sd?id=537115685&val=4c3cb01c-affc-4fba-af00-9ec746d0cd13
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537115685&val=4c3cb01c-affc-4fba-af00-9ec746d0cd13
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537115685&val=4c3cb01c-affc-4fba-af00-9ec746d0cd13
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
112
Expires
Tue, 29 May 1984 15:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 0494
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.cbc68e875474459db9e07fb79c8b8c8b
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.cbc68e875474459db9e07fb79c8b8c8b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.cbc68e875474459db9e07fb79c8b8c8b
date
Sun, 30 Apr 2023 02:19:57 GMT
x-content-type-options
nosniff
content-length
0
x-frame-options
DENY
x-xss-protection
1; mode=block
pd
us-u.openx.net/w/1.0/ Frame 0494
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=7f8fb08a-14bb-0269-0da6-4f2231ed20a0&redirectId=2257
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1682821197079096-173
sd
us-u.openx.net/w/1.0/ Frame 0494
Redirect Chain
  • https://dmp.brand-display.com/cm/api/openx
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=9392106e-c708-905c-1a29a45f
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=539237773&val=9392106e-c708-905c-1a29a45f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://us-u.openx.net/w/1.0/sd?id=539237773&val=9392106e-c708-905c-1a29a45f
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
ox
match.justpremium.com/match/ Frame 0494 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=4992db65-38c0-0cf3-0906-ca1880f944fc
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.250.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-250-117.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-length
43
content-type
image/gif
sd
u.openx.net/w/1.0/ Frame 0494
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=81&gdpr=0
  • https://u.openx.net/w/1.0/sd?id=540394477&val=2403475317176069061&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=540394477&val=2403475317176069061&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?id=540394477&val=2403475317176069061&gdpr=0&gdpr_consent=
date
Sun, 30 Apr 2023 02:19:56 GMT
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 271D
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=openx&id=
  • https://us-u.openx.net/w/1.0/sd?id=537115685&val=4ef494e1-05e1-4826-89a2-aa70cfed2e73
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537115685&val=4ef494e1-05e1-4826-89a2-aa70cfed2e73
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537115685&val=4ef494e1-05e1-4826-89a2-aa70cfed2e73
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
112
Expires
Tue, 29 May 1984 15:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 271D
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.cbc68e875474459db9e07fb79c8b8c8b
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.cbc68e875474459db9e07fb79c8b8c8b
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.cbc68e875474459db9e07fb79c8b8c8b
date
Sun, 30 Apr 2023 02:19:57 GMT
x-content-type-options
nosniff
content-length
0
x-frame-options
DENY
x-xss-protection
1; mode=block
pd
us-u.openx.net/w/1.0/ Frame 271D
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=7f8fb08a-14bb-0269-0da6-4f2231ed20a0&redirectId=2257
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1682821197089056-301
sd
us-u.openx.net/w/1.0/ Frame 271D
Redirect Chain
  • https://dmp.brand-display.com/cm/api/openx
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=9392106e-c708-905c-1a29a45f
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=539237773&val=9392106e-c708-905c-1a29a45f
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://us-u.openx.net/w/1.0/sd?id=539237773&val=9392106e-c708-905c-1a29a45f
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
ox
match.justpremium.com/match/ Frame 271D 		43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=4992db65-38c0-0cf3-0906-ca1880f944fc
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.250.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-250-117.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-length
43
content-type
image/gif
sd
u.openx.net/w/1.0/ Frame 271D
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=81&gdpr=0
  • https://u.openx.net/w/1.0/sd?id=540394477&val=2403475317176069061&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=540394477&val=2403475317176069061&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?id=540394477&val=2403475317176069061&gdpr=0&gdpr_consent=
date
Sun, 30 Apr 2023 02:19:56 GMT
content-length
0
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-9dmrt
expires
-1
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:56 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9ee4dd37-1d1c-4218-9e9d-d2d098f0d22a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GkJrZBZH2ygXJcZOSOi_0W40&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:57 GMT
server
Aorta/20230424.0cea469ad
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
ae1d9d2e1183
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=fmx&user_id=tTTWnTvsS_zNFxrKtjKs0
  • https://ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Date
Sun, 30 Apr 2023 02:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sovrn
tr.blismedia.com/v1/api/sync/ Frame 9CE8 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame 9CE8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
223
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1682821195955&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 02:19:57 GMT
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT, Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
17c962550296893d145ef1b8078fc6d6
Expires
0
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dc3244bd-8152-4966-bfaa-d34ec71320e0
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
83041abbe8494cb29eff3083edd6dff6
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9CE8
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 9CE8
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 9CE8
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame BA8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfIN9f-FBLeY-oy2GAnXVIm8AX7ohhQPuxaxVLa7NlBZkdAM2ls1L0kAz9j1TMX-tpKgekEr0QoCQlWutU_Awx78DtWqGmplhCA1L3LYFyrx_SzqI6hGSHFRE6bVjjrdFWjZwFNbPCoNMzJJZVmJNj9rzVdhYPBjA9Qbdec0w0Atp-h5su6xDJ2dl6OcVM2Y10AJ3ID4nzaFhdKwrx_nT8iwgCzZu0vNjB0d7n74khHfjTHno8ss15u0IX1XuAtqq--YkgEm7wPBDWj1xNVqvdOOAfkd-raNm7px14AlgnqWX5CXqfgPh_-Cg5AbuIFsic4ygUYwFD1LXbTEcOqvfA8QL1weYpKOLlfPtD00QxNI5KSK8O6nJEKP5Up95MjuHE_qWjCseI28k77pYwA-eC6N-W55phtjKBdh09IcvwRfX6rxbGVogIgy-3VQHmw3jmU1KV0cz3Zc2U0XvtokAUgOsBlVk9x3FOV6rkS1KFJ1DGFOPTkZKzzb0vlZhDPMs87Q9J1Y5lI9OtpmxwRbx5x2tthvrk8RLfcj8Cbpvf3c8b3_mBCVp5fHF2B06Cst6Nv31NrxP9UcNz5kZKEjtG2kH3gSY_Db9032bZx7enGeOYdkhX3nK51maqtbLhVWbjpfGGhJw5W6rep8JAcnkEeIBRRR4Ruq9ZhyjMhuZ_rD4Y7lO68oxzeAYFes0gKb4Qi1XcNSZrJJYHYLn9l_Cm9ECs0sYDxaGGB9qpATfgwHGaQ3EhLMlVS-g99UOoEdeZr91ggY7ttancCAbmQDIcz0qYDy5DJTZ_MfbH7GfiqD5mI6N4jtu4kFEYF4pUvyx1vypgR5b9e8PkFFx_lkbUMIm1GVoeRNSVUHQTf9b78L53AXvey_8h-oH1pPeDsfakKG75QV1DoDETyF5TBOB6puyrxhpArPFNAONRTL4doFCmwt0vNvzZ7MyZudnOZg7Wd5rqPRJxzAOs3pOlygL1IzMIh2ZaDh9K45f33YKp003ftgQEeaWlKXAxKjARsbckzQtA_FPiVnw8Q6cblfSZovFtoyKpH-T8k1LUpkNl89XkpN1EMvAefkEdutlkOQtk0Zzs_WL5-X6QfIqXOU9Yh87d550ONXUVelIxs3P_PfiqpIW3BFEWcnC8lpJ7TlwXRI74rGt4BsYK9OsOVl0ORDp5p6NcdLQne8hof4NTQfAd1NdQlZSbd_Ug&sai=AMfl-YQSUiAH-0xoutTqbKS0FJERGP0Zug4x7DcZTV0fFmokJ_aFrZWejH5iRpAwVEsDpBGD6BsBpUzEQHGV_2uFmPo-DiqBDDSICJ3W8VXl3u3vMx-i9rtIG9a_vQE8rZZv4MkTtEvHIFlyXI5NIvOoy-IdqYa_9fYpYgrSVgLLnnnLZKZZpY8&sig=Cg0ArKJSzKJePzwzH0VeEAE&uach_m=[UACH]&pr=9:AAABh8_1lAcXi4WfqyP0eii9nCY56htbhs_jbw&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=979&vt=11&dtpt=977&dett=2&cstd=0&cisv=r20230426.95774&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxmWEnWeLv5IygJaWOoBB_IcAjoD2AiE1egY-ENiPBElpUvVjDLvb05qWlt8g8xcVkWC-gorLQl9H_wMIQMM7xZapnz5Y6n4GEELwFnn3t-tHxAeShH_HZM9DIJKID2VSRAvokpeHHDfzNN9shmuiw9xkdnV1Th-J5_ufhMaUhu5tKjCg&dbm_d=AKAmf-DCT_gEmuFoVTLcVA3iOSK-49q7NpbW8wy2BJC1HJUnbJj3MQiGL1wI7REV2LxqzSmZQaWKA8Y8jChyWt-9UVPDWuTwjsoJURcax1mItiBJbhtPDKj4NPJEZmGIVg12nRpuZ6JufTf1AOWBxBqnsRL-AC7ijq45q7y9tB5HMbNpDkoBOpa5jnqSbeuOOzCpjOEuo22AUgMiKh5BKyWxyc2sTXxReZVPh-ZXyMM4AbxKjrt2d4yBPmTWuSlgx_r10zLHBnan5eZ8rHyrSwONYJvyvT_IpZ2XKalGqU4Sx27olUcLWXI_xRVieEE71eRUYPNGoJqwxYOwPxAnLWqtGJDM6Q-YlCVdyUrLWaKa_OJhsIEkwdrbZLk6-rxC7KrGuoKBh1aj0Tn2vnkxg1-0qDhJFcoeAur1IWI2xeDPIkCM4VRNJfD3jrBot-CqhMVQO4tD9eu8zxxeIp5BvFOn-YSxFh44oae_VAZcQuG-AUo_4NMtftegxSVPppv6EUcGaW74zZWh4al46Np3uDhVu4VzWGiS1Q6qGvaCSc5A5wAbLxqyTNmIycLvm4XkBHuXspbG95qjCLy6q1DQ7TXPelzJMgu81xFqwX2LqLqm57WFNTencJnbJb6EUjUTX66DDa4HrBp9xii3bcILbPVu5psex0VxiCqt1U43HycFnk7VefmTykWPlGUJ-9GZ1WgzyEnmfLEaAUd3V4ztwEnd6G53IEttsG0Q8wqmhs1kJYii3KRdKcwkv5sKfSQ4pUvBlnxvAsXwWtpszmMsg7grKejvCYPrrxfYNvFGvFbZPGhZHqFvEMquuz7qMSgfFpxXE1iuWwr6ZQ7Ui_nvOdydX6hz41NqhvxeL1Wz5IA8BhRwQUXF0IZGEQqSHjrz-KveJNTJz-_6fa4ZRVul37W6wDj1cpYvirR6U9TJPuPpSOV-nTXKtBb9dPXI4UPhTT2BK1Bk0nTipp6JiSLSmn0v4hMnjrGvlEZn_bUejizgg47kD1KgvFuQyzPTrf4LHMQYalkfr2jzF1PSOkeQeMIO-BnI-1BvyYwNJF_dXgcpMieMbSFbjMFYGItYi6ivk5ypiIxvk_tWztEriOrXgGiVjG_YgFqpQL6ypaWMS-JNlhchG3wEbJQyHB6mlH1Wr6qRY8-NJqh6YJlHIBFM9J_UWow-C7kTV35G6hJ6QIHO7J8oJSfLnVocxTFhat-pjjJzW5w6PAnZbqW6bYJEoe9DdIfGVmLW1gAWPoCiu3zfm3VAspcDGK9YJNrtQPcBK8AF9nM0ju_AHl3MqGbu4fzuBRl60GCHh4c8tyBJxsHAhyJk80qXscGUK9umSrAedDQbPl2oLkAPHZoC6zSIOvKUFOe_2NbRWJWVH-5X8_IEhgHYCDhtL7T_JFXZXR_CtTeje_TjFwvT1MUL89r7xjXXFu1a9PinkKBt_jCezMv1wFJwJTv3sUeuzQX2mskCFBpS_uyDmn32NF0GoeUGrHbXeO2-60tAt7tcn8xvM8TlCGVv21c5lW2_QYcqupLAhEDBMikEFzCo_eWsSnwSTsXKX7xXQ84rlTdWjQKpSelzXVemZWl6briulf_JsXmilt9jqQMFFr_n4H7qOVFInwVDBOQFr4c7gm131KVCd_s6M1j_Rrc3anf2_yQYdc1qWSIUzv9xZL2BJ6PAUz2DmkY6fJBJkEKzcpV2JjKJ9M-JRGKXa-X88qMukv0VK2ydixzKkALKIIs6QKXb6yrR8CqOss4kz9CtIBdpEvGf3o0XTTT4TShkqAB9lt0B4FzCKYDcxmdxrNa9yFWoioLTTMTNQB-rsS9SXP8GzZ41446EzrgeTe3wYa_qmRGufCGVy5xkXlgO4Z1PY2s1kvK4FvKNyBsSKO1S6hLM0gj5VusEdIxW2o17FRBk4gUExMxkRxVX5egTUvzyQZZXqVhHILJ1UuZW6cFc_xMcd4l7TzAdsM1RupjkrYwN9w_FZC2RkhrT8eiaeH0oNDe0mr0S67Ip2O59LqMNdY0-DME-9wJ9RVvMLZPXc1MNp46J2v_Pn-QfePj4ASnyndf1OCNKPoeXim-NnKU555ldiUL9qS5HLfK5lI_pFA5ghl3Ti8m4TGWg36jyaEWfVqD5ykfIQsk-BiPbi7Wda-AAPWCPhx9HyTcJSdjMSbYTD6-ckmTeC7J9HdGJf0VB_iThUNRCnAlgNNbXgl0FUg4rltNzFcWW8OgPcsAdTmHtXUyYYBFBRF5_cjWiKwchTUNKiZbz_Mk4iB71UxzdyZvBUKUzavPUtWkx-JNiF0N4vMNek5mCThZG_Tk0EwIRzl3SDO-CBsRTBvHSoJfNhvl4aSXjsagfEytgj2aaDIcUXJlmcxMPyR2CR0w8ijJyx4GMXxlmxTOuWmdQyshHJT-P5fzXZned3WbZdw8VRsR-vFREj0GTwMCAdOB2hu8GAkXaDSklb6e-JnKHtFBsOAIgJf3AZnYIRacmrWtM-ZbYdZyonSWhOT8e-o2zRyzb3C-V2_krmpacCi-68Xtr0s7yDF0g1Ldsfw6Cjj80fuEYgdGqU-aiNG1qEias9GgARSlM0cp2lg_6GjHn0aJixhe6bvD7DlI00yLKg7Tr54F-7zUA6Um2QUZA-4x32Fwj-OHuuN-JgQvpBlYMbr-0tJyLO79g4zcZe4eychlwFWwf8yC_5kNEJJgUgSSqxP3gJUFjmz_9KmMdq6rD32SriJONvU_NSrbVbNjiEhKYmLch51hFWJcHWqs9CMJeVXwgiVHI9XNjpq3EPo75RUY0jNK_OMIeYJxIDEC7a6JIe60fBQ1z8aGPNk0zib1o12p6VzdBvlInP7WaiS6XNqINRpu0BZfvC_kw66IjppBhBf4nyhADee16PNzCc1KkhkgA00T8ZrCR7J1SAhmFWnr-YBqvL86fUMo833YrGl1fhR2jDkCYV8f3EUSUmejE51p7FQrK7QeIUQz2Mp0opgygirkkenTEQzXjcpX3gTIqAXloHd75QhmlQKvdsqyo7GNurmIOPJ850sWLMlox3jylrPzISOl4HPa06io1-NRf_5TXIecPIsc-ul0ZxaS4w3a-y8uUuwt8dXYxG494Z-4VcCDPgVEKqsT52nzGy3vF68WFdG4MtCQpLl-42OyG9uhIj07rXJUmeRie4UwPptX9YqW7fcO1JAYIunB-A1vlENoEqzRtlC6eL4owX6hvkuAmIn88a4qpOnlsDg5zVWnI8uZyUqr-NEdPX9FwQLdePJy2PKBy-MX5yrLjy6fRHyhN3T4et1GBAxZ5QcR2GXaMGJQTXLLmPj2UZDyArjviCbJ26j8QwyK7h4f7hVS8ZsJZ_1vYenTArGEELsz9jKWHMKFNkK_Q9TUnsA7o89XASak&pr=9%3AAAABh8_1lAcXi4WfqyP0eii9nCY56htbhs_jbw&cid=CAQSGwBygQiDoXWWTwfO3ZLNWtDjHYVcE_tPtxIC6xgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAoUcGApnNXdoM3dzMXppHBaB3aXO4_Xq_1MWwc65k_7O5rOkAQAcFpaEorL-_uevSRbTiKOB-bXCzZoBABaMwe7EDBUGACwcFQIAHBUCABwVAgAAHCbY1I2EBBUEFQQm1tSNhAQWuNSNhAQlAhUCpkIWQhZCFigWKBYoFigWhAEAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWvNmYgAQWxL6bgAQWgtqkgAQWgIiggAQVGBwUtAEUsAsAFQQmhAEWhAEWhAERNQ4mhAE0AgAsLBbqjbqnzvL95CkW7ZmSrOzq-dW7AQAWjMHuxAwGKLzZmIAEFsS-m4AEFoCIoIAEFoLapIAEGAk0NjkzNjUyNzAWisYBFoQBJQQWQhgHMzIzNjUzNBUClrqKiQMRERgCT1gMehS4ARSEBgAWAhgDcnRiANwbAogeTUxfRkVFX09QVElNSVpFUl9JTlNUQU5DRV9UWVBFBW90aGVyGE1MX0ZFRV9PUFRJTUlaRVJfQVBQTElFRAVmYWxzZQCsOApmaXZlcnIuY29tGOcBaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wYWdlYWQvZ2VuXzIwND9pZD1sb3NzJmJkPUFLQW1mLUFoT01XNkJfR0VqUXdDN2N6eXZ0Y3NDVXROY0VNRjZIa2JLWS1na0F6SXpSZ2l6WW9HdjNJNi1PYVBjWmZxRHZsaXVKVHQ0b2FMY29qMWpRcEhVLWhZbDNlTzdGVTlyZG1VMldEZ2tkTTZyeE0yQWpJJmxvc3NfcmVhc29uPSR7QVVDVElPTl9MT1NTfSZwcj0ke0FVQ1RJT05fUFJJQ0V9AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=17382755063370142000&adk=1703591385&idt=138&cac=0&dtd=20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:56 GMT
pixel
cm.g.doubleclick.net/ Frame 079B
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

Date
Sun, 30 Apr 2023 02:19:56 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame 079B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GkJrZBZH2ygXJcZOSOi_0W40&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:57 GMT
server
Aorta/20230424.0cea469ad
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
d5eabb423755
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
pixel
cm.g.doubleclick.net/ Frame 079B
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
768585bc-8ba0-4288-8762-38cae4c4c4f9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
223
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT, Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
deb9f124eecce7a554c70ca983265c95
Expires
0
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1682821195962&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 02:19:57 GMT
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-9dmrt
expires
-1
sovrn
tr.blismedia.com/v1/api/sync/ Frame 079B 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
112fc8cb-a1a8-434c-8e7d-58f3924b901f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dfmx
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=109c1fce-ad74-46c0-b5d3-0584821c0883&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Date
Sun, 30 Apr 2023 02:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
574abe46412f7df61ec8713ff1a5b646
Expires
0
merge
ce.lijit.com/ Frame 079B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT, Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sovrn
tr.blismedia.com/v1/api/sync/ Frame E493 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=fmx&user_id=7gdhscOA_00W-A7bUGlR0
  • https://ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Date
Sun, 30 Apr 2023 02:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame E493 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame E493
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame E493
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
955f82d8-dcb5-4c6d-8de6-838068d85bc8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5c7d31e505103f093db6d1ed70deaa2
Expires
0
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GkJrZBZH2ygXJcZOSOi_0W40&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:57 GMT
server
Aorta/20230424.0cea469ad
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
a122a9836667
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
989367e8-275f-492e-b099-0c9007537668
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1682821195962&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 02:19:57 GMT
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
223
merge
ce.lijit.com/ Frame E493
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-9dmrt
expires
-1
pd
us-u.openx.net/w/1.0/ Frame BBF0 		877 B
522 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e0348113b8ccf4e35c3b286df835658bf33a4c16fec83f2be1218641f9c35801

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
503
content-type
text/html
date
Sun, 30 Apr 2023 02:19:56 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pixel
cm.g.doubleclick.net/ Frame 6A4D
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:56 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 6A4D
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

Date
Sun, 30 Apr 2023 02:19:56 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5c7d31e505103f093db6d1ed70deaa2
Expires
0
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
  • https://ap.lijit.com/merge?pid=94&3pid=644DD04C543276FDC4E871C8BLIS&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=94&3pid=644DD04C543276FDC4E871C8BLIS&gdpr=0&gdpr_consent=
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=94&3pid=644DD04C543276FDC4E871C8BLIS&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=94&3pid=644DD04C543276FDC4E871C8BLIS&gdpr=0&gdpr_consent=
Content-length
0
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=GkJrZBZH2ygXJcZOSOi_0W40&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:57 GMT
server
Aorta/20230424.0cea469ad
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://ce.lijit.com/merge?pid=84&3pid=c:0493722afcf1b6c27b31a620a7601a82
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
74d114833b31
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LH2SAEWK-1A-5ERB&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=LK5U8UAZo2GVgnyxkra5&pi=sovrn&gdpr=0&gdpr_consent=
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT, Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1682821195987&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=429FA571C8024762B89F507D54B48C58
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 02:19:57 GMT
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
9fdfe09b-d781-4fd2-83dd-d708d39eddff
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=12&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAAjOU7Im6EAACBud1f_9Q&gdpr=0
Date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
//ce.lijit.com/merge?pid=87&3pid=5fc738f9-8cf6-4ead-96c1-1c7828490792
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D92%263pid%3D%24UID&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
c5d459a0-4aa7-4a40-9473-f417d56d1006
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ce.lijit.com/merge?pid=92&3pid=7906230784814628655&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=fmx&gdpr=0&gdpr_consent=
  • https://sync2.resetdigital.co/csync/bs?type=d&bidswitch_ssp_id=fmx&gdpr=0&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=447&user_id=000000F4716E956B&expires=15&ssp=fmx
  • https://ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:59 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=26&3pid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=
Date
Sun, 30 Apr 2023 02:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ce.lijit.com/merge?pid=27&3pid=abb0385f-fb71-4da5-be13-d1ca93d34856&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
223
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://ce.lijit.com/merge?pid=49&3pid=n0h9TTaSFk0n&ev=1&pid=558511&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-9dmrt
expires
-1
ae12848777b41970a5f2
s.amazon-adsystem.com/x/ Frame 6A4D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/ae12848777b41970a5f2?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame 6A4D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=0&gdpr_consent=&us_privacy=&3pid=UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
31b0e9fdb06db87621b482f1779480186894a046458520d4754d853127f7b5de
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
ctrack
track1.avplayer.com/ 		0
121 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.avplayer.com/ctrack?pt=2&d66=8.3.3&d74=&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&pid=631834db55e9564951409ee5&cid=631aed0efe3b5c12d06b24f5&r=www.khaleejtimes.com&sn=&cd1=&app=&test=&cb=1682821191096
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.250.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-250-234.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
396846.gif
idsync.rlcdn.com/ Frame D83B
Redirect Chain
  • https://idsync.rlcdn.com/420416.gif?partner_uid=3877821143472078157452&cv=&ct=4
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=56d56af3-a236-00f9-0461-ccddb817661e
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=56d56af3-a236-00f9-0461-ccddb817661e
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=56d56af3-a236-00f9-0461-ccddb817661e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame D83B
Redirect Chain
  • https://id.rlcdn.com/712307.gif?ct=4&cv=
  • https://eb2.3lift.com/xuid?idenv=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?idenv=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eb2.3lift.com/xuid?idenv=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame D83B
Redirect Chain
  • https://u.ipw.metadsp.co.uk/sync?ssp=common&caller=triplelift&gdpr=0&gdpr_consent=
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=common&caller=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3421&xuid=d7e185a3ce25d0125a383b6e61b25b60b17a4342cc67b4a30bf6acaba41ec9a1df3402079f2738cf6bb35e3b4e4f90ad&dongle=acfc
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3421&xuid=d7e185a3ce25d0125a383b6e61b25b60b17a4342cc67b4a30bf6acaba41ec9a1df3402079f2738cf6bb35e3b4e4f90ad&dongle=acfc
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3421&xuid=d7e185a3ce25d0125a383b6e61b25b60b17a4342cc67b4a30bf6acaba41ec9a1df3402079f2738cf6bb35e3b4e4f90ad&dongle=acfc
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame D83B 		0
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.225.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-225-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
um
sync.e-planning.net/ Frame D83B 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=3877821143472078157452&dc=4d76b6ce34af74c9&iss=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:57 GMT
content-type
image/gif
362358.gif
idsync.rlcdn.com/ Frame 7796
Redirect Chain
  • https://idsync.rlcdn.com/420416.gif?partner_uid=3877821143472078157452&cv=&ct=4
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJd5WaYK_8SAv1bECwgogKE&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJd5WaYK_8SAv1bECwgogKE&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEJd5WaYK_8SAv1bECwgogKE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
712307.gif
id.rlcdn.com/ Frame 7796 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/712307.gif?ct=4&cv=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
xuid
eb2.3lift.com/ Frame 7796
Redirect Chain
  • https://u.ipw.metadsp.co.uk/sync?ssp=common&caller=triplelift&gdpr=0&gdpr_consent=
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=common&caller=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3421&xuid=d7e185a3ce25d0125a383b6e61b25b60b17a4342cc67b4a30bf6acaba41ec9a1df3402079f2738cf6bb35e3b4e4f90ad&dongle=acfc
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3421&xuid=d7e185a3ce25d0125a383b6e61b25b60b17a4342cc67b4a30bf6acaba41ec9a1df3402079f2738cf6bb35e3b4e4f90ad&dongle=acfc
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3421&xuid=d7e185a3ce25d0125a383b6e61b25b60b17a4342cc67b4a30bf6acaba41ec9a1df3402079f2738cf6bb35e3b4e4f90ad&dongle=acfc
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame 7796 		0
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.225.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-225-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
um
sync.e-planning.net/ Frame 7796 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=3877821143472078157452&dc=4d76b6ce34af74c9&iss=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:57 GMT
content-type
image/gif
362588.gif
idsync.rlcdn.com/ Frame 844A
Redirect Chain
  • https://idsync.rlcdn.com/420416.gif?partner_uid=3877821143472078157452&cv=&ct=4
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=abb0385f-fb71-4da5-be13-d1ca93d34856
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=abb0385f-fb71-4da5-be13-d1ca93d34856
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://idsync.rlcdn.com/362588.gif?partner_uid=abb0385f-fb71-4da5-be13-d1ca93d34856
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
712307.gif
id.rlcdn.com/ Frame 844A 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/712307.gif?ct=4&cv=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
xuid
eb2.3lift.com/ Frame 844A
Redirect Chain
  • https://u.ipw.metadsp.co.uk/sync?ssp=common&caller=triplelift&gdpr=0&gdpr_consent=
  • https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=common&caller=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3421&xuid=d7e185a3ce25d0125a383b6e61b25b60b17a4342cc67b4a30bf6acaba41ec9a1df3402079f2738cf6bb35e3b4e4f90ad&dongle=acfc
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3421&xuid=d7e185a3ce25d0125a383b6e61b25b60b17a4342cc67b4a30bf6acaba41ec9a1df3402079f2738cf6bb35e3b4e4f90ad&dongle=acfc
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3421&xuid=d7e185a3ce25d0125a383b6e61b25b60b17a4342cc67b4a30bf6acaba41ec9a1df3402079f2738cf6bb35e3b4e4f90ad&dongle=acfc
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame 844A 		0
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3877821143472078157452
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.225.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-225-88.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
text/html
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
um
sync.e-planning.net/ Frame 844A 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=3877821143472078157452&dc=4d76b6ce34af74c9&iss=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:57 GMT
content-type
image/gif
rtb-h
sync.taboola.com/sg/supershiprtb-display-network/1/ Frame 7C9A
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=taboola
  • https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZE3QTcCo8YAAABK4Jd4AAAAA
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZE3QTcCo8YAAABK4Jd4AAAAA
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
30242

Redirect headers

X-SO-Cluster-ID
0
Date
Sun, 30 Apr 2023 02:19:57 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=taboola","cluster_id":0,"gdpr":false,"ipv4":"149.56.153.189","key":"ZE3QTcCo8YAAABK4Jd4AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad72"}
X-SO-Key
ZE3QTcCo8YAAABK4Jd4AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad72
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://sync.taboola.com/sg/supershiprtb-display-network/1/rtb-h?taboola_hm=ZE3QTcCo8YAAABK4Jd4AAAAA
Cache-Control
private
X-SO-HostName
m-ad72.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng28.dc4p.scaleout.jp
X-SO-IP
149.56.153.189
/
sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/ Frame 7C9A
Redirect Chain
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__
  • https://ih.adscale.de/su?gdpr=0&gdpr_consent=&tpid=22688&cburl=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fstroerrtbeur-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D__STROEER_USER_ID__&nut&uu=90b806a7b13541588c...
  • https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=90b806a7b13541588c42d5fba50371ae
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=90b806a7b13541588c42d5fba50371ae
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29286

Redirect headers

location
https://sync.taboola.com/sg/stroerrtbeur-network/1/rtb-h/?taboola_hm=90b806a7b13541588c42d5fba50371ae
date
Sun, 30 Apr 2023 02:19:57 GMT
content-length
0
sync
ssbsync.smartadserver.com/api/ Frame 7C9A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=4
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.177 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
/
sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/ Frame 7C9A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=16698
  • https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LH2SAEWK-1A-5ERB
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LH2SAEWK-1A-5ERB
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
23415

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.taboola.com/sg/rubiconvideo-network/1/rtb-h/?taboola_hm=LH2SAEWK-1A-5ERB
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 7C9A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9?gdpr=0&gdpr_consent=&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-M5nbIvhE2oTbwv4QToxgzcTaytUTesnz8OKlSg--~A
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-M5nbIvhE2oTbwv4QToxgzcTaytUTesnz8OKlSg--~A
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22627

Redirect headers

date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-M5nbIvhE2oTbwv4QToxgzcTaytUTesnz8OKlSg--~A
content-length
0
taboola
trace.mediago.io/ju/cs/ Frame 7C9A 		0
0
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 7C9A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEA8XRd3QR2twpUMlJtnWbWY&google_cver=1
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEA8XRd3QR2twpUMlJtnWbWY&google_cver=1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1682821197.273500,VS0,VE10
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12823-YUL

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEA8XRd3QR2twpUMlJtnWbWY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7C9A 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9:$UID
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 7C9A
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
date
Sun, 30 Apr 2023 02:19:56 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25319
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 7C9A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=abb0385f-fb71-4da5-be13-d1ca93d34856
0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=abb0385f-fb71-4da5-be13-d1ca93d34856
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
12
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1682821197.247363,VS0,VE12
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yul12823-YUL

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=abb0385f-fb71-4da5-be13-d1ca93d34856
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
239
merge
ce.lijit.com/ Frame 7C9A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&us_privacy=1---&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 7C9A 		49 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-9dmrt
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 7C9A 		43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.202 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 7C9A
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4cba3614-0a55-4029-9bf6-6fae57427e17
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4cba3614-0a55-4029-9bf6-6fae57427e17
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22627

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=4cba3614-0a55-4029-9bf6-6fae57427e17
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1351223
content-length
0
expires
Sun, 30 Apr 2023 00:00:00 GMT
/
sync.taboola.com/sg/id5-network/1/rtb-h/ Frame 7C9A
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-a541koBAxj5TsLRkAj2aQp2_M0XF0fSceceXZow3zw&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F3%2F6%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/464/3/6/2.gif?puid=5ded644d-d048-4900-9db9-f4be5bd2dfb7&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F429%2F5%2F3.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/464/429/5/3.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F434%2F4%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/464/434/4/4.gif?puid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/464/2/3/5.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/2/3/5.gif?puid=7906230784814628655&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=abb0385f-fb71-4da5-be13-d1ca93d34856&ttl=%%TTL%%
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F441%2F1%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/464/441/1/7.gif?puid=u_d4b52a6b-cc18-4416-b0d4-1071372d77a7&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F464%2F108%2F0%2F8.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_con...
  • https://id5-sync.com/c/464/108/0/8.gif?puid=68afccab-c100-4461-a445-3890741431f3&gdpr=0&gdpr_consent=
  • https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-a541koBAxj5TsLRkAj2aQp2_M0XF0fSceceXZow3zw
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-a541koBAxj5TsLRkAj2aQp2_M0XF0fSceceXZow3zw
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27712

Redirect headers

location
https://sync.taboola.com/sg/id5-network/1/rtb-h/?taboola_hm=ID5-a541koBAxj5TsLRkAj2aQp2_M0XF0fSceceXZow3zw
date
Sun, 30 Apr 2023 02:19:59 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 7C9A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtabo...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=c487552ba4ca418fa215f37369d81dac&ssp=taboola&bsw_param=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
28454

Redirect headers

Location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
Date
Sun, 30 Apr 2023 02:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 7C9A
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5fc738f9-8cf6-4ead-96c1-1c7828490792
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5fc738f9-8cf6-4ead-96c1-1c7828490792&tbid=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&query=taboola_hm%3D5fc738f9-8cf6-...
0
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5fc738f9-8cf6-4ead-96c1-1c7828490792&tbid=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&query=taboola_hm%3D5fc738f9-8cf6-4ead-96c1-1c7828490792&isDirect=0
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-cache-hits
0
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1682821198.826989,VS0,VE16
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-yyz4532-YYZ

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=5fc738f9-8cf6-4ead-96c1-1c7828490792&tbid=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&query=taboola_hm%3D5fc738f9-8cf6-4ead-96c1-1c7828490792&isDirect=0
date
Sun, 30 Apr 2023 02:19:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22627
sd
u.openx.net/w/1.0/ Frame 7C9A 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 7C9A 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&dongle=tbla
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
rtb-h
sync.taboola.com/sg/stackadaptrtb-network/1/ Frame 7C9A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=140
  • https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=Go1CAQPvWv5mMcBHozEv_5U4mb0
0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=Go1CAQPvWv5mMcBHozEv_5U4mb0
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31245

Redirect headers

Location
https://sync.taboola.com/sg/stackadaptrtb-network/1/rtb-h?taboola_hm=Go1CAQPvWv5mMcBHozEv_5U4mb0
Date
Sun, 30 Apr 2023 02:19:57 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
/
csync.loopme.me/ Frame 7C9A
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=453&user_id=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://csync.loopme.me/?partner_id=1196&uid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&vt=&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
0
156 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?partner_id=1196&uid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&vt=&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
35.214.153.92 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
92.153.214.35.bc.googleusercontent.com
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
server
_

Redirect headers

Location
//csync.loopme.me/?partner_id=1196&uid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&vt=&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
Date
Sun, 30 Apr 2023 02:19:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
t.adx.opera.com/ Frame 7C9A 		35 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60151&uid=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/ Frame 7C9A
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&ph=295bf259-a378-4089-aae8-a2a995ba8627&id=37f45540-fa88-4005-bf73-8a7ac39467e3&r=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fopenxrtb-network%2F1%2Fr...
  • https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8429f6b6-8570-07ce-29b6-4da820f1a372
0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8429f6b6-8570-07ce-29b6-4da820f1a372
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22627

Redirect headers

date
Sun, 30 Apr 2023 02:19:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync-t1.taboola.com/sg/openxrtb-network/1/rtb-h/?gdpr=0&us_privacy=1---&orig=video&taboola_hm=8429f6b6-8570-07ce-29b6-4da820f1a372
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230427-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:56 GMT
x-amz-request-id
ZAK4FD2E2P8MSSD3
age
2562
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
V0c8gILtYp37FWXhcXdQojKeSQFpHITDXRHuVnvWCLK7rCdcoYnpLZyoXbDe/nSz/8OPQX7zNUM=
x-served-by
cache-yul12822-YUL
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1682821197.820593,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
11
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
9965
fraud-detect.js
cdn.taboola.com/scripts/ 		121 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/fraud-detect.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230427-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
vOXBAr_FxKHpU348.XTQhP6DWnVyKple
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:56 GMT
x-amz-request-id
Q3ERA9VTRD55JBY1
age
17338
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
125
x-amz-id-2
UUMJVpvIZIvyQ22D+SDZRaO7/6yI3tG7JsuWzRq09Cf8ExmuPRI8X1vhSkWaCi+MY3QYN59kQmA=
x-served-by
cache-yul12822-YUL
last-modified
Thu, 15 Dec 2022 16:50:08 GMT
server
AmazonS3
x-timer
S1682821197.820559,VS0,VE0
etag
"f7a185d92ac2162dc0bc36c5d7ef7dfe"
vary
Accept-Encoding
content-type
application/javascript
abp
11
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
56802
eidf.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eidf.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230427-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:19:56 GMT
x-amz-request-id
MDF5YJ4JPHMV135K
age
16120
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
6467
x-amz-id-2
/0TARI9ylAJTtdJm2wdojYI6Jg6CZKI/p48bHg5JJJxgG8TBC90GLh4JuJBP312yN5EOCZz5/3Q=
x-served-by
cache-yul12822-YUL
last-modified
Sun, 02 Apr 2023 13:49:08 GMT
server
AmazonS3
x-timer
S1682821197.821265,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
11
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1889476
Pug
simage2.pubmatic.com/AdServer/ Frame ED43
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=773702722627
42 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=773702722627
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=773702722627
Pug
simage2.pubmatic.com/AdServer/ Frame E5D2
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F1508%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=837744659
  • https://sync.1rx.io/usersync3/mediamathtest/1508/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
42 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Sun, 30 Apr 2023 02:19:57 GMT
ETag
RX25e123c191dd4efbb23f8cb41c34b8bd005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
dcm
s.amazon-adsystem.com/ Frame AD89
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=zLYuFxOhBf6LtVVeTdBNZA
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&partnerID=156451&pmc=1&pr=https%3A%2F%2Fcs.mobfox.com%2Fffdab1eda43dfa0004e011a7d40b5fd7.gif%3Fpuid%3DD25146A7-FA5A-44E2-8074-F1A3074DE67C
  • https://cs.mobfox.com/ffdab1eda43dfa0004e011a7d40b5fd7.gif?puid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
  • https://s.amazon-adsystem.com/dcm?pid=c0257981-db57-443e-8ca1-0cec51969887&id=efb06353-be47-4147-a543-e86722547092
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=c0257981-db57-443e-8ca1-0cec51969887&id=efb06353-be47-4147-a543-e86722547092
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:57 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
WMSNCC2NRN2M7FZRRMSZ

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Sun, 30 Apr 2023 02:19:57 GMT
Expires
0
Location
https://s.amazon-adsystem.com/dcm?pid=c0257981-db57-443e-8ca1-0cec51969887&id=efb06353-be47-4147-a543-e86722547092
Pragma
no-cache
Server
nginx/1.20.1
Transfer-Encoding
chunked
cm
ipac.ctnsnet.com/int/ Frame 33A5 		43 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 30 Apr 2023 02:19:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame DF64
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d5f7c002-8957-43c7-9ab5-8ad286266848
1 B
204 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d5f7c002-8957-43c7-9ab5-8ad286266848
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 30 Apr 2023 02:19:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=d5f7c002-8957-43c7-9ab5-8ad286266848
strict-transport-security
max-age=15724800; includeSubDomains
pub
matching.truffle.bid/sync/ Frame 3EFC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.40.26 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.26.40.90.157.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame 4DE1 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:57 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-a248d8b1d7b2@version_1.550v2
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame B256
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7361075961644224999&uid=Q736107596164422...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7361075961644224999
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7361075961644224999
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 30 Apr 2023 02:19:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=27550
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Sun, 30 Apr 2023 02:19:57 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7361075961644224999
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame F461
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:429FA571C8024762B89F507D54B48C58&gdpr=0&gdpr_consent=
568 B
650 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:429FA571C8024762B89F507D54B48C58&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
568
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:56 GMT
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sun, 30 Apr 2023 02:19:56 GMT
expires
Sat, 29 Apr 2023 02:19:56 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:429FA571C8024762B89F507D54B48C58&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
um
u-iad04.e-planning.net/ Frame 55B1 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=ab9c2de71df9c853&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:56 GMT
server
openresty
sd
us-u.openx.net/w/1.0/ Frame 78A2 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 78A2 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.221.231.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-221-231-181.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 78A2 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.144.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-144-192.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 30 Apr 2023 02:19:56 GMT
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 78A2 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.233.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-233-165.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:56 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
8058a1c0-e6fd-11ed-ae87-024e087eef43
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-0c77a8d4a2a08f766
apn
ads.playground.xyz/usersync/ Frame 78A2 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 78A2
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:9d4122d2-c10e-4adb-a621-a8dfffb23968&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6CC9 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112331
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:56 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 8432
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Adtelligent
Etag
91de8cda0809327e
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
/
onetag-sys.com/usync/ Frame D23F 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 8432 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif
csi
csi.gstatic.com/ Frame 89BF 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lh2sagjf&c=5929998944819&slotId=2964999472409.5&faa=1&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ Frame 89BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.khaleejtimes.com&rs=www.khaleejtimes.com&sid=14988&t=1682821193&cip=149.56.153.189&sn=&tgt=5&osv=10&bv=112.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=631834db55e9564951409ee5&test=&d64=5588dfe224885a80108ef8795acc4402&d63=5588dfe224885a80108ef8795acc4402&aafaid=&proto=https&uid=1682821193788-914099371828-001571-011-006544&cha=0.7&stagid=&stplid=&d35=&d36=&cb=41671815981&d39=&d65=&d66=&d73=&apppkg=&d9=0000&d37=realtime&asid=6422909efce73161aa093855%7C64228ac94da45b17aa05c33a&pid=631834db55e9564951409ee5%7C5e7b9048180bd02ded4b0937&cid=633bf016a4c8d47b685fec86%7C6422904273d6a50c1601fe5a&h=8b7c5fccf4b666a57c0dc9a9d998d035a67d31a5&d9=0000&ofpr=[AVC_FLOOR]&imid=5588dfe224885a80108ef8795acc4402_172316024_452422_&e=AdError&prbdres=303
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-215.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
usync.html
eus.rubiconproject.com/ Frame 6D83
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:57 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 02:19:57 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D388 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0855814426be387e%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112330
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 41CD 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0855814426be387e%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
56113fe1b4223dd56d57ee14cf9357472c38b9e11cb2613bc9ec6542708899d8

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1547
Content-Type
text/html
Date
Sun, 30 Apr 2023 02:19:57 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame CAE1 		1 KB
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 09 Nov 2027 12:27:06 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-rand
21.090
x-cf-reqid
0be6d2c5837ccec95137db7c37a62478
x-cf-tsc
1668083227
x-cf1
29080:fB.waw1:co:1585621119:cacheN.waw1-01:H
x-cf2
H
x-cf3
M
x-cff
B
/
onetag-sys.com/usync/ Frame 37BD 		2 KB
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 4AAE 		229 B
818 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82e8f101d7a18ddfd757a3e4012adc2589264089d17ff413e30f1012eb454fc3

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7bfc4d819b91a234-YYZ
content-encoding
br
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
server
cloudflare
vary
Origin
via
1.1 google
AGSKWxXyHLQRT-isJXM8faiy2H2r2c-2AMjHPFPAoO4QvHFjlNR3D3D94APa3YqCvp0vSeev-MhMdHt6dQNRD-kapyyApFHPzFVipv2azSnipZIkI1h1eWaRq0_tk4jOVvyBVSeBLmi3UA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXyHLQRT-isJXM8faiy2H2r2c-2AMjHPFPAoO4QvHFjlNR3D3D94APa3YqCvp0vSeev-MhMdHt6dQNRD-kapyyApFHPzFVipv2azSnipZIkI1h1eWaRq0_tk4jOVvyBVSeBLmi3UA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.ybzTVIIXPek.es5.O/d=1/rs=AJlcJMxGJKR7-eRVxpV_hdobY36eeJz3Dw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--8EHhFvtOlmlo2BBOwRZtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--8EHhFvtOlmlo2BBOwRZtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
bidder_18.html
cache.betweendigital.com/code/ Frame 6A10 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=caa4e1f7-081e-5278-9695-c2ccf2d81289&CACHEBUSTER=220831
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.127.145 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
etag
W/"638623e5-e7e"
last-modified
Tue, 29 Nov 2022 15:23:17 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
119
x-cdn-request-id
c96fed02a4d25b917bc0bde5c36c6930
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-2VVVMDVFQ8&gtm=45je34q0&_p=1749126243&gdid=dYmQxMT&cid=2080641419.1682821189&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&dt=Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%7C%20Khaleej%20Times&dp=%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&sid=1682821190&sct=1&seg=1&dl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&_s=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2VVVMDVFQ8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 72A0 		507 B
349 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e28e6eabd29c556d2d5f2b230f1dfc10592731db5431b478da7f78b461e4e425

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
330
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
merge
ce.lijit.com/ Frame A5F8
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:57 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Sun, 30 Apr 2023 02:19:56 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 09E3 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112330
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 60F6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112330
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8850 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112330
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
merge
ce.lijit.com/ Frame 5C4A
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:57 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Sun, 30 Apr 2023 02:19:56 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
cm
us-u.openx.net/w/1.0/ Frame 9D84 		507 B
349 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e28e6eabd29c556d2d5f2b230f1dfc10592731db5431b478da7f78b461e4e425

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
330
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E9FA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112330
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 724D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112330
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 8FF0 		507 B
349 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e28e6eabd29c556d2d5f2b230f1dfc10592731db5431b478da7f78b461e4e425

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
330
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
merge
ce.lijit.com/ Frame E584
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:57 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Sun, 30 Apr 2023 02:19:56 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2BB0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112330
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
gum.criteo.com/ Frame 976F 		88 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a005::d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
93e377cee36ec7c9b93ed3f0335213023cee47a59cf8f6e75ad87b0676e4910b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1175281
expires
60
usync.html
eus.rubiconproject.com/ Frame C420
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:19:57 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 02:19:57 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 8097
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3258227951455735000V10%26type%3Drkt%26refUrl%3D%26vid%3D282119700932582279514557350...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3258227951455735000V10&type=rkt&refUrl=&vid=28211970093258227951455735000V10&ovsid=978477414437337801
235 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3258227951455735000V10&type=rkt&refUrl=&vid=28211970093258227951455735000V10&ovsid=978477414437337801
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Sun, 30 Apr 2023 02:19:57 GMT
expires
Sun, 30 Apr 2023 02:19:57 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sun, 30 Apr 2023 02:19:57 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3258227951455735000V10&type=rkt&refUrl=&vid=28211970093258227951455735000V10&ovsid=978477414437337801
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 976F
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=son&refUrl=&vid=28211970093258227951455735000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=son&refUrl=&vid=28211970093258227951455735000V10&ovsid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
61 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=son&refUrl=&vid=28211970093258227951455735000V10&ovsid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 02:19:57 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 02:19:57 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-34
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=son&refUrl=&vid=28211970093258227951455735000V10&ovsid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame 976F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258227951455735000V10%26type%3Dmma%26refUrl%3D%26vid%3D282119700932582279514557...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=mma&refUrl=&vid=28211970093258227951455735000V10&ovsid=5ded644d-d048-4900-9db9-f4be5bd2dfb7
61 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=mma&refUrl=&vid=28211970093258227951455735000V10&ovsid=5ded644d-d048-4900-9db9-f4be5bd2dfb7
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 02:19:57 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 02:19:57 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
MT3 830 785530e master ord-pixel-x48 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=mma&refUrl=&vid=28211970093258227951455735000V10&ovsid=5ded644d-d048-4900-9db9-f4be5bd2dfb7
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 02:19:56 GMT
5ded644d-d048-4900-9db9-f4be5bd2dfb7
sync.1rx.io/usersync3/mediamathtest/2057.4/ Frame 976F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258227951455735000V10%26type%3Dr1%26refUrl%3D%26vid%3D28211970093258227951...
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2057.4%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=1526684955
  • https://sync.1rx.io/usersync3/mediamathtest/2057.4/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1
43 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/mediamathtest/2057.4/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
MT3 830 785530e master ord-pixel-x48 config_version:"unknown"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://sync.1rx.io/usersync3/mediamathtest/2057.4/5ded644d-d048-4900-9db9-f4be5bd2dfb7?zcc=0&sspret=1
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 30 Apr 2023 02:19:56 GMT
cksync
cs.media.net/ Frame 976F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI1ODIyNzk1MTQ1NTczNTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEMmLBoV6bqltIyU-ScOHw7M&google_cver=1
61 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEMmLBoV6bqltIyU-ScOHw7M&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Sun, 30 Apr 2023 02:19:57 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEMmLBoV6bqltIyU-ScOHw7M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 976F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3258227951455735000V10%26type%3Ddxu%26refUrl%3D%26vid%3D28211970093258227951455...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=dxu&refUrl=&vid=28211970093258227951455735000V10&ovsid=fYpSPiDn1PSWFi5
61 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=dxu&refUrl=&vid=28211970093258227951455735000V10&ovsid=fYpSPiDn1PSWFi5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 02:19:57 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 02:19:57 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:56 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0676d2a12ac6591e8@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3258227951455735000V10&type=dxu&refUrl=&vid=28211970093258227951455735000V10&ovsid=fYpSPiDn1PSWFi5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 976F
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4cba3614-0a55-4029-9bf6-6fae57427e17
61 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4cba3614-0a55-4029-9bf6-6fae57427e17
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 02:19:57 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 02:19:57 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=4cba3614-0a55-4029-9bf6-6fae57427e17
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1059745
content-length
0
expires
Sun, 30 Apr 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 976F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://bttrack.com/pixel/cookiesyncredir?rurl=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D151%26user_id%3D%7Bglobalid%7D%26expires%3D30%26ssp=medianet
  • https://x.bidswitch.net/sync?dsp_id=151&user_id=7fd7cc0b-465c-4695-8bfe-08207b90870e&expires=30&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&gdpr_pd=
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 02:19:58 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 02:19:58 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sun, 30 Apr 2023 02:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 976F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=kuIAmsv1By4MDjailSBd&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLLOVEUC3LTOYYUE6JUJVCGUYLJNRJUE...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=kuIAmsv1By4MDjailSBdhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=282119700932582279514557...
60 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=kuIAmsv1By4MDjailSBdhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=28211970093258227951455735000V10&vsid=3258227951455735000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 02:19:58 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 02:19:58 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=kuIAmsv1By4MDjailSBdhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=28211970093258227951455735000V10&vsid=3258227951455735000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
284
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame 976F 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 976F
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3258227951455735000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=5fc738f9-8cf6-4ead-96c1-1c7828490792&cs=1
61 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=5fc738f9-8cf6-4ead-96c1-1c7828490792&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 02:19:57 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 02:19:57 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=5fc738f9-8cf6-4ead-96c1-1c7828490792&cs=1
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync
cs.media.net/ Frame 976F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=abb0385f-fb71-4da5-be13-d1ca93d34856
61 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=abb0385f-fb71-4da5-be13-d1ca93d34856
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
61
x-mnet-hl2
E
Expires
Sun, 30 Apr 2023 02:19:57 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=abb0385f-fb71-4da5-be13-d1ca93d34856
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 976F
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=1&type=dat&ovsid=setstatuscode&redirect=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D159195%3Bsize%3D1x1%3Bmimetype%3Dimg%3Bdu%3D15%3Bcsync%3D%24%7B...
  • https://fei.pro-market.net/engine?site=159195;size=1x1;mimetype=img;du=15;csync=3258227951455735000V10
  • https://fei.pro-market.net/engine?site=159195;size=1x1;mimetype=img;du=15;csync=3258227951455735000V10;sr
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=3290999186394139616
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=3290999186394139616&ckls=true&ci=4lwEUiOObA&nc=false&trid=1978584866
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=3290999186394139616&ckls=true&ci=4lwEUiOObA&nc=false&trid=1978584866
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
18.164.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-92.jfk50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 d8e93128b8c3fa45992684bc1f50eeb8.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
PrVjzlYa9v0wlFpgHdENG869FFbhvl_VGXsz6_sQJ7iPJ2R997B9qQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 5a7c529ef93438ca768c3432355a6e72.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=3290999186394139616&ckls=true&ci=4lwEUiOObA&nc=false&trid=1978584866
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
BE38GFFGEibq38cfIcpWgWBtQzvDMtC-qcHX93ueX93EI81vOuGmvg==
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
rtb.adxpremium.services/ Frame 7912
Redirect Chain
  • https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=3877821143472078157452
0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=3877821143472078157452
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
nginx
Vary
Origin
Content-Type
text/html
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

location
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=3877821143472078157452
date
Sun, 30 Apr 2023 02:19:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sd
us-u.openx.net/w/1.0/ Frame BBF0
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562539&ev=f64165fb-0ae8-02f2-13ff-64262894019e&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D545637763%26val%3D%%VGUID%%
  • https://us-u.openx.net/w/1.0/sd?id=545637763&val=n0h9TTaSFk0n&ev=f64165fb-0ae8-02f2-13ff-64262894019e&pid=562539
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=545637763&val=n0h9TTaSFk0n&ev=f64165fb-0ae8-02f2-13ff-64262894019e&pid=562539
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://us-u.openx.net/w/1.0/sd?id=545637763&val=n0h9TTaSFk0n&ev=f64165fb-0ae8-02f2-13ff-64262894019e&pid=562539
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-9dmrt
expires
-1
sd
u.openx.net/w/1.0/ Frame BBF0
Redirect Chain
  • https://dm-us.hybrid.ai/match?id=184&gdpr=0&burl=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D544034803%26val%3D${VID}
  • https://u.openx.net/w/1.0/sd?id=544034803&val=17ecc634317215966543
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=544034803&val=17ecc634317215966543
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
location
https://u.openx.net/w/1.0/sd?id=544034803&val=17ecc634317215966543
access-control-allow-origin
https://us-u.openx.net
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-mode
404
content-length
0
x-xss-protection
1; mode=block
expires
-1
ibs:dpid=302767&dpuuid=98f41617-07ce-0f0f-3e53-84b46c1330c8
dpm.demdex.net/ Frame BBF0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=2b29b5e1-7836-48c4-a896-43668f76f459&r=https://dpm.demdex.net/ibs:dpid=302767&dpuuid={OPENX_ID}
  • https://dpm.demdex.net/ibs:dpid=302767&dpuuid=98f41617-07ce-0f0f-3e53-84b46c1330c8
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=302767&dpuuid=98f41617-07ce-0f0f-3e53-84b46c1330c8
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
HTTP/1.1
Server
44.198.21.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-21-48.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v047-0ba84b3a5.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jdXDkhbeTvQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://dpm.demdex.net/ibs:dpid=302767&dpuuid=98f41617-07ce-0f0f-3e53-84b46c1330c8
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p2
ads.scorecardresearch.com/ Frame BBF0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=16b43347-54eb-4af6-9a28-e449f503d935&r=https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1682821196&cs_xi=
  • https://ads.scorecardresearch.com/p?c1=9&c2=13554685&c3=2&rn=1682821196&cs_xi=a56990b1-2b13-0d3d-0ced-239b16661da4
  • https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1682821196&cs_xi=a56990b1-2b13-0d3d-0ced-239b16661da4
43 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.scorecardresearch.com/p2?c1=9&c2=13554685&c3=2&rn=1682821196&cs_xi=a56990b1-2b13-0d3d-0ced-239b16661da4
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H2
Server
13.225.223.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-223-81.jfk51.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 ab00cdb05d9e58b648b9b6b09875b196.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
0nTliaaaTdgNDovt1QnVOMwtPQz1lt0lXZM54SjW_laTLWS7hXpKxA==

Redirect headers

date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 ab00cdb05d9e58b648b9b6b09875b196.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK51-C1
x-cache
Miss from cloudfront
location
/p2?c1=9&c2=13554685&c3=2&rn=1682821196&cs_xi=a56990b1-2b13-0d3d-0ced-239b16661da4
content-length
0
x-amz-cf-id
U9HUYbscHAsXv-Vp84eg5uEFmER1zi9DeEs1vfz08fNxzT01GIAVSg==
sd
us-u.openx.net/w/1.0/ Frame BBF0
Redirect Chain
  • https://j.mrpdata.net/c.gif?ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID
  • https://j.mrpdata.net/c.gif?ac=1&test=1&pd=IiJDEhk64oNJNGE8hhJnLaIH&ex=OpenX&rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537144753%26val%3DMRPDATAUSERID
  • https://us-u.openx.net/w/1.0/sd?id=537144753&val=66861d9d-8365-f634-5470-103da54f3d73
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537144753&val=66861d9d-8365-f634-5470-103da54f3d73
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537144753&val=66861d9d-8365-f634-5470-103da54f3d73
pragma
no-cache
cache-control
no-cache
x-deviceid
9193873e-2c42-332f-c022-1384196676ac
x-backend
dmc_hitServer_3_e@j3mrpdatanet
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame BBF0
Redirect Chain
  • https://match.deepintent.com/usersync/108/
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_bb7fe3469a6e4f3c81420
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_bb7fe3469a6e4f3c81420
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_bb7fe3469a6e4f3c81420
date
Sun, 30 Apr 2023 02:19:57 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
cm
us-u.openx.net/w/1.0/ Frame 03A9 		155 B
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d2df0eab310d57bd69d797a6483b3c1d0a7eee85897183c875884d00e31aa938

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
149
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
merge
ce.lijit.com/ Frame 08C8
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:57 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
date
Sun, 30 Apr 2023 02:19:56 GMT
location
https://ce.lijit.com/merge?pid=1&3pid=3464934303237790935&gdpr=0&gdpr_consent=
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F2A2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112330
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 481F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon?informer=13413210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ce.lijit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112330
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
u.4dex.io/ Frame 1C8B 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.4dex.io/setuid?bidder=pubmatic&uid=(PM_UID)D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159110&predirect=https%3A%2F%2Fu.4dex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D(PM_UID)
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.40.38 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
38.40.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 30 Apr 2023 02:19:57 GMT
expires
0
pragma
no-cache
vary
Origin Accept-Encoding
via
1.1 google
396846.gif
idsync.rlcdn.com/ Frame FA0E
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=56d56af3-a236-00f9-0461-ccddb817661e
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=56d56af3-a236-00f9-0461-ccddb817661e
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=56d56af3-a236-00f9-0461-ccddb817661e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=D25146A7-FA5A-44E2-8074-F1A3074DE67C/gdpr=0/ Frame FA0E 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=D25146A7-FA5A-44E2-8074-F1A3074DE67C/gdpr=0/gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.168.153.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-168-153-83.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.3.203
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame FA0E 		95 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
/
bpi.rtactivate.com/tag/ Frame FA0E 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=D25146A7-FA5A-44E2-8074-F1A3074DE67C&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.3.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-3-76.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
st
imprnjmp.taboola.com/ Frame FD21 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8xvoCLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMmNPJORw2NYi3Yr11o0XG7WEodz5hbtVsPZYjJxrja2ISC5kWcycngMa9Fu5VqLhsvNWuJwztyi3Wo4W0wmztXGNgUVU_jbPX_Ly2RQO01uheX09JhdbrCFptPhc93rdb_fXWt0mF0uq-npdnnuGr_bL3p5jH6102P5e_4201vzcH7eStNb5nfdTW61w-z0OP2uz1vzt5l-D8vLrbS7labPW_P8nF5uzx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAYLJBIDrkgNB-u-nycpj9AQAAAAAEAAAAAAkABNugEgAxBocn_v________9jDNBn3sj4____v6HQA-DBB8CDEAAAgIshpjI6RiPtl5VECDyLMAIAAABQiZPZe2SSTlCxqPL__99vBeAKAEDA4XO9518W3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEI1dQPpxGeRLFX8wsIALDmFxAAgI26AQB4EwAn6BC0YjBYnYCYHQAAAIA7_____3pAxuVyDnazjWM3Wy1cxsVitVhYRg6Ta2TYzCwzh_eYDoBXTTHOjvSpmMLf7vlbXiaD2mlyKyynp8fssp8JW4xWk8lmOZwtF5PBcDQcjfZnIBaTAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDA1sw0WzpVrLdgNV27RxuNbS4yD2VowXC1mNstuZZwt3KLXx3Qx7VarjXOLBAPI9iJ5WqQT2WI2cmxsvtlisbBMnCvPzLeZLGbGhc2wsIxGrolYojlZpBPZZd9xuZyD3Wzj2M1WC5dxsVgtFpaRw-QaGTYzy8zhb81sg4Vz5VoLdsOVW7Tx-NYS42C2FgxXi5nNslsZZwu36PUxXUy71Wrj3Ddmw8lwslgsN_vGbDgZThaL5WbfoTN8V5-zUbSTbDwmw7iY_YtrDoPCZbB4V6rTSluQHLTZq8jp0syURZ3R7_f7_X6_3-_3-w1az8FsUPi-Q-twHLl-nNnF9yA2KBSxRHCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiNF2kE73o5TH61U6P5e_520xvzcP5eStNb5nfdTe51Q6z0-P0uz5vzd9m-j0sL7fS7laaPm_N83N6uT0XsURwukgnopfxdFH_kUOMlnPVbK5YbeaK4XKVAAAAAAAAAAAswSTTTQAAAACcDGo3WI5W63Qwk8VkuVktF0DEGqGuH-vOPVagK6FijT2msUaH2eWymp5ul-ftsjvcgsdmshkulrspA4hYs2O22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAgI4ceAACA-D6gKtXwI1eKPX4FsVgMNvsHoEKs1Wp1u7FWqwU!&cmcv=&pix=undefined&cb=1682821197096&uv=3270&tms=1682821197096&abt=dpxrv0_vB!lvlstst-in2_vA!lvlstst1_vA!nonrv_vA!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=7d32dac0-47e5-4893-ba9f-4758612b95c6&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
de1d783a66403f4fd42541f7d5368dec4904a1b69716ba5ed33934f45b269ee1

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sun, 30 Apr 2023 02:19:57 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12823-YUL
x-timer
S1682821197.233595,VS0,VE12
sync
us-match.taboola.com/ Frame F244 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V8xvoCLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMmNPJORw2NYi3Yr11o0XG7WEodz5hbtVsPZYjJxrja2ISC5kWcycngMa9Fu5VqLhsvNWuJwztyi3Wo4W0wmztXGNgUVU_jbPX_Ly2RQO01uheX09JhdbrCFptPhc93rdb_fXWt0mF0uq-npdnnuGr_bL3p5jH6102P5e_4201vzcH7eStNb5nfdTW61w-z0OP2uz1vzt5l-D8vLrbS7labPW_P8nF5uzx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAYLJBIDrkgNB-u-nycpj9AQAAAAAEAAAAAAkABNugEgAxBocn_v________9jDNBn3sj4____v6HQA-DBB8CDEAAAgIshpjI6RiPtl5VECDyLMAIAAABQiZPZe2SSTlCxqPL__99vBeAKAEDA4XO9518W3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEI1dQPpxGeRLFX8wsIALDmFxAAgI26AQB4EwAn6BC0YjBYnYCYHQAAAIA7_____3pAxuVyDnazjWM3Wy1cxsVitVhYRg6Ta2TYzCwzh_eYDoBXTTHOjvSpmMLf7vlbXiaD2mlyKyynp8fssp8JW4xWk8lmOZwtF5PBcDQcjfZnIBaTAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDA1sw0WzpVrLdgNV27RxuNbS4yD2VowXC1mNstuZZwt3KLXx3Qx7VarjXOLBAPI9iJ5WqQT2WI2cmxsvtlisbBMnCvPzLeZLGbGhc2wsIxGrolYojlZpBPZZd9xuZyD3Wzj2M1WC5dxsVgtFpaRw-QaGTYzy8zhb81sg4Vz5VoLdsOVW7Tx-NYS42C2FgxXi5nNslsZZwu36PUxXUy71Wrj3Ddmw8lwslgsN_vGbDgZThaL5WbfoTN8V5-zUbSTbDwmw7iY_YtrDoPCZbB4V6rTSluQHLTZq8jp0syURZ3R7_f7_X6_3-_3-w1az8FsUPi-Q-twHLl-nNnF9yA2KBSxRHCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiNF2kE73o5TH61U6P5e_520xvzcP5eStNb5nfdTe51Q6z0-P0uz5vzd9m-j0sL7fS7laaPm_N83N6uT0XsURwukgnopfxdFH_kUOMlnPVbK5YbeaK4XKVAAAAAAAAAAAswSTTTQAAAACcDGo3WI5W63Qwk8VkuVktF0DEGqGuH-vOPVagK6FijT2msUaH2eWymp5ul-ftsjvcgsdmshkulrspA4hYs2O22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAgI4ceAACA-D6gKtXwI1eKPX4FsVgMNvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f86a3442bef993a54c8ce1a1f4c156edf3f1ad4f21962212e271391683aa1865

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 30 Apr 2023 02:19:57 GMT
machineid
3106
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=622&height=349&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1682821197103&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1514&pt=-2117357755&tz=0&viewable=true&ddast=V8xvoCLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMmNPJORw2NYi3Yr11o0XG7WEodz5hbtVsPZYjJxrja2ISC5kWcycngMa9Fu5VqLhsvNWuJwztyi3Wo4W0wmztXGNgUVU_jbPX_Ly2RQO01uheX09JhdbrCFptPhc93rdb_fXWt0mF0uq-npdnnuGr_bL3p5jH6102P5e_4201vzcH7eStNb5nfdTW61w-z0OP2uz1vzt5l-D8vLrbS7labPW_P8nF5uzx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAYLJBIDrkgNB-u-nycpj9AQAAAAAEAAAAAAkABNugEgAxBocn_v________9jDNBn3sj4____v6HQA-DBB8CDEAAAgIshpjI6RiPtl5VECDyLMAIAAABQiZPZe2SSTlCxqPL__99vBeAKAEDA4XO9518W3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEI1dQPpxGeRLFX8wsIALDmFxAAgI26AQB4EwAn6BC0YjBYnYCYHQAAAIA7_____3pAxuVyDnazjWM3Wy1cxsVitVhYRg6Ta2TYzCwzh_eYDoBXTTHOjvSpmMLf7vlbXiaD2mlyKyynp8fssp8JW4xWk8lmOZwtF5PBcDQcjfZnIBaTAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDA1sw0WzpVrLdgNV27RxuNbS4yD2VowXC1mNstuZZwt3KLXx3Qx7VarjXOLBAPI9iJ5WqQT2WI2cmxsvtlisbBMnCvPzLeZLGbGhc2wsIxGrolYojlZpBPZZd9xuZyD3Wzj2M1WC5dxsVgtFpaRw-QaGTYzy8zhb81sg4Vz5VoLdsOVW7Tx-NYS42C2FgxXi5nNslsZZwu36PUxXUy71Wrj3Ddmw8lwslgsN_vGbDgZThaL5WbfoTN8V5-zUbSTbDwmw7iY_YtrDoPCZbB4V6rTSluQHLTZq8jp0syURZ3R7_f7_X6_3-_3-w1az8FsUPi-Q-twHLl-nNnF9yA2KBSxRHCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiNF2kE73o5TH61U6P5e_520xvzcP5eStNb5nfdTe51Q6z0-P0uz5vzd9m-j0sL7fS7laaPm_N83N6uT0XsURwukgnopfxdFH_kUOMlnPVbK5YbeaK4XKVAAAAAAAAAAAswSTTTQAAAACcDGo3WI5W63Qwk8VkuVktF0DEGqGuH-vOPVagK6FijT2msUaH2eWymp5ul-ftsjvcgsdmshkulrspA4hYs2O22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAgI4ceAACA-D6gKtXwI1eKPX4FsVgMNvsHoEKs1Wp1u7FWqwU!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=0&dtagid=3212935&dpubid=570945&abtst=dpxrv0_vB!lvlstst-in2_vA!lvlstst1_vA!nonrv_vA!t45!u2822_vA!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.khaleejtimes.com&en=1&panid=3c4a4051ac2f6424e8a8685569ac16d53938fe39a1c41677b301c6f3783825ca
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dc6756e9d538e66128886e71b99ecba72c6b6e3376513e8485d407cfb0cc337c

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sun, 30 Apr 2023 02:19:57 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1105
x-cache
MISS
x-served-by
cache-yyz4532-YYZ
pragma
no-cache
server
nginx
x-timer
S1682821197.235817,VS0,VE137
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
link
<http://taboola-d.openx.net>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<http://taboola-d.openx.net>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8xvoCLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMmNPJORw2NYi3Yr11o0XG7WEodz5hbtVsPZYjJxrja2ISC5kWcycngMa9Fu5VqLhsvNWuJwztyi3Wo4W0wmztXGNgUVU_jbPX_Ly2RQO01uheX09JhdbrCFptPhc93rdb_fXWt0mF0uq-npdnnuGr_bL3p5jH6102P5e_4201vzcH7eStNb5nfdTW61w-z0OP2uz1vzt5l-D8vLrbS7labPW_P8nF5uzx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAYLJBIDrkgNB-u-nycpj9AQAAAAAEAAAAAAkABNugEgAxBocn_v________9jDNBn3sj4____v6HQA-DBB8CDEAAAgIshpjI6RiPtl5VECDyLMAIAAABQiZPZe2SSTlCxqPL__99vBeAKAEDA4XO9518W3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEI1dQPpxGeRLFX8wsIALDmFxAAgI26AQB4EwAn6BC0YjBYnYCYHQAAAIA7_____3pAxuVyDnazjWM3Wy1cxsVitVhYRg6Ta2TYzCwzh_eYDoBXTTHOjvSpmMLf7vlbXiaD2mlyKyynp8fssp8JW4xWk8lmOZwtF5PBcDQcjfZnIBaTAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDA1sw0WzpVrLdgNV27RxuNbS4yD2VowXC1mNstuZZwt3KLXx3Qx7VarjXOLBAPI9iJ5WqQT2WI2cmxsvtlisbBMnCvPzLeZLGbGhc2wsIxGrolYojlZpBPZZd9xuZyD3Wzj2M1WC5dxsVgtFpaRw-QaGTYzy8zhb81sg4Vz5VoLdsOVW7Tx-NYS42C2FgxXi5nNslsZZwu36PUxXUy71Wrj3Ddmw8lwslgsN_vGbDgZThaL5WbfoTN8V5-zUbSTbDwmw7iY_YtrDoPCZbB4V6rTSluQHLTZq8jp0syURZ3R7_f7_X6_3-_3-w1az8FsUPi-Q-twHLl-nNnF9yA2KBSxRHCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiNF2kE73o5TH61U6P5e_520xvzcP5eStNb5nfdTe51Q6z0-P0uz5vzd9m-j0sL7fS7laaPm_N83N6uT0XsURwukgnopfxdFH_kUOMlnPVbK5YbeaK4XKVAAAAAAAAAAAswSTTTQAAAACcDGo3WI5W63Qwk8VkuVktF0DEGqGuH-vOPVagK6FijT2msUaH2eWymp5ul-ftsjvcgsdmshkulrspA4hYs2O22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAgI4ceAACA-D6gKtXwI1eKPX4FsVgMNvsHoEKs1Wp1u7FWqwU!&cmcv=&pix=31589837&cb=1682821197096&uv=3270&tms=1682821197096&abt=dpxrv0_vB!lvlstst-in2_vA!lvlstst1_vA!nonrv_vA!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1682821186858.9!ts:1682821197096&mntl=2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-length
0
server
nginx
st
imprnjmp.taboola.com/ Frame 1638 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imprnjmp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66607125&crid=6831575&dast=V81BACLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMlNTLbJzDlaC0cml1s0WwzWwpHLsBYsRqbVaLQcuWazISCZ2cTmmCxMa43NtnGLVrvRWrlymdaCwWBkmTlmI5vHNAUXU_jbPX_Ly2SQsMx-30FBOT09ZpcbbKHpdPhc93rd73fXGh1ml8tqerpdnrvG7_aLXh6jX-30WP6ev8301jycn7fS9Jb5XXeTW-0wOz1Ov-vz1vxtpt_D8nIr7W6l6fPWPD-nl9tzBwAAAAAPANB6riH8AAIARAAAAACQAAAAAEAhoMK_BYELAAAAABgAFgpTNACYbBCIDjkgtN9uurwcZn8AAHiAAAEAIIBBAgDBNqgEQIzB4QkAAAAAAAAAABb_____MQbwsSpkEAhMZ_YAePAB8ECE4K4IIwAAAACVOJm9RybpBBWLKgAABOlWAK4AAAQcPteLMoQBAAAQGLNAD4vfb3bYNX63ywAAAAAAAAAAmPk_849GqKZ-OI3wJIq9ml9AAIA1v4AAAGzUDQDAmwA4QYegFYPB6gTE7AAAAADc-f___9cDMi6Xc7CbbRy72WrhMi4Wq8XCMnKYXCPDZmaZObzHdAC8aopxdqTPxRT-ds_f8jIZJCyz33dQUE5Pj9llPxO2GK0mk81yOFsuJoPhaDga7c9ALCYDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGpmGyycK9dasBuu3KKNx7eWGAeztWC4Wsxslt3KOFu4Ra-P6WLarVYb5xYJBpDtRXCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiOVmkE9ll33G5nIPdbOPYzVYLl3GxWC0WlpHD5BoZNjPLzOFvzWyDhXPlWgt2w5VbtPH41hLjYLYWDFeLmc2yWxlnC7fo9TFdTLvVauPcN2bDyXCyWCw3-8ZsOBlOFovlZt-hM3xXn7NRtJNsPCbDuJj9i2sOg8JlsHhXqtNKW5ActNmryOnSzJRFndHv9_v9fr_f7_f7DVrPwWxQ-L5D63AcuX6c2cX3IDYoFLFEcLpIJ6KX8XQRSyRPi3SiHA4Wvs3MuTJNRpOZc7VcmAyr2cixMq42y5VxORFLlKaLdKIXvTxGv9rpsfw9f5vprXk4P2-l6S3zu-4mt9phdnqcftfnrfnbTL-H5eVW2t1K0-eteX5OL7fnov4jhxgt56rZXLHazBXD5SoBAAAAAAAAAFiCSaabAAAAADgZ1G6wHK2WCyBijVDXj3XnHivQlVCxxh7TWKPD7HJZTU-3y_N22R1uwWMz2QwXy92UAUSs2THbzDOCWKvVsgYAACCADQAAIICbbrwJRIfk7AOiysnMzMzU5FcQi8Vgs38AKsRarZbPF2u1Wg!&cmcv=&pix=undefined&cb=1682821197111&uv=3270&tms=1682821197111&abt=dpxrv0_vB!lvlstst-in2_vA!lvlstst1_vA!nonrv_vA!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=7bd62f94-8dde-4610-8de0-01d45449d566&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7fb0deb629f2f0bf1c2d22934fdb8352b39c08538d7a1c7d93bd2fbbee446e69

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Sun, 30 Apr 2023 02:19:57 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yul12823-YUL
x-timer
S1682821197.233502,VS0,VE14
sync
us-match.taboola.com/ Frame 16D3 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V81BACLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMlNTLbJzDlaC0cml1s0WwzWwpHLsBYsRqbVaLQcuWazISCZ2cTmmCxMa43NtnGLVrvRWrlymdaCwWBkmTlmI5vHNAUXU_jbPX_Ly2SQsMx-30FBOT09ZpcbbKHpdPhc93rd73fXGh1ml8tqerpdnrvG7_aLXh6jX-30WP6ev8301jycn7fS9Jb5XXeTW-0wOz1Ov-vz1vxtpt_D8nIr7W6l6fPWPD-nl9tzBwAAAAAPANB6riH8AAIARAAAAACQAAAAAEAhoMK_BYELAAAAABgAFgpTNACYbBCIDjkgtN9uurwcZn8AAHiAAAEAIIBBAgDBNqgEQIzB4QkAAAAAAAAAABb_____MQbwsSpkEAhMZ_YAePAB8ECE4K4IIwAAAACVOJm9RybpBBWLKgAABOlWAK4AAAQcPteLMoQBAAAQGLNAD4vfb3bYNX63ywAAAAAAAAAAmPk_849GqKZ-OI3wJIq9ml9AAIA1v4AAAGzUDQDAmwA4QYegFYPB6gTE7AAAAADc-f___9cDMi6Xc7CbbRy72WrhMi4Wq8XCMnKYXCPDZmaZObzHdAC8aopxdqTPxRT-ds_f8jIZJCyz33dQUE5Pj9llPxO2GK0mk81yOFsuJoPhaDga7c9ALCYDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGpmGyycK9dasBuu3KKNx7eWGAeztWC4Wsxslt3KOFu4Ra-P6WLarVYb5xYJBpDtRXCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiOVmkE9ll33G5nIPdbOPYzVYLl3GxWC0WlpHD5BoZNjPLzOFvzWyDhXPlWgt2w5VbtPH41hLjYLYWDFeLmc2yWxlnC7fo9TFdTLvVauPcN2bDyXCyWCw3-8ZsOBlOFovlZt-hM3xXn7NRtJNsPCbDuJj9i2sOg8JlsHhXqtNKW5ActNmryOnSzJRFndHv9_v9fr_f7_f7DVrPwWxQ-L5D63AcuX6c2cX3IDYoFLFEcLpIJ6KX8XQRSyRPi3SiHA4Wvs3MuTJNRpOZc7VcmAyr2cixMq42y5VxORFLlKaLdKIXvTxGv9rpsfw9f5vprXk4P2-l6S3zu-4mt9phdnqcftfnrfnbTL-H5eVW2t1K0-eteX5OL7fnov4jhxgt56rZXLHazBXD5SoBAAAAAAAAAFiCSaabAAAAADgZ1G6wHK2WCyBijVDXj3XnHivQlVCxxh7TWKPD7HJZTU-3y_N22R1uwWMz2QwXy92UAUSs2THbzDOCWKvVsgYAACCADQAAIICbbrwJRIfk7AOiysnMzMzU5FcQi8Vgs38AKsRarZbPF2u1Wg!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
bf4a356b3b1356f6aed29f5c5cf9b86194dfd51da5ca5d96fd20ca3ed3f556a1

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 30 Apr 2023 02:19:57 GMT
machineid
3107
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
788 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=662&height=372&pubid=169497&tagid=953497&crid=6831575&noaop=3&sortOrderType=0&cb=1682821197115&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1514&pt=-2117357755&tz=0&viewable=true&ddast=V81BACLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMlNTLbJzDlaC0cml1s0WwzWwpHLsBYsRqbVaLQcuWazISCZ2cTmmCxMa43NtnGLVrvRWrlymdaCwWBkmTlmI5vHNAUXU_jbPX_Ly2SQsMx-30FBOT09ZpcbbKHpdPhc93rd73fXGh1ml8tqerpdnrvG7_aLXh6jX-30WP6ev8301jycn7fS9Jb5XXeTW-0wOz1Ov-vz1vxtpt_D8nIr7W6l6fPWPD-nl9tzBwAAAAAPANB6riH8AAIARAAAAACQAAAAAEAhoMK_BYELAAAAABgAFgpTNACYbBCIDjkgtN9uurwcZn8AAHiAAAEAIIBBAgDBNqgEQIzB4QkAAAAAAAAAABb_____MQbwsSpkEAhMZ_YAePAB8ECE4K4IIwAAAACVOJm9RybpBBWLKgAABOlWAK4AAAQcPteLMoQBAAAQGLNAD4vfb3bYNX63ywAAAAAAAAAAmPk_849GqKZ-OI3wJIq9ml9AAIA1v4AAAGzUDQDAmwA4QYegFYPB6gTE7AAAAADc-f___9cDMi6Xc7CbbRy72WrhMi4Wq8XCMnKYXCPDZmaZObzHdAC8aopxdqTPxRT-ds_f8jIZJCyz33dQUE5Pj9llPxO2GK0mk81yOFsuJoPhaDga7c9ALCYDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGpmGyycK9dasBuu3KKNx7eWGAeztWC4Wsxslt3KOFu4Ra-P6WLarVYb5xYJBpDtRXCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiOVmkE9ll33G5nIPdbOPYzVYLl3GxWC0WlpHD5BoZNjPLzOFvzWyDhXPlWgt2w5VbtPH41hLjYLYWDFeLmc2yWxlnC7fo9TFdTLvVauPcN2bDyXCyWCw3-8ZsOBlOFovlZt-hM3xXn7NRtJNsPCbDuJj9i2sOg8JlsHhXqtNKW5ActNmryOnSzJRFndHv9_v9fr_f7_f7DVrPwWxQ-L5D63AcuX6c2cX3IDYoFLFEcLpIJ6KX8XQRSyRPi3SiHA4Wvs3MuTJNRpOZc7VcmAyr2cixMq42y5VxORFLlKaLdKIXvTxGv9rpsfw9f5vprXk4P2-l6S3zu-4mt9phdnqcftfnrfnbTL-H5eVW2t1K0-eteX5OL7fnov4jhxgt56rZXLHazBXD5SoBAAAAAAAAAFiCSaabAAAAADgZ1G6wHK2WCyBijVDXj3XnHivQlVCxxh7TWKPD7HJZTU-3y_N22R1uwWMz2QwXy92UAUSs2THbzDOCWKvVsgYAACCADQAAIICbbrwJRIfk7AOiysnMzMzU5FcQi8Vgs38AKsRarZbPF2u1Wg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=0&dtagid=3212935&dpubid=570945&abtst=dpxrv0_vB!lvlstst-in2_vA!lvlstst1_vA!nonrv_vA!t45!u2822_vA!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.khaleejtimes.com&en=1&panid=3c4a4051ac2f6424e8a8685569ac16d53938fe39a1c41677b301c6f3783825ca
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6933d67ffb0246d0b032c8c38d3826274f54beaf45c57518667c743639bab133

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Sun, 30 Apr 2023 02:19:57 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1128
x-cache
MISS
x-served-by
cache-yyz4532-YYZ
pragma
no-cache
server
nginx
x-timer
S1682821197.235786,VS0,VE146
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
us-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66607125&crid=6831575&dast=V81BACLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMlNTLbJzDlaC0cml1s0WwzWwpHLsBYsRqbVaLQcuWazISCZ2cTmmCxMa43NtnGLVrvRWrlymdaCwWBkmTlmI5vHNAUXU_jbPX_Ly2SQsMx-30FBOT09ZpcbbKHpdPhc93rd73fXGh1ml8tqerpdnrvG7_aLXh6jX-30WP6ev8301jycn7fS9Jb5XXeTW-0wOz1Ov-vz1vxtpt_D8nIr7W6l6fPWPD-nl9tzBwAAAAAPANB6riH8AAIARAAAAACQAAAAAEAhoMK_BYELAAAAABgAFgpTNACYbBCIDjkgtN9uurwcZn8AAHiAAAEAIIBBAgDBNqgEQIzB4QkAAAAAAAAAABb_____MQbwsSpkEAhMZ_YAePAB8ECE4K4IIwAAAACVOJm9RybpBBWLKgAABOlWAK4AAAQcPteLMoQBAAAQGLNAD4vfb3bYNX63ywAAAAAAAAAAmPk_849GqKZ-OI3wJIq9ml9AAIA1v4AAAGzUDQDAmwA4QYegFYPB6gTE7AAAAADc-f___9cDMi6Xc7CbbRy72WrhMi4Wq8XCMnKYXCPDZmaZObzHdAC8aopxdqTPxRT-ds_f8jIZJCyz33dQUE5Pj9llPxO2GK0mk81yOFsuJoPhaDga7c9ALCYDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGpmGyycK9dasBuu3KKNx7eWGAeztWC4Wsxslt3KOFu4Ra-P6WLarVYb5xYJBpDtRXCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiOVmkE9ll33G5nIPdbOPYzVYLl3GxWC0WlpHD5BoZNjPLzOFvzWyDhXPlWgt2w5VbtPH41hLjYLYWDFeLmc2yWxlnC7fo9TFdTLvVauPcN2bDyXCyWCw3-8ZsOBlOFovlZt-hM3xXn7NRtJNsPCbDuJj9i2sOg8JlsHhXqtNKW5ActNmryOnSzJRFndHv9_v9fr_f7_f7DVrPwWxQ-L5D63AcuX6c2cX3IDYoFLFEcLpIJ6KX8XQRSyRPi3SiHA4Wvs3MuTJNRpOZc7VcmAyr2cixMq42y5VxORFLlKaLdKIXvTxGv9rpsfw9f5vprXk4P2-l6S3zu-4mt9phdnqcftfnrfnbTL-H5eVW2t1K0-eteX5OL7fnov4jhxgt56rZXLHazBXD5SoBAAAAAAAAAFiCSaabAAAAADgZ1G6wHK2WCyBijVDXj3XnHivQlVCxxh7TWKPD7HJZTU-3y_N22R1uwWMz2QwXy92UAUSs2THbzDOCWKvVsgYAACCADQAAIICbbrwJRIfk7AOiysnMzMzU5FcQi8Vgs38AKsRarZbPF2u1Wg!&cmcv=&pix=31589837&cb=1682821197110&uv=3270&tms=1682821197110&abt=dpxrv0_vB!lvlstst-in2_vA!lvlstst1_vA!nonrv_vA!t45!u2822_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1682821186858.9!ts:1682821197110&mntl=2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-length
0
server
nginx
csync
sync.adtelligent.com/ Frame 0F7C 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:56 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
um
u-iad04.e-planning.net/ Frame 6E13 		42 B
104 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=5c6c647b53171dd3&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D5c6c647b53171dd3%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:57 GMT
server
openresty
jquery-2.1.3.min.js
cdn.adgebra.in/generic/js/ Frame E3C0 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adgebra.in/generic/js/jquery-2.1.3.min.js
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/AdServing/spot.js?p1=5823&p2=24553&p3=UAE%20news%2C%20Dubai%20news%2C%20coronavirus%2C%20Microsoft%2C%20SolarWind%2C%20malicious%20software!Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%20%20Khaleej%20Times%20Microsoft%20Corp%20said%20on%20Thursday%20it%20found%20malicious%20software%20in%20its%20systems%20related%20to%20a%20massive%20hacking%20campaign%20disclosed%20by%20US%20officials%20this%20week%2C%20addin..%20&p4=23043002&flytxt=313&preferurl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&neg=0&p5=&p8=&p10=&p12=_&p11=7&DC=2&p15=0&p16=&dynamic_trg=is_safe%3Dunsafe%40_%23flags%3Dcontroversial%40_%23cSafe%3Dcontroversial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.108.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.108.160.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:56:58 GMT
via
1.1 google
content-encoding
br
x-goog-meta-goog-reserved-file-mtime
1435661265
age
1379
x-cache-status
hit
x-guploader-uploadid
ADPycdu366OISmb-IZktHqRpDjwVEc01qY9S7ARVFhX0Y0wFrZ4BH0uxOL95vd73xeZGSVckJPFjMPECYd3RQl3nddr1UAvRzGKz
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29133
last-modified
Wed, 27 Jul 2022 11:06:34 GMT
server
UploadServer
max-age
31536000
vary
Accept-Encoding
x-goog-hash
crc32c=u75QrQ==, md5=MgFd1C6VgqgKhHNvXZpE1w==
x-goog-generation
1658919994380938
content-language
en
content-type
application/octet-stream
cache-control
public
x-goog-stored-content-length
84320
accept-ranges
bytes
cross.png
cdn.adgebra.in/generic/images/spot/ Frame E3C0 		642 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.adgebra.in/generic/images/spot/cross.png
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/AdServing/spot.js?p1=5823&p2=24553&p3=UAE%20news%2C%20Dubai%20news%2C%20coronavirus%2C%20Microsoft%2C%20SolarWind%2C%20malicious%20software!Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%20%20Khaleej%20Times%20Microsoft%20Corp%20said%20on%20Thursday%20it%20found%20malicious%20software%20in%20its%20systems%20related%20to%20a%20massive%20hacking%20campaign%20disclosed%20by%20US%20officials%20this%20week%2C%20addin..%20&p4=23043002&flytxt=313&preferurl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&neg=0&p5=&p8=&p10=&p12=_&p11=7&DC=2&p15=0&p16=&dynamic_trg=is_safe%3Dunsafe%40_%23flags%3Dcontroversial%40_%23cSafe%3Dcontroversial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.108.227 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
227.108.160.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2b04d90166cb5c1c8eea5700aebed77e4173ca6174f66b064a7cb7dcdd53c73

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:56:58 GMT
via
1.1 google
x-goog-meta-goog-reserved-file-mtime
1465367688
age
1379
x-cache-status
hit
x-guploader-uploadid
ADPycdtzjiXPNqe9AIg_q-12f4ov9h5mkR4z66Wqx-RvKUNuoGNJMsOupD4sIRZ5SH7IwAGmq2KmL60b2PSiiHni_b9WcysMj1O9
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
642
last-modified
Wed, 27 Jul 2022 11:06:36 GMT
server
UploadServer
max-age
31536000
etag
"9d3a33cd38356910bcf6df83e2470316"
x-goog-hash
crc32c=QoxZhg==, md5=nTozzTg1aRC89t+D4kcDFg==
x-goog-generation
1658919996183897
content-language
en
content-type
application/octet-stream
cache-control
public
x-goog-stored-content-length
642
accept-ranges
bytes
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E3C0 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/AdServing/spot.js?p1=5823&p2=24553&p3=UAE%20news%2C%20Dubai%20news%2C%20coronavirus%2C%20Microsoft%2C%20SolarWind%2C%20malicious%20software!Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%20%20Khaleej%20Times%20Microsoft%20Corp%20said%20on%20Thursday%20it%20found%20malicious%20software%20in%20its%20systems%20related%20to%20a%20massive%20hacking%20campaign%20disclosed%20by%20US%20officials%20this%20week%2C%20addin..%20&p4=23043002&flytxt=313&preferurl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&neg=0&p5=&p8=&p10=&p12=_&p11=7&DC=2&p15=0&p16=&dynamic_trg=is_safe%3Dunsafe%40_%23flags%3Dcontroversial%40_%23cSafe%3Dcontroversial
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb87616c7749a4ecba4092856cd38095eaf6fbd0b6cc714bcd6c4b9cfa4ed647
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24756
x-xss-protection
0
server
cafe
etag
431 / 19477 / m202304250101 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:57 GMT
1271600801072509413
s0.2mdn.net/simgad/ Frame A2D4 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1271600801072509413
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7YSC3dGILeFHvsEbFEslX_JNHcyrlxoMUXXQaZmwM3DqDPWs24SK_cEtCQ_J-EfH6s-UEq812mlCK8w5V6bSE_ZVWLqdXPGLnJHnwLfKAX6LP3fairxRb9xNGsbww4cbH7NAvgOP07TbrPCNzRvOo64D7oopLBHs-OYszbCreDKY53jo&dbm_d=AKAmf-APZnjP-1R7z2BnnH-gns_dRr9Z0poCY2R7Xn1AMc2IlvMlMs3hXoJL8YnBnUpq4ogWfV47VzAx6OzWc3iRF3kJaa275GzEB6NlHaJz2yFNyj-QV9LwecShrL852ynOB4WI9f65yypW5aB38TnbWdKS3YLxG_zr9f4rCoBZhr7z4LPs9hULEbXYR-b3gaUm14g3RQefGzzS5R1QA8PqtgJjMjj42N57iOPGN5fX5apJxoEpHBWBdcB9peD7XhPra1uOk05jD-uXa1sMDoSnGyj0qoAy7kpAKWYz5J0Qq3USkoKMf2BckVci6Tez24ghEHyKSUkejdwgvvDQ8Ck--Gr2PafccRnAFOWUzBRHqzm1XAJS6Mf-L3IQFzIv-n4jnnWKc6tM0vt_Cx7_rJ8nT41b5LDjrpHu_TR9BDLZWlPa54Bu2EEysf6tTDJt8eHK5VBd7PXC9Hyrw5YkRfLREgLow2vZDURFOTPGyOaeG47jh768-h1_fTPhR05k942BczcetFmCol2w2KN18WqLHSnZdeJaZBxhIQTOicX0l-nxYfxAdiasEHoMKFxfqfLwsyDnBC7iRFRDCOpLdwnZdHF-y643iu7lV4VqBWqE11pRp3eMUQ2RSIHi_y8NF-Ela0XDpVeyLRJ1GXwPM7JfHknvapL35HpZEBLx9JKYXp9O1WGhsPPtUg15b_YSi3Wgaq0FoMukQAZyQPlMECjfjPJ52LtBg4g_XYx6SHFCv1utZ0B8ffx7vcFou2B3Cg4mE3gfOjouJQokMHs_-Gq5O7hfQhQmUOhD9PH8zcrsPqL0liYQRR-jSNByWIYayGQng6vNkaA1siqvd6U3cf1TGEEdgIkPY53yVx0B9fWuupRRBNuNNLq_K3niwMnGOLyynMU_JaHvHkZB3iwfm9aIDfZ1arAwpr0Ozu1tjRWkmy1F50tFQ9AIZccKL7Z9F_QmKBByCktCHJBw92LjXDmsP5MZ8D2HwCbA80If0dOIr72fkIOEofV6yZFiNcELbdPK6q4puprM3z3x2x5xBaKQDPfUtIFnp-GctIic5hCeFjBR_cJMdRU4FXK7_6xubpjBx3IO-2z5a6ynSyHSzjCS5yUY_xt5G6I71Vd5Kevba-7OHIJkKvQT3X6bhHYwD_eR9qalDeaLLGEghKIvQwgQHWOKR0l0_E3P_gQTLNymm_OFhmi4FEUGhTzOkaC1KUsNX8hZhOeUl_fU0IoFIEaygsxxhrcvN12beczavz_lkKTsjHzS1XL8lz2PFQft5WnGXv2HU5FY8RVvH8r7LMuOKSAHwoXv3JYBrSea3knY7-Hvz8Ovc9pkQUS5Ta_6YkAkJRuT8VLVqqnYRLz5cBHviVDhO-_KDoME_pS4Qt-1WHiU0WHGbeEAr2n4XOj1Y-vZIl6cfTEYlzInkO4veR2h38FLLxo0JRGS8TYKu5Bumeq8Mngu5QzpCQl8A51XK6nZ9MfOkhO8mBdAbibxl1TvX43NDZWEMpfdG2NE5SGc6uQE4QyVlt5xtNoZbUS8B9jF066rp94j1uWOqrq3f3GKB1XuQfbtPdm8sI0mDD8TE5EwLZamsKv4QloiE50rO4aC5jO0z3O1dKNKsCajb3ei9BIFxqUsFyLpznk_IxJxzAztN-janzuNegyq_37QK2KPqViVeGN9v3uJZLxWrjDrB_d_CLBqInvwwtaDgaaaBDQleoAOxQArUfCV0pexoiU5ra3V69WF85xCsIOoIuEJXkvp0k48hZeV-kffEico-MEaLEMBFY4-ZOSbfAxchQzp8gfuyFtMCqxyzfrV7AiwezeqZUl-yg_pUhW_5bZQLWu72Y3bY8HiUaTcCSxPQ4NzxhN5Q6IhJeRYDFVX9qSvCHEbXGUPvbKE-TxhCsALc6m9d7YrWB6Y5tRacIN9mEmkAw8K7INONnhdK1sXEWVDFwpYn2y8nJy6jwPyx0XN0ZR6jltatr-_EGtxz5eNznLMmVmvPKeiQBwM2_KAdACZpf2Jo14xgWvQW7cU2wIjoXUod8jEVR3i2SSi20ucVOdbegD3RIz6T52NpV9rMB-4I3O6JtlwPTN8y-f4x22Fs4XXf9wS_KB6HZLRLisiVeSigscFvd2eQCqtv7xBJH3ZzK_hVOYfnn9MkE94C22cT4T3zvFHnpk40DwDMmbCazEcE2-Wz1iq3aqlKvFAFNTrb_erzl-BkD9yfgaq3ML--6a2mOFQOoNkfbcFcqAMyWUVAG6z97CTHFBdzM6AOk06AbQ8qRaW8x5CAZUTugN8FOJ7LuFZFtiJuAVav73GMOJqEv7Hh1x4JZUfvw96UBrkVanjejE6LpL5tGjC9bZycFWOSbcniWhCsN5SiPlZNGqCTxkkDwB8l0yiQ7KyO7l47CbfpvWNCMS-qXTUR2nGKR5hzGR44vGCbNrOTmrxy_Bfw-5qRmi9WOHVKxTw0PiEb66H-QEYv7Oe-75ayRHELJrWITw53o6lCrF6s0L9_qwFrEkMA9RpGfGEtVO5IJggYpd3BlBnEERpzmt6qEQVELqeNT_O1IIBAVGD6lctXvrDfIQ3uA4duFGLkB9gGCpEhCvfDeMBX8wVylZjkrLRrwj99Zl5x57ienj8zT18El07P4rf7AiKcX-6oHGBaGt_zGX-TaNWH0p3yQnZpSBWI95ftWAkW2czUrClanDrfxCmULwo5QTcUUrxtlLczLISzmVv_LCjRdNK5bgA4Yf9zD0rgJnr1X8ptgU5D0WFeDBIVwl8XogWRa5mhe9NlzmpNIymJwV7uW1lydE99fn_3aSjYX8JW7GUTNzhxE1lmChclXiMriJ-oQKqOLth-rhmXnLHGatrjOF5yv0fKS-jKtGD1kjkon4H2_jY3vaV6PE8Wxp0Gzpu_kFSXpaxqy773qhSsZ1romadZDDv9bTdXPQ3tyNG3iTMksIBD_RF0WMOnHOyAkjCT8w_YTaU5U_9mw-6xu2mO2EiP-z5uEFIEwWzJTcLJfWfXvzyFQJHQpGzmZxKdm_cUmZQIcRCFkYFV5aVrcWMZ8L-WfRpfIhLqutzBDc8fPEPX5ymItama2KLsfcyu2wN0K5Mk8gTR7qLzs09IFvUhV2dMtkwxohRlyEeiATA8lWi0xT65rwYmzrBbBbZIrZcoXx3GATGYa4TwqTw0Vj1yxy2HWS0inKrRzyqUuTGj4RjtFnZRewEQBmk1eBJH2ZbuiLW0Dj7UW9QGKoqyKE7Q0_cIBlXTVN2_qDSqEFipzQZ18b81DFHACuMMu3GcaMCeyePaVivP4inYoVBWpMfpu_b0tjUE-8E9TVBzLLhvhgar0-3uZW7px4XCxNtS1_1LLeBjIGiqXlA-tFjPuHaneqTzdA5VCq9-thuppxg5JauPw8kwyVGARNJwtemeMph&pr=9%3AAAABh8_1mGH0exkkMkdQNphuls0OByY1yrntcg&cid=CAQSGwBygQiDM64aC8-NZ0lcpTe959JKkGvi6zH6GhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApUN3VjQ1VGUUVFHBbv292an_v6rvMBFpGz8aKOz7DEygEAHBbQvPKoio_0ppQBFsPAsPC628Px3QEAFo7B7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFrSZ0oy32piKfhaX4fDbkLu7tOkBABaOwe7EDAYovNmYgAQWxL6bgAQWgIiggAQW-tmkgAQYCTQ2OTM2NTgzNxaKxgEWjAElBBZGGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FPgDFNoEABYCGANydGIA3BsCiB5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBWZhbHNlAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=4549704372629151000&adk=3855065083&idt=68&cac=0&dtd=60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2006 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f74e5e060bc6b61fd7b3fa01f48a375f4343ac3d8c0e6d383108ed850cbd9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:10:38 GMT
x-content-type-options
nosniff
age
58159
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10621
x-xss-protection
0
last-modified
Thu, 06 Oct 2022 14:53:49 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 28 Apr 2024 10:10:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/ Frame A2D4 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7YSC3dGILeFHvsEbFEslX_JNHcyrlxoMUXXQaZmwM3DqDPWs24SK_cEtCQ_J-EfH6s-UEq812mlCK8w5V6bSE_ZVWLqdXPGLnJHnwLfKAX6LP3fairxRb9xNGsbww4cbH7NAvgOP07TbrPCNzRvOo64D7oopLBHs-OYszbCreDKY53jo&dbm_d=AKAmf-APZnjP-1R7z2BnnH-gns_dRr9Z0poCY2R7Xn1AMc2IlvMlMs3hXoJL8YnBnUpq4ogWfV47VzAx6OzWc3iRF3kJaa275GzEB6NlHaJz2yFNyj-QV9LwecShrL852ynOB4WI9f65yypW5aB38TnbWdKS3YLxG_zr9f4rCoBZhr7z4LPs9hULEbXYR-b3gaUm14g3RQefGzzS5R1QA8PqtgJjMjj42N57iOPGN5fX5apJxoEpHBWBdcB9peD7XhPra1uOk05jD-uXa1sMDoSnGyj0qoAy7kpAKWYz5J0Qq3USkoKMf2BckVci6Tez24ghEHyKSUkejdwgvvDQ8Ck--Gr2PafccRnAFOWUzBRHqzm1XAJS6Mf-L3IQFzIv-n4jnnWKc6tM0vt_Cx7_rJ8nT41b5LDjrpHu_TR9BDLZWlPa54Bu2EEysf6tTDJt8eHK5VBd7PXC9Hyrw5YkRfLREgLow2vZDURFOTPGyOaeG47jh768-h1_fTPhR05k942BczcetFmCol2w2KN18WqLHSnZdeJaZBxhIQTOicX0l-nxYfxAdiasEHoMKFxfqfLwsyDnBC7iRFRDCOpLdwnZdHF-y643iu7lV4VqBWqE11pRp3eMUQ2RSIHi_y8NF-Ela0XDpVeyLRJ1GXwPM7JfHknvapL35HpZEBLx9JKYXp9O1WGhsPPtUg15b_YSi3Wgaq0FoMukQAZyQPlMECjfjPJ52LtBg4g_XYx6SHFCv1utZ0B8ffx7vcFou2B3Cg4mE3gfOjouJQokMHs_-Gq5O7hfQhQmUOhD9PH8zcrsPqL0liYQRR-jSNByWIYayGQng6vNkaA1siqvd6U3cf1TGEEdgIkPY53yVx0B9fWuupRRBNuNNLq_K3niwMnGOLyynMU_JaHvHkZB3iwfm9aIDfZ1arAwpr0Ozu1tjRWkmy1F50tFQ9AIZccKL7Z9F_QmKBByCktCHJBw92LjXDmsP5MZ8D2HwCbA80If0dOIr72fkIOEofV6yZFiNcELbdPK6q4puprM3z3x2x5xBaKQDPfUtIFnp-GctIic5hCeFjBR_cJMdRU4FXK7_6xubpjBx3IO-2z5a6ynSyHSzjCS5yUY_xt5G6I71Vd5Kevba-7OHIJkKvQT3X6bhHYwD_eR9qalDeaLLGEghKIvQwgQHWOKR0l0_E3P_gQTLNymm_OFhmi4FEUGhTzOkaC1KUsNX8hZhOeUl_fU0IoFIEaygsxxhrcvN12beczavz_lkKTsjHzS1XL8lz2PFQft5WnGXv2HU5FY8RVvH8r7LMuOKSAHwoXv3JYBrSea3knY7-Hvz8Ovc9pkQUS5Ta_6YkAkJRuT8VLVqqnYRLz5cBHviVDhO-_KDoME_pS4Qt-1WHiU0WHGbeEAr2n4XOj1Y-vZIl6cfTEYlzInkO4veR2h38FLLxo0JRGS8TYKu5Bumeq8Mngu5QzpCQl8A51XK6nZ9MfOkhO8mBdAbibxl1TvX43NDZWEMpfdG2NE5SGc6uQE4QyVlt5xtNoZbUS8B9jF066rp94j1uWOqrq3f3GKB1XuQfbtPdm8sI0mDD8TE5EwLZamsKv4QloiE50rO4aC5jO0z3O1dKNKsCajb3ei9BIFxqUsFyLpznk_IxJxzAztN-janzuNegyq_37QK2KPqViVeGN9v3uJZLxWrjDrB_d_CLBqInvwwtaDgaaaBDQleoAOxQArUfCV0pexoiU5ra3V69WF85xCsIOoIuEJXkvp0k48hZeV-kffEico-MEaLEMBFY4-ZOSbfAxchQzp8gfuyFtMCqxyzfrV7AiwezeqZUl-yg_pUhW_5bZQLWu72Y3bY8HiUaTcCSxPQ4NzxhN5Q6IhJeRYDFVX9qSvCHEbXGUPvbKE-TxhCsALc6m9d7YrWB6Y5tRacIN9mEmkAw8K7INONnhdK1sXEWVDFwpYn2y8nJy6jwPyx0XN0ZR6jltatr-_EGtxz5eNznLMmVmvPKeiQBwM2_KAdACZpf2Jo14xgWvQW7cU2wIjoXUod8jEVR3i2SSi20ucVOdbegD3RIz6T52NpV9rMB-4I3O6JtlwPTN8y-f4x22Fs4XXf9wS_KB6HZLRLisiVeSigscFvd2eQCqtv7xBJH3ZzK_hVOYfnn9MkE94C22cT4T3zvFHnpk40DwDMmbCazEcE2-Wz1iq3aqlKvFAFNTrb_erzl-BkD9yfgaq3ML--6a2mOFQOoNkfbcFcqAMyWUVAG6z97CTHFBdzM6AOk06AbQ8qRaW8x5CAZUTugN8FOJ7LuFZFtiJuAVav73GMOJqEv7Hh1x4JZUfvw96UBrkVanjejE6LpL5tGjC9bZycFWOSbcniWhCsN5SiPlZNGqCTxkkDwB8l0yiQ7KyO7l47CbfpvWNCMS-qXTUR2nGKR5hzGR44vGCbNrOTmrxy_Bfw-5qRmi9WOHVKxTw0PiEb66H-QEYv7Oe-75ayRHELJrWITw53o6lCrF6s0L9_qwFrEkMA9RpGfGEtVO5IJggYpd3BlBnEERpzmt6qEQVELqeNT_O1IIBAVGD6lctXvrDfIQ3uA4duFGLkB9gGCpEhCvfDeMBX8wVylZjkrLRrwj99Zl5x57ienj8zT18El07P4rf7AiKcX-6oHGBaGt_zGX-TaNWH0p3yQnZpSBWI95ftWAkW2czUrClanDrfxCmULwo5QTcUUrxtlLczLISzmVv_LCjRdNK5bgA4Yf9zD0rgJnr1X8ptgU5D0WFeDBIVwl8XogWRa5mhe9NlzmpNIymJwV7uW1lydE99fn_3aSjYX8JW7GUTNzhxE1lmChclXiMriJ-oQKqOLth-rhmXnLHGatrjOF5yv0fKS-jKtGD1kjkon4H2_jY3vaV6PE8Wxp0Gzpu_kFSXpaxqy773qhSsZ1romadZDDv9bTdXPQ3tyNG3iTMksIBD_RF0WMOnHOyAkjCT8w_YTaU5U_9mw-6xu2mO2EiP-z5uEFIEwWzJTcLJfWfXvzyFQJHQpGzmZxKdm_cUmZQIcRCFkYFV5aVrcWMZ8L-WfRpfIhLqutzBDc8fPEPX5ymItama2KLsfcyu2wN0K5Mk8gTR7qLzs09IFvUhV2dMtkwxohRlyEeiATA8lWi0xT65rwYmzrBbBbZIrZcoXx3GATGYa4TwqTw0Vj1yxy2HWS0inKrRzyqUuTGj4RjtFnZRewEQBmk1eBJH2ZbuiLW0Dj7UW9QGKoqyKE7Q0_cIBlXTVN2_qDSqEFipzQZ18b81DFHACuMMu3GcaMCeyePaVivP4inYoVBWpMfpu_b0tjUE-8E9TVBzLLhvhgar0-3uZW7px4XCxNtS1_1LLeBjIGiqXlA-tFjPuHaneqTzdA5VCq9-thuppxg5JauPw8kwyVGARNJwtemeMph&pr=9%3AAAABh8_1mGH0exkkMkdQNphuls0OByY1yrntcg&cid=CAQSGwBygQiDM64aC8-NZ0lcpTe959JKkGvi6zH6GhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApUN3VjQ1VGUUVFHBbv292an_v6rvMBFpGz8aKOz7DEygEAHBbQvPKoio_0ppQBFsPAsPC628Px3QEAFo7B7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFrSZ0oy32piKfhaX4fDbkLu7tOkBABaOwe7EDAYovNmYgAQWxL6bgAQWgIiggAQW-tmkgAQYCTQ2OTM2NTgzNxaKxgEWjAElBBZGGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FPgDFNoEABYCGANydGIA3BsCiB5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBWZhbHNlAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=4549704372629151000&adk=3855065083&idt=68&cac=0&dtd=60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
22495
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10878
x-xss-protection
0
server
cafe
etag
6410051166583139006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:02 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A2D4 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7YSC3dGILeFHvsEbFEslX_JNHcyrlxoMUXXQaZmwM3DqDPWs24SK_cEtCQ_J-EfH6s-UEq812mlCK8w5V6bSE_ZVWLqdXPGLnJHnwLfKAX6LP3fairxRb9xNGsbww4cbH7NAvgOP07TbrPCNzRvOo64D7oopLBHs-OYszbCreDKY53jo&dbm_d=AKAmf-APZnjP-1R7z2BnnH-gns_dRr9Z0poCY2R7Xn1AMc2IlvMlMs3hXoJL8YnBnUpq4ogWfV47VzAx6OzWc3iRF3kJaa275GzEB6NlHaJz2yFNyj-QV9LwecShrL852ynOB4WI9f65yypW5aB38TnbWdKS3YLxG_zr9f4rCoBZhr7z4LPs9hULEbXYR-b3gaUm14g3RQefGzzS5R1QA8PqtgJjMjj42N57iOPGN5fX5apJxoEpHBWBdcB9peD7XhPra1uOk05jD-uXa1sMDoSnGyj0qoAy7kpAKWYz5J0Qq3USkoKMf2BckVci6Tez24ghEHyKSUkejdwgvvDQ8Ck--Gr2PafccRnAFOWUzBRHqzm1XAJS6Mf-L3IQFzIv-n4jnnWKc6tM0vt_Cx7_rJ8nT41b5LDjrpHu_TR9BDLZWlPa54Bu2EEysf6tTDJt8eHK5VBd7PXC9Hyrw5YkRfLREgLow2vZDURFOTPGyOaeG47jh768-h1_fTPhR05k942BczcetFmCol2w2KN18WqLHSnZdeJaZBxhIQTOicX0l-nxYfxAdiasEHoMKFxfqfLwsyDnBC7iRFRDCOpLdwnZdHF-y643iu7lV4VqBWqE11pRp3eMUQ2RSIHi_y8NF-Ela0XDpVeyLRJ1GXwPM7JfHknvapL35HpZEBLx9JKYXp9O1WGhsPPtUg15b_YSi3Wgaq0FoMukQAZyQPlMECjfjPJ52LtBg4g_XYx6SHFCv1utZ0B8ffx7vcFou2B3Cg4mE3gfOjouJQokMHs_-Gq5O7hfQhQmUOhD9PH8zcrsPqL0liYQRR-jSNByWIYayGQng6vNkaA1siqvd6U3cf1TGEEdgIkPY53yVx0B9fWuupRRBNuNNLq_K3niwMnGOLyynMU_JaHvHkZB3iwfm9aIDfZ1arAwpr0Ozu1tjRWkmy1F50tFQ9AIZccKL7Z9F_QmKBByCktCHJBw92LjXDmsP5MZ8D2HwCbA80If0dOIr72fkIOEofV6yZFiNcELbdPK6q4puprM3z3x2x5xBaKQDPfUtIFnp-GctIic5hCeFjBR_cJMdRU4FXK7_6xubpjBx3IO-2z5a6ynSyHSzjCS5yUY_xt5G6I71Vd5Kevba-7OHIJkKvQT3X6bhHYwD_eR9qalDeaLLGEghKIvQwgQHWOKR0l0_E3P_gQTLNymm_OFhmi4FEUGhTzOkaC1KUsNX8hZhOeUl_fU0IoFIEaygsxxhrcvN12beczavz_lkKTsjHzS1XL8lz2PFQft5WnGXv2HU5FY8RVvH8r7LMuOKSAHwoXv3JYBrSea3knY7-Hvz8Ovc9pkQUS5Ta_6YkAkJRuT8VLVqqnYRLz5cBHviVDhO-_KDoME_pS4Qt-1WHiU0WHGbeEAr2n4XOj1Y-vZIl6cfTEYlzInkO4veR2h38FLLxo0JRGS8TYKu5Bumeq8Mngu5QzpCQl8A51XK6nZ9MfOkhO8mBdAbibxl1TvX43NDZWEMpfdG2NE5SGc6uQE4QyVlt5xtNoZbUS8B9jF066rp94j1uWOqrq3f3GKB1XuQfbtPdm8sI0mDD8TE5EwLZamsKv4QloiE50rO4aC5jO0z3O1dKNKsCajb3ei9BIFxqUsFyLpznk_IxJxzAztN-janzuNegyq_37QK2KPqViVeGN9v3uJZLxWrjDrB_d_CLBqInvwwtaDgaaaBDQleoAOxQArUfCV0pexoiU5ra3V69WF85xCsIOoIuEJXkvp0k48hZeV-kffEico-MEaLEMBFY4-ZOSbfAxchQzp8gfuyFtMCqxyzfrV7AiwezeqZUl-yg_pUhW_5bZQLWu72Y3bY8HiUaTcCSxPQ4NzxhN5Q6IhJeRYDFVX9qSvCHEbXGUPvbKE-TxhCsALc6m9d7YrWB6Y5tRacIN9mEmkAw8K7INONnhdK1sXEWVDFwpYn2y8nJy6jwPyx0XN0ZR6jltatr-_EGtxz5eNznLMmVmvPKeiQBwM2_KAdACZpf2Jo14xgWvQW7cU2wIjoXUod8jEVR3i2SSi20ucVOdbegD3RIz6T52NpV9rMB-4I3O6JtlwPTN8y-f4x22Fs4XXf9wS_KB6HZLRLisiVeSigscFvd2eQCqtv7xBJH3ZzK_hVOYfnn9MkE94C22cT4T3zvFHnpk40DwDMmbCazEcE2-Wz1iq3aqlKvFAFNTrb_erzl-BkD9yfgaq3ML--6a2mOFQOoNkfbcFcqAMyWUVAG6z97CTHFBdzM6AOk06AbQ8qRaW8x5CAZUTugN8FOJ7LuFZFtiJuAVav73GMOJqEv7Hh1x4JZUfvw96UBrkVanjejE6LpL5tGjC9bZycFWOSbcniWhCsN5SiPlZNGqCTxkkDwB8l0yiQ7KyO7l47CbfpvWNCMS-qXTUR2nGKR5hzGR44vGCbNrOTmrxy_Bfw-5qRmi9WOHVKxTw0PiEb66H-QEYv7Oe-75ayRHELJrWITw53o6lCrF6s0L9_qwFrEkMA9RpGfGEtVO5IJggYpd3BlBnEERpzmt6qEQVELqeNT_O1IIBAVGD6lctXvrDfIQ3uA4duFGLkB9gGCpEhCvfDeMBX8wVylZjkrLRrwj99Zl5x57ienj8zT18El07P4rf7AiKcX-6oHGBaGt_zGX-TaNWH0p3yQnZpSBWI95ftWAkW2czUrClanDrfxCmULwo5QTcUUrxtlLczLISzmVv_LCjRdNK5bgA4Yf9zD0rgJnr1X8ptgU5D0WFeDBIVwl8XogWRa5mhe9NlzmpNIymJwV7uW1lydE99fn_3aSjYX8JW7GUTNzhxE1lmChclXiMriJ-oQKqOLth-rhmXnLHGatrjOF5yv0fKS-jKtGD1kjkon4H2_jY3vaV6PE8Wxp0Gzpu_kFSXpaxqy773qhSsZ1romadZDDv9bTdXPQ3tyNG3iTMksIBD_RF0WMOnHOyAkjCT8w_YTaU5U_9mw-6xu2mO2EiP-z5uEFIEwWzJTcLJfWfXvzyFQJHQpGzmZxKdm_cUmZQIcRCFkYFV5aVrcWMZ8L-WfRpfIhLqutzBDc8fPEPX5ymItama2KLsfcyu2wN0K5Mk8gTR7qLzs09IFvUhV2dMtkwxohRlyEeiATA8lWi0xT65rwYmzrBbBbZIrZcoXx3GATGYa4TwqTw0Vj1yxy2HWS0inKrRzyqUuTGj4RjtFnZRewEQBmk1eBJH2ZbuiLW0Dj7UW9QGKoqyKE7Q0_cIBlXTVN2_qDSqEFipzQZ18b81DFHACuMMu3GcaMCeyePaVivP4inYoVBWpMfpu_b0tjUE-8E9TVBzLLhvhgar0-3uZW7px4XCxNtS1_1LLeBjIGiqXlA-tFjPuHaneqTzdA5VCq9-thuppxg5JauPw8kwyVGARNJwtemeMph&pr=9%3AAAABh8_1mGH0exkkMkdQNphuls0OByY1yrntcg&cid=CAQSGwBygQiDM64aC8-NZ0lcpTe959JKkGvi6zH6GhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApUN3VjQ1VGUUVFHBbv292an_v6rvMBFpGz8aKOz7DEygEAHBbQvPKoio_0ppQBFsPAsPC628Px3QEAFo7B7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFrSZ0oy32piKfhaX4fDbkLu7tOkBABaOwe7EDAYovNmYgAQWxL6bgAQWgIiggAQW-tmkgAQYCTQ2OTM2NTgzNxaKxgEWjAElBBZGGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FPgDFNoEABYCGANydGIA3BsCiB5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBWZhbHNlAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=4549704372629151000&adk=3855065083&idt=68&cac=0&dtd=60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:57 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/ Frame A2D4 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230426/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7YSC3dGILeFHvsEbFEslX_JNHcyrlxoMUXXQaZmwM3DqDPWs24SK_cEtCQ_J-EfH6s-UEq812mlCK8w5V6bSE_ZVWLqdXPGLnJHnwLfKAX6LP3fairxRb9xNGsbww4cbH7NAvgOP07TbrPCNzRvOo64D7oopLBHs-OYszbCreDKY53jo&dbm_d=AKAmf-APZnjP-1R7z2BnnH-gns_dRr9Z0poCY2R7Xn1AMc2IlvMlMs3hXoJL8YnBnUpq4ogWfV47VzAx6OzWc3iRF3kJaa275GzEB6NlHaJz2yFNyj-QV9LwecShrL852ynOB4WI9f65yypW5aB38TnbWdKS3YLxG_zr9f4rCoBZhr7z4LPs9hULEbXYR-b3gaUm14g3RQefGzzS5R1QA8PqtgJjMjj42N57iOPGN5fX5apJxoEpHBWBdcB9peD7XhPra1uOk05jD-uXa1sMDoSnGyj0qoAy7kpAKWYz5J0Qq3USkoKMf2BckVci6Tez24ghEHyKSUkejdwgvvDQ8Ck--Gr2PafccRnAFOWUzBRHqzm1XAJS6Mf-L3IQFzIv-n4jnnWKc6tM0vt_Cx7_rJ8nT41b5LDjrpHu_TR9BDLZWlPa54Bu2EEysf6tTDJt8eHK5VBd7PXC9Hyrw5YkRfLREgLow2vZDURFOTPGyOaeG47jh768-h1_fTPhR05k942BczcetFmCol2w2KN18WqLHSnZdeJaZBxhIQTOicX0l-nxYfxAdiasEHoMKFxfqfLwsyDnBC7iRFRDCOpLdwnZdHF-y643iu7lV4VqBWqE11pRp3eMUQ2RSIHi_y8NF-Ela0XDpVeyLRJ1GXwPM7JfHknvapL35HpZEBLx9JKYXp9O1WGhsPPtUg15b_YSi3Wgaq0FoMukQAZyQPlMECjfjPJ52LtBg4g_XYx6SHFCv1utZ0B8ffx7vcFou2B3Cg4mE3gfOjouJQokMHs_-Gq5O7hfQhQmUOhD9PH8zcrsPqL0liYQRR-jSNByWIYayGQng6vNkaA1siqvd6U3cf1TGEEdgIkPY53yVx0B9fWuupRRBNuNNLq_K3niwMnGOLyynMU_JaHvHkZB3iwfm9aIDfZ1arAwpr0Ozu1tjRWkmy1F50tFQ9AIZccKL7Z9F_QmKBByCktCHJBw92LjXDmsP5MZ8D2HwCbA80If0dOIr72fkIOEofV6yZFiNcELbdPK6q4puprM3z3x2x5xBaKQDPfUtIFnp-GctIic5hCeFjBR_cJMdRU4FXK7_6xubpjBx3IO-2z5a6ynSyHSzjCS5yUY_xt5G6I71Vd5Kevba-7OHIJkKvQT3X6bhHYwD_eR9qalDeaLLGEghKIvQwgQHWOKR0l0_E3P_gQTLNymm_OFhmi4FEUGhTzOkaC1KUsNX8hZhOeUl_fU0IoFIEaygsxxhrcvN12beczavz_lkKTsjHzS1XL8lz2PFQft5WnGXv2HU5FY8RVvH8r7LMuOKSAHwoXv3JYBrSea3knY7-Hvz8Ovc9pkQUS5Ta_6YkAkJRuT8VLVqqnYRLz5cBHviVDhO-_KDoME_pS4Qt-1WHiU0WHGbeEAr2n4XOj1Y-vZIl6cfTEYlzInkO4veR2h38FLLxo0JRGS8TYKu5Bumeq8Mngu5QzpCQl8A51XK6nZ9MfOkhO8mBdAbibxl1TvX43NDZWEMpfdG2NE5SGc6uQE4QyVlt5xtNoZbUS8B9jF066rp94j1uWOqrq3f3GKB1XuQfbtPdm8sI0mDD8TE5EwLZamsKv4QloiE50rO4aC5jO0z3O1dKNKsCajb3ei9BIFxqUsFyLpznk_IxJxzAztN-janzuNegyq_37QK2KPqViVeGN9v3uJZLxWrjDrB_d_CLBqInvwwtaDgaaaBDQleoAOxQArUfCV0pexoiU5ra3V69WF85xCsIOoIuEJXkvp0k48hZeV-kffEico-MEaLEMBFY4-ZOSbfAxchQzp8gfuyFtMCqxyzfrV7AiwezeqZUl-yg_pUhW_5bZQLWu72Y3bY8HiUaTcCSxPQ4NzxhN5Q6IhJeRYDFVX9qSvCHEbXGUPvbKE-TxhCsALc6m9d7YrWB6Y5tRacIN9mEmkAw8K7INONnhdK1sXEWVDFwpYn2y8nJy6jwPyx0XN0ZR6jltatr-_EGtxz5eNznLMmVmvPKeiQBwM2_KAdACZpf2Jo14xgWvQW7cU2wIjoXUod8jEVR3i2SSi20ucVOdbegD3RIz6T52NpV9rMB-4I3O6JtlwPTN8y-f4x22Fs4XXf9wS_KB6HZLRLisiVeSigscFvd2eQCqtv7xBJH3ZzK_hVOYfnn9MkE94C22cT4T3zvFHnpk40DwDMmbCazEcE2-Wz1iq3aqlKvFAFNTrb_erzl-BkD9yfgaq3ML--6a2mOFQOoNkfbcFcqAMyWUVAG6z97CTHFBdzM6AOk06AbQ8qRaW8x5CAZUTugN8FOJ7LuFZFtiJuAVav73GMOJqEv7Hh1x4JZUfvw96UBrkVanjejE6LpL5tGjC9bZycFWOSbcniWhCsN5SiPlZNGqCTxkkDwB8l0yiQ7KyO7l47CbfpvWNCMS-qXTUR2nGKR5hzGR44vGCbNrOTmrxy_Bfw-5qRmi9WOHVKxTw0PiEb66H-QEYv7Oe-75ayRHELJrWITw53o6lCrF6s0L9_qwFrEkMA9RpGfGEtVO5IJggYpd3BlBnEERpzmt6qEQVELqeNT_O1IIBAVGD6lctXvrDfIQ3uA4duFGLkB9gGCpEhCvfDeMBX8wVylZjkrLRrwj99Zl5x57ienj8zT18El07P4rf7AiKcX-6oHGBaGt_zGX-TaNWH0p3yQnZpSBWI95ftWAkW2czUrClanDrfxCmULwo5QTcUUrxtlLczLISzmVv_LCjRdNK5bgA4Yf9zD0rgJnr1X8ptgU5D0WFeDBIVwl8XogWRa5mhe9NlzmpNIymJwV7uW1lydE99fn_3aSjYX8JW7GUTNzhxE1lmChclXiMriJ-oQKqOLth-rhmXnLHGatrjOF5yv0fKS-jKtGD1kjkon4H2_jY3vaV6PE8Wxp0Gzpu_kFSXpaxqy773qhSsZ1romadZDDv9bTdXPQ3tyNG3iTMksIBD_RF0WMOnHOyAkjCT8w_YTaU5U_9mw-6xu2mO2EiP-z5uEFIEwWzJTcLJfWfXvzyFQJHQpGzmZxKdm_cUmZQIcRCFkYFV5aVrcWMZ8L-WfRpfIhLqutzBDc8fPEPX5ymItama2KLsfcyu2wN0K5Mk8gTR7qLzs09IFvUhV2dMtkwxohRlyEeiATA8lWi0xT65rwYmzrBbBbZIrZcoXx3GATGYa4TwqTw0Vj1yxy2HWS0inKrRzyqUuTGj4RjtFnZRewEQBmk1eBJH2ZbuiLW0Dj7UW9QGKoqyKE7Q0_cIBlXTVN2_qDSqEFipzQZ18b81DFHACuMMu3GcaMCeyePaVivP4inYoVBWpMfpu_b0tjUE-8E9TVBzLLhvhgar0-3uZW7px4XCxNtS1_1LLeBjIGiqXlA-tFjPuHaneqTzdA5VCq9-thuppxg5JauPw8kwyVGARNJwtemeMph&pr=9%3AAAABh8_1mGH0exkkMkdQNphuls0OByY1yrntcg&cid=CAQSGwBygQiDM64aC8-NZ0lcpTe959JKkGvi6zH6GhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApUN3VjQ1VGUUVFHBbv292an_v6rvMBFpGz8aKOz7DEygEAHBbQvPKoio_0ppQBFsPAsPC628Px3QEAFo7B7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFrSZ0oy32piKfhaX4fDbkLu7tOkBABaOwe7EDAYovNmYgAQWxL6bgAQWgIiggAQW-tmkgAQYCTQ2OTM2NTgzNxaKxgEWjAElBBZGGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FPgDFNoEABYCGANydGIA3BsCiB5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBWZhbHNlAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=4549704372629151000&adk=3855065083&idt=68&cac=0&dtd=60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
22496
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4122
x-xss-protection
0
server
cafe
etag
11429739870029468282
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A2D4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqAkurGtZk_vgQIadntJofI6k3Vzx0utgDghFSCDPAmc3AM18ewyt1T1-UNfboLX9JbGgM838b6GtWgVFP6IEvFm42cxQ8UJbnYPEzlysRnAfGw7hUxIAYFJqRbon-FHlEc0k_oZKZWdPrb0NJUUEswrpe9Qhd-d0BET8zgzimxMKfmgx7tf9KpYPU_QDrDmS6NKgyQlnfFTyVikDUyYBSLo-OtNjeP2RcV9HOy2OYS1n2zqsEZoVdPJQPzuzv4ksuTJQ5vvw5QoqgDwuEg0en05FFUiq10FhR7jdSxBQnYKtbkL7VNiBOMzjfnEM65ouxMz4Ylk8_5W9iB6kOU1on2AJOIXg7MGjGj7cGV0yoqqf4P-kVh8R05fBIqm9sxPtQpdGDqGw47AODR5YG5McCxToGFd53vBt4qpEDDa2zDbnvBVAEoaBDfOz3ELAW-17axSTr2pbNF5W_EMbmJpVFdEYxH9G4PlO-GJbX3pRNVM-D8FF37qH_fBgTnzhwH3_Cyfo-AutUE_D27li05MYEV9faRI1DhhgU-uux6GQyI9F85TQZJNDqmm8zHaNn_cBMwRTArO803evgW8wMNPB4l2qGh65BmZb4er3CPixO0GHPBclaJKzZk5jVgCA-G-i5O6eMSUDQpZptyuVk6GRiWsGh2SVkZG_uvv9B6_AVjO8aIa9ZR9obXlgm_EdfRdpGle7kEXJCytcmHKO8AzeBfjg34oOMbegCBBi3iD0yiqsT9mCLWomK2C7lzlX13rW3_YIesBnoDUebtcJvVMQEd3I18Z7Bpvs8g_Mxs95NRipPb_Q0Zarv7SR6Yawtu1EbsolFwaMs7pKNQnXVenyyxnmKLwxGZvf1y_q_gihlx3dUVOdSWvG6AL0w_D_FVrXwpx_efvYRdVKiK5hJs4uqqnX1sqzEZKcv8aLhgOXdKPAs0X1FONuAgp0odUE9NpROJnNTWANngWNxOXm3IRo_alWgUnbvOmMry09HLbUZ0q_MSx2ViXpaurL5xt-DdzF2RRzud0rtlQFl2uYAkI3N9-f6r7jgdzjNztslMNy1IeH_7-MZDHDohCiYja9NBvz4U0yBdVsA6hwm9t8s0qnpTLJHYa3UKNdQ1gpIrR4Ldrw1QMHRxvuTpBal0wE5pX1WMNXtSfSzb-VfFgt00Sp2KDznW-9sDsCsetsImwig7mBe0Vwl1g-J_eHN56WolfM&sai=AMfl-YRWDe4y7nJeywaA9zrtD0Ewcn0PUVEUQ1eD3eG_3_mAd0GsJdiuEQ4uB6D3atGAX43w4Wr8v3OLKJcV8z8QOU3OOZ-I1j44EdJXZIsz2vqy0xkiN87CdiiE9Qb7LD6RBKQNKr-xp80J_7tUhGwaAVu5koEF2ZX5hTde7smTu-rC8TqVUNk&sig=Cg0ArKJSzOfllplm7fUyEAE&uach_m=[UACH]&pr=9:AAABh8_1mGH0exkkMkdQNphuls0OByY1yrntcg&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230426.26825&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7YSC3dGILeFHvsEbFEslX_JNHcyrlxoMUXXQaZmwM3DqDPWs24SK_cEtCQ_J-EfH6s-UEq812mlCK8w5V6bSE_ZVWLqdXPGLnJHnwLfKAX6LP3fairxRb9xNGsbww4cbH7NAvgOP07TbrPCNzRvOo64D7oopLBHs-OYszbCreDKY53jo&dbm_d=AKAmf-APZnjP-1R7z2BnnH-gns_dRr9Z0poCY2R7Xn1AMc2IlvMlMs3hXoJL8YnBnUpq4ogWfV47VzAx6OzWc3iRF3kJaa275GzEB6NlHaJz2yFNyj-QV9LwecShrL852ynOB4WI9f65yypW5aB38TnbWdKS3YLxG_zr9f4rCoBZhr7z4LPs9hULEbXYR-b3gaUm14g3RQefGzzS5R1QA8PqtgJjMjj42N57iOPGN5fX5apJxoEpHBWBdcB9peD7XhPra1uOk05jD-uXa1sMDoSnGyj0qoAy7kpAKWYz5J0Qq3USkoKMf2BckVci6Tez24ghEHyKSUkejdwgvvDQ8Ck--Gr2PafccRnAFOWUzBRHqzm1XAJS6Mf-L3IQFzIv-n4jnnWKc6tM0vt_Cx7_rJ8nT41b5LDjrpHu_TR9BDLZWlPa54Bu2EEysf6tTDJt8eHK5VBd7PXC9Hyrw5YkRfLREgLow2vZDURFOTPGyOaeG47jh768-h1_fTPhR05k942BczcetFmCol2w2KN18WqLHSnZdeJaZBxhIQTOicX0l-nxYfxAdiasEHoMKFxfqfLwsyDnBC7iRFRDCOpLdwnZdHF-y643iu7lV4VqBWqE11pRp3eMUQ2RSIHi_y8NF-Ela0XDpVeyLRJ1GXwPM7JfHknvapL35HpZEBLx9JKYXp9O1WGhsPPtUg15b_YSi3Wgaq0FoMukQAZyQPlMECjfjPJ52LtBg4g_XYx6SHFCv1utZ0B8ffx7vcFou2B3Cg4mE3gfOjouJQokMHs_-Gq5O7hfQhQmUOhD9PH8zcrsPqL0liYQRR-jSNByWIYayGQng6vNkaA1siqvd6U3cf1TGEEdgIkPY53yVx0B9fWuupRRBNuNNLq_K3niwMnGOLyynMU_JaHvHkZB3iwfm9aIDfZ1arAwpr0Ozu1tjRWkmy1F50tFQ9AIZccKL7Z9F_QmKBByCktCHJBw92LjXDmsP5MZ8D2HwCbA80If0dOIr72fkIOEofV6yZFiNcELbdPK6q4puprM3z3x2x5xBaKQDPfUtIFnp-GctIic5hCeFjBR_cJMdRU4FXK7_6xubpjBx3IO-2z5a6ynSyHSzjCS5yUY_xt5G6I71Vd5Kevba-7OHIJkKvQT3X6bhHYwD_eR9qalDeaLLGEghKIvQwgQHWOKR0l0_E3P_gQTLNymm_OFhmi4FEUGhTzOkaC1KUsNX8hZhOeUl_fU0IoFIEaygsxxhrcvN12beczavz_lkKTsjHzS1XL8lz2PFQft5WnGXv2HU5FY8RVvH8r7LMuOKSAHwoXv3JYBrSea3knY7-Hvz8Ovc9pkQUS5Ta_6YkAkJRuT8VLVqqnYRLz5cBHviVDhO-_KDoME_pS4Qt-1WHiU0WHGbeEAr2n4XOj1Y-vZIl6cfTEYlzInkO4veR2h38FLLxo0JRGS8TYKu5Bumeq8Mngu5QzpCQl8A51XK6nZ9MfOkhO8mBdAbibxl1TvX43NDZWEMpfdG2NE5SGc6uQE4QyVlt5xtNoZbUS8B9jF066rp94j1uWOqrq3f3GKB1XuQfbtPdm8sI0mDD8TE5EwLZamsKv4QloiE50rO4aC5jO0z3O1dKNKsCajb3ei9BIFxqUsFyLpznk_IxJxzAztN-janzuNegyq_37QK2KPqViVeGN9v3uJZLxWrjDrB_d_CLBqInvwwtaDgaaaBDQleoAOxQArUfCV0pexoiU5ra3V69WF85xCsIOoIuEJXkvp0k48hZeV-kffEico-MEaLEMBFY4-ZOSbfAxchQzp8gfuyFtMCqxyzfrV7AiwezeqZUl-yg_pUhW_5bZQLWu72Y3bY8HiUaTcCSxPQ4NzxhN5Q6IhJeRYDFVX9qSvCHEbXGUPvbKE-TxhCsALc6m9d7YrWB6Y5tRacIN9mEmkAw8K7INONnhdK1sXEWVDFwpYn2y8nJy6jwPyx0XN0ZR6jltatr-_EGtxz5eNznLMmVmvPKeiQBwM2_KAdACZpf2Jo14xgWvQW7cU2wIjoXUod8jEVR3i2SSi20ucVOdbegD3RIz6T52NpV9rMB-4I3O6JtlwPTN8y-f4x22Fs4XXf9wS_KB6HZLRLisiVeSigscFvd2eQCqtv7xBJH3ZzK_hVOYfnn9MkE94C22cT4T3zvFHnpk40DwDMmbCazEcE2-Wz1iq3aqlKvFAFNTrb_erzl-BkD9yfgaq3ML--6a2mOFQOoNkfbcFcqAMyWUVAG6z97CTHFBdzM6AOk06AbQ8qRaW8x5CAZUTugN8FOJ7LuFZFtiJuAVav73GMOJqEv7Hh1x4JZUfvw96UBrkVanjejE6LpL5tGjC9bZycFWOSbcniWhCsN5SiPlZNGqCTxkkDwB8l0yiQ7KyO7l47CbfpvWNCMS-qXTUR2nGKR5hzGR44vGCbNrOTmrxy_Bfw-5qRmi9WOHVKxTw0PiEb66H-QEYv7Oe-75ayRHELJrWITw53o6lCrF6s0L9_qwFrEkMA9RpGfGEtVO5IJggYpd3BlBnEERpzmt6qEQVELqeNT_O1IIBAVGD6lctXvrDfIQ3uA4duFGLkB9gGCpEhCvfDeMBX8wVylZjkrLRrwj99Zl5x57ienj8zT18El07P4rf7AiKcX-6oHGBaGt_zGX-TaNWH0p3yQnZpSBWI95ftWAkW2czUrClanDrfxCmULwo5QTcUUrxtlLczLISzmVv_LCjRdNK5bgA4Yf9zD0rgJnr1X8ptgU5D0WFeDBIVwl8XogWRa5mhe9NlzmpNIymJwV7uW1lydE99fn_3aSjYX8JW7GUTNzhxE1lmChclXiMriJ-oQKqOLth-rhmXnLHGatrjOF5yv0fKS-jKtGD1kjkon4H2_jY3vaV6PE8Wxp0Gzpu_kFSXpaxqy773qhSsZ1romadZDDv9bTdXPQ3tyNG3iTMksIBD_RF0WMOnHOyAkjCT8w_YTaU5U_9mw-6xu2mO2EiP-z5uEFIEwWzJTcLJfWfXvzyFQJHQpGzmZxKdm_cUmZQIcRCFkYFV5aVrcWMZ8L-WfRpfIhLqutzBDc8fPEPX5ymItama2KLsfcyu2wN0K5Mk8gTR7qLzs09IFvUhV2dMtkwxohRlyEeiATA8lWi0xT65rwYmzrBbBbZIrZcoXx3GATGYa4TwqTw0Vj1yxy2HWS0inKrRzyqUuTGj4RjtFnZRewEQBmk1eBJH2ZbuiLW0Dj7UW9QGKoqyKE7Q0_cIBlXTVN2_qDSqEFipzQZ18b81DFHACuMMu3GcaMCeyePaVivP4inYoVBWpMfpu_b0tjUE-8E9TVBzLLhvhgar0-3uZW7px4XCxNtS1_1LLeBjIGiqXlA-tFjPuHaneqTzdA5VCq9-thuppxg5JauPw8kwyVGARNJwtemeMph&pr=9%3AAAABh8_1mGH0exkkMkdQNphuls0OByY1yrntcg&cid=CAQSGwBygQiDM64aC8-NZ0lcpTe959JKkGvi6zH6GhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApUN3VjQ1VGUUVFHBbv292an_v6rvMBFpGz8aKOz7DEygEAHBbQvPKoio_0ppQBFsPAsPC628Px3QEAFo7B7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFrSZ0oy32piKfhaX4fDbkLu7tOkBABaOwe7EDAYovNmYgAQWxL6bgAQWgIiggAQW-tmkgAQYCTQ2OTM2NTgzNxaKxgEWjAElBBZGGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FPgDFNoEABYCGANydGIA3BsCiB5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBWZhbHNlAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=4549704372629151000&adk=3855065083&idt=68&cac=0&dtd=60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 30 Apr 2023 02:19:57 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:19:57 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A2D4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7YSC3dGILeFHvsEbFEslX_JNHcyrlxoMUXXQaZmwM3DqDPWs24SK_cEtCQ_J-EfH6s-UEq812mlCK8w5V6bSE_ZVWLqdXPGLnJHnwLfKAX6LP3fairxRb9xNGsbww4cbH7NAvgOP07TbrPCNzRvOo64D7oopLBHs-OYszbCreDKY53jo&dbm_d=AKAmf-APZnjP-1R7z2BnnH-gns_dRr9Z0poCY2R7Xn1AMc2IlvMlMs3hXoJL8YnBnUpq4ogWfV47VzAx6OzWc3iRF3kJaa275GzEB6NlHaJz2yFNyj-QV9LwecShrL852ynOB4WI9f65yypW5aB38TnbWdKS3YLxG_zr9f4rCoBZhr7z4LPs9hULEbXYR-b3gaUm14g3RQefGzzS5R1QA8PqtgJjMjj42N57iOPGN5fX5apJxoEpHBWBdcB9peD7XhPra1uOk05jD-uXa1sMDoSnGyj0qoAy7kpAKWYz5J0Qq3USkoKMf2BckVci6Tez24ghEHyKSUkejdwgvvDQ8Ck--Gr2PafccRnAFOWUzBRHqzm1XAJS6Mf-L3IQFzIv-n4jnnWKc6tM0vt_Cx7_rJ8nT41b5LDjrpHu_TR9BDLZWlPa54Bu2EEysf6tTDJt8eHK5VBd7PXC9Hyrw5YkRfLREgLow2vZDURFOTPGyOaeG47jh768-h1_fTPhR05k942BczcetFmCol2w2KN18WqLHSnZdeJaZBxhIQTOicX0l-nxYfxAdiasEHoMKFxfqfLwsyDnBC7iRFRDCOpLdwnZdHF-y643iu7lV4VqBWqE11pRp3eMUQ2RSIHi_y8NF-Ela0XDpVeyLRJ1GXwPM7JfHknvapL35HpZEBLx9JKYXp9O1WGhsPPtUg15b_YSi3Wgaq0FoMukQAZyQPlMECjfjPJ52LtBg4g_XYx6SHFCv1utZ0B8ffx7vcFou2B3Cg4mE3gfOjouJQokMHs_-Gq5O7hfQhQmUOhD9PH8zcrsPqL0liYQRR-jSNByWIYayGQng6vNkaA1siqvd6U3cf1TGEEdgIkPY53yVx0B9fWuupRRBNuNNLq_K3niwMnGOLyynMU_JaHvHkZB3iwfm9aIDfZ1arAwpr0Ozu1tjRWkmy1F50tFQ9AIZccKL7Z9F_QmKBByCktCHJBw92LjXDmsP5MZ8D2HwCbA80If0dOIr72fkIOEofV6yZFiNcELbdPK6q4puprM3z3x2x5xBaKQDPfUtIFnp-GctIic5hCeFjBR_cJMdRU4FXK7_6xubpjBx3IO-2z5a6ynSyHSzjCS5yUY_xt5G6I71Vd5Kevba-7OHIJkKvQT3X6bhHYwD_eR9qalDeaLLGEghKIvQwgQHWOKR0l0_E3P_gQTLNymm_OFhmi4FEUGhTzOkaC1KUsNX8hZhOeUl_fU0IoFIEaygsxxhrcvN12beczavz_lkKTsjHzS1XL8lz2PFQft5WnGXv2HU5FY8RVvH8r7LMuOKSAHwoXv3JYBrSea3knY7-Hvz8Ovc9pkQUS5Ta_6YkAkJRuT8VLVqqnYRLz5cBHviVDhO-_KDoME_pS4Qt-1WHiU0WHGbeEAr2n4XOj1Y-vZIl6cfTEYlzInkO4veR2h38FLLxo0JRGS8TYKu5Bumeq8Mngu5QzpCQl8A51XK6nZ9MfOkhO8mBdAbibxl1TvX43NDZWEMpfdG2NE5SGc6uQE4QyVlt5xtNoZbUS8B9jF066rp94j1uWOqrq3f3GKB1XuQfbtPdm8sI0mDD8TE5EwLZamsKv4QloiE50rO4aC5jO0z3O1dKNKsCajb3ei9BIFxqUsFyLpznk_IxJxzAztN-janzuNegyq_37QK2KPqViVeGN9v3uJZLxWrjDrB_d_CLBqInvwwtaDgaaaBDQleoAOxQArUfCV0pexoiU5ra3V69WF85xCsIOoIuEJXkvp0k48hZeV-kffEico-MEaLEMBFY4-ZOSbfAxchQzp8gfuyFtMCqxyzfrV7AiwezeqZUl-yg_pUhW_5bZQLWu72Y3bY8HiUaTcCSxPQ4NzxhN5Q6IhJeRYDFVX9qSvCHEbXGUPvbKE-TxhCsALc6m9d7YrWB6Y5tRacIN9mEmkAw8K7INONnhdK1sXEWVDFwpYn2y8nJy6jwPyx0XN0ZR6jltatr-_EGtxz5eNznLMmVmvPKeiQBwM2_KAdACZpf2Jo14xgWvQW7cU2wIjoXUod8jEVR3i2SSi20ucVOdbegD3RIz6T52NpV9rMB-4I3O6JtlwPTN8y-f4x22Fs4XXf9wS_KB6HZLRLisiVeSigscFvd2eQCqtv7xBJH3ZzK_hVOYfnn9MkE94C22cT4T3zvFHnpk40DwDMmbCazEcE2-Wz1iq3aqlKvFAFNTrb_erzl-BkD9yfgaq3ML--6a2mOFQOoNkfbcFcqAMyWUVAG6z97CTHFBdzM6AOk06AbQ8qRaW8x5CAZUTugN8FOJ7LuFZFtiJuAVav73GMOJqEv7Hh1x4JZUfvw96UBrkVanjejE6LpL5tGjC9bZycFWOSbcniWhCsN5SiPlZNGqCTxkkDwB8l0yiQ7KyO7l47CbfpvWNCMS-qXTUR2nGKR5hzGR44vGCbNrOTmrxy_Bfw-5qRmi9WOHVKxTw0PiEb66H-QEYv7Oe-75ayRHELJrWITw53o6lCrF6s0L9_qwFrEkMA9RpGfGEtVO5IJggYpd3BlBnEERpzmt6qEQVELqeNT_O1IIBAVGD6lctXvrDfIQ3uA4duFGLkB9gGCpEhCvfDeMBX8wVylZjkrLRrwj99Zl5x57ienj8zT18El07P4rf7AiKcX-6oHGBaGt_zGX-TaNWH0p3yQnZpSBWI95ftWAkW2czUrClanDrfxCmULwo5QTcUUrxtlLczLISzmVv_LCjRdNK5bgA4Yf9zD0rgJnr1X8ptgU5D0WFeDBIVwl8XogWRa5mhe9NlzmpNIymJwV7uW1lydE99fn_3aSjYX8JW7GUTNzhxE1lmChclXiMriJ-oQKqOLth-rhmXnLHGatrjOF5yv0fKS-jKtGD1kjkon4H2_jY3vaV6PE8Wxp0Gzpu_kFSXpaxqy773qhSsZ1romadZDDv9bTdXPQ3tyNG3iTMksIBD_RF0WMOnHOyAkjCT8w_YTaU5U_9mw-6xu2mO2EiP-z5uEFIEwWzJTcLJfWfXvzyFQJHQpGzmZxKdm_cUmZQIcRCFkYFV5aVrcWMZ8L-WfRpfIhLqutzBDc8fPEPX5ymItama2KLsfcyu2wN0K5Mk8gTR7qLzs09IFvUhV2dMtkwxohRlyEeiATA8lWi0xT65rwYmzrBbBbZIrZcoXx3GATGYa4TwqTw0Vj1yxy2HWS0inKrRzyqUuTGj4RjtFnZRewEQBmk1eBJH2ZbuiLW0Dj7UW9QGKoqyKE7Q0_cIBlXTVN2_qDSqEFipzQZ18b81DFHACuMMu3GcaMCeyePaVivP4inYoVBWpMfpu_b0tjUE-8E9TVBzLLhvhgar0-3uZW7px4XCxNtS1_1LLeBjIGiqXlA-tFjPuHaneqTzdA5VCq9-thuppxg5JauPw8kwyVGARNJwtemeMph&pr=9%3AAAABh8_1mGH0exkkMkdQNphuls0OByY1yrntcg&cid=CAQSGwBygQiDM64aC8-NZ0lcpTe959JKkGvi6zH6GhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApUN3VjQ1VGUUVFHBbv292an_v6rvMBFpGz8aKOz7DEygEAHBbQvPKoio_0ppQBFsPAsPC628Px3QEAFo7B7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFrSZ0oy32piKfhaX4fDbkLu7tOkBABaOwe7EDAYovNmYgAQWxL6bgAQWgIiggAQW-tmkgAQYCTQ2OTM2NTgzNxaKxgEWjAElBBZGGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FPgDFNoEABYCGANydGIA3BsCiB5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBWZhbHNlAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=4549704372629151000&adk=3855065083&idt=68&cac=0&dtd=60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:25:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32066
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 28 Apr 2024 17:25:31 GMT
csync
sync.adtelligent.com/ Frame 01AB 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:56 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 37BB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
42973
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 14:23:44 GMT
expires
Sun, 28 Apr 2024 14:23:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CEF8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112330
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:57 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame F966
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
  • https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:57 GMT
Server
Adtelligent
Etag
91de8cda0809327e
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.spotim.market/csync?t=a&ep=323557&extuid=&gdpr=0&gdpr_consent={gdpr_onsent}
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
/
onetag-sys.com/usync/ Frame 61A2 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame F966 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:19:56 GMT
Server
Adtelligent
Etag
8cb866ad2d5caa65
Content-Length
43
Content-Type
image/gif
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4F83 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
42973
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 14:23:44 GMT
expires
Sun, 28 Apr 2024 14:23:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame 8BB8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
281450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:09:07 GMT
984.json
id5-sync.com/g/v2/ 		569 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
d4ac7b9a22acd55ab7954bd894e9f9ab46635576a00a3c5426e57eeba6c8d522
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:19:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
rum
r.casalemedia.com/ Frame 41CD
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0855814426be387e%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:56 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 41CD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=YtPWYjDX1j55hNVjY9TPNzDeh2J539JnYIbckCau
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=YtPWYjDX1j55hNVjY9TPNzDeh2J539JnYIbckCau
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0855814426be387e%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=YtPWYjDX1j55hNVjY9TPNzDeh2J539JnYIbckCau
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 41CD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Go1CAQPvWv5mMcBHozEv_5U4mb0
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Go1CAQPvWv5mMcBHozEv_5U4mb0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0855814426be387e%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Go1CAQPvWv5mMcBHozEv_5U4mb0
Date
Sun, 30 Apr 2023 02:19:57 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 41CD
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1698632398&external_user_id=e0c09700-8f76-46de-8d0c-5ca610b6bb40
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1698632398&external_user_id=e0c09700-8f76-46de-8d0c-5ca610b6bb40
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0855814426be387e%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1698632398&external_user_id=e0c09700-8f76-46de-8d0c-5ca610b6bb40
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
usermatchredir
ssum-sec.casalemedia.com/ Frame 41CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE3QSKiBZz7mrFv9ttLKygAABbMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0855814426be387e%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESELVGE8m1hdINsBuYRDlQxA4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=ZE3QSKiBZz7mrFv9ttLKygAA%261459
dpm.demdex.net/ Frame 41CD 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZE3QSKiBZz7mrFv9ttLKygAA%261459?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0855814426be387e%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.21.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-21-48.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v047-0cd62e5c1.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
CyEAr9/USTA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum.casalemedia.com/ Frame 41CD
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=1d309ee99c152191&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAL7N8vOLFDNwNqCtukAAAAAAA&expiration=1682907598&is_secure=true
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAL7N8vOLFDNwNqCtukAAAAAAA&expiration=1682907598&is_secure=true
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0855814426be387e%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAL7N8vOLFDNwNqCtukAAAAAAA&expiration=1682907598&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
dsum.casalemedia.com/ Frame 41CD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=109c1fce-ad74-46c0-b5d3-0584821c0883&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0855814426be387e%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=
Date
Sun, 30 Apr 2023 02:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
um
u-iad04.e-planning.net/ Frame 41CD 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=0855814426be387e&uid=ZE3QSKiBZz7mrFv9ttLKygAA%261459
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D0855814426be387e%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:57 GMT
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/ Frame 89BF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22059416475%2C78059622%2Fkhaleejtimes.com_PS_MCM_1.5_28.03.2023&description_url=https%3A%2F%2Fkhaleejtimes.com&tfcd=0&npa=0&sz=1x1%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=215861593430626&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=580126782&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&media_url=blob%3Ahttps%253a%2F%2Fwww.khaleejtimes.com%2Fba5cf172-bb48-4628-9329-8ded80a36306&sid=A0B4B015-23AF-4368-856E-E2AAEFD21113&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi4o9b__DBIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBi4o9b__DBIAFICCGQSGQoKcHViY2lkLm9yZxi3o9b__DBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuKPW__wwSABSAghk&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&dt=1682821197398&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&scor=4055287058584798&fbidx=-1&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 72A0 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=6ffdcb55-85c5-0c94-1ca4-fa88f93d3894
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
cookies.nextmillmedia.com/ Frame 72A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookies.nextmillmedia.com/sync?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D557617007%26val%3D%5BNMUID%5D
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.32.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-32-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 72A0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.220.229.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
sd
u.openx.net/w/1.0/ Frame 72A0
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid]
  • https://u.openx.net/w/1.0/sd?id=537106470&val=2403475317176069061
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=537106470&val=2403475317176069061
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?id=537106470&val=2403475317176069061
date
Sun, 30 Apr 2023 02:19:57 GMT
content-length
0
merge
ce.lijit.com/ Frame 9D84 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=6ffdcb55-85c5-0c94-1ca4-fa88f93d3894
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
cookies.nextmillmedia.com/ Frame 9D84 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookies.nextmillmedia.com/sync?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D557617007%26val%3D%5BNMUID%5D
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.32.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-32-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 9D84 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.220.229.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
sd
u.openx.net/w/1.0/ Frame 9D84
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid]
  • https://u.openx.net/w/1.0/sd?id=537106470&val=2403475317176069061
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=537106470&val=2403475317176069061
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?id=537106470&val=2403475317176069061
date
Sun, 30 Apr 2023 02:19:57 GMT
content-length
0
merge
ce.lijit.com/ Frame 8FF0 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=6ffdcb55-85c5-0c94-1ca4-fa88f93d3894
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
cookies.nextmillmedia.com/ Frame 8FF0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cookies.nextmillmedia.com/sync?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D557617007%26val%3D%5BNMUID%5D
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.32.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-32-92.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 8FF0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=3
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.220.229.2 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
sd
u.openx.net/w/1.0/ Frame 8FF0
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fu.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537106470%26val%3D[sas_uid]
  • https://u.openx.net/w/1.0/sd?id=537106470&val=2403475317176069061
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=537106470&val=2403475317176069061
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?id=537106470&val=2403475317176069061
date
Sun, 30 Apr 2023 02:19:57 GMT
content-length
0
merge
ce.lijit.com/ Frame 03A9 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=6ffdcb55-85c5-0c94-1ca4-fa88f93d3894
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:57 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4AAE 		95 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=1387bfc7-ee50-46cf-4574-84430a3eb6fc&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7bfc4d84e946a234-YYZ
access-control-allow-headers
*
content-length
95
usync.js
eus.rubiconproject.com/ Frame 6D83 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 17:49:36 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=55757
content-length
10020
expires
Sun, 30 Apr 2023 17:49:14 GMT
usync.js
eus.rubiconproject.com/ Frame C420 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:57 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 17:49:36 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=55757
content-length
10020
expires
Sun, 30 Apr 2023 17:49:14 GMT
export
eve.boxx.ai/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://eve.boxx.ai/export
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-96.ewr52.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bxpvid,content-type,loaded,localboxxcookie
Access-Control-Request-Method
POST
Origin
https://www.khaleejtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, bxpvid, loaded, localBoxxCookie
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
access-control-expose-headers
Set-Cookie
access-control-max-age
86400
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
x-amz-apigw-id
EK18OEvEhcwFm_A=
x-amz-cf-id
OOwDWScHkUv0-YrlNbFK4N8jSivoNNjksiPgXf0t4ovyHtJ-G_jxYQ==
x-amz-cf-pop
EWR52-C1
x-amzn-requestid
ebc02176-486f-43b4-b6b1-74acfb4a6c0b
x-amzn-trace-id
Root=1-644dd04d-29939f995455a6b00f670791;Sampled=0;lineage=04c5c4db:0
x-cache
Miss from cloudfront
export
eve.boxx.ai/ 		16 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://eve.boxx.ai/export
Requested by
Host: js.boxx.ai
URL: https://js.boxx.ai/sdk.js?client_id=x9vk&_rc=s&hash=467450
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-96.ewr52.r.cloudfront.net
Software
/
Resource Hash
08e2c358ce13cb67f94ebb35b0f67c8763190a857c0db68da6eb196dfe9da46a

Request headers

bxpvid
7c89d946-0433-4f28-a4dc-e4be93456a94
loaded
1682821191.640259
Referer
https://www.khaleejtimes.com/
localBoxxCookie
c78fb433-3269-4916-aae9-76b070e74872
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 9fbe771abcabdb4e14e7709f1f3c6e94.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-amzn-requestid
62d8dc27-de32-48cf-bc5a-f94f9ca26e5b
x-cache
Miss from cloudfront
x-amz-apigw-id
EK18UHeRhcwFXaA=
content-length
16
x-amzn-trace-id
Root=1-644dd04e-34ecff423cdbea7807c1ff17;Sampled=0;lineage=04c5c4db:0
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
access-control-expose-headers
Set-Cookie
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, bxpvid, loaded, localBoxxCookie
x-amz-cf-id
4Tcmk6l0Ne1QRGAzY68zGvJ_h_XqR8muFRj-l4BasufvA4z2-4UIOQ==
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Sun, 30 Apr 2023 02:19:57 GMT
via
1.1 varnish
x-amz-request-id
JFXX7NJ7M2FJYZ6M
age
6520
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
VNuE79zGkuG1WkYkook/LzjO6m8khshs44k88xUnWQ3oapFOdrvCIvii4035AZYl3g9EnhgUwco=
x-served-by
cache-yul12823-YUL
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1682821198.847461,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
11
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2103
sync
eb2.3lift.com/ Frame 8110 		144 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
a26efe4fa44a6ee75f4d5739b08b6f3e26328767a4fd1706a6e7406bda6d1a8b

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
144
content-type
text/html; charset=utf-8
date
Sun, 30 Apr 2023 02:19:57 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
csync
sync.adtelligent.com/ Frame 6341 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJGsunjaG4FJPvmH
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:57 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame FE2A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
42973
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 14:23:44 GMT
expires
Sun, 28 Apr 2024 14:23:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame 6E02 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
281450
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:09:07 GMT
csync
sync.adtelligent.com/ Frame 7D33 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:57 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
csync
sync.adtelligent.com/ Frame 5E70 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:57 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
track
track1.aniview.com/ Frame 89BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.khaleejtimes.com&rs=www.khaleejtimes.com&sid=14988&t=1682821193&cip=149.56.153.189&sn=&tgt=5&osv=10&bv=112.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=631834db55e9564951409ee5&test=&d64=5588dfe224885a80108ef8795acc4402&d63=5588dfe224885a80108ef8795acc4402&aafaid=&proto=https&uid=1682821193788-914099371828-001571-011-006544&cha=0.7&stagid=&stplid=&d35=&d36=&cb=41671815981&d39=&d65=&d66=&d73=&apppkg=&d9=0000&d37=realtime&asid=6422909efce73161aa093855%7C64228a9a4da45b17aa05c338&pid=631834db55e9564951409ee5%7C5e7b9048180bd02ded4b0937&cid=633bf016a4c8d47b685fec86%7C6422904273d6a50c1601fe5a&h=8b7c5fccf4b666a57c0dc9a9d998d035a67d31a5&d9=0000&ofpr=[AVC_FLOOR]&imid=5588dfe224885a80108ef8795acc4402_172316024_452423_&e=AdError&prbdres=303
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-215.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pd
us-u.openx.net/w/1.0/ Frame A0F7 		68 B
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=85ed8dbd-68fb-4e55-8aee-260bd8b8acf8
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
70
content-type
text/html
date
Sun, 30 Apr 2023 02:19:58 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
googleads4.g.doubleclick.net/pcs/ Frame A2D4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvqAkurGtZk_vgQIadntJofI6k3Vzx0utgDghFSCDPAmc3AM18ewyt1T1-UNfboLX9JbGgM838b6GtWgVFP6IEvFm42cxQ8UJbnYPEzlysRnAfGw7hUxIAYFJqRbon-FHlEc0k_oZKZWdPrb0NJUUEswrpe9Qhd-d0BET8zgzimxMKfmgx7tf9KpYPU_QDrDmS6NKgyQlnfFTyVikDUyYBSLo-OtNjeP2RcV9HOy2OYS1n2zqsEZoVdPJQPzuzv4ksuTJQ5vvw5QoqgDwuEg0en05FFUiq10FhR7jdSxBQnYKtbkL7VNiBOMzjfnEM65ouxMz4Ylk8_5W9iB6kOU1on2AJOIXg7MGjGj7cGV0yoqqf4P-kVh8R05fBIqm9sxPtQpdGDqGw47AODR5YG5McCxToGFd53vBt4qpEDDa2zDbnvBVAEoaBDfOz3ELAW-17axSTr2pbNF5W_EMbmJpVFdEYxH9G4PlO-GJbX3pRNVM-D8FF37qH_fBgTnzhwH3_Cyfo-AutUE_D27li05MYEV9faRI1DhhgU-uux6GQyI9F85TQZJNDqmm8zHaNn_cBMwRTArO803evgW8wMNPB4l2qGh65BmZb4er3CPixO0GHPBclaJKzZk5jVgCA-G-i5O6eMSUDQpZptyuVk6GRiWsGh2SVkZG_uvv9B6_AVjO8aIa9ZR9obXlgm_EdfRdpGle7kEXJCytcmHKO8AzeBfjg34oOMbegCBBi3iD0yiqsT9mCLWomK2C7lzlX13rW3_YIesBnoDUebtcJvVMQEd3I18Z7Bpvs8g_Mxs95NRipPb_Q0Zarv7SR6Yawtu1EbsolFwaMs7pKNQnXVenyyxnmKLwxGZvf1y_q_gihlx3dUVOdSWvG6AL0w_D_FVrXwpx_efvYRdVKiK5hJs4uqqnX1sqzEZKcv8aLhgOXdKPAs0X1FONuAgp0odUE9NpROJnNTWANngWNxOXm3IRo_alWgUnbvOmMry09HLbUZ0q_MSx2ViXpaurL5xt-DdzF2RRzud0rtlQFl2uYAkI3N9-f6r7jgdzjNztslMNy1IeH_7-MZDHDohCiYja9NBvz4U0yBdVsA6hwm9t8s0qnpTLJHYa3UKNdQ1gpIrR4Ldrw1QMHRxvuTpBal0wE5pX1WMNXtSfSzb-VfFgt00Sp2KDznW-9sDsCsetsImwig7mBe0Vwl1g-J_eHN56WolfM&sai=AMfl-YRWDe4y7nJeywaA9zrtD0Ewcn0PUVEUQ1eD3eG_3_mAd0GsJdiuEQ4uB6D3atGAX43w4Wr8v3OLKJcV8z8QOU3OOZ-I1j44EdJXZIsz2vqy0xkiN87CdiiE9Qb7LD6RBKQNKr-xp80J_7tUhGwaAVu5koEF2ZX5hTde7smTu-rC8TqVUNk&sig=Cg0ArKJSzOfllplm7fUyEAE&uach_m=[UACH]&pr=9:AAABh8_1mGH0exkkMkdQNphuls0OByY1yrntcg&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=937&vt=11&dtpt=936&dett=2&cstd=0&cisv=r20230426.26825&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B7YSC3dGILeFHvsEbFEslX_JNHcyrlxoMUXXQaZmwM3DqDPWs24SK_cEtCQ_J-EfH6s-UEq812mlCK8w5V6bSE_ZVWLqdXPGLnJHnwLfKAX6LP3fairxRb9xNGsbww4cbH7NAvgOP07TbrPCNzRvOo64D7oopLBHs-OYszbCreDKY53jo&dbm_d=AKAmf-APZnjP-1R7z2BnnH-gns_dRr9Z0poCY2R7Xn1AMc2IlvMlMs3hXoJL8YnBnUpq4ogWfV47VzAx6OzWc3iRF3kJaa275GzEB6NlHaJz2yFNyj-QV9LwecShrL852ynOB4WI9f65yypW5aB38TnbWdKS3YLxG_zr9f4rCoBZhr7z4LPs9hULEbXYR-b3gaUm14g3RQefGzzS5R1QA8PqtgJjMjj42N57iOPGN5fX5apJxoEpHBWBdcB9peD7XhPra1uOk05jD-uXa1sMDoSnGyj0qoAy7kpAKWYz5J0Qq3USkoKMf2BckVci6Tez24ghEHyKSUkejdwgvvDQ8Ck--Gr2PafccRnAFOWUzBRHqzm1XAJS6Mf-L3IQFzIv-n4jnnWKc6tM0vt_Cx7_rJ8nT41b5LDjrpHu_TR9BDLZWlPa54Bu2EEysf6tTDJt8eHK5VBd7PXC9Hyrw5YkRfLREgLow2vZDURFOTPGyOaeG47jh768-h1_fTPhR05k942BczcetFmCol2w2KN18WqLHSnZdeJaZBxhIQTOicX0l-nxYfxAdiasEHoMKFxfqfLwsyDnBC7iRFRDCOpLdwnZdHF-y643iu7lV4VqBWqE11pRp3eMUQ2RSIHi_y8NF-Ela0XDpVeyLRJ1GXwPM7JfHknvapL35HpZEBLx9JKYXp9O1WGhsPPtUg15b_YSi3Wgaq0FoMukQAZyQPlMECjfjPJ52LtBg4g_XYx6SHFCv1utZ0B8ffx7vcFou2B3Cg4mE3gfOjouJQokMHs_-Gq5O7hfQhQmUOhD9PH8zcrsPqL0liYQRR-jSNByWIYayGQng6vNkaA1siqvd6U3cf1TGEEdgIkPY53yVx0B9fWuupRRBNuNNLq_K3niwMnGOLyynMU_JaHvHkZB3iwfm9aIDfZ1arAwpr0Ozu1tjRWkmy1F50tFQ9AIZccKL7Z9F_QmKBByCktCHJBw92LjXDmsP5MZ8D2HwCbA80If0dOIr72fkIOEofV6yZFiNcELbdPK6q4puprM3z3x2x5xBaKQDPfUtIFnp-GctIic5hCeFjBR_cJMdRU4FXK7_6xubpjBx3IO-2z5a6ynSyHSzjCS5yUY_xt5G6I71Vd5Kevba-7OHIJkKvQT3X6bhHYwD_eR9qalDeaLLGEghKIvQwgQHWOKR0l0_E3P_gQTLNymm_OFhmi4FEUGhTzOkaC1KUsNX8hZhOeUl_fU0IoFIEaygsxxhrcvN12beczavz_lkKTsjHzS1XL8lz2PFQft5WnGXv2HU5FY8RVvH8r7LMuOKSAHwoXv3JYBrSea3knY7-Hvz8Ovc9pkQUS5Ta_6YkAkJRuT8VLVqqnYRLz5cBHviVDhO-_KDoME_pS4Qt-1WHiU0WHGbeEAr2n4XOj1Y-vZIl6cfTEYlzInkO4veR2h38FLLxo0JRGS8TYKu5Bumeq8Mngu5QzpCQl8A51XK6nZ9MfOkhO8mBdAbibxl1TvX43NDZWEMpfdG2NE5SGc6uQE4QyVlt5xtNoZbUS8B9jF066rp94j1uWOqrq3f3GKB1XuQfbtPdm8sI0mDD8TE5EwLZamsKv4QloiE50rO4aC5jO0z3O1dKNKsCajb3ei9BIFxqUsFyLpznk_IxJxzAztN-janzuNegyq_37QK2KPqViVeGN9v3uJZLxWrjDrB_d_CLBqInvwwtaDgaaaBDQleoAOxQArUfCV0pexoiU5ra3V69WF85xCsIOoIuEJXkvp0k48hZeV-kffEico-MEaLEMBFY4-ZOSbfAxchQzp8gfuyFtMCqxyzfrV7AiwezeqZUl-yg_pUhW_5bZQLWu72Y3bY8HiUaTcCSxPQ4NzxhN5Q6IhJeRYDFVX9qSvCHEbXGUPvbKE-TxhCsALc6m9d7YrWB6Y5tRacIN9mEmkAw8K7INONnhdK1sXEWVDFwpYn2y8nJy6jwPyx0XN0ZR6jltatr-_EGtxz5eNznLMmVmvPKeiQBwM2_KAdACZpf2Jo14xgWvQW7cU2wIjoXUod8jEVR3i2SSi20ucVOdbegD3RIz6T52NpV9rMB-4I3O6JtlwPTN8y-f4x22Fs4XXf9wS_KB6HZLRLisiVeSigscFvd2eQCqtv7xBJH3ZzK_hVOYfnn9MkE94C22cT4T3zvFHnpk40DwDMmbCazEcE2-Wz1iq3aqlKvFAFNTrb_erzl-BkD9yfgaq3ML--6a2mOFQOoNkfbcFcqAMyWUVAG6z97CTHFBdzM6AOk06AbQ8qRaW8x5CAZUTugN8FOJ7LuFZFtiJuAVav73GMOJqEv7Hh1x4JZUfvw96UBrkVanjejE6LpL5tGjC9bZycFWOSbcniWhCsN5SiPlZNGqCTxkkDwB8l0yiQ7KyO7l47CbfpvWNCMS-qXTUR2nGKR5hzGR44vGCbNrOTmrxy_Bfw-5qRmi9WOHVKxTw0PiEb66H-QEYv7Oe-75ayRHELJrWITw53o6lCrF6s0L9_qwFrEkMA9RpGfGEtVO5IJggYpd3BlBnEERpzmt6qEQVELqeNT_O1IIBAVGD6lctXvrDfIQ3uA4duFGLkB9gGCpEhCvfDeMBX8wVylZjkrLRrwj99Zl5x57ienj8zT18El07P4rf7AiKcX-6oHGBaGt_zGX-TaNWH0p3yQnZpSBWI95ftWAkW2czUrClanDrfxCmULwo5QTcUUrxtlLczLISzmVv_LCjRdNK5bgA4Yf9zD0rgJnr1X8ptgU5D0WFeDBIVwl8XogWRa5mhe9NlzmpNIymJwV7uW1lydE99fn_3aSjYX8JW7GUTNzhxE1lmChclXiMriJ-oQKqOLth-rhmXnLHGatrjOF5yv0fKS-jKtGD1kjkon4H2_jY3vaV6PE8Wxp0Gzpu_kFSXpaxqy773qhSsZ1romadZDDv9bTdXPQ3tyNG3iTMksIBD_RF0WMOnHOyAkjCT8w_YTaU5U_9mw-6xu2mO2EiP-z5uEFIEwWzJTcLJfWfXvzyFQJHQpGzmZxKdm_cUmZQIcRCFkYFV5aVrcWMZ8L-WfRpfIhLqutzBDc8fPEPX5ymItama2KLsfcyu2wN0K5Mk8gTR7qLzs09IFvUhV2dMtkwxohRlyEeiATA8lWi0xT65rwYmzrBbBbZIrZcoXx3GATGYa4TwqTw0Vj1yxy2HWS0inKrRzyqUuTGj4RjtFnZRewEQBmk1eBJH2ZbuiLW0Dj7UW9QGKoqyKE7Q0_cIBlXTVN2_qDSqEFipzQZ18b81DFHACuMMu3GcaMCeyePaVivP4inYoVBWpMfpu_b0tjUE-8E9TVBzLLhvhgar0-3uZW7px4XCxNtS1_1LLeBjIGiqXlA-tFjPuHaneqTzdA5VCq9-thuppxg5JauPw8kwyVGARNJwtemeMph&pr=9%3AAAABh8_1mGH0exkkMkdQNphuls0OByY1yrntcg&cid=CAQSGwBygQiDM64aC8-NZ0lcpTe959JKkGvi6zH6GhgB&xfc=https%3A%2F%2Fadtelligent-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAZ0cGApUN3VjQ1VGUUVFHBbv292an_v6rvMBFpGz8aKOz7DEygEAHBbQvPKoio_0ppQBFsPAsPC628Px3QEAFo7B7sQMFQYALBwVAgAcFQIAHBUCAAAcJtjUjYQEFQQVBCbW1I2EBBa41I2EBCUCFQKmRhZGFkYWKBYoFigWKBaMAQAcHCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa82ZiABBbEvpuABBb62aSABBaAiKCABBUYHBT0AxTYBAAVBCaMARaMARaMARE1DiaMATQCACwsFrSZ0oy32piKfhaX4fDbkLu7tOkBABaOwe7EDAYovNmYgAQWxL6bgAQWgIiggAQW-tmkgAQYCTQ2OTM2NTgzNxaKxgEWjAElBBZGGAczMjM2NTM0FQKWuoqJAxERGAJPWAx6FPgDFNoEABYCGANydGIA3BsCiB5NTF9GRUVfT1BUSU1JWkVSX0lOU1RBTkNFX1RZUEUFb3RoZXIYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBWZhbHNlAKw4CmZpdmVyci5jb20AAAA&r=&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ds=l&xdt=0&iif=1&cor=4549704372629151000&adk=3855065083&idt=68&cac=0&dtd=60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:58 GMT
match
events-ssc.33across.com/ Frame 6019 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=g&us_privacy=&bidder_id=25&external_user_id=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dg%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 google
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CC5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5213080493894&version=m202301230201&ct=76&x=9&cor=6414366815693711000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.e-planning.net/ Frame 8110 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?uid=3877821143472078157452&dc=4d76b6ce34af74c9&iss=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

server
openresty
date
Sun, 30 Apr 2023 02:19:58 GMT
content-type
image/gif
um
u-iad04.e-planning.net/ Frame 6D6E 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=4e1bf7541f976ee9&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D4e1bf7541f976ee9%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:58 GMT
server
openresty
log
c21lg-d.media.net/ Frame 976F 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=aJ03q2lblIYpBQb_hCmQ40G-6e4d7Jq7&cs=15&vsid=3258227951455735000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=2034%2C2033%2C193%2C2030%2C273%2C233%2C157%2C159%2C236%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C3012%2C244%2C3008%2C2039%2C3007%2C246%2C4%2C203%2C446%2C326%2C9%2C208%2C2055%2C171%2C173%2C294%2C174%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C336%2C3014%2C337%2C338%2C459%2C70%2C77%2C38%2C2022%2C182%2C184%2C261%2C141%2C262%2C186%2C461%2C188%2C222%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C109%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 30 Apr 2023 02:19:58 GMT
csync
sync.adtelligent.com/ Frame 895B 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:57 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
/
pips.taboola.com/ 		64 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
f1fac34e48c936c6bcb5233da4cc47ac3f930c1fcaff2b448bdfc5a87df6a3ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by
cache-yul12834-YUL
date
Sun, 30 Apr 2023 02:19:58 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
index_0_250_00001.ts
streaming.playstream.media/storage/videos/a5301896-69c2-45a9-8679-350f7be44cf6/ 		570 KB
571 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/a5301896-69c2-45a9-8679-350f7be44cf6/index_0_250_00001.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
d92edfbdab8264cef8edeef5841a3cfafcd88bcb13125c9efbc3b8ce55273efe

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 30 Apr 2023 02:19:58 GMT
cdn-edgestorageid
871
cdn-cachedat
04/15/2023 07:26:03
cdn-pullzone
1024237
content-length
583552
last-modified
Sat, 15 Apr 2023 07:14:39 GMT
server
BunnyCDN-IL1-1069
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"643a4edf-8e780"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
17475080ca38546ff1a4bcb05bca8ca1
accept-ranges
bytes
cdn-requestcountrycode
CA
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
setuid
user-sync.adxpremium.services/ Frame 7912
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=d2d93d1c602e460dc29ae395475bcaabc2c75da919be976e4baa4ae8b11c19f1
86 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=d2d93d1c602e460dc29ae395475bcaabc2c75da919be976e4baa4ae8b11c19f1
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:59 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=d2d93d1c602e460dc29ae395475bcaabc2c75da919be976e4baa4ae8b11c19f1
Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame EBD5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8eDRp8jcfbuV0mVg93wOsHjSBOGbcuJyxNybUVBpItX4PspXDGRprNzRni1zjr7PSUEWZEn0rdswRp8C7U4ktHMw5KN_sGLs&sig=Cg0ArKJSzMpMn-F8UGEJEAE&id=lidar2&mcvt=1230&p=0,0,250,300&mtos=1230,1230,1230,1230,1230&tos=1230,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=0&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682821192970&rpt=4274&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:58 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ads.betweendigital.com/ Frame 6A10
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=a26ce991-3c2e-42bd-8480-75de3d4f19e3&user_group=1&ssp=between&bsw_param=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
Date
Sun, 30 Apr 2023 02:19:59 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ads
pubads.g.doubleclick.net/gampad/ Frame 89BF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F157165500%2C78059622%2FMCM_Adsolut_khaleejtimes.com%2FMCM_Adsolut_khaleejtimes.com_GZ_1.7_28.03.2023&description_url=https%3A%2F%2Fkhaleejtimes.com&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=505271407663109&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=580126782&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&media_url=blob%3Ahttps%253a%2F%2Fwww.khaleejtimes.com%2Fba5cf172-bb48-4628-9329-8ded80a36306&sid=A0B4B015-23AF-4368-856E-E2AAEFD21113&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi4o9b__DBIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBi4o9b__DBIAFICCGQSGQoKcHViY2lkLm9yZxi3o9b__DBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuKPW__wwSABSAghk&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&dt=1682821198498&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&scor=4055287058584798&fbidx=-1&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
merge
ce.lijit.com/ Frame 95BE
Redirect Chain
  • https://ap.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
  • https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:58 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
merge
ce.lijit.com/ Frame 9242
Redirect Chain
  • https://ap.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
  • https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:58 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
um
u-iad04.e-planning.net/ Frame 9AF2 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=0855814426be387e&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D0855814426be387e%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:58 GMT
server
openresty
merge
ce.lijit.com/ Frame 57B2 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:58 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ewr1
merge
ce.lijit.com/ Frame 6B32 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:58 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ewr1
merge
ce.lijit.com/ Frame 64C4
Redirect Chain
  • https://ap.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
  • https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:58 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
merge
ce.lijit.com/ Frame 0FDB 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:58 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ewr1
merge
ce.lijit.com/ Frame 1E8D 		43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:58 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ewr1
merge
ce.lijit.com/ Frame 3590
Redirect Chain
  • https://ap.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
  • https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
43 B
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fap.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:58 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/merge?pid=71&3pid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame 37BB 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
281451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:09:07 GMT
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame 4F83 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
281451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:09:07 GMT
csync
sync.adtelligent.com/ Frame 59B0 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:57 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
cksync.php
contextual.media.net/ Frame C420
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LH2SAEWK-1A-5ERB
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LH2SAEWK-1A-5ERB
61 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LH2SAEWK-1A-5ERB
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 30 Apr 2023 02:19:58 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Sun, 30 Apr 2023 02:19:58 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LH2SAEWK-1A-5ERB
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
Expires
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9&uad=87c54129624df1dc07d43d7661b4ae3a2816996d55a888f09d42d13106ecd153&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-store
server
nginx
csync
sync.adtelligent.com/ Frame 5214 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:57 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
csync
sync.adtelligent.com/ Frame 3AFF 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:57 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ Frame E3C0 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 13:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
47631
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126109
x-xss-protection
0
server
cafe
etag
6695821980177688499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sun, 28 Apr 2024 13:06:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame E3C0 		6 KB
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de006225f894ea65b2f9498bd46930a894b18bc0ba0ba73218cd60b448b7d0d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
907
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:58 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E0B0 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
42974
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 14:23:44 GMT
expires
Sun, 28 Apr 2024 14:23:44 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame A363 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWG0TldNF8woOVTTZ3WsfTmSDT8ciScDOZxVMnPIHSwDTtY3GOnkPMeo156UCAfltnAy4IqEgeEhWi18wa5ebbSU72DgD8kKwgjeQm8n6GdE_8NfydU3He_WOxf_KTerNaTojc1M-HEA5m2SjD8kZrnUGwrR0qphxfTypVm1gfvazZ2huw66YlYNL8lFhhBWX6xjotWquokb3F32Spr2ooYRMpxA-i-UyhGwIl-wh0ubRHjZriq5N3sW1SMBZNs7xl0jE8lXHRcUcAFyROPkN4FGpis4TU3Odybme3ZNGX0rWJBigUclI14sxfmqv7dvmQ2SqW85k3vfPwUFKUuV0&sai=AMfl-YRmITTb7LA4nwdtFTjyesifXr_T-K52wNOwfuAxC-b0ki8iGUJ9Mn_kaHf3N1d8yX6h5thPU28T-1-m-sp8zeVtuYGH114j6U42N11Jq_3yWJYR-XaPVnsG_mN98g&sig=Cg0ArKJSzKuAxjGK2UtEEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:58 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6693 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0aP24-9c6TP9UlAioz8FwxZY_-9r0VmNx-Gxf3YvEzUKU0Zvz6iox0G2SpgPGrFXs4SK1w6_LH-hJRExhyjBVd4TrvOYJ3mGPhYgFtBTet-ykOMufxAHRra7QCpcICeHrF3YAJWmeqAY9tI-1G689W88gHXo4RiymtYYPj_orEx0trO16JlKHlCqL4-MYlRKoaSlgfUf4lielGSPAAGkDlsJNW1LJhv_IN9sdYZOvxNGqODlpGi3vPBP_yLaLUKplA5pGPhG8WH9YV-W0i5ONxX1KmJDorhY9zxdZLKdkfEfFaHM1zM_xQLvTCb9Ctt7hL7545pKb1SnvKicoteE&sai=AMfl-YS_q0minbnY_7Ky2dKj5bWw-488eXvPpf46FynaibWcmy8-80BZnHCzCFebOq1UoC5Fx446vOf5tf72aePO__a-lBl5U7-03_9F7z2IplUXnjgeO1D8VFyzVzq0Kw&sig=Cg0ArKJSzBCggKfrvGDTEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Apr 2023 02:19:58 GMT
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame FE2A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
281451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:09:07 GMT
track
track1.aniview.com/ Frame 89BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.khaleejtimes.com&rs=www.khaleejtimes.com&sid=14988&t=1682821193&cip=149.56.153.189&sn=&tgt=5&osv=10&bv=112.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=631834db55e9564951409ee5&test=&d64=5588dfe224885a80108ef8795acc4402&d63=5588dfe224885a80108ef8795acc4402&aafaid=&proto=https&uid=1682821193788-914099371828-001571-011-006544&cha=0.7&stagid=&stplid=&d35=&d36=&cb=41671815981&d39=&d65=&d66=&d73=&apppkg=&d9=0000&d37=realtime&asid=6422909efce73161aa093855%7C64228f48960e1fcac50dedd6&pid=631834db55e9564951409ee5%7C5e7b9048180bd02ded4b0937&cid=633bf016a4c8d47b685fec86%7C6422904273d6a50c1601fe5a&h=8b7c5fccf4b666a57c0dc9a9d998d035a67d31a5&d9=0000&ofpr=[AVC_FLOOR]&imid=5588dfe224885a80108ef8795acc4402_172316024_452424_&e=AdError&prbdres=303
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-215.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
csync
sync.adtelligent.com/ Frame DBE2 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:58 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
csync
sync.adtelligent.com/ Frame 1FDF 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:58 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
SPug
simage4.pubmatic.com/AdServer/ Frame 78A2 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
vast.xml
optimized-by.rubiconproject.com/a/api/ Frame 89BF 		28 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/api/vast.xml?account_id=24872&site_id=441198&zone_id=2820138&size_id=201&width=300&height=250&tg_c.language=&adtype=video&p_aso.video.ext.skip=&p_aso.video.ext.skipdelay=&p_aso.video.maxduration=&p_aso.video.protocols=&rp_schain=1.0,1!playstream.media,1205,1,,,
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.233.2.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-2-249.compute-1.amazonaws.com
Software
nginx/1.21.4 /
Resource Hash
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:59 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/xml
access-control-allow-origin
https://imasdk.googleapis.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
28
expires
Wed, 17 Sep 1975 21:32:10 GMT
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame E0B0 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
281452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:09:07 GMT
sync
vid.vidoomy.com/ Frame DABC 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 02:19:59 GMT
etag
W/"64243ed7-c28e"
last-modified
Wed, 29 Mar 2023 13:36:23 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
HIT
x-77-nzt
AVm7sQ+yjcv/KOwJAA
x-77-nzt-ray
49be1408695552a34fd04d649c7da20e
x-77-pop
newyorkUSNY
x-accel-date
1682170919
x-accel-expires
@1683207719
x-age
650280
x-cache
HIT
csync
sync.adtelligent.com/ Frame 8405 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:58 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
bulk
trc.taboola.com/khaleejtimesmena-p13238197/log/3/ 		0
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/khaleejtimesmena-p13238197/log/3/bulk?route=US%3AUS%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230427-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
12
pragma
no-cache
date
Sun, 30 Apr 2023 02:19:59 GMT
via
1.1 varnish
x-served-by
cache-yul12823-YUL
server
nginx
x-timer
S1682821199.264477,VS0,VE12
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.khaleejtimes.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
track
track1.aniview.com/ Frame 89BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.khaleejtimes.com&rs=www.khaleejtimes.com&sid=14988&t=1682821193&cip=149.56.153.189&sn=&tgt=5&osv=10&bv=112.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=631834db55e9564951409ee5&test=&d64=5588dfe224885a80108ef8795acc4402&d63=5588dfe224885a80108ef8795acc4402&aafaid=&proto=https&uid=1682821193788-914099371828-001571-011-006544&cha=0.7&stagid=&stplid=&d35=&d36=&cb=41671815981&d39=&d65=&d66=&d73=&apppkg=&d9=0000&d37=realtime&asid=6422909efce73161aa093855%7C64228e272768c0311c0a9009&pid=631834db55e9564951409ee5%7C5e7b9048180bd02ded4b0937&cid=633bf016a4c8d47b685fec86%7C6422904273d6a50c1601fe5a&h=8b7c5fccf4b666a57c0dc9a9d998d035a67d31a5&d9=0000&imid=5588dfe224885a80108ef8795acc4402_172316024_452425_&e=AdError&prbdres=303
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-215.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:59 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
integrator.js
adservice.google.ca/adsid/ Frame E3C0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E3C0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E3C0 		44 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2268110727227082&correlator=3692192054992742&eid=31072019&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fif&us_privacy=1---&iu_parts=22824150463%2CKhaleejtimes%2Cadgebra_adx_khaleejtimes_en_728X90_intl_in-imaged&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x66%7C970x90&ifi=1&adks=1868347343&sfv=1-0-40&eri=4&sc=1&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&cdm=www.khaleejtimes.com&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&abxe=1&dt=1682821199366&dlt=1682821197153&idt=1939&adxs=126&adys=5471&biw=1600&bih=1200&isw=970&ish=130&scr_x=0&scr_y=0&btvi=1&ucis=efrt5z7rohtx&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2F&loc=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&top=www.khaleejtimes.com&frm=23&vis=1&psz=970x-1&msz=970x-1&fws=260&ohw=954&ea=0&ga_vid=2080641419.1682821189&ga_sid=1682821199&ga_hid=1427032513&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRj1sNb__DBIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAM2M0YTQwNTFhYzJmNjQyNGU4YTg2ODU1NjlhYzE2ZDUzOTM4ZmUzOWExYzQxNjc3YjMwMWM2ZjM3ODM4MjVjYRjtsdb__DBIABIZCgpwdWJjaWQub3JnGM2o1v_8MEgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRi4o9b__DBIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e58004dda4a2d386f4ae995998ac168b98d2cc9130f4c1d5949f1ac18711783f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10842
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E3C0 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b5042dabe64b73275988334b34cf766353e02d2123a46427898356e70e1f133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11367
x-xss-protection
0
container.html
571f75a79109ac4f392f762d2acb3a54.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 16A8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://571f75a79109ac4f392f762d2acb3a54.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:59 GMT
expires
Mon, 29 Apr 2024 02:19:59 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 89BF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22059416475%2C78059622%2Fkhaleejtimes.com_PS_MCM_2.5_28.03.2023&description_url=https%3A%2F%2Fkhaleejtimes.com&tfcd=0&npa=0&sz=1x1%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=505271407663109&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=580126782&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&media_url=blob%3Ahttps%253a%2F%2Fwww.khaleejtimes.com%2Fba5cf172-bb48-4628-9329-8ded80a36306&sid=A0B4B015-23AF-4368-856E-E2AAEFD21113&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi4o9b__DBIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBi4o9b__DBIAFICCGQSGQoKcHViY2lkLm9yZxi3o9b__DBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuKPW__wwSABSAghk&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&dt=1682821199425&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&scor=4055287058584798&fbidx=-1&ged=ve4_td11_tt7_pd11_la11000_er1223.1160.1473.1460_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EBD5 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9523759043747&version=m202301230201&ct=76&x=9&cor=11977372721605669000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 766C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6864495078764&version=m202301230201&ct=76&x=9&cor=8905270053501222000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
user-sync.adxpremium.services/ Frame 7912
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZE3QSKiBZz7mrFv9ttLKygAA%261459
86 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZE3QSKiBZz7mrFv9ttLKygAA%261459
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:59 GMT
content-length
86
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:19:59 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZE3QSKiBZz7mrFv9ttLKygAA%261459
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E3C0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 02:19:59 GMT
81f9f7e0-e6fd-11ed-86e0-002590c0647c
an.yandex.ru/mapuid/adsniperis/ Frame 6A10
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARjQoLeiBqIBEIH59-Dm_RHthuAAJZDAZHw*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=81f9f7e0-e6fd-11ed-86e0-002590c0647c
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=81f9f7e0-e6fd-11ed-86e0-002590c0647c&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=zVmPme1APYRgJ8ax%2FzMZcg&
  • https://an.yandex.ru/mapuid/adsniperis/81f9f7e0-e6fd-11ed-86e0-002590c0647c
  • https://an.yandex.ru/mapuid/adsniperis/81f9f7e0-e6fd-11ed-86e0-002590c0647c?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adsniperis/81f9f7e0-e6fd-11ed-86e0-002590c0647c?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 30 Apr 2023 02:20:01 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 30 Apr 2023 02:20:01 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 30 Apr 2023 02:20:01 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/adsniperis/81f9f7e0-e6fd-11ed-86e0-002590c0647c?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 30 Apr 2023 02:20:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8BB8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQR5NSNBNZLGxM7eSzwXOl4DACQAAAAA4AeAEAg&bg=!qaqlqv7NAAb9Sbh13Uk7ADkAdvg8Wn8GYVb0mmoxat0-w6mQebk8f6MRmgudcbpW8t6dJIlsS2_LT6Fb9lisaJd0fq3jbv5QRFwCAAAEF1IAAAADaAEHmQMmaKBT3kHVtQt3aBLiT2R13vl2uOKmiRh90d_3BYmul8e1qK8mbkfGcybpKJxKbpcKeEkKAyUjqw3aP-u22ozTotPGZJ0T7FpnNbE5pXSAK9BNJrL4iA0yTHl8j5tndVt4a2QoEsXVRBZDPyOJX3A75mz7XlTBVnoqKU5Q-0qEduDkqN7H8zV-xfqsio30JjE4BL5w78aMY6DO_pvlQH9A6bhzprvbST67tJ-iR28Cfi_enmnxADBTbpKizZJ4wRwiNpksnex3xbfGZkamkMmK4BfMRohnRJRkBH974K4Zf0TPDxbkmu0Qs8hI_9mW-G5SSCDPL57b0t3B6ujOWjEvEtYvqMww9qJCiBnnQLXtRHsK3RjW0xwiO_Z73qGeEosvZKBQBOlgjFCK3K6I2mYQwo4fulXtAxogVsArLV0XhTEIYNcwdgq0V2mbHCu7SrktFrgp1nscUOKOznnbqMkEHDpuHfxIEDs9XdvNSWdtM2MVSQKNgol7Mc24keqVWN7h4fdRx99rjpf2oC7drS4bZNFR4WlKxDBo69DCGqiaEY-Kj7-QXWaULmOQ4lygPcr2ivw-q-ULJVcWPH-jx2QHXXWL_eGx5Cl-5MxD_8zhfQJyy547sNVWbsCgl0D408GJ8WfCFHWLjR5JkmC3VANgDXi7sxhg9FECiC3J3HAdoe-xSm6DwqQTKDtg7HjdRXzmV-agMDiPVFhHFYQ4ywTEmkDXe8xDsS3zIfVLAna2dNILBXFKQddnaxlW7xOYhuQMiGot1PZzvgt2IyadpOam6PlFnw6ruLoNzAdUPuRwoTHK4aT61c13U7FME8UG0CEYGUK2EqdFXlLsN8g7HkYqn7bZwJUjw752Y6rzuT_YncXmUTlpSUKLNBUX6KbopCGdkswFW2T9pT5JGJCuuzUcNrZ1Liez4Xm9yt72qPwEvrdI1cAS4C4cUbI3ds__7zYGVPrK4qALkzzId9jNWBGp0PSFFbkU74nemLpjYU8DS8f-VqxwutvSDihjtp6Uc2aRtjdNP8IGG4lPOHs0hLT9vU0MAJUDawyUw5GNvL3g0LHOCkxMXKc
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ Frame 89BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.khaleejtimes.com&rs=www.khaleejtimes.com&sid=14988&t=1682821193&cip=149.56.153.189&sn=&tgt=5&osv=10&bv=112.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=631834db55e9564951409ee5&test=&d64=5588dfe224885a80108ef8795acc4402&d63=5588dfe224885a80108ef8795acc4402&aafaid=&proto=https&uid=1682821193788-914099371828-001571-011-006544&cha=0.7&stagid=&stplid=&d35=&d36=&cb=41671815981&d39=&d65=&d66=&d73=&apppkg=&d9=0000&d37=realtime&asid=6422909efce73161aa093855%7C64228b220d95186c7d051f25&pid=631834db55e9564951409ee5%7C5e7b9048180bd02ded4b0937&cid=633bf016a4c8d47b685fec86%7C6422904273d6a50c1601fe5a&h=8b7c5fccf4b666a57c0dc9a9d998d035a67d31a5&d9=0000&ofpr=[AVC_FLOOR]&imid=5588dfe224885a80108ef8795acc4402_172316024_452426_&e=AdError&prbdres=303
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-215.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:59 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E02 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwfmwSdBNZOWFCsmI_gTrxLe4DQAAAAA4AeAEAg&bg=!OzilOGzNAAb9Sbh13Uk7ADkAdvg8WkW9mnis_WhYuVVYFgKsnlgI2w_Oi-wLcFG-6dvp8TEqUkxpiTP842arVPvVn4wcgJKnFkECAAADr1IAAAADaAEHmQMzadJxSv9NJ0gVnmzdtVsRJtD7t5Xdelh9l3u46Bod2O99RQcmP-isVLVF6NW562wxw2amKC-POfTtwxoSMFGtlm3570MZE_i3tENTdmotxZFA_P0LLuZJ2tO72HUu6-zfnqcvvaDBDQ5pe0g7A5Cj_cQqQ79eUEr68EabtApdMlmXmtGBAouzsIBSJzChuDtFDFcuXDqPrPKywzyV530_B2U6aqkhmQsgT0efM8vzhv9fivmgoj4cSP1GZtl0FjuhX2GSjZ9s_J30vIrx7ReowyfkXNKyDujclQ0Ud9DtHXDGrZdnGEj_zmATyEjJ8d99Ct-bsr34_k48odGCmao4d5dKspuOWLbGVBDUFDxW68KNXi4vziCSlCDsMjvLGus8RzjmWGcnxVFj0AO2ixF8_Oare6qOCor3wPXoaFMEmT9dDf6Hq01wNaTMrF4A6IGhiQeZkmbG1cubnq3y7IziR_utfmUKRkl5tYFHKpRZ8tcode_nQSkUA3al67Yb8AU3SbmctD65QLzHze4wxE8QdpEdWuA0AXYtP5u3dbBsyVPb1kaWVyk4tVhq_T_TwfRqWJZwwByMXBC3xBEfq6vrOtxB9sFjJsPcA4Ujf6geL-EPIFtR_ti3H8EetEEFHqTvrIDv8Un-TB7_7l8NaCuSCshFbpSPnn0zBRjgG5k5rYR-f8ZP79ndAvgcm2nKP8rkCu3cMEFISTivTMOK93siyxqjpoTrdg8JI71PvKfkgJzke8Da91wu8sJLpcvMhvtb9Xw3HebyrEq70BUIzynxcdKMCWlPOvDA91pi5mRLMIX35MwFvH-u7tl-1t-dNhVXVAxS-IOaKFSpwEpSpe9Ulcq_zZzJRxmlVmMveakTGusHUQBdrnKvM2Mq9aCVdFjXmgC7KXYyAh9OTnmyTiE_3yUxB-K4k5U8Du42Y3ygbc0ya0n2fN9bsrlI16S8BuwnGCMJ-l13KNHHxhusHCp7yOFsfnxBMA-hq7dvGyS2iN339ae1KxbiAd-J2AZIrTHOdr3wRWQn13sBz-KIt4_ihZpvzqBIeGFQysuFcTpC8rZFUtZEPCQDYtsW1yRXfr_oAS_U
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csync
sync.adtelligent.com/ Frame 6BC3 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:58 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
um
u-iad04.e-planning.net/ Frame 0EAC 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=ab9c2de71df9c853&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:59 GMT
server
openresty
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA8E 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1056419815756&version=m202301230201&ct=76&x=9&cor=17382755063370142000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 89BF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22059416475%2C78059622%2Fkhaleejtimes.com_PS_MCM_2_28.03.2023&description_url=https%3A%2F%2Fkhaleejtimes.com&tfcd=0&npa=0&sz=1x1%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=505271407663109&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=580126782&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&media_url=blob%3Ahttps%253a%2F%2Fwww.khaleejtimes.com%2Fba5cf172-bb48-4628-9329-8ded80a36306&sid=A0B4B015-23AF-4368-856E-E2AAEFD21113&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi4o9b__DBIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBi4o9b__DBIAFICCGQSGQoKcHViY2lkLm9yZxi3o9b__DBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuKPW__wwSABSAghk&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&dt=1682821199793&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&scor=4055287058584798&fbidx=-1&ged=ve4_td12_tt8_pd12_la12000_er1223.1160.1473.1460_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:19:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D96C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
22108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 20:11:31 GMT
expires
Sun, 28 Apr 2024 20:11:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 43D4 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9fd54de18bd55a2aa05527be682472a3f745643b68fb94853642e49238c748d9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wHRkbv2kVZ-XHbKzhOxB2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-wHRkbv2kVZ-XHbKzhOxB2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:59 GMT
expires
Sun, 30 Apr 2023 02:19:59 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
widgetv3.html
cdn.izooto.com/newshub/ 		77 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.izooto.com/newshub/widgetv3.html?v=1
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82c6f455e3ce5a6f7baa8fe7797a342cdebd548abaaaa22fc9779eb97cca6a66
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 30 Apr 2023 02:19:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 27 Apr 2023 11:40:18 GMT
server
cloudflare
age
219016
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=2678400
cf-ray
7bfc4d936bfc4bd0-YUL
x-xss-protection
1; mode=block
expires
Wed, 31 May 2023 02:19:59 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ Frame E3C0 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:08:09 GMT
via
1.1 google
age
710
x-guploader-uploadid
ADPycdtSPR5EFI59DLvtoFbk3D9j6Rnv1lJT1I9GKWSWiciGYWlI1ssKOYSPM-e_OxuMnf707Dt74CsSDO8ic6jmk50KdV48ISPW
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Sun, 30 Apr 2023 03:08:09 GMT
esp.js
oa.openxcdn.net/ Frame E3C0 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 23:36:41 GMT
content-encoding
gzip
age
873798
x-guploader-uploadid
ADPycdtN0isEc5QSyz-7igCp3CdeQ5DOCcg6MFW504fz-H4BXTZsQLogi-2JnB1NeYZfqyAqxkhypOs108gwREU1dCrhEg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 18 Apr 2024 23:36:41 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032304241924000/ Frame C007 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5de908ba97e78d441fc38fc0e381f4b06f411a0ff4446f4802d07ea8d2109dc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 16:52:33 GMT
age
34046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61891
x-xss-protection
0
server
sffe
etag
"641e472bee6cd53d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 16:52:33 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032304241924000/v0/ Frame C007 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
726aa459952b3019a13f4a978d8d21f5c15079037f5fadc1f19c274a72c836e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Apr 2023 23:10:31 GMT
age
356968
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5223
x-xss-protection
0
server
sffe
etag
"e0bd0d1b2f2bac99"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 24 Apr 2024 23:10:31 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032304241924000/v0/ Frame C007 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2215854f8c60c26080b0ecac5547a785dcb4c781c46f7e9dd790f111fe4e2fa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 07:09:39 GMT
age
69020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28885
x-xss-protection
0
server
sffe
etag
"131b28345f843a10"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 07:09:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032304241924000/v0/ Frame C007 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36072157fc42d186866f4a3b9c31a9d40d2028b72e4f7962e47d97cb00df909b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 07:15:32 GMT
age
68667
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1918
x-xss-protection
0
server
sffe
etag
"ddef4397e6682782"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 07:15:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032304241924000/v0/ Frame C007 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032304241924000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d708d6c0dc63199b60c859d18b67ca31990f854c8b70c745bc06a1a951c1ac56
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 29 Apr 2023 17:26:18 GMT
age
32021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12936
x-xss-protection
0
server
sffe
etag
"5876171460beeae3"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 28 Apr 2024 17:26:18 GMT
truncated
/ Frame C007 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2deeac045484f266b07301af141d0c16c19e80712f590aafadd72771c3a35937

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
7889610538740871403
tpc.googlesyndication.com/simgad/ Frame C007 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7889610538740871403?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmPgJ0DgqXoO2CzAdmIQv175dmvcw
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32af4b17e7758d6136775ea55c527bd1c6d50acae2882753af31a5b281925a6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:07:50 GMT
x-content-type-options
nosniff
age
33129
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7667
x-xss-protection
0
last-modified
Tue, 17 May 2022 18:55:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 17:07:50 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C007 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:32:28 GMT
x-content-type-options
nosniff
server
cafe
age
31651
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 30 Apr 2023 17:32:28 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C007 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 16:19:05 GMT
x-content-type-options
nosniff
server
cafe
age
36054
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 30 Apr 2023 16:19:05 GMT
l
www.google.com/ads/measurement/ Frame C007 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAYdi6VYS_MHoKsSSOsylQonpYO1FPxVD8gbhrLGheXV-TNErgqQGiTkhXEnNNwPHsaJCqNkcY0cUo9Pg8aIQ6gVplcw
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C007 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuGKST9BNZIHqGf-ioPwP6_CKqAzL7_HSb8DKt6PbEMrpueKIMhABIOvxtpYBYP3oooHwA6AB9-KbtCjIAQLgAgCoAwHIAwiqBPkBT9C60tWFw_TORvGLF3uXb-TROyvgkpShI28HY8qLiZiKUDh230AlCdm7fb__0EEv_2kJPdhQsBzyV4cSpaP1W4hbAhq2gw5Cg9zD6ElP8vk9oQKFJsRpMvagx7DhrcXwvtJCoZYWu8AJDjvBKKZLKMK9C1VGRQsBUJUPSWo0Qrs5UgsIOkKulLX17mBpGTLJc58c_rxSryaLIjCK7HiFtnoJgLCnBpK8anFuXu6Dwdu61D5Pdxv7EMcum6gLRn2DH3TCqzZU4AdWeB27Mh2nJMBZl8Lug3mO5dHMK5L6agd5nQo1qxWVAYYQwodN3CztO1ADop9HyCI0wATnzsCIlATgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAH95rskwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDIrxLSCA8IgGEQARgdMgKKAjoCgECACgPICwHYEw3QFQGAFwGyFx8KHQgAEhRwdWItODIyODY5NTY5MTk1MzI4NhiGh4sB&sigh=Tkq9a7aJtTs&uach_m=[UACH]&cid=CAQSOwBygQiDXDrLobL5iCwyiR7UW6hb1WmFN2leTc8vKVu8f_4PyZcZTYN14DNhs1NO_QpxBgnlfKksTrWDGAE
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame CEB9 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:19:59 GMT
Etag
8cb866ad2d5caa65
Server
Adtelligent
um
u-iad04.e-planning.net/ Frame 76BA 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=ab9c2de71df9c853&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dab9c2de71df9c853%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
image/gif
date
Sun, 30 Apr 2023 02:19:59 GMT
server
openresty
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9754 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112328
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:19:59 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37BB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Ba3MKStBNZKVix5XJA4iJqIAPAAAAADgB4AQC&bg=!7u2l7bnNAAb9Sbh13Uk7ADkAdvg8WkPM4uOwjUVW7eK0cN7sICKOmvwaqFA-doyOQ_d33sMQIzfVRR_kuvLUkqx9eVvvPYz_VmMCAAAC-1IAAAAEaAEHmQMqzRkHDdvKU8cysBaYabdGt6P4k8DXPvl9Sq2W77TqZMIMqMUvzCNn3yZiwYgzqfMpVXIRirSQfVJZbyyLhT69nela7YNDurgHO12sxgAdkNB2yaCr_UN9puFaO3kr8-vRTvzzyKilr_KWtonDdQ_9dBwWk8W2rV2L-jl0dklYHF_hvIKTt3CoSBGVp8_pK2DecGufJlNy0YjC0f4ccIG6htT_ZdBunhY7z0s0zOsXpkOFPH22r8KXPTjQw9zabwrRcTKM14cVnL0t2i81ANsuYCDls7CJU-HSWYytXHqSKbKkmCkV2ucVUkQygqN_laCVMRnEC6-GUCvC1Wq1A_66PwXGh6Kd1v5L4r6S3bobuuQ9HZiA70qW6jSUsISLk9s7Xr3w8hWX3IQU8Hmen9fnrxLeCNpgh77wGIxHldptSyUQAQPFRO49UHOaIOvgFwwN8oh660GEoaw1q6DkGqRA6lTqU5QDa8Kq8x2S3E9SlStMWGYrApVcs8O5K4PDQ7_mkwRJsJaNqul_zwNUf-dSCru0p3Z8N3M5L3ztqhTKsRcM9RecBMUj5lYj2zPddQUHsRdNUTdTIBh8H8Lb1Iu3-MfEkwK7Rg2z9dnLiUDUh1-urGx1WWHwCOiNCZ867LKW6kgfWW3deRczOzAahyLyXjH6dMkC7FstcvMYwiTso5UtHLlC-2AoOjuk1zjIWYFh6ATxu63QPPz8rPjXTWLH7tXowr_BwzaO4lqy131-PoqhURy8RFcyAX5IfhtNIW5xa3SJeILKukJ-ZlWAnSNaiiPEjXCacPtq1Mxl6HpTn4mJjVVO0ynIAYwdPWmGwMQ5i1kusmrVg_L_DwN6IrKh2kdJGkugDLyMfevGERfVKlWzXewwpR1JOoW7nm521-CyHh7BeHET2IMJgrfEM8DAerIlnQzvPf56GLG8BL0oHIPCfHWkLzVVyCzdNiJdlDOZMzzuWStcSoktxL3xpMx6gHnQVl6PUV9wPV1pE0c4TO5H-olIQwoSrwqxUIrL93uOmGvimqd4LYIqvasLq1qqqiUSYwl7WapvZMMGhF4sI7vRXSt1HdOBJBh4
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:19:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A363 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5bBI2BBBvLzTTZy9nbOWMwXED7vOZ4oez99ylmKV2Xf7ttC0UG0hsjw52I0qfS5GFn3MWw6pEAR8CB-bU3eL-fywKLj5IyQt0jnWQ-iXzvc5O7o8t&sig=Cg0ArKJSzN6wxW9ztBIbEAE&id=lidar2&mcvt=1097&p=568,1167,818,1467&mtos=1097,1097,1097,1097,1097&tos=1097,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1887997246&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682821191417&rpt=7371&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2.svg
cdn.izooto.com/newshub/icons/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.izooto.com/newshub/icons/2.svg
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1586e3e7788650f30f89a20dceed83d2928d6c43fbf198d06bd249497dfa273e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Nov 2021 11:43:32 GMT
server
cloudflare
age
225506
etag
W/"61963c64-142a"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=1382400
cf-ray
7bfc4d946c82ecfa-YUL
x-xss-protection
1; mode=block
expires
Tue, 16 May 2023 02:20:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E255 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5219506397918&version=m202301230201&ct=76&x=9&cor=8602326844081805000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4F83 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfvJXStBNZIBFgpqjBpvDiuAEAAAAADgB4AQC&bg=!Xl2lXQnNAAb9Sbh13Uk7ADkAdvg8WpizkV2H36JGgik6P61o-V6KvLLq1xQu62ZxnZZJy_qccaDBwEqj1iKjKXvT9X1q_eGIzEsCAAADRlIAAAAEaAEHCgAU0teUFEHkU0ujtgZA25xsLF8HQvOZAxp-sUs8v1UMYxq-FtUULbzibCeB2gpN_a49QB5dJCpCCXiYOenJXsmRS683UUDzW5sXL84Y2lLs_oh3_Upa2DNgO3qtr6K2tKhpxPwxzxanjFJkfF93TIRWZnPR-BtgOyXDuUjEdvr360P3tFY6cAJQIha6QjCoHI5eo7zGY9H5WVE-uNfGVVh1oVyYcMdfCbLLnVMRNsgavAWoG0cE-hNurOVu_WGIrur8oUDitvP2iGaP8pZpljOr_-G5C9Wrscnt3slIP3J62nj6UJgavuR_lHhAgnf5U3mdC32iSgJDwf9IZi1RtJ9SsS15SZBpyoprLIb2zH0emUh9WdCW79B-hw5nwSBTIqzw4-y5uvp28pJPv4ORkpxrzX87g7byczsYq2lv-Ypil3zCkXMAGF2787nIswkGWAOBYeXXbDi_GAuxxnwDe1H6j4gnGiTR0ZedqrXqGZshIAWUxmdDsQ6wb5UMMfJRdxkVKCEm4-x3K4ViSjoZKVsEFsyU_Ow7ExOZTAbGKyfbCPMcR9McP7vmJ7h8u49s88WZN2CIiseHGAOZ1vRNJx2O_yydeN9xCJo-mDsjGoVJ4zNtcnfzWF02bvno0AZlPhSoH2nsuVwacllzhZymivdzwcFRuTXGrONzoCNpLuUgBPjiNTZg2b2wy3lEAySgTtD-G_OPyXhcz6IBDReqz2464J-JX5irrM_1C6xsHufmLm9Uh_IP5vskhiXiH8ud7vU3niEduXPTGu936ngAbSu64G_4JhQqSp7QsLqg2d16A-MozpOuxikkXbZgqLRZxFUMZsg8vgFkdZPjYScDhniBIcYR6UOGfzLAGFCbMXZ1Htmlhnwko1lBIjU31m3mzg_35ezvKFMBErTOVl1wgjRDyqRIY4GrTgQq15rn55-WsKKAjLI1PrJXqFVg8Ikdorac4Y5ObX3B4ydMifVYa4_Cyhlf57qfHfJHgBAVbJwD8SfnS5WDGDcNrgKDM5AELrtsFhNzJ1yGybhVjzv3IDD8jUTCqgA099RQxPzV-X5Ohtp69mY_xiPShOaAIz1yEgRg7g
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/ Frame 89BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.khaleejtimes.com&rs=www.khaleejtimes.com&sid=14988&t=1682821193&cip=149.56.153.189&sn=&tgt=5&osv=10&bv=112.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=631834db55e9564951409ee5&test=&d64=5588dfe224885a80108ef8795acc4402&d63=5588dfe224885a80108ef8795acc4402&aafaid=&proto=https&uid=1682821193788-914099371828-001571-011-006544&cha=0.7&stagid=&stplid=&d35=&d36=&cb=41671815981&d39=&d65=&d66=&d73=&apppkg=&d9=0000&d37=realtime&asid=6422909efce73161aa093855%7C64228afb1b07c872200fcac6&pid=631834db55e9564951409ee5%7C5e7b9048180bd02ded4b0937&cid=633bf016a4c8d47b685fec86%7C6422904273d6a50c1601fe5a&h=8b7c5fccf4b666a57c0dc9a9d998d035a67d31a5&d9=0000&ofpr=[AVC_FLOOR]&imid=5588dfe224885a80108ef8795acc4402_172316024_452427_&e=AdError&prbdres=303
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-215.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2D4 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2392993802319&version=m202301230201&ct=76&x=9&cor=4549704372629151000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FE2A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BF60sStBNZJrcJpGnowbZhpAgAAAAADgB4AQC&bg=!oKOlo_fNAAb9Sbh13Uk7ADkAdvg8Wnky70t1JkFpiNjyjQTIcZbQXVbJqbpxpATiL3XkTcO09Cd53LCKbVulGt_HQe-Z6HvTN6ACAAADOlIAAAAEaAEHCgBdi7dJDNZFJoeIEb-75QVKuH_cdln4wctriaemVhsqqcyrsVFQRDsy5iy6VTNU_cr1qLDmehhUu5Qo6plNMvdgJ5DQXpw6tLovZWYUztcP1Ymee6HNeUDLiic-rZVNmQMofs2Kx320V-V3bqOSRNwVLSkJRnpdo94aD3e2aNhEHe5BBQB6QtjYbm-qiEOmCb4RS5G10c5sLO4q1aionYLfLc84fF1z8GQHX50SUqlJA5n97sRFZjRYDOdwKf-qMIvGIh38D7KsOj9XJnE_jQ9H9q7FtA3ClRVpYGJeYiwjIeI8MUBDg_ny-ff1tNTlNv5mpumfx-k8TNHAe0itKcZYQDNWMMt0SMmMws6GzYVLUAFXQ1AliJybi2-sYyt23w9LXwmVMt056q_T61I_jgDaHtsUeq_qLvabAWjH7OVhSVKqNEvPeScxWzEB5aJyj2GNvWXkouaZtvU_bKnNeYWyaFBmzY3DDl1vnwEwHXTsHpGNrWb9T_ZD_DSmzGYuOnkWMhXIbP2lbtSHfpPV4ReykYO_JmGcpC-Q_Rgyi3PgMqsIYX9Vh9pxq5svPdX3MhNITm2P4SFHcmtFCvDc7MsVU90u61lN_dltfZIMyiTIfHsjkwRc4rVLHV2jFnbo3Rl_Ny8KdjZ9seXGWYh_ROe66Yu9PV0xl6BzdeyiF2LsISTKbQEWvkeNslABACTmFtX2cD9QqcVnHyxnFVSyISUhyF5mxjlILyiSTKUre58B5aRePYYHPcYf0i1AU7bxZ--m3UhKjgG-9aC9dFKss66JuP2vjlpbSdhUDvRNWXPR3Jn5OykLBDlLP9Kqkw1j9CP_dUlzc2T_q14uhBjR30xAJOY2Ehw4lk4T01usEr0WE2jhjI-w1YMN6Ng1jM1RVlxhbB03SxJvx324Xinwi9jbxqHlgzAuyC932Ee6mtlakgJlGWIgrW2LFkArJiYMXkKKTmHu7IXWj16cdtBbO7vKvL3DqibI3XWkJgPd_NQd2HQRPYIt735KKr5T3znrxs7sD8j9hJeKHT6I_2-iRCn5pq3PeCV10djkitDMccOIhLGa9J6UPKWQVaNovPxgYujh5WPLs4hiqEq7GQWUehO94sv9txcXkEusijYuUVnd9ZIZHIcuusMlO9nsjKuypiMlPgg6Yr3p12kA5-LFjHgZfJRVJt58qEFgzeQ1JJIdipkXV0NPu2S7VA
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
encrypt
esp.rtbhouse.com/ Frame E3C0 		285 B
380 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
970ee3ebedf4c26802bd44bb57773452c22273a2eb38e4d9947c3e756ee4f01c

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
77d569ed13e0716103339c106d4ddbfe
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.khaleejtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.khaleejtimes.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 30 Apr 2023 02:20:00 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
66eceb91a75618605156245716bb0f48
sodar
pagead2.googlesyndication.com/pagead/ Frame 43D4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250101&jk=2268110727227082&rc=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
setuid
user-sync.adxpremium.services/ Frame 7912
Redirect Chain
  • https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=GkJrZBZH2ygXJcZOSOi_0W40
86 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=GkJrZBZH2ygXJcZOSOi_0W40
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
content-length
86
content-type
image/png

Redirect headers

Date
Sun, 30 Apr 2023 02:20:00 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=GkJrZBZH2ygXJcZOSOi_0W40
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
ads
pubads.g.doubleclick.net/gampad/ Frame 89BF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F106213651%2C78059622%2FAM%2FAM_Vid_1.5_khaleejtimes.com_28.03.2023&description_url=https%3A%2F%2Fwww.khaleejtimes.com%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=505271407663109&sdkv=h.3.569.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=580126782&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.569.0&media_url=blob%3Ahttps%253a%2F%2Fwww.khaleejtimes.com%2Fba5cf172-bb48-4628-9329-8ded80a36306&sid=A0B4B015-23AF-4368-856E-E2AAEFD21113&a3p=EhkKCnVpZGFwaS5jb20YuKPW__wwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi4o9b__DBIAFICCGQSHAoNY3J3ZGNudHJsLm5ldBi4o9b__DBIAFICCGQSGQoKcHViY2lkLm9yZxi3o9b__DBIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuKPW__wwSABSAghk&nel=0&eid=44765701%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&dt=1682821200202&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&scor=4055287058584798&fbidx=-1&ged=ve4_td12_tt8_pd12_la12000_er1223.1160.1473.1460_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
user-sync.adxpremium.services/ Frame D574 		86 B
960 B 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
86
content-type
image/png
date
Sun, 30 Apr 2023 02:20:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E0B0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bn_sBTNBNZOGNCJKmzgWqx4zgCQAAAAA4AeAEAg&bg=!ZmWlZTHNAAb9Sbh13Uk7ADkAdvg8WmamVk4mLzLIvazH9wDTgG3Qo5o22Lx0OUAvWR7Hah_O_784d0-J5BLUR7Vtl0rPLXpIVt0CAAADFlIAAAAEaAEHmQMq1wfm5qx0DbGFca5hisDuAr2GPN7xnKl3426wUsOGs9BnjT-5Fod63ZnUT3Eb12iIuemox4GZ1JeTG342T5270NiGEoDProRF5wTbOjRKpzU90W-6jAZ9DqCPB10GCMDRNDVXbkCKqM4V1IPXywvzlHhREyp4WZRiNxGFTotlE7BQlEh57ILaLBwOvhkgvg6H3fCuNUMc7eLEaCEYEQ-HHaCd4sKC2fMfCnPj9wjP8axcAeBaXCi1TPGKcQXzAjlSS6mbYpG3x9sJklcNIh1juLhMLIrZOr_4e6Je-aPrrGkT6mVBQJmIZ5FbwK0VkrdMRySSzq5jmtf01-eEuT0jqiCijaiNF4_xOp3lkDWFx66RLzPZfQARgUFQirwZTy4K-S2V09VV9Ggou7eOGDiBjsVLlBwY2aEXsaH849JxzDhofAi1t0LBorrx2nZ4p8oXPCSOLDcbYOIJ4ZisOxiASQiUk7a7duy4BOPlDYGDDnA4yXmME4EpKTUi-pnfKbrNHqaFSSrH-pKVQTlsk-_TSGrBz9ixV7RMRrrf7Z8wMGDBCxEazbRcuJeN4lQ_DiamJqouyml3OpKbqUe76u8zYuqHZ-yNu_GjZemIgBirBqdMNcfO6drdGwdmMwo63Od_8bUDAIesGZY1FYRCJwFxNqtRLIiVwItkgLklzTu9NSyc0tzp4xxLK8U8H_k0Hb9gXvge-DW9MlQWCSUgtAstV-DhSVvAjKOyuVUWpUa7syfcIbi1wFhgvUIUtI-_KP9CrALIQq0HC5IdsOGH_EftY1F3XSJ7aOnYjoleQYrix5YfHkq5ZoNC5BJeto5Ui9QewxIE8RcIt0xYQSILF_U2Xhub8wvyrzoT_KygJ21vjlppOwIzqIE2fz83jij__6YFGiGPhd3zXYDOtGcl0IB-rhvgK273DDyS8IkMMxao4BQ3Nqy7aCAg_B65WoS6yt9KZBn2Mst-o61YkHaFKEXoI-Nl5EO6A8x7xpkRr7opX0mN_VmPOn_0j7YEH8eaEE_wwEy3HuAMftMwBjriGbUr1_BzzciXbtvtn5_9zqx4t4WuSdRvCnJb_gjE
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame D96C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
281453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:09:07 GMT
esp
oajs.openx.net/ Frame E3C0 		85 B
329 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&rid=esp
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
75e612c26270efc1fdbffdfd7ed5d8afc3cd3476a7c4a6929f2c5cee7c74f7c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-3r85FwtXDZnf9dFJse5Gy56WSTk"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85
si
googleads.g.doubleclick.net/pagead/drt/ Frame C007
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Redirect headers

date
Sun, 30 Apr 2023 02:20:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
7889610538740871403
tpc.googlesyndication.com/simgad/ Frame C007 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7889610538740871403?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmPgJ0DgqXoO2CzAdmIQv175dmvcw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032304241924000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32af4b17e7758d6136775ea55c527bd1c6d50acae2882753af31a5b281925a6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:07:50 GMT
x-content-type-options
nosniff
age
33130
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7667
x-xss-protection
0
last-modified
Tue, 17 May 2022 18:55:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 28 Apr 2024 17:07:50 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C007 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032304241924000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:32:28 GMT
x-content-type-options
nosniff
server
cafe
age
31652
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sun, 30 Apr 2023 17:32:28 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C007 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032304241924000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 16:19:05 GMT
x-content-type-options
nosniff
server
cafe
age
36055
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sun, 30 Apr 2023 16:19:05 GMT
track
track1.aniview.com/ Frame 89BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=CA&cos=Windows&r=www.khaleejtimes.com&rs=www.khaleejtimes.com&sid=14988&t=1682821193&cip=149.56.153.189&sn=&tgt=5&osv=10&bv=112.0&brn=Chrome&wi=300&he=250&app=&AV_PUBLISHERID=631834db55e9564951409ee5&test=&d64=5588dfe224885a80108ef8795acc4402&d63=5588dfe224885a80108ef8795acc4402&aafaid=&proto=https&uid=1682821193788-914099371828-001571-011-006544&cha=0.7&stagid=&stplid=&d35=&d36=&cb=41671815981&d39=&d65=&d66=&d73=&apppkg=&d9=0000&d37=realtime&asid=6422909efce73161aa093855%7C6423d321c328e4b2680639e5&pid=631834db55e9564951409ee5%7C5e7b9048180bd02ded4b0937&cid=633bf016a4c8d47b685fec86%7C6422904273d6a50c1601fe5a&h=8b7c5fccf4b666a57c0dc9a9d998d035a67d31a5&d9=0000&ofpr=[AVC_FLOOR]&imid=5588dfe224885a80108ef8795acc4402_172316024_452428_&e=AdError&prbdres=303
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.49.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-49-215.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 2C8E 		68 B
585 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
70
content-type
text/html
date
Sun, 30 Apr 2023 02:20:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
s2s
s2s.aniview.com/api/adserver/ Frame 89BF 		1 B
608 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=5588dfe224885a80108ef8795acc4402&wpm=&ssrtb=&pbjs=&tms=400&AV_C_USER_ID=1682821193788-914099371828-001571-011-006544&AV_PUBLISHERID=631834db55e9564951409ee5&AV_CHANNELID=633bf016a4c8d47b685fec86&AV_URL=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&cb=cebceb4b-2f4b-4818-b1b7-037cd1d05567&AV_WIDTH=300&AV_HEIGHT=250&logo=false&hidevpaid=1&tgt=5&
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.569.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.119.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-119-208.compute-1.amazonaws.com
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://imasdk.googleapis.com
content-type
text/plain
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Tue, 18 Apr 2023 12:33:20 GMT
setuid
rtb.adxpremium.services/ Frame 7912
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
  • https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LH2SAEWK-1A-5ERB
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LH2SAEWK-1A-5ERB
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:00 GMT
Server
nginx
Vary
Origin
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
86
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LH2SAEWK-1A-5ERB
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
574abe46412f7df61ec8713ff1a5b646
Expires
0
urlsvid.json
vpaid.vidoomy.com/sync/ Frame DABC 		1 KB
785 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Sun, 30 Apr 2023 02:20:00 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
661153
x-accel-date
1682160047
x-77-nzt
AVm7sQ9npr3/oRYKAA
x-accel-expires
@1683196847
last-modified
Wed, 29 Mar 2023 10:31:18 GMT
server
CDN77-Turbo
etag
W/"64241376-446"
x-77-nzt-ray
49be1408585828b250d04d64b29db721
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
generate_204
tpc.googlesyndication.com/ Frame D96C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?X4-xjA
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
setuid
user-sync.adxpremium.services/ Frame 7912
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=4139660057828765566
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=4139660057828765566
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=4139660057828765566
date
Sun, 30 Apr 2023 02:20:00 GMT
server
nginx
content-length
0
content-type
text/plain
collect
www.google-analytics.com/j/ Frame 11EC 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=180781398&t=event&_s=1&dl=https%3A%2F%2Fio.jogo.studio%2Frender%2F889ab751-64e1-48d1-b311-5e03be70a349%3Fgame_id%3D8d47f80f-e65a-4571-95db-6d9e11238e90&dr=https%3A%2F%2Fwww.khaleejtimes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x340&je=0&ec=JOGO%20-%207dbe53bf-68cd-414e-B300-672a99a7eb9d&ea=JOGO_PLAYER_INTERVAL%20-%20889ab751-64e1-48d1-B311-5e03be70a349%20-%207dbe53bf-68cd-414e-B300-672a99a7eb9d&el=Teasers%20-%208d47f80f-E65a-4571-95db-6d9e11238e90&_u=KEDAAAABAAAAACAAAC~&jid=436018903&gjid=792802972&cid=2102482046.1682821189&tid=UA-228403240-1&_gid=1554748579.1682821189&_r=1&_slc=1&z=1919812346
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://io.jogo.studio/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://io.jogo.studio
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.khaleejtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Sun, 30 Apr 2023 02:20:00 GMT
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=185&av=35&wv=7.40.0&cb=63056614756
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
unruly_prebid
targeting.unrulymedia.com/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
pragma
no-cache
date
Sun, 30 Apr 2023 02:20:00 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
arj
vuukle-d.openx.net/w/1.0/ 		189 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vuukle-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=002cf8a6-61f4-458b-ac26-c7713fbdf272&nocache=1682821200676&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&us_privacy=1---&aus=300x250%2C320x50%2C320x250%2C336x280%2C400x300&divids=%252F213794966%252C78059622%252Fvuukle-widget%252Fkhaleejtimes.com&aucs=&auid=542518226
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
c9ea3a0cd0f05d80da623a3acfaf32286774726cb1a497dbfb69c42df64acc82

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		584 B
865 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
826beafe476262db0e00d0915aebca5357b8e1767d7cbcbf1705864b17079df0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
content-length
299
prebid
ib.adnxs.com/ut/v3/ 		19 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:00 GMT
AN-X-Request-Uuid
253044ba-d9a0-480d-976c-d72a28983948
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
hb
cpm.vuukle.net/ 		248 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cpm.vuukle.net/hb?zone=180530&v=1.6
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
8bc4c3121763cd4c3e18645c9560b705d6b0aa9c32b9ec461ab9dda0fa8aec33

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:00 GMT
Server
nginx
Age
0
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
248
collect
stats.g.doubleclick.net/j/ Frame 11EC 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-228403240-1&cid=2102482046.1682821189&jid=436018903&gjid=792802972&_gid=1554748579.1682821189&_u=KEDAAAAAAAAAACAAAC~&z=1634736815
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://io.jogo.studio/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 30 Apr 2023 02:20:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://io.jogo.studio
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
221 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		688 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1a106fff3b6d84593ca43e02c3001ea09328d1256a9a2f68fa7a16f8fed38160
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.khaleejtimes.com%2F&domain=www.khaleejtimes.com&bundle=eFemS181RHJ3bXFIZUF3OFVPR3lGWG44QXZNZzJxMkFWb2VaZDlYSWJENWQ5JTJGJTJGMTJzaktIYTJ4OEZRSk44R0FqRklRSUlDUzN6TmwxYzZDNzVKN3JDeEd1UjVySURLcHBMMWI5WVJTT3hRcnREU05JOHB2M08wdEl6T0czeGY5N2NjS2VmY0oxR3dsN0d4dzltdHY0dlVyYW5lYWVXZ2RqTURvRzFPVjBVaCUyQkN6dVElM0Q&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a005::d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.khaleejtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 30 Apr 2023 02:20:00 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
459527
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
set
id.a-mx.com/
Redirect Chain
  • https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems&v=7.40.0&vg=vuuklehb&us_privacy=1---&gdpr=0&gdpr_consent=
  • https://c3.a-mo.net/b?gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D
  • https://id.a-mx.com/set?uid=3e6191e7-d58b-4571-a351-da0aa1ff9f5d&gdpr=0&gdpr_consent=&us_privacy=1---
99 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/set?uid=3e6191e7-d58b-4571-a351-da0aa1ff9f5d&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
2606:4700:3037::ac43:9a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d01eca58d63785e5ac5e9a0387e12017b8d788bb221442aa1336dd54ada22d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puCqSPCD8TY8%2FOAmDGJgReiH%2BEDOZ4YgtSQAHYrd7TG%2FBopiRnMWiKac96QU3ufQpaMUYIYsRCgt5%2F4jKEk%2F14c5TvKh3DBufGWVSzqfM3kClDTxMW9SrVQscExjfWPeyIQh5Yb8Zk4Vvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
cf-ray
7bfc4d9aca25c45c-EWR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sun, 30 Apr 2023 02:20:01 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
location
https://id.a-mx.com/set?uid=3e6191e7-d58b-4571-a351-da0aa1ff9f5d&gdpr=0&gdpr_consent=&us_privacy=1---
access-control-allow-origin
null
access-control-allow-credentials
true
cf-ray
7bfc4d9a9acfca4f-YUL
content-length
0
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.khaleejtimes.com%2F&domain=www.khaleejtimes.com&bundle=eFemS181RHJ3bXFIZUF3OFVPR3lGWG44QXZNZzJxMkFWb2VaZDlYSWJENWQ5JTJGJTJGMTJ...
  • https://mug.criteo.com/sid?cpp=VQ70s3xhdzlRUmdnMVo0dk9nZ0hTUjM4VjVkcGZMbnBITmkrb1JDbTQzc3ZUTGpPVUQzeGk2U2xuT2NxOElxdmtlNUVuZDBnejBFSlJTVGliZ09DWEorQWxnM3hJa1prcnh1M0t6UCtyWGF5SWJmcklrRmpjUjFhVHREbT...
484 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=VQ70s3xhdzlRUmdnMVo0dk9nZ0hTUjM4VjVkcGZMbnBITmkrb1JDbTQzc3ZUTGpPVUQzeGk2U2xuT2NxOElxdmtlNUVuZDBnejBFSlJTVGliZ09DWEorQWxnM3hJa1prcnh1M0t6UCtyWGF5SWJmcklrRmpjUjFhVHREbTZ5cTRURWIzNEp4cVR4NDM4dGtjMzFuMWN4TE8zMkozNEJwM1FLZjk1cmQrYkZqdEx3QitPcnZIYXIxemFuRjBBWWdBTzJjNkpQSkoyb09QbmNScXpxMHlnK2dFVG9PRkFQNUhjVXliNFJ3M0FZZGo1SFNhZjUzQUJWd1lJTGNueUIzdmIxaUphTVMxdXdBZUJBOTFPOFRmc3VRRVUzQ29ITmdEdS9RSUJEYlBUbDVIM2JIMD18&cppv=2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d25119a2eec6a2927cb5e0c73cd96b386a66ba2425d4b29f1fccb1d678df0412
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2678464
expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=VQ70s3xhdzlRUmdnMVo0dk9nZ0hTUjM4VjVkcGZMbnBITmkrb1JDbTQzc3ZUTGpPVUQzeGk2U2xuT2NxOElxdmtlNUVuZDBnejBFSlJTVGliZ09DWEorQWxnM3hJa1prcnh1M0t6UCtyWGF5SWJmcklrRmpjUjFhVHREbTZ5cTRURWIzNEp4cVR4NDM4dGtjMzFuMWN4TE8zMkozNEJwM1FLZjk1cmQrYkZqdEx3QitPcnZIYXIxemFuRjBBWWdBTzJjNkpQSkoyb09QbmNScXpxMHlnK2dFVG9PRkFQNUhjVXliNFJ3M0FZZGo1SFNhZjUzQUJWd1lJTGNueUIzdmIxaUphTVMxdXdBZUJBOTFPOFRmc3VRRVUzQ29ITmdEdS9RSUJEYlBUbDVIM2JIMD18&cppv=2
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
589311
content-length
0
expires
0
39a202cd-b451-40ea-861c-74fa4cca20f3
app.playstream.media/api/ampPassback/ 		669 B
522 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.playstream.media/api/ampPassback/39a202cd-b451-40ea-861c-74fa4cca20f3
Requested by
Host: app.playstream.media
URL: https://app.playstream.media/js/vod.js?fluid=false&height=250&id=39a202cd-b451-40ea-861c-74fa4cca20f3&width=300&powered_by=&powered_by_url=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
88.99.215.229 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.229.215.99.88.clients.your-server.de
Software
nginx/1.17.10 / PHP/7.4.11
Resource Hash
b75cc571ec1fabe33718e302a1fb0b4e2bfc9457d466a324c1277d37bc7b176d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
br
server
nginx/1.17.10
x-powered-by
PHP/7.4.11
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, private
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dNdI4nl9UeGw3WXJRelVxWTVMT2RzZFR6TkpoRVFXbHhvYTdIVmswY0J2bnFiR3p3JTNE%26u%3d%24%7bUSER_ID%7d&...
  • https://ssp-sync.criteo.com/user-sync/match?p=NdI4nl9UeGw3WXJRelVxWTVMT2RzZFR6TkpoRVFXbHhvYTdIVmswY0J2bnFiR3p3JTNE&u=AAAjOU7Im6EAACBud1f_9Q&us_privacy=1---
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=NdI4nl9UeGw3WXJRelVxWTVMT2RzZFR6TkpoRVFXbHhvYTdIVmswY0J2bnFiR3p3JTNE&u=AAAjOU7Im6EAACBud1f_9Q&us_privacy=1---
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=NdI4nl9UeGw3WXJRelVxWTVMT2RzZFR6TkpoRVFXbHhvYTdIVmswY0J2bnFiR3p3JTNE&u=AAAjOU7Im6EAACBud1f_9Q&us_privacy=1---
Date
Sun, 30 Apr 2023 02:20:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=L5BZPF9TRDBFVHIxJTJGWEExam1Daks4dFhPRDdYV2I5Njh5dEwyYzV4TWd4RWtsM2clM0Q&gdpr=&gdpr_consent=&us_privacy=1---&cr_user_id=k-yo84qxX6rbx8fMTGNpMac5k6...
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=criteo&bsw_user_id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=5fc738f9-8cf6-4ead-96c1-1c7828490792&ssp=criteo&us_privacy=1---
  • https://ssp-sync.criteo.com/user-sync/match?p=L5BZPF9TRDBFVHIxJTJGWEExam1Daks4dFhPRDdYV2I5Njh5dEwyYzV4TWd4RWtsM2clM0Q&u=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=L5BZPF9TRDBFVHIxJTJGWEExam1Daks4dFhPRDdYV2I5Njh5dEwyYzV4TWd4RWtsM2clM0Q&u=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

Location
//ssp-sync.criteo.com/user-sync/match?p=L5BZPF9TRDBFVHIxJTJGWEExam1Daks4dFhPRDdYV2I5Njh5dEwyYzV4TWd4RWtsM2clM0Q&u=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
Date
Sun, 30 Apr 2023 02:20:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dpKoPs19ublpVZkdvRyUyQkVhTDkzTXlBN01TTEV4OGxQSTlYVGNwJTJCSzh6S3d0Nlp5ayUzRA%26u%3d%3c...
  • https://ssp-sync.criteo.com/user-sync/match?p=pKoPs19ublpVZkdvRyUyQkVhTDkzTXlBN01TTEV4OGxQSTlYVGNwJTJCSzh6S3d0Nlp5ayUzRA&u=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=pKoPs19ublpVZkdvRyUyQkVhTDkzTXlBN01TTEV4OGxQSTlYVGNwJTJCSzh6S3d0Nlp5ayUzRA&u=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=pKoPs19ublpVZkdvRyUyQkVhTDkzTXlBN01TTEV4OGxQSTlYVGNwJTJCSzh6S3d0Nlp5ayUzRA&u=5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
date
Sun, 30 Apr 2023 02:20:00 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27065
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=240672733659405&correlator=4156289714080186&eid=44777629&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=213794966%3A78059622%2Cvuukle-widget%2Ckhaleejtimes.com&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x50%7C320x250%7C336x280%7C400x300&ifi=20&adks=750767079&sfv=1-0-40&prev_scp=adInView%3D0-24%2525%26impressionViewable%3D0%26adl_dis%3D-1%26refreshIteration%3D0&eri=5&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0%26url%3Dhttps%253A%252F%252Fwww.khaleejtimes.com%252Ftechnology%252Fmicrosoft-says-it-found-malicious-software-in-its-systems%26words%3Dtechnology%252Cmicrosoft%252Csays%252Cit%252Cfound%252Cmalicious%252Csoftware%252Cin%252Cits%252Csystems%26commit%3D55f12a8f50c54762f4ff4f42c6c79fbe6aa5c92e%26unblockia%3D0%26source%3Ddirect_internal%26CMP_accepted%3D1%26geo%3DCA%26device%3DDesktop%26order%3D7%26api_key%3D841fb3e5-977f-4e2e-be39-fae608323cc5%26adl_ip%3Dadloox-dc%26adl_ok%3D1&ppid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&sc=1&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&abxe=1&dt=1682821200912&dlt=1682821187973&idt=472&adxs=478&adys=7075&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=k&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=642x330&msz=642x0&fws=4&ohw=642&ga_vid=2080641419.1682821189&ga_sid=1682821189&ga_hid=1749126243&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRj1sNb__DBIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAM2M0YTQwNTFhYzJmNjQyNGU4YTg2ODU1NjlhYzE2ZDUzOTM4ZmUzOWExYzQxNjc3YjMwMWM2ZjM3ODM4MjVjYRjtsdb__DBIABKCAgoIcnRiaG91c2US7AFIemNSbkhWTDdnV2h5NXJVRUVsbm9BcmxqODRyZ2NnNXpPMjk3YWs0eXFxWm5sVlY0bS9lZmJPMlNyb0thVTFEaWR5Y2RGaksrWlBRVlRMNmYyMGkyWElFYXVFdmhsSU5ZL0gzVDRucXROWFFFY2FFeDc0VkhVM3djRVNEZXE2dnlvTW5WQU56QWlXM3VtRU5GQ2ljeXJibWRTMkUzNUgyWTZOSjUzL0UyVldOY2JQZUUzVjNFdmk1emtRcUNLZElLZ29nMkRNNWZBa2hnOGVGUzdUZjBlUTNkNzZTTkx6ZWpVaHIzY0RqbEdzPRja9Nb__DBIABIZCgp1aWRhcGkuY29tGLij1v_8MEgAUgIIZBIZCgpwdWJjaWQub3JnGM2o1v_8MEgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRi4o9b__DBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pTUV3NGNYcE5ZakpEVnpSQ2VtOVVSelZoY3pCUGR6MDlJbjA9GKz01v_8MEgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecd3ec992232b3f00101fdfdca7db9ad686e2ddc3a4b81c2bb2e23f44f44bddc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
209939,207150
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13634
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
314623,310543
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E3C0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250101&jk=2268110727227082&bg=!e3ileCzNAAb9Sbh13Uk7ADkAdvg8WunZhghGxMgLCnjRsm2Yxr5hnkOHL6Z7AbPuiIrk3T9Wld1gG43Ra3K5jHPaMHGdZ7sb4TECAAAA8lIAAAAEaAEHmQLjkQhsl52ZONzZSMLlF_x5vXvbjwmriSJGkSfaNLe3COEeM8r1c25ilxkIQ7npUQpZdaemcLWGm9cjEpPgZA2tLiiCwJqlMZi9PzGAoEqDGt7_FMPEiY69kF0BhvLeZnoJ6_oMNRNt57gyPJK5EoanHO7XJQj3XmPe4kBwJUByqNL4M7xwnCBvq_Wn5yQ6saUe39rf6ZgZ1cKz8Fct_ziJI2VucF3J7QQiunbv-SQ8SAuU-CEhQ5wNacdKyfiKsJLXVNGsS7Kx0PZRw9anfQTS7f0pzlNJMKqPcEnqeGFqHe_3uc_NbPbRvNv6wX-XI9K3z1fO5QwNzTZm9pWF_jpyzcnkN19NDHWr69RT656YGt5LLWAIZd5prqzDFj5zcU3GGDRWpid2IyNpoK83ioGBOAZFkGwnoTBCWTsDHeL29KnQZ4iPVgp7ayY1n4cmjZEWblVYtVK0XmodmHJKijq2Dk73eqliK9gLYH1z_K9N_3KnzPIAVafABokmtYDt_DJFPmWYo796Euj7_otx7m-9EJH-2DyA9ILTy6NLzOxZgl4IXT4oAcNz1SLD_DWyEMBCquAT4tX9jYqe9o2O2T2ZUIl1vzVuh1oWbRh6HHPTJXtu2lDXM_F_1HckF7yJZ529WcTxzbIaW2q1kaYDhVaD7w4Nw14__q2W9IvQP8iYpjRMDML2fmttDFQcId5bjFOqFDG5Yhu6BK3RuE7EW8ShOs6bk7jtT4v8_W2hnUf9qjzy04P04pEPTZt-qil1ThTlsBb35oHoH0yAgukRfZCUwOpTWpDuM1OqjlkVB--w95DveGHPWTWkDJKwlJ2n-tdoyz5vmdnEN12CN1RXwEX5y8aLbKECr4pDGQMkBVuRN-NKI5xaG3I-Y1uH-5KNuO1YPq17RLeK3XX6Hs89iMOcYBiLgjVLvmcJ9p-9fe3WPh49X48Y19n0qKaeJCXeJrt3DQXOeUjEzJ9BUTIpuM3s7VwO8A
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=VQ70s3xhdzlRUmdnMVo0dk9nZ0hTUjM4VjVkcGZMbnBITmkrb1JDbTQzc3ZUTGpPVUQzeGk2U2xuT2NxOElxdmtlNUVuZDBnejBFSlJTVGliZ09DWEorQWxnM3hJa1prcnh1M0t6UCtyWGF5SWJmcklrRmpjUjFhVHREbTZ5cTRURWIzNEp4cVR4NDM4dGtjMzFuMWN4TE8zMkozNEJwM1FLZjk1cmQrYkZqdEx3QitPcnZIYXIxemFuRjBBWWdBTzJjNkpQSkoyb09QbmNScXpxMHlnK2dFVG9PRkFQNUhjVXliNFJ3M0FZZGo1SFNhZjUzQUJWd1lJTGNueUIzdmIxaUphTVMxdXdBZUJBOTFPOFRmc3VRRVUzQ29ITmdEdS9RSUJEYlBUbDVIM2JIMD18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 30 Apr 2023 02:20:00 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
398109
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
iframe.html
api.khaleejtimes.com/cross/ Frame 73C1 		370 B
412 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.khaleejtimes.com/cross/iframe.html
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scripts/xdLocalStorage.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.122.110.207 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
481756.cloudwaysapps.com
Software
nginx /
Resource Hash
bc5d1608e8faa9ce1f32c86f9522fb3951871b156925d95f0cafaa36142d6d53

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
public, max-age=2592000
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 02:20:01 GMT
etag
W/"63d37984-172"
last-modified
Fri, 27 Jan 2023 07:13:08 GMT
server
nginx
vary
Accept-Encoding
async-api.6c072bf7-1.230.0.min.js
js-agent.newrelic.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6a613ee9108f1d682a41dbf67bf48474111f09ae1b3f9610371f9e9ab310ba1
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
rWoTEmf9ai1ouwS3ToIE043y.yHgDQor
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:20:01 GMT
strict-transport-security
max-age=300
x-amz-request-id
CYH621C7E35VTNQD
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1210
x-amz-id-2
eZgbR6C+fLNpfOlIfiNFo5ITwBSv277AwC6IUyM8BgaG10v/FkDGjE1+o6uTmqu3a+V0czJtQhw=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 10 Apr 2023 17:14:03 GMT
server
AmazonS3
x-timer
S1682821201.189316,VS0,VE0
etag
"a21c5f6b7cdfc3dedc83c2262a56d7cd"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3469
lazy-loader.ff971c03-1.230.0.min.js
js-agent.newrelic.com/ 		928 B
621 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/lazy-loader.ff971c03-1.230.0.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
moNPj5M8w_3ogm1Lwe_Y7qB7rdPjSB51
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:20:01 GMT
strict-transport-security
max-age=300
x-amz-request-id
CYHD1NRXKTCHYHHB
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
414
x-amz-id-2
jyTFeNs7aaJ0YeJ7OKDvNwJi/UjhWSjkLRPS40tiuy2JZCSzGlo6sOwUrZSiTDhRu/hNCAGKEQQ=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 10 Apr 2023 17:14:03 GMT
server
AmazonS3
x-timer
S1682821201.189299,VS0,VE0
etag
"5c71e603fdc4b5e7eb31a10d4bf90768"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3487
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fed44db63b6074275eb766a1f26429ab8de4c8af550b9212c87fbd9d387693d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10992
x-xss-protection
0
syncframe
gum.criteo.com/ Frame BFD5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.khaleejtimes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a005::d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
6107bf460934843cbde00678d356a436f2dd7c39ec331e8dbb7167e7f3858fc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:20:00 GMT
server
Kestrel
server-processing-duration-in-ticks
1133250
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
csi
csi.gstatic.com/ Frame 89BF 		0
0
ps_khaleejtimes_global.js
prebid.playstream.media/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.playstream.media/ps_khaleejtimes_global.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-845 /
Resource Hash
7fd3f12e227ad1c43e9754985ee6ffbfb61ebcef4b934f8db363a60bd8a5456f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
br
cdn-edgestorageid
1068
cdn-cachedat
03/30/2023 14:25:56
cdn-pullzone
1059078
last-modified
Mon, 20 Mar 2023 12:18:14 GMT
server
BunnyCDN-IL1-845
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"64184f06-1687"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
162c26fdcbb4086c2c6c41f54a093ed6
cdn-requestcountrycode
CA
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
4078d6ae0ac34b00ab883a06b39511d3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_224%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_224%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4078d6ae0ac34b00ab883a06b39511d3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c82c27e5a79dbabd877a95bb9f4f4463fd637667053265f83697c75e37d59bcd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 30 Apr 2023 02:20:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_224%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4078d6ae0ac34b00ab883a06b39511d3.png
age
2701236
edge-cache-tag
345015675288138379858567878363456984173,489297580400304075354445855826531327354,29ecf9b93bbf306179626feeda1fab70
cache-tag
345015675288138379858567878363456984173,489297580400304075354445855826531327354,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
104
expiration
expiry-date="Sun, 23 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://444.hu/
content-length
7002
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000169-IAD, cache-iad-kcgs7200067-IAD, cache-lax10652-LGB, cache-iad-kiad7000028-IAD, cache-yul12823-YUL
last-modified
Thu, 23 Mar 2023 12:19:52 GMT
server
nginx
x-timer
S1682821201.256802,VS0,VE2
etag
"563c1aebc94e48f042a51851ae16820b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 12, 1
862.9f44b58b-1.230.0.min.js
js-agent.newrelic.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/862.9f44b58b-1.230.0.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6859eb8f0f96a1493a47e0cab0144e6dba46b3c492042660dd5b02b6cec167b
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
xRkMl8fpKmpkb8xSPDFwInKFtxpiLeiU
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:20:01 GMT
strict-transport-security
max-age=300
x-amz-request-id
CYH7JP0389PESEMJ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3583
x-amz-id-2
+aK+luTVeUIR38cCEZN9IZhDIvjJt3v9A0o+3EiUwVA2GxOXapcjOnpSyr5KcMOe0StHMZk2E1I=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 10 Apr 2023 17:14:03 GMT
server
AmazonS3
x-timer
S1682821201.244801,VS0,VE0
etag
"c4e5d826698f6566f247167a7565c832"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3457
page_view_event-aggregate.75812140-1.230.0.min.js
js-agent.newrelic.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.75812140-1.230.0.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c124e8d5cc4a724c0cc1650bbb0c64f90f6cd00807ec75353423d6cb0880390
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
7bfBjgjP9vhwGKyYNbxNdw69c7w6yepO
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:20:01 GMT
strict-transport-security
max-age=300
x-amz-request-id
CYHCZMCZRKSV5AXJ
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3954
x-amz-id-2
O87bstDcnHgo5HgEq0hgXK1kuwS1MD3O4xlTGgMHwztzRW0nDqdNfNxm9foqgHAHo0MrjzX474M=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 10 Apr 2023 17:14:03 GMT
server
AmazonS3
x-timer
S1682821201.245358,VS0,VE0
etag
"a4978f5fb64e86334a1dbb282220c851"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3461
page_view_timing-aggregate.9590bdab-1.230.0.min.js
js-agent.newrelic.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.9590bdab-1.230.0.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ffa12a66b77bcb1fc0cc691ed439b877e084a91bd9f5537e651306fcf6246049
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Fq.2FKw4tsY9sm_ft7J67YTmHBEmGUpk
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:20:01 GMT
strict-transport-security
max-age=300
x-amz-request-id
CYHCN65YJ7XEDS4B
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4624
x-amz-id-2
8I0LOTXfoXjRaPjo5Ksn2DSR4fRybqLuVFkqJ1nZQMesggfyB12hg2NJHnJPojbDbqbOlmXOmKM=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 10 Apr 2023 17:14:03 GMT
server
AmazonS3
x-timer
S1682821201.246031,VS0,VE0
etag
"2357140ba2b3c410d01d12937c6269d8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3460
metrics-aggregate.20a08804-1.230.0.min.js
js-agent.newrelic.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/metrics-aggregate.20a08804-1.230.0.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b1fb531c79eb8ce9a6e9f833b9de4a43be31458e9a999dcced9147e0176d601
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Ue3teI4xiVp879tlCKhGPbDuwtTRksP9
content-encoding
gzip
via
1.1 varnish
date
Sun, 30 Apr 2023 02:20:01 GMT
strict-transport-security
max-age=300
x-amz-request-id
CYH3HC4EGYRKCV0F
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1593
x-amz-id-2
OPIwyUaoPYA9dY8jVjnSKXRQTt0kkCDG2d9uLF41nEfOdTjlaSPfROUAVXyF1qgrcU8vn0y9WJs=
x-served-by
cache-yul12832-YUL
last-modified
Mon, 10 Apr 2023 17:14:03 GMT
server
AmazonS3
x-timer
S1682821201.248186,VS0,VE0
etag
"2b4287467d6e1c411110556d75fe617a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3447
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 30 Apr 2023 02:20:01 GMT
NRJS-41a5a2f008560c7bdc5
bam.nr-data.net/1/ 		49 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-41a5a2f008560c7bdc5?a=522948469&v=1.230.0&to=MgcDNxYDWBBXWkZbXwtNIAAQC1kNGUpbXFcJB0wCFhZfAFpc&rst=14396&ck=0&s=230759d243f299d9&ref=https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems&ap=537&be=1110&fe=13231&dc=1112&perf=%7B%22timing%22:%7B%22of%22:1682821186858,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:84,%22c%22:84,%22s%22:101,%22ce%22:122,%22rq%22:122,%22rp%22:1111,%22rpe%22:1131,%22dl%22:1115,%22di%22:2168,%22ds%22:2209,%22de%22:2222,%22dc%22:14297,%22l%22:14299,%22le%22:14342%7D,%22navigation%22:%7B%7D%7D&fp=1380&fcp=1380&at=HkAAQV4ZSx4%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:20:01 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
7bfc4d9c2f9a0f6c-EWR
sid
mug.criteo.com/ Frame BFD5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=khaleejtimes.com&sn=ChromeSyncframe&so=3&topUrl=www.khaleejtimes.com&bundle=eFemS181RHJ3bXFIZUF3OFVPR3lGWG44QXZNZzJxMkFWb2VaZDlYSWJENWQ5JT...
  • https://mug.criteo.com/sid?cpp=mryto3xDUmxCQkorQW1lYUZ2KzFZOURYNk5kUW82a3EyRHlYS3gvWklkSE1KK0ZqRFBhdnM2bm9KQXZDUnNadFV0cmFtSmhHQUlQRXdMVDJYODJINFpJblkyVUszTWIyd252dmEyMTkxNVg5RXVTN1FxSGpOVTJnMDFvMz...
454 B
673 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mryto3xDUmxCQkorQW1lYUZ2KzFZOURYNk5kUW82a3EyRHlYS3gvWklkSE1KK0ZqRFBhdnM2bm9KQXZDUnNadFV0cmFtSmhHQUlQRXdMVDJYODJINFpJblkyVUszTWIyd252dmEyMTkxNVg5RXVTN1FxSGpOVTJnMDFvMzBuNWFCdGVIdHl3U3VHQVdxMVdxczJyVTRFalQ2aDRlaG8xUnlrdlJBaG8xSVg1bkpVaFA4NnBtZXBJNWxscXFNS2lRT1Nvemx0bW8zaXJMRlM4Vm9ZVjVPNUxpUm0xamtxSmZNQ0lMQnhQK2tSdW5KZFBRd3dIQy9hZjZtQ0J4Z1dFQUFUbDRKYjA3KzFxNzNBazZMb3dHdDBwdXdDUjdTRzR1SDJ0MHNYaUM5NlkvUDhNST18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7807fe24a004099718a5efbffc7324857c239592c1a69004b20cec3c267640ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:00 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2065646
expires
0

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:00 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=mryto3xDUmxCQkorQW1lYUZ2KzFZOURYNk5kUW82a3EyRHlYS3gvWklkSE1KK0ZqRFBhdnM2bm9KQXZDUnNadFV0cmFtSmhHQUlQRXdMVDJYODJINFpJblkyVUszTWIyd252dmEyMTkxNVg5RXVTN1FxSGpOVTJnMDFvMzBuNWFCdGVIdHl3U3VHQVdxMVdxczJyVTRFalQ2aDRlaG8xUnlrdlJBaG8xSVg1bkpVaFA4NnBtZXBJNWxscXFNS2lRT1Nvemx0bW8zaXJMRlM4Vm9ZVjVPNUxpUm0xamtxSmZNQ0lMQnhQK2tSdW5KZFBRd3dIQy9hZjZtQ0J4Z1dFQUFUbDRKYjA3KzFxNzNBazZMb3dHdDBwdXdDUjdTRzR1SDJ0MHNYaUM5NlkvUDhNST18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
594168
content-length
0
expires
0
4078d6ae0ac34b00ab883a06b39511d3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_224%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_224%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4078d6ae0ac34b00ab883a06b39511d3.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c82c27e5a79dbabd877a95bb9f4f4463fd637667053265f83697c75e37d59bcd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 30 Apr 2023 02:20:01 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_224%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4078d6ae0ac34b00ab883a06b39511d3.png
age
2701236
edge-cache-tag
345015675288138379858567878363456984173,489297580400304075354445855826531327354,29ecf9b93bbf306179626feeda1fab70
cache-tag
345015675288138379858567878363456984173,489297580400304075354445855826531327354,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
104
expiration
expiry-date="Sun, 23 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://444.hu/
content-length
7002
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000169-IAD, cache-iad-kcgs7200067-IAD, cache-lax10652-LGB, cache-iad-kiad7000028-IAD, cache-yul12823-YUL
last-modified
Thu, 23 Mar 2023 12:19:52 GMT
server
nginx
x-timer
S1682821201.286143,VS0,VE0
etag
"563c1aebc94e48f042a51851ae16820b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 12, 2
container.html
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D163 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
13
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:48 GMT
expires
Mon, 29 Apr 2024 02:19:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EB98 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
22110
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 20:11:31 GMT
expires
Sun, 28 Apr 2024 20:11:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 65BC 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0e45b36fbf9ad268dcfdae05313f895ec9abb87c84bb0bd0f17a0fe8d9ecc6c8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KUia6DxPv7YUmfN7wWqErQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-KUia6DxPv7YUmfN7wWqErQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:20:01 GMT
expires
Sun, 30 Apr 2023 02:20:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: prebid.playstream.media
URL: https://prebid.playstream.media/ps_khaleejtimes_global.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35cc5991bbbb8879d58294a5ccb24de312af582fb8afccdf28c6a18032ba385b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24704
x-xss-protection
0
server
cafe
etag
387 / 19477 / 31074204 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:20:01 GMT
ps_kt_prebid.js
prebid.playstream.media/ 		240 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prebid.playstream.media/ps_kt_prebid.js
Requested by
Host: prebid.playstream.media
URL: https://prebid.playstream.media/ps_khaleejtimes_global.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::845:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-845 /
Resource Hash
7d453ce6b1cc84148d6690c7bc8be44c12a31fc336f0dd2b4dc594cca56a9b60

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
br
cdn-edgestorageid
1068
cdn-cachedat
03/30/2023 14:25:44
cdn-pullzone
1059078
last-modified
Mon, 20 Mar 2023 12:18:14 GMT
server
BunnyCDN-IL1-845
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"64184f06-3beef"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
346a1c8e1a7978b7805a5f8ac32f8dea
cdn-requestcountrycode
CA
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.khaleejtimes.com&pubid=5d8ed25e-57cc-441a-b62a-127b34faae4e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.151.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-151-99.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:33:49 GMT
via
1.1 59d9797319b555b25abd21e200e6e428.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
age
20771
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
xzRMtbgpXuiisbYkW8rcAkVgaU1tSHztp39Eam9WMB1lO8RXqdWYyw==
adview
securepubads.g.doubleclick.net/pagead/ Frame D163 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRTNAUNBNZIe4PK6foPwPuY66kAyGyuWeXISB4PbOAsCNtwEQASAAYP3oooHwA4IBF2NhLXB1Yi0zNDk0NTIwNDY4Nzg4NTg5yAEJ4AIAqAMByAMCqgSoAk_Qedr3n4WzYIISGwUF4LUedGqwj7s1uTb7_0upFLSyKpvdOOpICHpxwjEVWRnxNq1l5dK-Ubh9pHXRboox-Ji7OGFqRxisT-xi75OfCf1k0zR46ueTZYJW-N_sckOcv5h4yEMMoZO9iJy7_soAYVqcbDaurqITj6QKNRwcz-Ur73oDcXDg4sdmD0J1wSBA-cl1adWpUHOii5uC_dMDbjFlTdJ1035relGH8R7acbwjoKtl-T0C-eQhPnH11UUAErSK9iXcCwS85ltgt3goHfWo81SEfXtSW1uGumo2cPRF369m4_sXZ_52Svv2msFJSOU2NPy3QRrSE8ePvMvx-FMvDT1LbtvrSG9YdhUO8BE9d_rWU4XQWDGvRefy1jPiG4EMLY_rjsMr4AQBgAa-vJGejNWKz2agBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tNzc4MjA1ODQyNjc1NjY5NIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zNDk0NTIwNDY4Nzg4NTg5GIanJQ&sigh=a90Wqq3Zq20&uach_m=[UACH]&cid=CAQSOwBygQiDNgUxpSAvcs3WWJg_ljiuC18M6IUNHT9blH_EyIgGSApOoj0gE3MAPzQCub_XbblFPArS-frrGAE&tpd=AGWhJmva3EmYGsfH4ybyRs5Q4f9GA4LZ4szHFc6KJLwRLI79fcRZBSUq-3t03uIUZr3WWXUu4QvTcsnrp3g7hSwWVbop-e39ldsErOiMcR5mfzYK_vMgFLcztWtWuyb0A-_UD7bSSsUWZVtPCxfo1jPPk_48CbFdrdXKIoOZ1SJfgkeQjJaxbUViB0SL6c7BVBcnOHPl7JvJ8o0THoW8_XgG69otDQsU6R_Cwld2LhAgmg4I6cSxz9zRVNms4Jo0h49CAEjODoVX-SGWJwS2HAydmvneF683g29Qo2AiDNNVr1RW6MRndNIg4Q_wjDjzcy5HnARFAT13VlH9vTbM5Gvq7QQ-gfHWnABMSODUOexjfK-J354Fyx30tdvqvBojPtqLNdhQ_VcPXu3wy4n239xT6k3dtYyUKhJi_bhySBm8d8q09PUt82NZNZyRRDGi8CO042cJHTWQ_MorC_-gJ5oBZL0VCSjH48mFNS-a-0a6rCZEhxLr6DljJVHEwA5HrhNo3dH2P-HKhBGq6nH9F61Sg5RhD_2BV3oEPPip_oNoqLmCckHhtm0IJNmOau5bmEm29vkStr-J0QVs3Sz5NrWaoIOfMbgqZEY_ygR8m3pw2uWeFMjuXPppuwdA-i4pog3SU1AXAVnjhMw2dR6bLBC5e1-0WochP9KMs4u4NVY9jpmHPxysnKL8A9IrOSPpf5tY3jlbRr7CGyY3tmjSz7wJE34Jqj13PUwKhgRXvFBokHal6yp63so4FENWGAFyrE8OveZVlxHOng2iNoWWJmD3rRrBzLcwhtUHItwtxv-syGXUBNnz_FmQhjMWlXGU5zAFHrLMNHy83PYBLXJXGrxunwtBoh_7XP7S65_sRL6LjR9aQT7QhF6J6zLUDbhqB27xQ0QIdLrVVnAoBZeC9NOz5dVd3lXaPkHvUFGSey62Ytf1LQ7m_hHoJVh2vlNikZIeu_5uZQ6PghJY5yxTnFt0z8hoZ44dpN5GVFU3e2PQ_F7FDE8kDlK3KbOsSnKXEMyApk6rHXJAVVQeNuRkZ-0Lg9VkhC9aymq2VETxiUevQD4l8NeNhn234O-fatis74nmA4Y-GWA1WIMehghhis_TqZR0WRIJ1WjB8dGvoyoytKz1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
tags.js
tags.expo9.exponential.com/tags/openxusbidder/openxus/ Frame D163 		60 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.expo9.exponential.com/tags/openxusbidder/openxus/tags.js
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
287c2bf68d6387779caaf3f83e4a6bef07562c2f12cb2a73e4d0c389c5707664

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14190
x-function
151
last-modified
Fri, 17 Feb 2023 18:05:21 GMT
server
cloudflare
x-reuse-index
212
etag
11226838281361019000
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
7bfc4d9d2f23ece2-YUL
expires
Sun, 30 Apr 2023 03:20:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame D163 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
22489
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame D163 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
22489
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:12 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame D163 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
33376
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 28 Apr 2024 17:03:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D163 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:20:01 GMT
openx
b9-imp-ipv6.tribalfusion.com/impression/ Frame D163 		43 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b9-imp-ipv6.tribalfusion.com/impression/openx?id=0fb678c4-bd51-4d68-9afa-fad98b04d6f6&impId=1&adSlotId=1&userId=548237746492&clientId=527063&clientMode=2&strategyGroupId=84943&strategyId=101081&hscr=1.0&zone=us&dealId=OX-bef-2TgCDR&dealType=3&price=AAABh8_1vT4yrFy4Yi5MCrZhwXhHZ3hx1DYJ3A&log_domain=www.khaleejtimes.com&log_busted=0&log_frame_level=1
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:130d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cache-control
private no-store, no-cache, must-revalidate
cf-ray
7bfc4d9d3dad7150-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame EB98 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
281454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:09:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 65BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250101&jk=240672733659405&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
xd-utils.js
api.khaleejtimes.com/cross/scripts/services/ Frame 73C1 		406 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.khaleejtimes.com/cross/scripts/services/xd-utils.js
Requested by
Host: api.khaleejtimes.com
URL: https://api.khaleejtimes.com/cross/iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.122.110.207 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
481756.cloudwaysapps.com
Software
nginx /
Resource Hash
f9773eb5c89a03f79cd489b64a2950d9cc28ec6e967685c2778a1c1b3bc7bca9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://api.khaleejtimes.com/cross/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 04:56:15 GMT
server
nginx
etag
W/"62ce506f-196"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=2592000
xdLocalStoragePostMessageApi.js
api.khaleejtimes.com/cross/scripts/ Frame 73C1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.khaleejtimes.com/cross/scripts/xdLocalStoragePostMessageApi.js
Requested by
Host: api.khaleejtimes.com
URL: https://api.khaleejtimes.com/cross/iframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
134.122.110.207 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
481756.cloudwaysapps.com
Software
nginx /
Resource Hash
5a2fc5314baf482c6bd0d0b5b7d3cdf7cda61c76bfeca2a2749e004633675340

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://api.khaleejtimes.com/cross/iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Wed, 13 Jul 2022 07:08:11 GMT
server
nginx
etag
W/"62ce6f5b-b15"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=2592000
usync.html
eus.rubiconproject.com/ Frame 5C04
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=caa4e1f7-081e-5278-9695-c2ccf2d81289&CACHEBUSTER=220831
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:20:01 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 30 Apr 2023 02:20:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
displayAd.js
s.tribalfusion.com/ Frame D163 		679 B
953 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.9&th=9452953186
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/openxusbidder/openxus/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74310ee6db20fbe41a1846c0a9891e0682b14399739b32d7966bd002c846978e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-function
153
last-modified
Fri, 17 Feb 2023 18:04:49 GMT
server
cloudflare
x-reuse-index
29
vary
Accept-Encoding
content-type
application/x-javascript
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
private
cf-ray
7bfc4d9e1a2becea-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
329
expires
Sat, 29 Jul 2023 02:20:01 GMT
usync.js
eus.rubiconproject.com/ Frame 5C04 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 17:49:36 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=55753
content-length
10020
expires
Sun, 30 Apr 2023 17:49:14 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		157 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&pid=EONDXylB2HsFV&cb=0&ws=1600x1200&v=23.426.459&t=2000&slots=%5B%7B%22sd%22%3A%220dewt%22%2C%22s%22%3A%5B%22300x250%22%2C%22180x150%22%2C%22300x100%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22059416475%2C78059622%2FHB_PS_Khaleejtimes_300x250%22%7D%5D&pubid=5d8ed25e-57cc-441a-b62a-127b34faae4e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*GAiabeu97ppHbh7oHT-TxjugEW88-H-o5URpyx-xmZNHCW_1aS3FBaMTC_dnGALmRwqBlr4Zz1eWXipDk5lwxA%22%2C%22lotame%22%3A%223c4a4051ac2f6424e8a8685569ac16d53938fe39a1c41677b301c6f3783825ca%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.94.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-94-225.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
3bd31baaa852b2827efc52e529477e1215d395b84774ceb6c2bc5a0d311eeff8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:02 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 f5527f719bbc0d2932043daaeff80252.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P5
x-amz-rid
QHBH4M7A0QT3AT2PK9QM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
157
x-amz-cf-id
kcgsZMyxY8m4VkedqfmDQq8VanZBEp4lUpVSyOeT2gZXJjijWBG-3g==
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: prebid.playstream.media
URL: https://prebid.playstream.media/ps_kt_prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.132 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
df1c3c02da0a3738b0607cadefbbd5e2b43f097d5fa83c7c5f930f9c6c36f16e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:01 GMT
AN-X-Request-Uuid
72e6854d-a737-4bf2-a2c0-56d635b12aab
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.189; 149.56.153.189; 674.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		470 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24872&site_id=458326&zone_id=2685806&size_id=15&alt_size_ids=16%2C19&us_privacy=1---&rf=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tg_i.page=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tg_i.domain=khaleejtimes.com&tg_i.pbadslot=%2F22059416475%2C78059622%2FHB_PS_Khaleejtimes_300x250&tk_flint=pbjs_lite_v7.39.0&x_source.tid=cc083594-f9c5-4968-8a28-7675240e69fc&l_pb_bid_id=409eae9207e065&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22059416475%2C78059622%2FHB_PS_Khaleejtimes_300x250&slots=1&rand=0.48713207726649266
Requested by
Host: prebid.playstream.media
URL: https://prebid.playstream.media/ps_kt_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:300::99 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
751a6620401c2363167c52c8d87ab4429a565a5c50b83d18086c1a1440349931

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:01 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
470
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ 		16 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: prebid.playstream.media
URL: https://prebid.playstream.media/ps_kt_prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.33 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-33.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 30 Apr 2023 02:20:01 GMT
generate_204
tpc.googlesyndication.com/ Frame EB98 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?6L_ktQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
match
ads.betweendigital.com/ Frame 5C04
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&us_privacy=1---&khaos=LH2SAEWK-1A-5ERB
  • https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LH2SAEWK-1A-5ERB&us_privacy=1---
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LH2SAEWK-1A-5ERB&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Server
188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.betweendigital.com/match?bidder_id=101&external_user_id=LH2SAEWK-1A-5ERB&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5c7d31e505103f093db6d1ed70deaa2
Expires
0
j.ad
s.tribalfusion.com/ Frame D163 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=9452953186&tagKey=1961050391&site=openxusbidder&adSpace=openxus&center=1&json=1&callback=e9Manager.setSingleAdResponse&size=300x250&clickTrackURL=https%3A%2F%2Fgoogle-bidout-d.openx.net%2Fw%2F1.0%2Frc%3Fts%3D2DAABBgABAAECAAIBAAsAAgAAAf4cGAphRGNzc29kYXQyHBbX9dW4j_TvhmQW7YPc18mS-I7SAQAcFvCMwpao8MenJhaB55rYi8-svoIBABaiwe7EDBUGOCRkMGJmMmFjYy1jNmY2LTA5NmUtMDFjZS04NGM2ZTVhYjM0M2IALBwVAgAcFQIAHBUCABwVAgAAHCaUvs2DBBUEFQQmkr7NgwQW4tC0gwQlAhUCpo4FFo4FFo4FFhQWFBYUFhQW6AcAHBwsFoCxiqS77IOtKhbrsrXZ5-KA56UBAAAWwIehgAQW9tK6gAQWqsv9gwQWmJeagwQVGBwU9AMU2AQAFQQm6AcW6AcWggYRNQ4mggY0AgAsLBbQtYrVl7G8th8Wk6TZz87JgoXKAQAWosHuxAwGKMCHoYAEFvbSuoAEFpiXmoMEFqrL_YMEGA0xNjc1NDMzNDY2Nzc0Ft4ZFoIGJQQWdCUClrqKiQMRERgCT1gMehT4AxTaBAAWAhgDcnRiABw1BhgNT1gtYmVmLTJUZ0NEUhYUXCwWgLGKpLvsg60qFuuytdnn4oDnpQEAABa2oYKVBBa0oYKVBADMGwKIHk1MX0ZFRV9PUFRJTUlaRVJfSU5TVEFOQ0VfVFlQRQlnb29nbGVfb2IYTUxfRkVFX09QVElNSVpFUl9BUFBMSUVEBWZhbHNlAKw4CGRlbGwuY29tAAAA%26r%3D&env=display&eid=openx&ecvalue=AAABh8_1vT4yrFy4Yi5MCrZhwXhHZ3hx1DYJ3A&dealId=deal_b9_dellaw2a_client_802013_aset1&bidderparams=%7B%22webinfo%22%3A%7B%22addp%22%3A%7B%22dom%22%3A%22khaleejtimes.com%22%2C%22devmk%22%3A%22desktop%22%2C%22devmd%22%3A%22browser%22%2C%22devos%22%3A%22Windows%22%2C%22pdi%22%3A%22OX-bef-2TgCDR%22%7D%7D%2C%22adinfo%22%3A%7B%22ip%22%3A%222607%3A5300%3A60%3A%3A%22%2C%22bu%22%3A%2218072662259301801937%22%2C%22bp%22%3A%2218072662652752584653%22%2C%22eid%22%3A%22openx%22%2C%22wp%22%3A%22AAABh8_1vT4yrFy4Yi5MCrZhwXhHZ3hx1DYJ3A%22%7D%7D&p9_param2=true&p9_param6=https%3A%2F%2Fb9-imp-ipv6.tribalfusion.com&p9_param1=0fb678c4-bd51-4d68-9afa-fad98b04d6f6%2C1%2C527063%2C2%2C84943%2C101081%2C548237746492%2Copenx%2COX-bef-2TgCDR%2C3&p9_param0=0fb678c4-bd51-4d68-9afa-fad98b04d6f6&url=http%3A%2F%2Fkhaleejtimes.com&rurl=https%3A%2F%2Fwww.khaleejtimes.com%2F&f=1&p=1125062&tKey=aLmneMPEMGSsBZcQrEqStfb1bvaSaZb9as&a=1&adContainerId=richmedia_2&rnd=1122983
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/openxusbidder/openxus/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adb944034df17c31287b1889cdee4fe29b9337abf394bd0c95cdab427c3be668

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-function
101
server
cloudflare
x-reuse-index
316
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
7bfc4d9f2b6fecea-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4157
expires
0
tf_adChoice11.js
cdnx.tribalfusion.com/media/common/adChoice/ Frame D163 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnx.tribalfusion.com/media/common/adChoice/tf_adChoice11.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
content-encoding
gzip
cf-cache-status
HIT
x-function
301
last-modified
Tue, 11 Apr 2023 06:26:26 GMT
server
cloudflare
age
8706
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
public
cf-ray
7bfc4da0184833ef-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 31 Dec 2030 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame D163 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=3886119&cmp=29245790&plc=357771451&sid=5745037&dvregion=0&unit=300x250
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/openxusbidder/openxus/tags.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:769a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:20:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 10:59:51 GMT
Server
Microsoft-IIS/10.0
ETag
"2d4a10aae224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
220831
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 6A10
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/220831
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/220831
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/220831
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software
ms-counter-4.0.4/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:02 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-4.0.4/1.22.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:02 GMT
strict-transport-security
max-age=2678400
server
ms-counter-4.0.4/1.22.1
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/220831
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
dvbs_src_internal117.js
cdn.doubleverify.com/ Frame D163 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=3886119&cmp=29245790&plc=357771451&sid=5745037&dvregion=0&unit=300x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:769a New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:20:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 11:00:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0cda5b9e224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18840
verify.js
rtb0.doubleverify.com/ Frame D163 		753 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_318926665698&jsTagObjCallback=__tagObject_callback_318926665698&num=6&ctx=3886119&cmp=29245790&plc=357771451&sid=5745037&advid=&adsrv=&unit=300x250&isdvvid=&uid=318926665698&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.30&dvpx_strhd=0.30&brid=3&brver=112&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=81&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D%3C92%3D66%3BE%3A%3E6D%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D%3C92%3D66%3BE%3A%3E6D%5D4%40%3ETar9EEADTbpTauTaug53chf3f3he4352ha5ce_hh%60h3_3_7__%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=8.00&callbackName=__verify_callback_318926665698
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
04e770411ccf72a84bacbced76cfc34b470a47e8db87823d343bebc79bc70ace

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:02 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Timing-Allow-Origin
*
Expires
04/29/2023 02:20:02
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=240672733659405&correlator=3621158844471979&eid=44777629&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=22059416475%3A78059622%2CHB_PS_Khaleejtimes_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C180x150%7C300x100%7C336x280&ifi=21&adks=243732513&sfv=1-0-40&prev_scp=refresh%3Dtrue%26amznbid%3D2%26amznp%3D2&eri=5&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26prebidtrue%3D0%26url%3Dhttps%253A%252F%252Fwww.khaleejtimes.com%252Ftechnology%252Fmicrosoft-says-it-found-malicious-software-in-its-systems%26words%3Dtechnology%252Cmicrosoft%252Csays%252Cit%252Cfound%252Cmalicious%252Csoftware%252Cin%252Cits%252Csystems%26commit%3D55f12a8f50c54762f4ff4f42c6c79fbe6aa5c92e%26unblockia%3D0%26source%3Ddirect_internal%26CMP_accepted%3D1%26geo%3DCA%26device%3DDesktop%26order%3D7%26api_key%3D841fb3e5-977f-4e2e-be39-fae608323cc5%26adl_ip%3Dadloox-dc%26adl_ok%3D1&ppid=0187cff58b3d000b5ceccd3def6c03074006106c00b08&sc=1&cookie=ID%3D6670b295dca33162-22116e4f7bdf00c6%3AT%3D1682821188%3AS%3DALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg&gpic=UID%3D00000be69c940dda%3AT%3D1682821188%3ART%3D1682821188%3AS%3DALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ&abxe=1&dt=1682821202055&dlt=1682821187973&idt=472&adxs=1167&adys=1223&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=l&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=314x0&msz=314x0&fws=516&ohw=1600&ga_vid=2080641419.1682821189&ga_sid=1682821189&ga_hid=1749126243&ga_fc=true&a3p=EhsKDGlkNS1zeW5jLmNvbRj1sNb__DBIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJAM2M0YTQwNTFhYzJmNjQyNGU4YTg2ODU1NjlhYzE2ZDUzOTM4ZmUzOWExYzQxNjc3YjMwMWM2ZjM3ODM4MjVjYRjtsdb__DBIABKCAgoIcnRiaG91c2US7AFIemNSbkhWTDdnV2h5NXJVRUVsbm9BcmxqODRyZ2NnNXpPMjk3YWs0eXFxWm5sVlY0bS9lZmJPMlNyb0thVTFEaWR5Y2RGaksrWlBRVlRMNmYyMGkyWElFYXVFdmhsSU5ZL0gzVDRucXROWFFFY2FFeDc0VkhVM3djRVNEZXE2dnlvTW5WQU56QWlXM3VtRU5GQ2ljeXJibWRTMkUzNUgyWTZOSjUzL0UyVldOY2JQZUUzVjNFdmk1emtRcUNLZElLZ29nMkRNNWZBa2hnOGVGUzdUZjBlUTNkNzZTTkx6ZWpVaHIzY0RqbEdzPRja9Nb__DBIABIZCgp1aWRhcGkuY29tGLij1v_8MEgAUgIIZBIZCgpwdWJjaWQub3JnGM2o1v_8MEgAUgIIahIdCg5lc3AuY3JpdGVvLmNvbRi4o9b__DBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pTUV3NGNYcE5ZakpEVnpSQ2VtOVVSelZoY3pCUGR6MDlJbjA9GKz01v_8MEgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba058243cb093f41c5a7597af182fa9de9b857c7c71ece455c6e8789cc48bcb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16119
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame CD88 		327 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-simpli.fi_n-MediaNet_n-Beeswax_cnv_sovrn_n-Outbrain
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
41d2a510c497547671bf784771297431daf81c9c233744be4a2d3e9cf50fbff6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
327
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 30 Apr 2023 02:20:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
F37ZDGNWNSWMGW4RDE1V
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5CE4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dpubmatic
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=112325
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 30 Apr 2023 02:20:02 GMT
expires
Mon, 01 May 2023 09:32:07 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookie
a.vidoomy.com/api/rtbserver/ Frame DABC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LH2SAEWK-1A-5ERB&gdpr=0
15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LH2SAEWK-1A-5ERB&gdpr=0
Protocol
H2
Server
3.64.80.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-80-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
00eaf86be2967e16a405003c718163fd973c8300e021d055e93c69e9abb58ac1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:02 GMT
content-length
15
content-type
text/plain; charset=utf-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LH2SAEWK-1A-5ERB&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
Expires
0
pbscookie
a.vidoomy.com/api/rtbserver/ Frame DABC
Redirect Chain
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=4139660057828765566&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=4139660057828765566&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
Protocol
H2
Server
3.64.80.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-80-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
00eaf86be2967e16a405003c718163fd973c8300e021d055e93c69e9abb58ac1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:02 GMT
content-length
15
content-type
text/plain; charset=utf-8

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=4139660057828765566&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
date
Sun, 30 Apr 2023 02:20:02 GMT
server
nginx
content-length
0
content-type
text/plain
VideoBidRequestHandlerServlet
us-wf.taboola.com/ 		2 KB
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=622&height=349&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1682821202114&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1514&pt=-2117357755&tz=0&viewable=true&ddast=V8xvoCLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMmNPJORw2NYi3Yr11o0XG7WEodz5hbtVsPZYjJxrja2ISC5kWcycngMa9Fu5VqLhsvNWuJwztyi3Wo4W0wmztXGNgUVU_jbPX_Ly2RQO01uheX09JhdbrCFptPhc93rdb_fXWt0mF0uq-npdnnuGr_bL3p5jH6102P5e_4201vzcH7eStNb5nfdTW61w-z0OP2uz1vzt5l-D8vLrbS7labPW_P8nF5uzx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAYLJBIDrkgNB-u-nycpj9AQAAAAAEAAAAAAkABNugEgAxBocn_v________9jDNBn3sj4____v6HQA-DBB8CDEAAAgIshpjI6RiPtl5VECDyLMAIAAABQiZPZe2SSTlCxqPL__99vBeAKAEDA4XO9518W3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEI1dQPpxGeRLFX8wsIALDmFxAAgI26AQB4EwAn6BC0YjBYnYCYHQAAAIA7_____3pAxuVyDnazjWM3Wy1cxsVitVhYRg6Ta2TYzCwzh_eYDoBXTTHOjvSpmMLf7vlbXiaD2mlyKyynp8fssp8JW4xWk8lmOZwtF5PBcDQcjfZnIBaTAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDA1sw0WzpVrLdgNV27RxuNbS4yD2VowXC1mNstuZZwt3KLXx3Qx7VarjXOLBAPI9iJ5WqQT2WI2cmxsvtlisbBMnCvPzLeZLGbGhc2wsIxGrolYojlZpBPZZd9xuZyD3Wzj2M1WC5dxsVgtFpaRw-QaGTYzy8zhb81sg4Vz5VoLdsOVW7Tx-NYS42C2FgxXi5nNslsZZwu36PUxXUy71Wrj3Ddmw8lwslgsN_vGbDgZThaL5WbfoTN8V5-zUbSTbDwmw7iY_YtrDoPCZbB4V6rTSluQHLTZq8jp0syURZ3R7_f7_X6_3-_3-w1az8FsUPi-Q-twHLl-nNnF9yA2KBSxRHCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiNF2kE73o5TH61U6P5e_520xvzcP5eStNb5nfdTe51Q6z0-P0uz5vzd9m-j0sL7fS7laaPm_N83N6uT0XsURwukgnopfxdFH_kUOMlnPVbK5YbeaK4XKVAAAAAAAAAAAswSTTTQAAAACcDGo3WI5W63Qwk8VkuVktF0DEGqGuH-vOPVagK6FijT2msUaH2eWymp5ul-ftsjvcgsdmshkulrspA4hYs2O22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAgI4ceAACA-D6gKtXwI1eKPX4FsVgMNvsHoEKs1Wp1u7FWqwU!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=0&dtagid=3212935&dpubid=570945&abtst=dpxrv0_vB!lvlstst-in2_vA!lvlstst1_vA!nonrv_vA!t45!u2822_vA!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.khaleejtimes.com&en=1&panid=3c4a4051ac2f6424e8a8685569ac16d53938fe39a1c41677b301c6f3783825ca
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
1cff75fe5e91868ac4cc358ece8950368bb0bcaa3e1a7ee9dd85d2da074b7ac4

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:02 GMT
content-encoding
gzip
server
nginx
machineid
1109
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 3E79 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-simpli.fi_n-MediaNet_n-Beeswax_cnv_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-simpli.fi_n-MediaNet_n-Beeswax_cnv_sovrn_n-Outbrain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
391e874bad0ff56134b88787da08e7b5e40cf1ac537d77f34ff49c51318b7a41
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-simpli.fi_n-MediaNet_n-Beeswax_cnv_sovrn_n-Outbrain
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1481
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 30 Apr 2023 02:20:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
F2N5N81FMDJRQA108FX0
VideoBidRequestHandlerServlet
us-wf.taboola.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=662&height=372&pubid=169497&tagid=953497&crid=6831575&noaop=3&sortOrderType=0&cb=1682821202123&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1514&pt=-2117357755&tz=0&viewable=true&ddast=V81BACLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMlNTLbJzDlaC0cml1s0WwzWwpHLsBYsRqbVaLQcuWazISCZ2cTmmCxMa43NtnGLVrvRWrlymdaCwWBkmTlmI5vHNAUXU_jbPX_Ly2SQsMx-30FBOT09ZpcbbKHpdPhc93rd73fXGh1ml8tqerpdnrvG7_aLXh6jX-30WP6ev8301jycn7fS9Jb5XXeTW-0wOz1Ov-vz1vxtpt_D8nIr7W6l6fPWPD-nl9tzBwAAAAAPANB6riH8AAIARAAAAACQAAAAAEAhoMK_BYELAAAAABgAFgpTNACYbBCIDjkgtN9uurwcZn8AAHiAAAEAIIBBAgDBNqgEQIzB4QkAAAAAAAAAABb_____MQbwsSpkEAhMZ_YAePAB8ECE4K4IIwAAAACVOJm9RybpBBWLKgAABOlWAK4AAAQcPteLMoQBAAAQGLNAD4vfb3bYNX63ywAAAAAAAAAAmPk_849GqKZ-OI3wJIq9ml9AAIA1v4AAAGzUDQDAmwA4QYegFYPB6gTE7AAAAADc-f___9cDMi6Xc7CbbRy72WrhMi4Wq8XCMnKYXCPDZmaZObzHdAC8aopxdqTPxRT-ds_f8jIZJCyz33dQUE5Pj9llPxO2GK0mk81yOFsuJoPhaDga7c9ALCYDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGpmGyycK9dasBuu3KKNx7eWGAeztWC4Wsxslt3KOFu4Ra-P6WLarVYb5xYJBpDtRXCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiOVmkE9ll33G5nIPdbOPYzVYLl3GxWC0WlpHD5BoZNjPLzOFvzWyDhXPlWgt2w5VbtPH41hLjYLYWDFeLmc2yWxlnC7fo9TFdTLvVauPcN2bDyXCyWCw3-8ZsOBlOFovlZt-hM3xXn7NRtJNsPCbDuJj9i2sOg8JlsHhXqtNKW5ActNmryOnSzJRFndHv9_v9fr_f7_f7DVrPwWxQ-L5D63AcuX6c2cX3IDYoFLFEcLpIJ6KX8XQRSyRPi3SiHA4Wvs3MuTJNRpOZc7VcmAyr2cixMq42y5VxORFLlKaLdKIXvTxGv9rpsfw9f5vprXk4P2-l6S3zu-4mt9phdnqcftfnrfnbTL-H5eVW2t1K0-eteX5OL7fnov4jhxgt56rZXLHazBXD5SoBAAAAAAAAAFiCSaabAAAAADgZ1G6wHK2WCyBijVDXj3XnHivQlVCxxh7TWKPD7HJZTU-3y_N22R1uwWMz2QwXy92UAUSs2THbzDOCWKvVsgYAACCADQAAIICbbrwJRIfk7AOiysnMzMzU5FcQi8Vgs38AKsRarZbPF2u1Wg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=0&dtagid=3212935&dpubid=570945&abtst=dpxrv0_vB!lvlstst-in2_vA!lvlstst1_vA!nonrv_vA!t45!u2822_vA!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.khaleejtimes.com&en=1&panid=3c4a4051ac2f6424e8a8685569ac16d53938fe39a1c41677b301c6f3783825ca
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
6b263dfa8ac0f9cc8dd04f53e64edeb7c3f2810c878056922f8c40143ef36a8f

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:02 GMT
content-encoding
gzip
server
nginx
machineid
1181
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 58CA 		15 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&vid=a6f37f0123013099a595be2217fc435a&dspid=pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dpubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.80.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-80-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
00eaf86be2967e16a405003c718163fd973c8300e021d055e93c69e9abb58ac1

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
15
content-type
text/plain; charset=utf-8
date
Sun, 30 Apr 2023 02:20:02 GMT
ecm3
s.amazon-adsystem.com/ Frame 3E79
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=57a77c9
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=57a77c9
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-simpli.fi_n-MediaNet_n-Beeswax_cnv_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S5YEMJDECTD9DRRC73M3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:20:02 GMT
via
1.1 b88fda0ef7fc0be68ec5692fdd8f97ec.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PHL51-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=57a77c9
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
XQDmcjzPLi6zDPOdCRWo7Csx463M5HzJlDbQJTkZwzFFrivVPBL2Fw==
ecm3
s.amazon-adsystem.com/ Frame 3E79
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=429FA571C8024762B89F507D54B48C58&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=429FA571C8024762B89F507D54B48C58&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-simpli.fi_n-MediaNet_n-Beeswax_cnv_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AXW15KK3F7ZP66MCCGS6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:20:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=429FA571C8024762B89F507D54B48C58&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 29 Apr 2023 02:20:02 GMT
ecm3
s.amazon-adsystem.com/ Frame 3E79
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258227951455735000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258227951455735000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-simpli.fi_n-MediaNet_n-Beeswax_cnv_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1SVSZP2GR9WTKE6XQHC2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:02 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3258227951455735000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Sun, 30 Apr 2023 02:20:02 GMT
ecm3
s.amazon-adsystem.com/ Frame 3E79
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?id=AAAjOU7Im6EAACBud1f_9Q&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAAjOU7Im6EAACBud1f_9Q&ex=beeswax.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-simpli.fi_n-MediaNet_n-Beeswax_cnv_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
84Y8PT2D5RQ5FQNDMDBR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AAAjOU7Im6EAACBud1f_9Q&ex=beeswax.com
Date
Sun, 30 Apr 2023 02:20:02 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame 3E79
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=kuIAmsv1By4MDjailSBd
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=kuIAmsv1By4MDjailSBd
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-simpli.fi_n-MediaNet_n-Beeswax_cnv_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6EJTVZG609VTYEDH2WQ4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:02 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=kuIAmsv1By4MDjailSBd
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
101
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 6C9E
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=14affde8e1320fe8&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAL7N8vOLFDtQMf438WAAAAAAA&expiration=1682907602&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAL7N8vOLFDtQMf438WAAAAAAA&expiration=1682907602&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-simpli.fi_n-MediaNet_n-Beeswax_cnv_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 30 Apr 2023 02:20:02 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
BKM3ZR7EJY8K123NC803

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Sun, 30 Apr 2023 02:20:02 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAL7N8vOLFDtQMf438WAAAAAAA&expiration=1682907602&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
amazon
ce.lijit.com/beacon/ Frame 06DD
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
523 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-simpli.fi_n-MediaNet_n-Beeswax_cnv_sovrn_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.74 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
78a7a477dfd5fa1bce60e2a72c55e54e93d56b926735a5ec12dcb1eb54a6b16b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
329
Content-Type
text/html
Date
Sun, 30 Apr 2023 02:20:02 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap4ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
cmTagWIDGET_ITEM.js
vidstat.taboola.com/vpaid/units/32_7_0/infra/ 		793 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_7_0/infra/cmTagWIDGET_ITEM.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
fdd598282893dd73b323d8f312504651d44597bb1df42c3a29545ccc10174550

Request headers

Referer
https://www.khaleejtimes.com/
Origin
https://www.khaleejtimes.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-mtime
1682327214
date
Sun, 30 Apr 2023 02:20:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
A3MG0F39HGMMM1HR
age
493796
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1682327215
x-amz-meta-mode
33188
content-length
135847
x-amz-id-2
R4unRmf8z4WIaCjSdozVIB1fsBJwji+pgIybQNkq9+Q8F/z87FDF+aN6A7KppYpuUVNGESh5/K0=
x-served-by
cache-yul12823-YUL
last-modified
Mon, 24 Apr 2023 09:06:56 GMT
server
AmazonS3-br
x-timer
S1682821202.261399,VS0,VE0
etag
"adefba64b9754678a04eccbac826c30f"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
8
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_7_0/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_7_0/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-mtime
1682327271
date
Sun, 30 Apr 2023 02:20:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
MCES7DQ7MW10GNZJ
age
493799
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1682327271
x-amz-meta-mode
33188
content-length
7877
x-amz-id-2
XGUsJdYY8klTxR0CVa0ShngfxM1xnuseAU/ldhonbZyCxmu4JOiVT3YBbvhr4x5+CbuIQXlh2Dc=
x-served-by
cache-yul12823-YUL
last-modified
Mon, 24 Apr 2023 09:07:52 GMT
server
AmazonS3-br
x-timer
S1682821202.236678,VS0,VE0
etag
"92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
129625
ecm3
s.amazon-adsystem.com/ Frame 06DD 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=GkJrZBZH2ygXJcZOSOi_0W40&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
28B9PKVBEQGF7FE3FBSW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 06DD
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:20:02 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250101&jk=240672733659405&bg=!RUalRhLNAAb9Sbh13Uk7ADkAdvg8WtshbomznvM_UTod1eplu9q3d4N1gCMh7yNWCI_iF6BIx32lX-FqlX-xC28ajUd_tikHkQ4CAAABA1IAAAAEaAEHmQL_wA0FiwxfBlBpvMpdg3211SzkwndeKTGGcaap4DBCH96iEHC7E9Lf_CqQPLg1zwNuiZNqLVzJCqYtr1-jy_MqLnvsV5_zcgju1y0hNlW13KhVG62GyjsrzSnV1BQCfs4b7WseCiGOYP0c3jZMoZF9VBqRetzC5Y73_rDg_OjrP0mcI05XmhTWqvaUtCOw9_WyMwuZSS5zbugDwOhoyn-rJI4whNZAal379XWXfqkRFaS6YDLFKwNK9VNTxyLTE8TJOXbrW8eh7TpeLBWmw-IpTiA53ekXmZV7Rkj4PpO-H9CSHbN9C7qGAm6sf1sHvaKQYdKfS-XINqk4KzCalDISKv98xw1ORfr4djAhmBQX1F1SxIaUN5DG5rNXh24JYYRfKrJyYk8FVL5awH7MAYMOTHDrjDOw9YhJhGvGzz2HA87NciTsaifIKBJWzB0UuFm30Bhn9uxCbRpzhXxypTKZ81j8KOE5CA1anb31ZgCP2iIvK2tN4ozhn6hqRyzvKdf_wZ8k6quoKHURMQWK2zK9skBrPRhymeWQ6yQ1cdudt2-VvDjL2ky_RLz6v4xAn6n3JuxR5XFvfKZYtFOHCJFxFVxhUe1G7gFtWR0QS1tjjHvMFs1bLdMAs3H1VpennJsWlxHQSo4Zq9FDal0pOspiqE6f9nHsi1KwifcM2Ei1ytZawpQkYCsTWuiS7fTDj_j1gxhhMpYAIPyBv-5LTKS7HTrhhHcXRH1Fz9ECZtYnhW1CrD0mAgmlqk0T85xpeXzLdXQIyT80J1McxAhVSzZWnfB7PTf1lxlaPxtMVHDYKgextfY_0ultVhjrbPJDwY4TJO30aLKe6mS-C2k7mDhVWlbACfjKoHd-eK7HQyPE1jG5jafqzMB73pXWHLWVYI5DSO9UwlhRQGF7Zve0nKbN_hHRKMhINRBwH9ZEeNjI4KVexiYD9xggF6bpKddT1E3MSkjREHfFqcby3BllRPiw2xAw_c-2SVITBry8kEHaYCFzxcJqFWxDRLhjs3BXM2A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_7_0/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/32_7_0/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-mtime
1682327271
date
Sun, 30 Apr 2023 02:20:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
MCES7DQ7MW10GNZJ
age
493799
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1682327271
x-amz-meta-mode
33188
content-length
7877
x-amz-id-2
XGUsJdYY8klTxR0CVa0ShngfxM1xnuseAU/ldhonbZyCxmu4JOiVT3YBbvhr4x5+CbuIQXlh2Dc=
x-served-by
cache-yul12823-YUL
last-modified
Mon, 24 Apr 2023 09:07:52 GMT
server
AmazonS3-br
x-timer
S1682821202.319325,VS0,VE0
etag
"92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
129626
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/ 		442 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_7_0/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
412930d5c0e70458a49866b0d7621325c81aa80e8674d25520c656f908268ff7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-mtime
1682154062
date
Sun, 30 Apr 2023 02:20:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
ZSPWC1QV9FHZSKPN
age
667088
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1682154074
x-amz-meta-mode
33188
content-length
85672
x-amz-id-2
0pwUmxywxQ95kakTDOGJF747rZujHnuOk7tNbyld8WkYt5FqdA7DrphVeVm3yqUJbynGhjCDX5I=
x-served-by
cache-yul12823-YUL
last-modified
Sat, 22 Apr 2023 09:01:15 GMT
server
AmazonS3-br
x-timer
S1682821202.447592,VS0,VE0
etag
"9b2a5bec79742c442d1e12f994fa0c81"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
134176
sync
us-match.taboola.com/ Frame 4B3D 		6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V81BACLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMlNTLbJzDlaC0cml1s0WwzWwpHLsBYsRqbVaLQcuWazISCZ2cTmmCxMa43NtnGLVrvRWrlymdaCwWBkmTlmI5vHNAUXU_jbPX_Ly2SQsMx-30FBOT09ZpcbbKHpdPhc93rd73fXGh1ml8tqerpdnrvG7_aLXh6jX-30WP6ev8301jycn7fS9Jb5XXeTW-0wOz1Ov-vz1vxtpt_D8nIr7W6l6fPWPD-nl9tzBwAAAAAPANB6riH8AAIARAAAAACQAAAAAEAhoMK_BYELAAAAABgAFgpTNACYbBCIDjkgtN9uurwcZn8AAHiAAAEAIIBBAgDBNqgEQIzB4QkAAAAAAAAAABb_____MQbwsSpkEAhMZ_YAePAB8ECE4K4IIwAAAACVOJm9RybpBBWLKgAABOlWAK4AAAQcPteLMoQBAAAQGLNAD4vfb3bYNX63ywAAAAAAAAAAmPk_849GqKZ-OI3wJIq9ml9AAIA1v4AAAGzUDQDAmwA4QYegFYPB6gTE7AAAAADc-f___9cDMi6Xc7CbbRy72WrhMi4Wq8XCMnKYXCPDZmaZObzHdAC8aopxdqTPxRT-ds_f8jIZJCyz33dQUE5Pj9llPxO2GK0mk81yOFsuJoPhaDga7c9ALCYDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGpmGyycK9dasBuu3KKNx7eWGAeztWC4Wsxslt3KOFu4Ra-P6WLarVYb5xYJBpDtRXCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiOVmkE9ll33G5nIPdbOPYzVYLl3GxWC0WlpHD5BoZNjPLzOFvzWyDhXPlWgt2w5VbtPH41hLjYLYWDFeLmc2yWxlnC7fo9TFdTLvVauPcN2bDyXCyWCw3-8ZsOBlOFovlZt-hM3xXn7NRtJNsPCbDuJj9i2sOg8JlsHhXqtNKW5ActNmryOnSzJRFndHv9_v9fr_f7_f7DVrPwWxQ-L5D63AcuX6c2cX3IDYoFLFEcLpIJ6KX8XQRSyRPi3SiHA4Wvs3MuTJNRpOZc7VcmAyr2cixMq42y5VxORFLlKaLdKIXvTxGv9rpsfw9f5vprXk4P2-l6S3zu-4mt9phdnqcftfnrfnbTL-H5eVW2t1K0-eteX5OL7fnov4jhxgt56rZXLHazBXD5SoBAAAAAAAAAFiCSaabAAAAADgZ1G6wHK2WCyBijVDXj3XnHivQlVCxxh7TWKPD7HJZTU-3y_N22R1uwWMz2QwXy92UAUSs2THbzDOCWKvVsgYAACCADQAAIICbbrwJRIfk7AOiysnMzMzU5FcQi8Vgs38AKsRarZbPF2u1Wg!&excid=22&docw=0&cijs=1&nlb=true
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_7_0/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f17774640004d46a45e36f51a1a98c4dc49f44ed3f3a3f6a9f5c944616858bba

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 30 Apr 2023 02:20:02 GMT
machineid
3109
server
nginx
sync
us-match.taboola.com/ Frame FEEA 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://us-match.taboola.com/sync?dast=V8xvoCLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMmNPJORw2NYi3Yr11o0XG7WEodz5hbtVsPZYjJxrja2ISC5kWcycngMa9Fu5VqLhsvNWuJwztyi3Wo4W0wmztXGNgUVU_jbPX_Ly2RQO01uheX09JhdbrCFptPhc93rdb_fXWt0mF0uq-npdnnuGr_bL3p5jH6102P5e_4201vzcH7eStNb5nfdTW61w-z0OP2uz1vzt5l-D8vLrbS7labPW_P8nF5uzx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAYLJBIDrkgNB-u-nycpj9AQAAAAAEAAAAAAkABNugEgAxBocn_v________9jDNBn3sj4____v6HQA-DBB8CDEAAAgIshpjI6RiPtl5VECDyLMAIAAABQiZPZe2SSTlCxqPL__99vBeAKAEDA4XO9518W3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEI1dQPpxGeRLFX8wsIALDmFxAAgI26AQB4EwAn6BC0YjBYnYCYHQAAAIA7_____3pAxuVyDnazjWM3Wy1cxsVitVhYRg6Ta2TYzCwzh_eYDoBXTTHOjvSpmMLf7vlbXiaD2mlyKyynp8fssp8JW4xWk8lmOZwtF5PBcDQcjfZnIBaTAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDA1sw0WzpVrLdgNV27RxuNbS4yD2VowXC1mNstuZZwt3KLXx3Qx7VarjXOLBAPI9iJ5WqQT2WI2cmxsvtlisbBMnCvPzLeZLGbGhc2wsIxGrolYojlZpBPZZd9xuZyD3Wzj2M1WC5dxsVgtFpaRw-QaGTYzy8zhb81sg4Vz5VoLdsOVW7Tx-NYS42C2FgxXi5nNslsZZwu36PUxXUy71Wrj3Ddmw8lwslgsN_vGbDgZThaL5WbfoTN8V5-zUbSTbDwmw7iY_YtrDoPCZbB4V6rTSluQHLTZq8jp0syURZ3R7_f7_X6_3-_3-w1az8FsUPi-Q-twHLl-nNnF9yA2KBSxRHCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiNF2kE73o5TH61U6P5e_520xvzcP5eStNb5nfdTe51Q6z0-P0uz5vzd9m-j0sL7fS7laaPm_N83N6uT0XsURwukgnopfxdFH_kUOMlnPVbK5YbeaK4XKVAAAAAAAAAAAswSTTTQAAAACcDGo3WI5W63Qwk8VkuVktF0DEGqGuH-vOPVagK6FijT2msUaH2eWymp5ul-ftsjvcgsdmshkulrspA4hYs2O22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAgI4ceAACA-D6gKtXwI1eKPX4FsVgMNvsHoEKs1Wp1u7FWqwU!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_7_0/infra/cmTagWIDGET_ITEM.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
0b9914af88e832036cf246f40f4bf2964faaace3333027ef2632d7ab693fbf31

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Sun, 30 Apr 2023 02:20:02 GMT
machineid
3104
server
nginx
container.html
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C8CE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
14
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 30 Apr 2023 02:19:48 GMT
expires
Mon, 29 Apr 2024 02:19:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.khaleejtimes.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Sun, 30 Apr 2023 02:20:02 GMT
via
1.1 6e873fe6803a6da3d6232f8bb9104e9e.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
YUL62-C2
age
1108348
x-cache
Miss from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-yul12823-YUL
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1682821203.671767,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
0Wwp0qQPTOe4z1VTy46V7usYwzVot9xEt7H5eXIsV8sUReRowYzRVA==
x-cache-hits
81492
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame D163 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=a47c04435b844e51817926897589a338&vfdur=311&cbust=1682821202729384
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:02 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
04/29/2023 02:20:02
tags.js
tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/ Frame D163 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.expo9.exponential.com/tags/ContentVerification/AdVerificationBackup_DV/tags.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ddb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31d2b3b76f623158be5983444ca708708089524b2a85ca15d84b015e656bb50e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14148
x-function
151
last-modified
Fri, 17 Feb 2023 18:05:21 GMT
server
cloudflare
x-reuse-index
757
etag
6916691476280429531
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
7bfc4da51c7cece2-YUL
expires
Sun, 30 Apr 2023 03:20:02 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C8CE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CVJ0xUtBNZL3lB8yCzwXTsozwBL6VpK9s99rS06wMwI23ARABIABg_eiigfADggEXY2EtcHViLTQ1ODY0MTU3Mjg0NzEyOTfIAQngAgCoAwGqBLgCT9B53LHkcXOzc4BDn5VRNrSJsr7cIY23kGYNUqIjp1FgebIAmzhvomaKW5xt3u-k9YDFfBlcWTvtKwBNDmJuc4XjLSbCx8fbjW7lqzv4Z6hn4bqEyRz94Hf2yD0J-JvVgD0yyioRLEQsJTVIFwnh0JBdwbWBu7lvRWE6ODWNeQSRrCbUVEEgr59D8ITYsIzLILNoEMyZ1x4EjBf7cjmvorsHfPYcXMV3YrK1qHhcn8wnPICzzskUAbQxGsXv8xCE28lJKGNVUcpaf2Xuc6n57DJgl07B6fFTqkTDlihkaH2eedz2WojiWMeaSqE8l0ZNfiADWIDjQ05OPlkuQ-bv6YHSL9pL-cEUQMMtYkfYw5q7mRLTmAUOzssrLDlwuyIsj0rL4x_m_iRFVmGUB-Ljo6xyHLAwG1Ok4AQBgAbq69v72OPz-VugBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPIIG2FkeC1zdWJzeW4tMjQ0MzA5ODM3NTY2OTUyOIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NTg2NDE1NzI4NDcxMjk3GIbXdw&sigh=PQ0Og6imhxU&uach_m=[UACH]&cid=CAQSOwBygQiDFHtoVE2oPsRVfu6GWLY6nY5Azrb4dTmK6nKT7mb1tBPJAIBqKdSXz6T8kZWCnzciiPWazHKNGAE
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
log
hblg.media.net/ Frame C8CE 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfke&evtid=plutol1&prvReqId=50481490523317_22086463_44225416312941&acid=3fa7c8bcea7042a2bb415da70cc39c3b&pvid=294&ogbdp=0.16&sc_pvid=319&requrl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&cc=CA&cliIP=0&UA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F112.0.5615.121%20Safari%2F537.36&dn=khaleejtimes.com&cid=8CUF4235B&ugd=4&size=336x280&cbdp=0.109&dtc=east_sc&itype=ADX&device_id=4&rme=nurl&app=0&viewability=58.0&bidrestime=1682821202271&slotVisibility=2&ctr=-1.0&csip=rtb-appnexus-6d55fd679c-r7qbj.SC&scrid=1700080800127000336028000025600&mang=1&commit_id=e22c3572&zone=d&pxtype=0
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:02 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 30 Apr 2023 02:20:02 GMT
log
qsearch-a.akamaihd.net/ Frame C8CE 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&vplcmtt=-1&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.1600&ss_d2=0&stid=&content_context=-1&content_channel=&other_prv=319%7C294&jar_err=&current_day=0.0&adtyp=0&req_id=Db8HppwJloJ8p89rqqvChw&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&predicted_wr=68.0415&exp=&deal_id=&ctr=-1.0&fdbk_id=&second_bidder=319&search_res=32&floor_bucket=0.00&gpid_format=&seat=BID_API&rc=-1&size=336x280&url_l1=technology&f_seg=&url_l2=microsoft-says-it-found-malicious-software-in-its-systems&prdp=0.1088&ogcbdp=0.1600&dfpbd=0.1088&server=1&ogerpm_wd_bkt=0-1&vskip=-1&model_version=202304292205_generic_adx_1-cid_1&viewability=0.5800&dmm_r=0.0000&cut=32&dmm_l=0.0000&as_cache=0&tcyerpm=&content_language=&sc=QC&send_erpm=true&dmm_m9=0.0000&sd=2&hb_exp=&seg=&dmm_m4=0.0000&erpm_bucket=0.15&ugd_ver=&requrl=khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems%2F&bidrestime=1682821202271&cc=CA&strg=harmony&ss=&video_maxdur=-1&current_hour=1&time_stamp=2023-04-30+02%3A20%3A02&content_network=&model_key=generic_adx_1-cid_1&rvshhon=&mul_ratio=0.0000&bdp=0.1600&ct=montreal&akey=&mnckfl=0&content_genre=&dmm_ctr=-1.0000&asn=514&bdp_bucket=0.15&algo=&dc=east_sc&splid=&erpm_mult=1.000000&dn=khaleejtimes.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F112.0.5615.121+Safari%2F537.36&buyer_id=&dmm_m10=1246330&bdp_wider_bucket=1&acid=3fa7c8bcea7042a2bb415da70cc39c3b&zone=d&infl=&o_ver=NT+10.0&br_ver=112.0.5615.121&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=9.4.2&totalTimeBucket=3&visibility=2&totalTime=3975880&dmm_m1=2023-04-30+02%3A20%3A02.274374980&e_rpm=0.0000&dmm_m22=0.1600&gdpr=&vsid=&log_less=false&content_userrating=&gpid_sent=false&ogerpm_used=false&sfm_key=&bdmm_m12=0.0000&cid=8CUF4235B&bcrid=1700080800127000336028000025600&rawbid=0.1600&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=0.0000&o_id=101&clisp=rtb-appnexus-6d55fd679c-r7qbj.SC&dfp_bucket=0.1&adblk=243732513&itype=adx&pvid_seat=294_BID_API&vcmplrt=-1.0&video_mindur=-1&cliIP=0&advurl=search.yahoo.com%2F&level_base=0&crid=442254163&sat=1&br_id=265&cut_bkt=30&gpid=&iwb=1&second_bid=0.020000&sc_pvid=294&capd=0&other_bids=0.02%7C0.16
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.117.182.27 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-117-182-27.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:02 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 30 Apr 2023 02:20:02 GMT
nmedianet.js
contextual.media.net/ Frame C8CE 		124 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d597fa58624a8f68b7cf3516512f598a7607391e984455b4fdd4ada752bf04bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-mnt-h
21-gzkn
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 30 Apr 2023 02:20:02 GMT
server
Apache
etag
"6c1cd6dc5e7bedbd752675044855de1e"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-ks67
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:25:02 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame C8CE 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Sun, 30 Apr 2023 02:20:02 GMT
x-guploader-uploadid
ADPycdvIA07uolGXKB2ssiwsyDgqMV4zKQeEzrGWzE-0qe0mB_SYBHuFlR0hWZLANlGZBaEyJeskGsWCcGiO_fk5GCOg0Q
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Sun, 30 Apr 2023 03:20:02 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame C8CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
22490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/ Frame C8CE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230426/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 20:05:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
22490
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7966
x-xss-protection
0
server
cafe
etag
10783182253924109600
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 13 May 2023 20:05:12 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C8CE 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
33377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 28 Apr 2024 17:03:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C8CE 		158 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 02:20:02 GMT
cm.aspx
inv-nets.admixer.net/bs/ Frame 6A10
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=caa4e1f7-081e-5278-9695-c2ccf2d81289&expires=60
  • https://inv-nets.admixer.net/bs/cm.aspx?id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&consent=&gdpr_pd=
43 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/bs/cm.aspx?id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&consent=&gdpr_pd=
Protocol
H2
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:02 GMT
server
nginx
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
*
content-type
image/gif
access-control-allow-credentials
true
keep-alive
timeout=25
content-length
43
x-xss-protection
0

Redirect headers

Location
//inv-nets.admixer.net/bs/cm.aspx?id=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=&consent=&gdpr_pd=
Date
Sun, 30 Apr 2023 02:20:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
j.ad
s.tribalfusion.com/ Frame D163 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.29&th=9452953186&tagKey=1961050391&site=contentverification&adSpace=adverificationbackup_dv&center=1&json=1&callback=e9Manager.setSingleAdResponse&size=300x250&env=display&url=https%3A%2F%2Fwww.khaleejtimes.com%2F&f=1&p=1125062&tKey=aLmneMPEMGSsBZcQrEqStfb1bvaSaZb9as&a=3&adContainerId=richmedia_4&rnd=1120999
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/openxusbidder/openxus/tags.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e7c3ca603bd5f079199be2f969fb7c2cf24def5952920e26232364e6e97670e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:02 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
x-function
101
server
cloudflare
x-reuse-index
937
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
7bfc4da5fb5aecea-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
816
expires
0
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame 0468 		71 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1682821202282270336&gdpr=0&tsce=L119&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=893548617&size=336x280&cc=CA&sc=QC&chnm=HARMONY&pid=8POJ4N28G&tpid=T1T5TFO&https=1&vif=2&requrl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&nse=5&lw=1&ugd=4&adt1=8CUF4235B&adt2=442254163&itid=17&bae=B4qgqgBqeg&bcpf=B4q8fOnRrolnfOur8gqgBqeg&bdrId=294&bid=337994&ntv=0&matchstring=hr%3D0%7Cbcat%3Dod%7Ccsh%3D1&sff=0&kttle=SafeFrame%20Container&mcf=98963&katpre=1&katbid=-102&ydspr=1&pgid=p1565584308t202304300220&essld=fF9h%3AXA99%3A99F9%3A9999%3A9999%3A9999%3A9999%3A9999~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&isid=21&allsc=QC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV&ydspr=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
00fb2fe756f41ed377ca8db30f48a3a47e622423f81c63bff0354f938ddd6efd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
28473
content-type
text/html
date
Sun, 30 Apr 2023 02:20:03 GMT
expires
Sun, 30 Apr 2023 02:20:03 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-2c72
bping.php
lg3.media.net/ Frame C8CE 		35 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=896&&vgd_cdv=938&vgd_tsce=L119&vgd_cage=1&vgd_chkp=9088221|||&vgd_mcf=98963&gdpr=0&prid=8PRVCXX19&cid=8CU5RJ1PV&crid=893548617&vi=1682821202282270336&ugd=4&lf=6&cc=CA&sc=QC&vsid=3258227951455735&lper=100&wsip=170785047&r=1682821202888&requrl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ssld=%7B%22QQ8E%22%3A%22fF9h%3AXA99%3A99F9%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22%3DK%22%2C%22QQQN%22%3A%22g%3D%22%2C%22QQN75%22%3A%22Ymz7LJ1j%22%7D&vgd_bid=337994&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=16276&vgd_rakh=1682821202178508816&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUF4235B&vgd_hb_audit_2=442254163&vgd_itype_id=17&vgd_pgid=p1565584308t202304300220&vgd_pgids=1&vgd_uspa=0&hvsid=00001682821202885025035145576185&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Sun, 30 Apr 2023 02:20:02 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 30 Apr 2023 02:20:02 GMT
checksync.php
contextual.media.net/ Frame B7B4 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUF4235B&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
76798463eddb90b445b5afa2794723c876a9967d93147e66e53edf7d977ff295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9378
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 02:20:02 GMT
expires
Tue, 02 May 2023 02:20:02 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame C8CE 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5111&lper=1&itypeid=17&itype=ADX&cc=CA&cid=8CUF4235B&reqid=Db8HppwJloJ8p89rqqvChw&vid=Db8HppwJloJ8p89rqqvChw&dn=khaleejtimes.com&rawDn=khaleejtimes.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&cliIPV6=2607%3A5300%3A0060%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=QC&ct=montreal&pubid=pub-ADX-116310109131-pub-rep&tgtval=pub-ADX-116310109131-pub-rep&csip=rtb-appnexus-6d55fd679c-r7qbj.SC&dtc=east_sc&zone=d&sd=2&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=514&sckfl=1&suid=CAESEKQvfWTZ9U0DD8f648tKd9s&smbrid=adx-2&usp_status=0&usp_enf=1&gqid=AJVTEZKUdkXezX0pSf-PSBZ_RnWAJbTQJtoNKZMlpCb8sjpNQpPV6srbZv2OsKwcf_dwpHvc&pexid=ADX-pub-4586415728471297&geoll=false&is_ortb=false&s_ip=74.125.19.5&s_city=morganton&commit_id=e22c3572&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-04-28+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&amptype=1&second_call=false&supply_cc=CA&ipcc=CA&is_msnnative_src=false&rtttime=62&pvid=294&prvAccId=893548617&prvApiId=8CU5RJ1PV&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=442254163&prspt=headerBid&prvReqId=50481490523317_22086463_44225416312941&reqsize=336x280&size=336x280&chnl=HARMONY&bdp=0.160&cbdp=0.109&og_cbdp=0.160&ogbdp=0.16&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.109&dt=O&dbf=1&epc=893548617&s=1&snm=SUCCESS&pcrid=8CU5RJ1PV-893548617-18-25&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=58&slotVisibility=2&adpos=3&iframingState=0&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1682821202271&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.16&dmm_erpm=true&dmm_ogerpm=false&bcrid=1700080800127000336028000025600&strg=HARMONY&vls=0&scrid=1700080800127000336028000025600&mang=1&pvdTmax=248&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CU5RJ1PV&mx_SPRIG=2&mx_bsBucket=3&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=3&mx_sid=8CUF4235B&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_bsBucketKtwRl=0&mx_tgs=300x250%7C336x280&mx_bsProfileRa=-1&mx_IAB2=2&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=-1&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=_MWh0RL7ZyDE&mx_gpid_sent=false&mx_commit_id=73f5113afe&acid=3fa7c8bcea7042a2bb415da70cc39c3b&rtime=34.0&wsip=mowx-lite-74898fd7db-qjp7x&ltime=49.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=243732513&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=fail&mowxReqId=3fa7c8bcea7042a2bb415da70cc39c3b_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&feedback_id=Db8HppwJloJ8p89rqqvChw&supplyTagId=243732513&mnrfc=-1&viewability_vendor=EXCHANGE&vcmplrt=-1.0&actltime=51&debug_ts=2023-04-30+02%3A20%3A02&__expireat=1682821802527&mview=1&sc_pvid=319&sc_ogbdp=0.02&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&sc_prspt=headerBid&sc_bdp=0.020&sc_cbdp=0.020&sc_cat=IAB-3&sc_advUrl=https%3A%2F%2Ftopics.businessfocus.online&rme=adm&bdata=sd2%3Dnull~tt%3D0~iurl_l%3D20~ogerpm%3D0.16~vw_exc%3D0.58~vis_sd%3D714~dc2%3D1~scd%3Dqc~v_asn%3D16276~vl2r_sd%3D2023042920~iurl_b%3D911.64~url_tkc%3D0~std%3D~MP%3D.*tech.*~last%3D~vis_url_b%3D0.45~ip%3D19L3rJI3UMirDVFMi3AQN2~fbb%3D0~vis_url_l%3D30~riipua%3D11%2C11~et%3D21~rc%3D1~risuid%3D0%2C0~rps_sd%3D2023042920~vis_b%3D524.37~url_b%3D1.1~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D20~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.16~vl2r_url_kc%3D0E0~vl2r_up_l%3D0~bm%3D1~sid%3D893548617~sd%3D2~uid%3D2IaGjULSBns0tblBK4~btd%3D11004872215656069042342113819923908285504818698228002923184732219911985002568436087086334398975967232~vwu%3D0.58~d2p_l%3D10~3pcf%3D1000~uim%3D0~dmm_strg%3Dharmony~vl2r_up_b%3D0.01~d2p_b%3D1~ogd2p_b%3D0.98~vurl_b%3D2.01~ss%3DNA~cc%3DCA~uiw%3D-1~ce%3D0~rps_b%3D60.48~vurl_l%3D20~CI%3D2911~nts%3D2~MP2%3D.*time.*~tb%3D-1~bss_RVP%3DMNB%2CNED~ct%3Dmontreal~bss_KTW%3DMNB%2CNED~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D0.5~PF%3D0~isif%3D0~lc%3D1~bid%3D0.16~dc%3D8~vl2r_b%3D5.02~ivurl_l%3D20~supply_tag_id%3D%7Eviewability%3D0.58%7Eamp%3D1%7Ecbdp%3D0.160%7Edmm%3Dharmony%7Esuid%3DCAESEKQvfWTZ9U0DD8f648tKd9s%7Esd%3D2%7Edtc%3Deast_sc%7Exid%3DADX-pub-4586415728471297%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D243732513%7Esobp%3D0.02%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.160%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D30%7Edogb%3D0-1~ibc%3D1~nsz%3D2~tgs%3D300x250%7C336x280~bsb%3D3~bsp%3D-1~tmx%3D248&utime=633&sf=0&cpr=0.9414147103170503
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
max-age=3600
date
Sun, 30 Apr 2023 02:20:02 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sun, 30 Apr 2023 08:20:02 GMT
pd
us-u.openx.net/w/1.0/ Frame F580 		68 B
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=ba430829-be5d-493e-af16-818347460a1d&gdpr=0&us_privacy=1---
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/static/prebid3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
70
content-type
text/html
date
Sun, 30 Apr 2023 02:20:02 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user-synced
cpm.vuukle.net/
Redirect Chain
  • https://sync.adkernel.com/user-sync?zone=180530&t=image&us_privacy=1---&r=%2F%2Fcpm.vuukle.net%2Fuser-synced%3Fzone%3D180530%26uid%3D%7BUID%7D
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D180530%26dsp%3D575919%26t%3Dimage%26uid%3D%5BUID%5D%26us_privacy%3D1---
  • https://sync.adkernel.com/user-sync?zone=180530&dsp=575919&t=image&uid=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6&us_privacy=1---
  • https://cpm.vuukle.net/user-synced?zone=180530&uid=A917653340294673149
0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cpm.vuukle.net/user-synced?zone=180530&uid=A917653340294673149
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:03 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Age
0
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:03 GMT
Server
nginx
Age
0
Location
//cpm.vuukle.net/user-synced?zone=180530&uid=A917653340294673149
Cache-Control
no-store
Connection
close
Content-Length
0
pixel
ap.lijit.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Daad1d103-06ed-424a-b3a3-632bce6d6d8f&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F193%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Daad1d103-06ed-424a-b3a3...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F193%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Daad1d103-06ed-424a-b3a3-632bce6d6d8f%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1hYWQxZDEwMy0wNmVkLTQyNGEtYjNhMy02MzJiY2U2ZDZkOGY%253D%26uid%3D%24UID
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 Apr 2023 02:20:03 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F193%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Daad1d103-06ed-424a-b3a3-632bce6d6d8f%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1hYWQxZDEwMy0wNmVkLTQyNGEtYjNhMy02MzJiY2U2ZDZkOGY%253D%26uid%3D%24UID
date
Sun, 30 Apr 2023 02:20:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=aad1d103-06ed-424a-b3a3-632bce6d6d8f
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-8DjIHPVE2uFR2uOKsW4OC9XCm9FhSq2QU9djzEU-~A&gdpr=0
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-8DjIHPVE2uFR2uOKsW4OC9XCm9FhSq2QU9djzEU-~A&gdpr=0
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:01 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-8DjIHPVE2uFR2uOKsW4OC9XCm9FhSq2QU9djzEU-~A&gdpr=0
date
Sun, 30 Apr 2023 02:20:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid.a-mo.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=aad1d103-06ed-424a-b3a3-632bce6d6d8f&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26u...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=caa4e1f7-081e-5278-9695-c2ccf2d81289&ssp=adaptmx&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&gdpr_consent=&us_privacy=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=4e88baf9-60d2-4b7a-980c-5c1c7c62d27c&gdpr=0&gdpr_consent=&us_privacy=
Date
Sun, 30 Apr 2023 02:20:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LH2SAEWK-1A-5ERB&gdpr=0&us_privacy=1---
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LH2SAEWK-1A-5ERB&gdpr=0&us_privacy=1---
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:02 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LH2SAEWK-1A-5ERB&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0804 		1 KB
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
32070
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 17:25:32 GMT
etag
48472445140208031
expires
Sun, 30 Apr 2023 17:25:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C8CE 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91eb473a9e30390b46fc1c777597c542a05a295d2b51bec5ede405eab6c7b3ed

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
adc_ndr_nepal_300x250.gif
cdnx.tribalfusion.com/media/5268446/ Frame D163 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnx.tribalfusion.com/media/5268446/adc_ndr_nepal_300x250.gif
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9161f345320ccafa2602a032f8e9d080e70b6a06ccd90635102d21d43d8fbce3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:03 GMT
cf-cache-status
HIT
age
33075
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39001
x-function
301
last-modified
Wed, 03 Jun 2015 15:24:51 GMT
server
cloudflare
etag
1433345091
vary
Accept-Encoding
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
7bfc4da6ecb4ecea-YUL
expires
Tue, 31 Dec 2030 00:00:00 GMT
pd
us-u.openx.net/w/1.0/ Frame 7181 		68 B
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257

Request headers

Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
70
content-type
text/html
date
Sun, 30 Apr 2023 02:20:03 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FA53 		1 KB
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
32071
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 17:25:32 GMT
etag
48472445140208031
expires
Sun, 30 Apr 2023 17:25:32 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0804
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEKUIWFgauWEiXcSA9d7A_Sc&google_cver=1&google_push=ATf1kGNupEabVXCydKfLHpq7NMyhe9m1yV2zMHIvzEC73qlPqQXasiJQ-8OOEyf3Ec_ck-oWjfE5lJjsBDhl-OWsv2Te_3ohPnTg8...
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ2NDkzNDMwMzIzNzc5MDkzNQ==&gdpr=0&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEKUIWFgauWEiXcSA9d7A_Sc&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEKUIWFgauWEiXcSA9d7A_Sc&google_cver=1
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEKUIWFgauWEiXcSA9d7A_Sc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0804
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEJ87cC72XEJ73aMFE4XnbrU&c_param1=ATf1kGMe596RhgtzHOlktxjAwAyckL-Wz0G9W7kd7i7L7IZuLMbSEQwgIq8gRmta0e-_eO643RG80BTcmGA7AuvKlvRgSRmbo6jW_wUpORcUzhpl7KF...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGMe596RhgtzHOlktxjAwAyckL-Wz0G9W7kd7i7L7IZuLMbSEQwgIq8gRmta0e-_eO643RG80BTcmGA7AuvKlvRgSRmbo6jW_wUpORcUzhpl7KFeikHE8_uHXUExKMtZn...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGMe596RhgtzHOlktxjAwAyckL-Wz0G9W7kd7i7L7IZuLMbSEQwgIq8gRmta0e-_eO643RG80BTcmGA7AuvKlvRgSRmbo6jW_wUpORcUzhpl7KFeikHE8_uHXUExKMtZnrfsgbIFJho
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=ATf1kGMe596RhgtzHOlktxjAwAyckL-Wz0G9W7kd7i7L7IZuLMbSEQwgIq8gRmta0e-_eO643RG80BTcmGA7AuvKlvRgSRmbo6jW_wUpORcUzhpl7KFeikHE8_uHXUExKMtZnrfsgbIFJho
date
Sun, 30 Apr 2023 02:20:03 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0804
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF2SuVdY6WJCTUg9gdBwR8o&google_cver=1&google_push=ATf1kGOBeSkHYhLFZavoAS2G2aO_GCiOywZeJyM7ETxn84myqcDoGxz4aRWgno611CYcTplZjFpdAEdg...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEzOTY2MDA1NzgyODc2NTU2Ng&google_push=ATf1kGOBeSkHYhLFZavoAS2G2aO_GCiOywZeJyM7ETxn84myqcDoGxz4aRWgno611CYcTplZjFpdAE...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEzOTY2MDA1NzgyODc2NTU2Ng&google_push=ATf1kGOBeSkHYhLFZavoAS2G2aO_GCiOywZeJyM7ETxn84myqcDoGxz4aRWgno611CYcTplZjFpdAEdgXsZlWTDoqNrG3ei7OCGP5g740pg1hLAaQiy0mjNbKlQ27O3tVIfN9UMhlEk7XpSn
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDEzOTY2MDA1NzgyODc2NTU2Ng&google_push=ATf1kGOBeSkHYhLFZavoAS2G2aO_GCiOywZeJyM7ETxn84myqcDoGxz4aRWgno611CYcTplZjFpdAEdgXsZlWTDoqNrG3ei7OCGP5g740pg1hLAaQiy0mjNbKlQ27O3tVIfN9UMhlEk7XpSn
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0804
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEFpQtio_oZuMueWTbbS10lk&google_cver=1&google_push=ATf1kGOAh4qU2tYHBeAiT5PQK2jeNr7hmYjfHrDySnqRAbdc2IseI0fw3X15OzY5pNzZKIIbJnx5RkWrkFI9tMi3WWkd5t6yThZow...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGOAh4qU2tYHBeAiT5PQK2jeNr7hmYjfHrDySnqRAbdc2IseI0fw3X15OzY5pNzZKIIbJnx5RkWrkFI9tMi3WWkd5t6yThZowRbiA56PjJKd716MW5Px2WAZ_7IYpE_2YN...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGOAh4qU2tYHBeAiT5PQK2jeNr7hmYjfHrDySnqRAbdc2IseI0fw3X15OzY5pNzZKIIbJnx5RkWrkFI9tMi3WWkd5t6yThZowRbiA56PjJKd716MW5Px2WAZ_7IYpE_2YN1AYuq2-k1t&google_hm=3EWfqcb3j7e9bACZUpU9fA==
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:02 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=ATf1kGOAh4qU2tYHBeAiT5PQK2jeNr7hmYjfHrDySnqRAbdc2IseI0fw3X15OzY5pNzZKIIbJnx5RkWrkFI9tMi3WWkd5t6yThZowRbiA56PjJKd716MW5Px2WAZ_7IYpE_2YN1AYuq2-k1t&google_hm=3EWfqcb3j7e9bACZUpU9fA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
fkhi4s3qc7up192dbfardqs8nc7kps81
pixel
cm.g.doubleclick.net/ Frame 0804
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DATf1kGMnta8aQ8Ss8suRQERmPzl2EmOdpoj9UfbHQdHCo3h_2E4J44XfAJFLQTG0R4dQMcqNTxJcnc1UPi...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGMnta8aQ8Ss8suRQERmPzl2EmOdpoj9UfbHQdHCo3h_2E4J44XfAJFLQTG0R4dQMcqNTxJcnc1UPigNmkVHIcSJhWfPm5gXXfAtf_ifWZNjTyh6Q5xiN5lNjZco_LIW...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGMnta8aQ8Ss8suRQERmPzl2EmOdpoj9UfbHQdHCo3h_2E4J44XfAJFLQTG0R4dQMcqNTxJcnc1UPigNmkVHIcSJhWfPm5gXXfAtf_ifWZNjTyh6Q5xiN5lNjZco_LIWX0PBeOoF6_lK&google_hm=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Apr 2023 02:20:03 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-34
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=ATf1kGMnta8aQ8Ss8suRQERmPzl2EmOdpoj9UfbHQdHCo3h_2E4J44XfAJFLQTG0R4dQMcqNTxJcnc1UPigNmkVHIcSJhWfPm5gXXfAtf_ifWZNjTyh6Q5xiN5lNjZco_LIWX0PBeOoF6_lK&google_hm=8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0804
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEMabAgwbGO54ITU1jIFZ1lA&google_cver=1&google_push=ATf1kGOLFDiBsHrspusPFPMRmfrg4CFhgBo15DtBGb_Y4V_5GP36JaM4HPpmeXzIMepquJurX9m2fNBUleBH4xks2...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOLFDiBsHrspusPFPMRmfrg4CFhgBo15DtBGb_Y4V_5GP36JaM4HPpmeXzIMepquJurX9m2fNBUleBH4xks2GpKm1mCWZ2z9PpWo4iNVb4gEab-2iNlGvjvkFTFwQ0LX...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOLFDiBsHrspusPFPMRmfrg4CFhgBo15DtBGb_Y4V_5GP36JaM4HPpmeXzIMepquJurX9m2fNBUleBH4xks2GpKm1mCWZ2z9PpWo4iNVb4gEab-2iNlGvjvkFTFwQ0LXDG5gGwZiizb&google_hm=GkJrZBZH2ygXJcZOSOi_0W40
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 30 Apr 2023 02:20:03 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ATf1kGOLFDiBsHrspusPFPMRmfrg4CFhgBo15DtBGb_Y4V_5GP36JaM4HPpmeXzIMepquJurX9m2fNBUleBH4xks2GpKm1mCWZ2z9PpWo4iNVb4gEab-2iNlGvjvkFTFwQ0LXDG5gGwZiizb&google_hm=GkJrZBZH2ygXJcZOSOi_0W40
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 0804
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEOFNm7sFurskBwH6z5x_0XY&google_cver=1&google_push=ATf1kGNmrth7LXUFWtFeUl6Ex9F5Bt8lNrYSt8sgZ-crCm5u8wCH3kTjGq7Z907fr1a2mKu37JRHQrTDrlWZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNmrth7LXUFWtFeUl6Ex9F5Bt8lNrYSt8sgZ-crCm5u8wCH3kTjGq7Z907fr1a2mKu37JRHQrTDrlWZ0rNhkP8UBPEgjfycMVMGGzoNvRb82ukrXuWe...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNmrth7LXUFWtFeUl6Ex9F5Bt8lNrYSt8sgZ-crCm5u8wCH3kTjGq7Z907fr1a2mKu37JRHQrTDrlWZ0rNhkP8UBPEgjfycMVMGGzoNvRb82ukrXuWef9wP-bg86WD7cByM8tgG-LQ
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNmrth7LXUFWtFeUl6Ex9F5Bt8lNrYSt8sgZ-crCm5u8wCH3kTjGq7Z907fr1a2mKu37JRHQrTDrlWZ0rNhkP8UBPEgjfycMVMGGzoNvRb82ukrXuWef9wP-bg86WD7cByM8tgG-LQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 0804 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J3KIFiuMqwWYEWZodNs47yJPt9pafQz2GfwFEI05G3wTRYnDyDtvB2gSbgKDtaztPP_lp-
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame D163 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a8114ad8504adc4268146d74323e3a4887963470f7aa99299e0de2582c94b7c

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
/
onetag-sys.com/usync/ Frame 8839 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=caa4e1f7-081e-5278-9695-c2ccf2d81289&CACHEBUSTER=220831
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.230 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-51-222-239.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
i.match
a.tribalfusion.com/ Frame FA53 		43 B
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEEUZ24dBx61xYU0XrsBRvyU&google_cver=1&google_push=ATf1kGO559Ra3n3DAWmQaUcSCl6RVZtBMHVL6-DwNYcgg6E_5Mm_SyXlHoXj1UMOP4wlCrbFd319MdT2XizeUxwf6iGq8wVFOw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGO559Ra3n3DAWmQaUcSCl6RVZtBMHVL6-DwNYcgg6E_5Mm_SyXlHoXj1UMOP4wlCrbFd319MdT2XizeUxwf6iGq8wVFOw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7bfc4da7fdf4ecea-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FA53
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkUzUVNBQUdkdDN5aGdBOQ==&google_gid=CAESENGQvfa46LSCyBwBkXlqOgU&google_cver=1&google_push=ATf1kGNQaufM5iVdrGHOWxeVoREBbqTdBV...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkUzUVNBQUdkdDN5aGdBOQ==&google_gid=CAESENGQvfa46LSCyBwBkXlqOgU&google_cver=1&google_push=ATf1kGNQaufM5iVdrGHOWxeVoREBbqTdBV6SJ5U1hsz67LSLXkxTB0LereqxWOwckKRI4YeZuM4iHd9lS58IWAnTii27zMJktvg
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yyz4561-YYZ
pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1682821203.234860,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WkUzUVNBQUdkdDN5aGdBOQ==&google_gid=CAESENGQvfa46LSCyBwBkXlqOgU&google_cver=1&google_push=ATf1kGNQaufM5iVdrGHOWxeVoREBbqTdBV6SJ5U1hsz67LSLXkxTB0LereqxWOwckKRI4YeZuM4iHd9lS58IWAnTii27zMJktvg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame FA53
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEL0e9WPaZ3ue2PPiHIfKMYE&google_cver=1&google_push=ATf1kGODzFZl-9v0WPG3jK8niJtpMifpt_McqeCllAz2mOnRf-iKnIEg-2nFJpPYTz2ZEO629FraU8sJ0845tZmi_4hIaw3TlA
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGODzFZl-9v0WPG3jK8niJtpMifpt_McqeCllAz2mOnRf-iKnIEg-2nFJpPYTz2ZEO629FraU8sJ0845tZmi_4hIaw3TlA&google_hm=eS13SzhRcER4RTJwR2ZrekdJ...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGODzFZl-9v0WPG3jK8niJtpMifpt_McqeCllAz2mOnRf-iKnIEg-2nFJpPYTz2ZEO629FraU8sJ0845tZmi_4hIaw3TlA&google_hm=eS13SzhRcER4RTJwR2ZrekdJN3lRUmVFWUF0QnYudmpfWH5B
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:20:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGODzFZl-9v0WPG3jK8niJtpMifpt_McqeCllAz2mOnRf-iKnIEg-2nFJpPYTz2ZEO629FraU8sJ0845tZmi_4hIaw3TlA&google_hm=eS13SzhRcER4RTJwR2ZrekdJN3lRUmVFWUF0QnYudmpfWH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame FA53
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEL2DAKsrrqpECehg1EOmFjw&google_cver=1&google_push=ATf1kGMdKCYt5C5wF_c15zHu3BYPK1BPbVb55p-JqcEDD2xaAG-el9Zy2MakahanBY8q5GgnV9VxKZiKXmyphVJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Go1CAQPvWv5mMcBHozEv_5U4mb0&google_push=ATf1kGMdKCYt5C5wF_c15zHu3BYPK1BPbVb55p-JqcEDD2xaAG-el9Zy2MakahanBY8q5GgnV9VxKZiKXmyphV...
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Go1CAQPvWv5mMcBHozEv_5U4mb0&google_push=ATf1kGMdKCYt5C5wF_c15zHu3BYPK1BPbVb55p-JqcEDD2xaAG-el9Zy2MakahanBY8q5GgnV9VxKZiKXmyphVJVBdaRRPCbc4Q
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Go1CAQPvWv5mMcBHozEv_5U4mb0&google_push=ATf1kGMdKCYt5C5wF_c15zHu3BYPK1BPbVb55p-JqcEDD2xaAG-el9Zy2MakahanBY8q5GgnV9VxKZiKXmyphVJVBdaRRPCbc4Q
Date
Sun, 30 Apr 2023 02:20:03 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame FA53
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOk91bNr3-eHr2em6AAzZZA&google_cver=1&google_push=ATf1kGNpXgAxYpWnvYt6VXWU27nEYFOOpi-Z-IPQ_CI0sDDHVzRjAp-gcGNNA5J8Co-u6-XQ6-c...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyU0FFV0stMUEtNUVSQg==&google_push=ATf1kGNpXgAxYpWnvYt6VXWU27nEYFOOpi-Z-IPQ_CI0sDDHVzRjAp-gcGNNA5J8Co-u6-XQ6-c8U_vdSs8qakBO_wUBLU-kbYc
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyU0FFV0stMUEtNUVSQg==&google_push=ATf1kGNpXgAxYpWnvYt6VXWU27nEYFOOpi-Z-IPQ_CI0sDDHVzRjAp-gcGNNA5J8Co-u6-XQ6-c8U_vdSs8qakBO_wUBLU-kbYc
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEgyU0FFV0stMUEtNUVSQg==&google_push=ATf1kGNpXgAxYpWnvYt6VXWU27nEYFOOpi-Z-IPQ_CI0sDDHVzRjAp-gcGNNA5J8Co-u6-XQ6-c8U_vdSs8qakBO_wUBLU-kbYc
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
Expires
0
pixel
cm.g.doubleclick.net/ Frame FA53
Redirect Chain
  • https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEBHhLuFYog0rhgN19mRBv0o&google_cver=1&google_push=ATf1kGNp0N8t72HbgB94NIv5DZPwABFGd9j03-C-nzPECwfXHjVymJpIExIG75De38XS3JMeM-jkTw3wey_h8z...
  • https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=ATf1kGNp0N8t72HbgB94NIv5DZPwABFGd9j03-C-nzPECwfXHjVymJpIExIG75De38XS3JMeM-jkTw3wey_h8zzGnY_wFgCxjA
170 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=ATf1kGNp0N8t72HbgB94NIv5DZPwABFGd9j03-C-nzPECwfXHjVymJpIExIG75De38XS3JMeM-jkTw3wey_h8zzGnY_wFgCxjA
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=&google_push=ATf1kGNp0N8t72HbgB94NIv5DZPwABFGd9j03-C-nzPECwfXHjVymJpIExIG75De38XS3JMeM-jkTw3wey_h8zzGnY_wFgCxjA
date
Sun, 30 Apr 2023 02:20:04 GMT
server
CookieSync Server
content-length
0
pixel
cm.g.doubleclick.net/ Frame FA53
Redirect Chain
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEEGvav11YAipihD1ENV_n8g&google_cver=1&google_push=ATf1kGPhGqajMHRTPvOP5ZteyBGuj0lXigM0Pm1RxmT5gz43M0kh8hIgkjoy9oWrQFXZszHzBA20R6GKnrH3aJhoI...
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEEGvav11YAipihD1ENV_n8g&google_cver=1&google_push=ATf1kGPhGqajMHRTPvOP5ZteyBGuj0lXigM0Pm1RxmT5gz43M0kh8hIgkjoy9oWrQFXZszHzBA20R6GKnrH3aJhoI...
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=ZGNjMTFmMTExNTFlYTEz&google_push=ATf1kGPhGqajMHRTPvOP5ZteyBGuj0lXigM0Pm1RxmT5gz43M0kh8hIgkjoy9oWrQFXZszHzBA20R6GKnrH3aJhoIFSFvUkf5SAj
170 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=ZGNjMTFmMTExNTFlYTEz&google_push=ATf1kGPhGqajMHRTPvOP5ZteyBGuj0lXigM0Pm1RxmT5gz43M0kh8hIgkjoy9oWrQFXZszHzBA20R6GKnrH3aJhoIFSFvUkf5SAj
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 30 Apr 2023 02:20:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
nginx
x-frame-options
SAMEORIGIN
location
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=ZGNjMTFmMTExNTFlYTEz&google_push=ATf1kGPhGqajMHRTPvOP5ZteyBGuj0lXigM0Pm1RxmT5gz43M0kh8hIgkjoy9oWrQFXZszHzBA20R6GKnrH3aJhoIFSFvUkf5SAj
content-length
0
x-xss-protection
1; mode=block
attr
cm.g.doubleclick.net/pixel/ Frame FA53 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I1poewSsFcG63MD90veqLvpSCiVAVRIyPJm3cZAcpEX0Q1zHlXNKb8EIR2lQVx06JRNzSI0g
Requested by
Host: 8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
URL: https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
caa4e1f7-081e-5278-9695-c2ccf2d81289
an.yandex.ru/mapuid/betweendigitalis/ Frame 6A10
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fcaa4e1f7-081e-5278-9695-c2ccf2d81289
  • https://an.yandex.ru/mapuid/betweendigitalis/caa4e1f7-081e-5278-9695-c2ccf2d81289
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/caa4e1f7-081e-5278-9695-c2ccf2d81289
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 30 Apr 2023 02:20:03 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 30 Apr 2023 02:20:03 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/caa4e1f7-081e-5278-9695-c2ccf2d81289
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
truncated
/ Frame 0468 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0468 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0468 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
Roboto-Bold.woff
contextual.media.net/__media__/fonts/Roboto-Bold/ Frame 0468 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/Roboto-Bold/Roboto-Bold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1682821202282270336&gdpr=0&tsce=L119&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=893548617&size=336x280&cc=CA&sc=QC&chnm=HARMONY&pid=8POJ4N28G&tpid=T1T5TFO&https=1&vif=2&requrl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&nse=5&lw=1&ugd=4&adt1=8CUF4235B&adt2=442254163&itid=17&bae=B4qgqgBqeg&bcpf=B4q8fOnRrolnfOur8gqgBqeg&bdrId=294&bid=337994&ntv=0&matchstring=hr%3D0%7Cbcat%3Dod%7Ccsh%3D1&sff=0&kttle=SafeFrame%20Container&mcf=98963&katpre=1&katbid=-102&ydspr=1&pgid=p1565584308t202304300220&essld=fF9h%3AXA99%3A99F9%3A9999%3A9999%3A9999%3A9999%3A9999~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&isid=21&allsc=QC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1682821202282270336&gdpr=0&tsce=L119&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=893548617&size=336x280&cc=CA&sc=QC&chnm=HARMONY&pid=8POJ4N28G&tpid=T1T5TFO&https=1&vif=2&requrl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&nse=5&lw=1&ugd=4&adt1=8CUF4235B&adt2=442254163&itid=17&bae=B4qgqgBqeg&bcpf=B4q8fOnRrolnfOur8gqgBqeg&bdrId=294&bid=337994&ntv=0&matchstring=hr%3D0%7Cbcat%3Dod%7Ccsh%3D1&sff=0&kttle=SafeFrame%20Container&mcf=98963&katpre=1&katbid=-102&ydspr=1&pgid=p1565584308t202304300220&essld=fF9h%3AXA99%3A99F9%3A9999%3A9999%3A9999%3A9999%3A9999~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&isid=21&allsc=QC
Origin
https://contextual.media.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:03 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
24816
expires
Mon, 01 May 2023 02:20:03 GMT
bql.php
lg3.media.net/ Frame 0468 		15 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=6049&&vgd_canary=0&vgd_l2type=scs_newfl&fp=NvpMIx29E6izuDyJKoYw9-M1dZWdRALsafUJlKl1LJmnViCGlECLMmb9OmK7KlW_NNP4ORK5M_aBDk7dBbOWXLvfGYvcbGF-rsemNzrmowbkEDBtt91-AgLbN_ENhBKJjmP1rcJaMJL8ithnTMXecw%3D%3D&cme=auiS1wLCKAsJS6qbKcrEmy9K2X08l_Q2mh8KZuF0Dr0YzSmKQvQVX95S53aHofweyiaf5bTwRPOnK9BvejGbP0RWGyNreN-awvECF_kao109EPi6oMQmEy0iGhy5sn84QbSkTO2zNSvz0ufPgNDHAjENbg4RTAl8lJ_eUOpdYiz2_-JLFZUJSFYDIpdklW4yZqAKcZGJn9TEOtMSZwj0CEFzqsUY_ANHT1BTIgjipTK1SOjSEcGOWg%3D%3D%7C%7CM2iEfcEhg6qVbPT8jRFCNA2vAeD78ks_%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CLTCddVaJo7TF5S5_ELBLboLFI_Ra5QT9VmLtk-ZqFUHK7lmjLvMgCRgbH0BfbbP8QB6I3hRJy5NW2yJ0iEEoYBrMEsSxjco_g9PV5cc1dg5RoTBxlFtFwyVuGYVYn5bj%7C9NXNSj4riIbGTeZ4ukE8igvINE4-dvFjhCwYRtOzXboBIgCM7ZwijXY7-9Bkng9hUmmKTMlfFLAA4iUWmLMn2KGajCyIFS-pdNpjG63uiei_jvP2_RAwRYyKKUSG4opPO45wzh9ImkKqgFAix_fBTpFT8X-f5y_TUGVZMp5s_UHOrQTEwdJ0UN8wnW2u4j-rCaVQIW0_Baj6EhRFig20i9PcAMJbp0iUPQ3s2Vnf5iKqeACgDsfiOzkGF1fJnQcdBXoqdk0s8Jg%3D%7Cu8A6SM53vAegAGxV45CeTQhqXMfGG42b%7C&subBdr=196&bdrid=294&ksu=224&fdkt=438&vgde_kbbh=ffoyxQJuO&kwd[]=Best+Pain+Relief+for+Arthritis&kwt[]=438&kbc[]=500996&kwp[]=1&kid[]=48946244&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.1662%7C24%3D0%7C25%3D0%7C22%3D0.0305%7C7%3D0.0001%7C8%3D042911%7C9%3D0%7C11%3D0%7C26%3D500034%7C27%3D4809%7C13%3D0.0717%7C14%3D042920%7C15%3D0%7C1%3D1.81%7Cr%3D1%7C2%3D3.82%7Cps%3D0.392%7C3%3D0.37%7C4%3D4.00&ktd[]=274911592704&ktrkt[]=Best+Pain+Relief+for+Arthritis&kwd[]=Stocks+to+Buy+Now&kwt[]=438&kbc[]=500996&kwp[]=2&kid[]=27189998&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0419%7C24%3D0%7C25%3D0%7C22%3D0.0305%7C7%3D0.0000%7C8%3D042911%7C9%3D0%7C11%3D0%7C26%3D37875%7C27%3D66%7C13%3D0.0809%7C14%3D042920%7C15%3D0%7C1%3D1.83%7Cr%3D2%7C2%3D9.04%7Cps%3D0.392%7C3%3D0.33%7C4%3D2.51&ktd[]=274911592704&ktrkt[]=Stocks+to+Buy+Now&kwd[]=Highest+Paying+Dividend+Stocks&kwt[]=438&kbc[]=500996&kwp[]=3&kid[]=95542065&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0740%7C24%3D0%7C25%3D0%7C22%3D0.0305%7C7%3D0.0000%7C8%3D042911%7C9%3D0%7C11%3D0%7C26%3D76869%7C27%3D111%7C13%3D0.1062%7C14%3D042920%7C15%3D0%7C1%3D1.40%7Cr%3D3%7C2%3D5.28%7Cps%3D0.392%7C3%3D0.54%7C4%3D4.29&ktd[]=274911592704&ktrkt[]=Highest+Paying+Dividend+Stocks&kwd[]=Grants+for+Military+Spouses&kwt[]=438&kbc[]=500996&kwp[]=4&kid[]=91478755&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0499%7C24%3D0%7C25%3D0%7C22%3D0.0305%7C7%3D0.0000%7C8%3D042911%7C9%3D0%7C11%3D0%7C26%3D48559%7C27%3D45%7C13%3D0.1027%7C14%3D042920%7C15%3D0%7C1%3D0.82%7Cr%3D4%7C2%3D3.95%7Cps%3D0.392%7C3%3D0.20%7C4%3D1.00&ktd[]=274894815488&ktrkt[]=Grants+for+Military+Spouses&kwd[]=Virtual+Employee+Engagement+Tools&kwt[]=391&kbc[]=1262942061&kwp[]=5&kid[]=351569005&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.2093%7C24%3D0%7C25%3D0%7C22%3D0.0305%7C7%3D0.0000%7C8%3D042911%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0997%7C14%3D042920%7C15%3D0%7C1%3D0.26%7Cr%3D5%7C2%3D7.42%7Cps%3D0.348%7C3%3D0.52%7C4%3D2.38&ktd[]=274894881024&ktrkt[]=Virtual+Employee+Engagement+Tools&v=1&geo=45.49%7C-73.58&dlper=20&lper=100&lpid=&tsid=7&hint=&cc=CA&wsip=170774787&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22%3DK%22%2C%22QQN75%22%3A%22Ymz7LJ1j%22%2C%22QQ8E%22%3A%22fF9h%3AXA99%3A99F9%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQQN%22%3A%22g%3D%22%7D&cid=8CU5RJ1PV&vi=1682821202282270336&vsid=3258227951455735&tdAdd[]=asnum%3D16276&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=010&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_tsce=L119-S119&vgd_l3_sc=QC&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CUF4235B&vgd_hb_audit_2=442254163&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=38437&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=montreal&vgd_ifrmode=14&vgd_l1rakh=1682821202178508816&tsrc=entity&sttm=1682821202885&upk=1682821203.24617&hvsid=00001682821202885025035145576185&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3Dod%7Ccsh%3D1&sbdrId=196&vgd_vsidtv=000V10&vgd_ecrid=1700080800127000336028000025600&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D16276&vgd_mcf=98963&vgd_vstrid=3258227951455735&vgde_bdata=QOfvzxjj~77v9~8xLjMjvf9~myJLEYv9.uF~eBMJ-Nv9.XW~e8QMQOvhuH~ONfvu~QNOv%20N~eM1QzvuFfhF~ejfLMQOvf9fA9Hfif9~8xLjMGviuu.FH~xLjM7UNv9~Q7Ov~c0v.*7JNw.*~j1Q7v~e8QMxLjMGv9.HX~8EvuiTAL6VAPc8Lr%2Fsc8AKgIf~kGGv9~e8QMxLjMjvA9~L88Ex1vuu%2Cuu~J7vfu~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9fA9Hfif9~e8QMGvXfH.Ah~xLjMGvu.u~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvf9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.uF~ejfLMxLjMUNv949~ejfLMxEMjv9~GYvu~Q8OvWiAXHWFuh~QOvf~x8OvfV1ZdPTbRzQ97GjRCH~G7Ovuu99HWhffuXFXF9Fi9HfAHfuuAWuiifAi9WfWXX9HWuWFiWffW99fifAuWHhAffuiiuuiWX99fXFWHAF9Wh9WFAAHAiWihXiFhfAf~eBxv9.XW~OfEMjvu9~AENkvu999~x8Yv9~OYYMQ7Lyvw1LYmz5~ejfLMxEMGv9.9u~OfEMGvu~myOfEMGv9.iW~exLjMGvf.9u~QQvIK~NNv%3DK~x8Bvou~NJv9~LEQMGvF9.HW~exLjMjvf9~%3DVvfiuu~z7Qvf~c0fv.*78YJ.*~7Gvou~GQQMD%2F0vcIR%2CI4r~N7vYmz7LJ1j~GQQMC_pvcIR%2CI4r~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGv9.X~0sv9~8Q8kv9~jNvu~G8Ov9.uF~ONvW~ejfLMGvX.9f~8exLjMjvf9~QxEEj5M71yM8Ov~e8JB1G8j875v9.XW~1YEvu~NGOEv9.uF9~OYYvw1LYmz5~Qx8Ov%3DK4b4Cgekp_2iP9rrWkFHW7COiQ~QOvf~O7NvJ1Q7MQN~-8OvKrtoExGoHXWFHuXhfWHhufih~O1jyv~w7Yjvu~1OGjUvfHAhAfXuA~QmGEv9.9f~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.uF9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vA9~OmyGv9ou~8GNvu~zQlvf~7yQvA99-fX9%7CAAF-fW9~GQGvA~GQEvou~7Y-vfHW&vgd_bhv_kbb=-1&vgd_cfud=221102&vgd_scsver=446&vgd_optout=0&vgd_ydspr=1&vgd_rensize=336_280&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_dtc=east_sc&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A336%3Brend_h%3A280&vgd_uspa=0&vgd_sc=QC&vgd_l1rhst=contextual.media.net&hvsid=00001682821202885025035145576185&rc=0&rand=1682821203234&acid=3fa7c8bcea7042a2bb415da70cc39c3b&matm=1682821203234&vgd_ltimesrc=1&vgd_ltime=518&vgd_rtime=494&vgd_etm=12&vgd_l1hcsd=Ogzkn%7C2727&vgd_l1ch=1&vgd_lhl=3083&vgd_pgid=p1565584308t202304300220&vgd_csip=rtb-appnexus-6d55fd679c-r7qbj.SC&vgd_sbSup=1&vgd_vsidv=10&vgd_nrrs=38437&vgd_cdv=938&vgd_cntrdt=SF%7C8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?cb=window._mNDetails.$5l&&vi=1682821202282270336&gdpr=0&tsce=L119&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=893548617&size=336x280&cc=CA&sc=QC&chnm=HARMONY&pid=8POJ4N28G&tpid=T1T5TFO&https=1&vif=2&requrl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&nse=5&lw=1&ugd=4&adt1=8CUF4235B&adt2=442254163&itid=17&bae=B4qgqgBqeg&bcpf=B4q8fOnRrolnfOur8gqgBqeg&bdrId=294&bid=337994&ntv=0&matchstring=hr%3D0%7Cbcat%3Dod%7Ccsh%3D1&sff=0&kttle=SafeFrame%20Container&mcf=98963&katpre=1&katbid=-102&ydspr=1&pgid=p1565584308t202304300220&essld=fF9h%3AXA99%3A99F9%3A9999%3A9999%3A9999%3A9999%3A9999~%3DK~g%3D~Ymz7LJ1j&htmlsrc=1&isid=21&allsc=QC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.198.216.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-198-216-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Sun, 30 Apr 2023 02:20:03 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Sun, 30 Apr 2023 02:20:03 GMT
sync
t.adx.opera.com/ Frame 6A10 		35 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60079&uid=caa4e1f7-081e-5278-9695-c2ccf2d81289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:03 GMT
server
Tengine
access-control-allow-methods
POST, GET
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
image.khaleejtimes.com%3Fuuid%3De8659068-1d44-5113-9225-825a0bd292de%26function%3Dcropresize%26type%3Dpreview%26source%3Dfalse%26q%3D75%26crop_w%3D0.99999%26crop_h%3D0.68079%26width%3D1200%26height...
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A// 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//image.khaleejtimes.com%3Fuuid%3De8659068-1d44-5113-9225-825a0bd292de%26function%3Dcropresize%26type%3Dpreview%26source%3Dfalse%26q%3D75%26crop_w%3D0.99999%26crop_h%3D0.68079%26width%3D1200%26height%3D675%26x%3D1.0E-5%26y%3D0.07564
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea985ec5bafb5d87af1a778cbb5cecfc9465e3e3ff7752cefdfefa51fdfd074a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Sun, 30 Apr 2023 02:20:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//image.khaleejtimes.com%3Fuuid%3De8659068-1d44-5113-9225-825a0bd292de%26function%3Dcropresize%26type%3Dpreview%26source%3Dfalse%26q%3D75%26crop_w%3D0.99999%26crop_h%3D0.68079%26width%3D1200%26height%3D675%26x%3D1.0E-5%26y%3D0.07564
age
165541
edge-cache-tag
359316342730712985166880202612488843545,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
359316342730712985166880202612488843545,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
638
req-referer
https://www.khaleejtimes.com/
content-length
7946
x-request-id
39b2dd8976e0ba36368ec0e3153266ab
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200121-IAD, cache-iad-kjyo7100152-IAD, cache-lax10642-LGB, cache-iad-kcgs7200105-IAD, cache-yul12823-YUL
last-modified
Fri, 28 Apr 2023 04:21:02 GMT
server
nginx
x-timer
S1682821204.624727,VS0,VE2
etag
"d2052f24153fa6379fb5d82a6db37fee"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 68, 1
image.khaleejtimes.com%3Fuuid%3De8659068-1d44-5113-9225-825a0bd292de%26function%3Dcropresize%26type%3Dpreview%26source%3Dfalse%26q%3D75%26crop_w%3D0.99999%26crop_h%3D0.68079%26width%3D1200%26height...
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A// 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//image.khaleejtimes.com%3Fuuid%3De8659068-1d44-5113-9225-825a0bd292de%26function%3Dcropresize%26type%3Dpreview%26source%3Dfalse%26q%3D75%26crop_w%3D0.99999%26crop_h%3D0.68079%26width%3D1200%26height%3D675%26x%3D1.0E-5%26y%3D0.07564
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ea985ec5bafb5d87af1a778cbb5cecfc9465e3e3ff7752cefdfefa51fdfd074a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 30 Apr 2023 02:20:03 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//image.khaleejtimes.com%3Fuuid%3De8659068-1d44-5113-9225-825a0bd292de%26function%3Dcropresize%26type%3Dpreview%26source%3Dfalse%26q%3D75%26crop_w%3D0.99999%26crop_h%3D0.68079%26width%3D1200%26height%3D675%26x%3D1.0E-5%26y%3D0.07564
age
165541
edge-cache-tag
359316342730712985166880202612488843545,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
359316342730712985166880202612488843545,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
638
req-referer
https://www.khaleejtimes.com/
content-length
7946
x-request-id
39b2dd8976e0ba36368ec0e3153266ab
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200121-IAD, cache-iad-kjyo7100152-IAD, cache-lax10642-LGB, cache-iad-kcgs7200105-IAD, cache-yul12823-YUL
last-modified
Fri, 28 Apr 2023 04:21:02 GMT
server
nginx
x-timer
S1682821204.656446,VS0,VE0
etag
"d2052f24153fa6379fb5d82a6db37fee"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 68, 2
pixel
cm-exchange.toast.com/ Frame 6A10 		0
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-exchange.toast.com/pixel?cm_pid=1641267272&cm_puid=caa4e1f7-081e-5278-9695-c2ccf2d81289&toast_push
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.243.202.190 , Korea, Republic Of, ASN45974 (NHN-AS-KR NHN, KR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 02:20:04 GMT
Server
nginx
Connection
close
P3P
CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"
ad_choices_i_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame D163 		513 B
794 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_i_UR.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:03 GMT
cf-cache-status
HIT
age
46473
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
513
x-function
301
last-modified
Tue, 11 Apr 2023 06:26:26 GMT
server
cloudflare
etag
1681194386
vary
Accept-Encoding
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
7bfc4dacdc0eecea-YUL
expires
Tue, 31 Dec 2030 00:00:00 GMT
ad_choices_UR.png
cdnx.tribalfusion.com/media/common//adChoice/icon/ Frame D163 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnx.tribalfusion.com/media/common//adChoice/icon/ad_choices_UR.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:20:03 GMT
cf-cache-status
HIT
age
8641
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1608
x-function
301
last-modified
Tue, 11 Apr 2023 06:26:26 GMT
server
cloudflare
etag
1681194386
vary
Accept-Encoding
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
cf-ray
7bfc4dacdc11ecea-YUL
expires
Tue, 31 Dec 2030 00:00:00 GMT
3b3bd4177dc9cc764d515f98ec9e416d.gif
cookies.andbeyond.media/ Frame 6A10 		0
0
NRJS-004eae0ecd9d1313a6a
bam.nr-data.net/events/1/ Frame 00AF 		24 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-004eae0ecd9d1313a6a?a=1771017370&v=1.230.0&to=YgdWZxRWW0NVW0JfDFtNYUEPGEFCVVtdUxEaD11dDxlFWEQ%3D&rst=15183&ck=0&s=4621b62300517c89&ref=https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://coronaliveupdates.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:20:04 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://coronaliveupdates.khaleejtimes.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7bfc4db11c4d0f6c-EWR
Content-Length
24
setuid
user-sync.adxpremium.services/ Frame DABC 		86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
86
content-type
image/png
date
Sun, 30 Apr 2023 02:20:04 GMT
visible
trc.taboola.com/khaleejtimesmena-p13238197/log/3/ 		0
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/khaleejtimesmena-p13238197/log/3/visible?route=US%3AUS%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230427-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
10
pragma
no-cache
date
Sun, 30 Apr 2023 02:20:04 GMT
via
1.1 varnish
x-served-by
cache-yul12823-YUL
server
nginx
x-timer
S1682821205.828617,VS0,VE10
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://www.khaleejtimes.com
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
latest.json
nh.iz.do/nh/61e05264d81ef5830f3e62a7c70ccb5aaa9b3ae0/ 		708 B
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nh.iz.do/nh/61e05264d81ef5830f3e62a7c70ccb5aaa9b3ae0/latest.json
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6850c7511093e8157d247b3f69f414d3462f9063502f5657a49b962a20a607
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 30 Apr 2023 02:20:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 30 Apr 2023 02:01:07 GMT
server
cloudflare
age
81
etag
W/"644dcbe3-2c4"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=1200
cf-ray
7bfc4db2cff54bd6-YUL
x-xss-protection
1; mode=block
expires
Sun, 30 Apr 2023 02:40:04 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=khaleejtimes.com&p=%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&u=DLdbaSM1EkPDFRuwZ&d=khaleejtimes.com&g=66153&g0=Tech&g1=Reuters&n=1&f=00001&c=0.25&x=0&m=0&y=8734&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&b=3057&t=J4m6mC5uJCdB9_wtrCV-ayjsMV_P&V=139&tz=0&sn=2&sv=DxEQigBfiAVditBVjBUZtVcD2LjIN&sd=1&im=06639cff&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.207.12.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-12-114.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 30 Apr 2023 02:20:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
/
image.khaleejtimes.com/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.khaleejtimes.com/?uuid=aa8d0b30-2c54-4c91-8391-38759957ea4b&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.84799&x=0&y=0&width=1200&height=675
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-83.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
053f4357254a0d8c4fc4770cf4de0bb837863ec661efa32a48fde9bb31620c02

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sat, 15 Apr 2023 14:52:16 GMT
via
1.1 909ec3586e2eba60d35c2f3468905558.cloudfront.net (CloudFront)
last-modified
Sat, 15 Apr 2023 14:52:16 +0000
server
nginx
x-amz-cf-pop
JFK50-P7
age
1250869
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
Dr8xirUvr0gWrhqytJaEJdyEWNkEwKz7J9T4cr4rBtQk-A_FjVVLgQ==
expires
Thu, 12 Oct 2023 14:52:16 GMT
nhwimp
nhwimp.izooto.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nhwimp.izooto.com/nhwimp
Requested by
Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:20:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7bfc4db4fea04bd0-YUL
content-length
0
ctrack
track1.avplayer.com/ 		0
121 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.avplayer.com/ctrack?pt=2&d66=8.3.3&d74=&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&pid=631834db55e9564951409ee5&cid=631aed0efe3b5c12d06b24f5&r=www.khaleejtimes.com&sn=&cd1=&app=&test=&cb=1682821201096
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.250.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-250-234.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 30 Apr 2023 02:20:06 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-2VVVMDVFQ8&gtm=45je34q0&_p=1749126243&gdid=dYmQxMT&cid=2080641419.1682821189&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&dt=Microsoft%20says%20it%20found%20malicious%20software%20in%20its%20systems%20-%20News%20%7C%20Khaleej%20Times&dp=%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&sid=1682821190&sct=1&seg=1&dl=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&_s=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2VVVMDVFQ8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
us-wf.taboola.com/ 		13 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=622&height=349&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1682821207786&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1514&pt=-1285035171&tz=0&viewable=true&ddast=V8xvoCLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMmNPJORw2NYi3Yr11o0XG7WEodz5hbtVsPZYjJxrja2ISC5kWcycngMa9Fu5VqLhsvNWuJwztyi3Wo4W0wmztXGNgUVU_jbPX_Ly2RQO01uheX09JhdbrCFptPhc93rdb_fXWt0mF0uq-npdnnuGr_bL3p5jH6102P5e_4201vzcH7eStNb5nfdTW61w-z0OP2uz1vzt5l-D8vLrbS7labPW_P8nF5uzx0AAAAAPPj___-HAAAAABABAAAAQAIAAAAAhYAK_xYELgAAAABg-P___9cAYLJBIDrkgNB-u-nycpj9AQAAAAAEAAAAAAkABNugEgAxBocn_v________9jDNBn3sj4____v6HQA-DBB8CDEAAAgIshpjI6RiPtl5VECDyLMAIAAABQiZPZe2SSTlCxqPL__99vBeAKAEDA4XO9518W3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEI1dQPpxGeRLFX8wsIALDmFxAAgI26AQB4EwAn6BC0YjBYnYCYHQAAAIA7_____3pAxuVyDnazjWM3Wy1cxsVitVhYRg6Ta2TYzCwzh_eYDoBXTTHOjvSpmMLf7vlbXiaD2mlyKyynp8fssp8JW4xWk8lmOZwtF5PBcDQcjfZnIBaTAZqIwXI5mSwmu9VoNdoMd6PZYIEEYjBBFC0aTFaj0WQxGa5Gk9VsudjtNoiiVavZaDMYrmaT2W63Gg6Gy9EITdhitJpMNsvhbLmYDIaj4Wg0RDA1sw0WzpVrLdgNV27RxuNbS4yD2VowXC1mNstuZZwt3KLXx3Qx7VarjXOLBAPI9iJ5WqQT2WI2cmxsvtlisbBMnCvPzLeZLGbGhc2wsIxGrolYojlZpBPZZd9xuZyD3Wzj2M1WC5dxsVgtFpaRw-QaGTYzy8zhb81sg4Vz5VoLdsOVW7Tx-NYS42C2FgxXi5nNslsZZwu36PUxXUy71Wrj3Ddmw8lwslgsN_vGbDgZThaL5WbfoTN8V5-zUbSTbDwmw7iY_YtrDoPCZbB4V6rTSluQHLTZq8jp0syURZ3R7_f7_X6_3-_3-w1az8FsUPi-Q-twHLl-nNnF9yA2KBSxRHCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiNF2kE73o5TH61U6P5e_520xvzcP5eStNb5nfdTe51Q6z0-P0uz5vzd9m-j0sL7fS7laaPm_N83N6uT0XsURwukgnopfxdFH_kUOMlnPVbK5YbeaK4XKVAAAAAAAAAAAswSTTTQAAAACcDGo3WI5W63Qwk8VkuVktF0DEGqGuH-vOPVagK6FijT2msUaH2eWymp5ul-ftsjvcgsdmshkulrspA4hYs2O22WcEsVarZQ0AAEAAGwAAQAA33XgTiA7F_f___48DAAAgI4ceAACA-D6gKtXwI1eKPX4FsVgMNvsHoEKs1Wp1u7FWqwU!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=0&dtagid=3212935&dpubid=570945&abtst=dpxrv0_vB!lvlstst-in2_vA!lvlstst1_vA!nonrv_vA!t45!u2822_vA!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.khaleejtimes.com&en=1&panid=3c4a4051ac2f6424e8a8685569ac16d53938fe39a1c41677b301c6f3783825ca
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a2b470ab522c93d1b665badfde6cc3b2b0e20f5aae67da6cb5a33a04d4db57c1

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:07 GMT
content-encoding
gzip
server
nginx
machineid
1116
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
link
<http://taboola-d.openx.net>; rel=preconnect,<https://ioms.bfmio.com>; rel=preconnect,<http://taboola-d.openx.net>; rel=preconnect
expires
Sat, 26 Jul 1997 05:00:00 GMT
VideoBidRequestHandlerServlet
us-wf.taboola.com/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://us-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=662&height=372&pubid=169497&tagid=953497&crid=6831575&noaop=3&sortOrderType=0&cb=1682821207803&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1514&pt=-1285035171&tz=0&viewable=true&ddast=V81BACLAbkZQyOf_pDOBLIyxgc__SHcCwAAABgYED8AMlNTLbJzDlaC0cml1s0WwzWwpHLsBYsRqbVaLQcuWazISCZ2cTmmCxMa43NtnGLVrvRWrlymdaCwWBkmTlmI5vHNAUXU_jbPX_Ly2SQsMx-30FBOT09ZpcbbKHpdPhc93rd73fXGh1ml8tqerpdnrvG7_aLXh6jX-30WP6ev8301jycn7fS9Jb5XXeTW-0wOz1Ov-vz1vxtpt_D8nIr7W6l6fPWPD-nl9tzBwAAAAAPANB6riH8AAIARAAAAACQAAAAAEAhoMK_BYELAAAAABgAFgpTNACYbBCIDjkgtN9uurwcZn8AAHiAAAEAIIBBAgDBNqgEQIzB4QkAAAAAAAAAABb_____MQbwsSpkEAhMZ_YAePAB8ECE4K4IIwAAAACVOJm9RybpBBWLKgAABOlWAK4AAAQcPteLMoQBAAAQGLNAD4vfb3bYNX63ywAAAAAAAAAAmPk_849GqKZ-OI3wJIq9ml9AAIA1v4AAAGzUDQDAmwA4QYegFYPB6gTE7AAAAADc-f___9cDMi6Xc7CbbRy72WrhMi4Wq8XCMnKYXCPDZmaZObzHdAC8aopxdqTPxRT-ds_f8jIZJCyz33dQUE5Pj9llPxO2GK0mk81yOFsuJoPhaDga7c9ALCYDNBGD5XIyWUx2q9FqtBnuRrPBAgnEYIIoWjSYrEajyWIyXI0mq9lysdttEEWrVrPRZjBczSaz3W41HAyXoxGasMVoNZlslsPZcjEZDEfD0WiIYGpmGyycK9dasBuu3KKNx7eWGAeztWC4Wsxslt3KOFu4Ra-P6WLarVYb5xYJBpDtRXCRTrRGh9nlspqebpfn7bI73ILHZrIZLpa7iViiOVmkE9ll33G5nIPdbOPYzVYLl3GxWC0WlpHD5BoZNjPLzOFvzWyDhXPlWgt2w5VbtPH41hLjYLYWDFeLmc2yWxlnC7fo9TFdTLvVauPcN2bDyXCyWCw3-8ZsOBlOFovlZt-hM3xXn7NRtJNsPCbDuJj9i2sOg8JlsHhXqtNKW5ActNmryOnSzJRFndHv9_v9fr_f7_f7DVrPwWxQ-L5D63AcuX6c2cX3IDYoFLFEcLpIJ6KX8XQRSyRPi3SiHA4Wvs3MuTJNRpOZc7VcmAyr2cixMq42y5VxORFLlKaLdKIXvTxGv9rpsfw9f5vprXk4P2-l6S3zu-4mt9phdnqcftfnrfnbTL-H5eVW2t1K0-eteX5OL7fnov4jhxgt56rZXLHazBXD5SoBAAAAAAAAAFiCSaabAAAAADgZ1G6wHK2WCyBijVDXj3XnHivQlVCxxh7TWKPD7HJZTU-3y_N22R1uwWMz2QwXy92UAUSs2THbzDOCWKvVsgYAACCADQAAIICbbrwJRIfk7AOiysnMzMzU5FcQi8Vgs38AKsRarZbPF2u1Wg!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=0&dtagid=3212935&dpubid=570945&abtst=dpxrv0_vB!lvlstst-in2_vA!lvlstst1_vA!nonrv_vA!t45!u2822_vA!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.khaleejtimes.com&en=1&panid=3c4a4051ac2f6424e8a8685569ac16d53938fe39a1c41677b301c6f3783825ca
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.9/UnitWidgetItemDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e6b76e1b1d1d355436a2bd73bc3156c864d204fc262f4053e2d3b6f06bf0143a

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:07 GMT
content-encoding
gzip
server
nginx
machineid
1117
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
av
taboola-d.openx.net/v/1.0/ 		48 B
248 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taboola-d.openx.net/v/1.0/av?auid=540790699&gdpr=0&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:08 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
getmu
ioms.bfmio.com/ 		49 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ioms.bfmio.com/getmu?aid=f3ba7097-c379-4680-c2af-b76fbd71dc0e&output=html5&width=622&height=349&v=1&pageurl=https%3A%2F%2Fwww.khaleejtimes.com&i_type=out&stream=out&playback=2&cb=R0.1682821207929&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.125.218 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Origin, Accept-Encoding, User-Agent
content-type
application/xml
access-control-allow-origin
https://www.khaleejtimes.com
access-control-expose-headers
location
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
av
taboola-d.openx.net/v/1.0/ 		48 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taboola-d.openx.net/v/1.0/av?auid=540789741&gdpr=0&us_privacy=1---
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.4/OvaMediaPlayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 02:20:07 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept-Encoding
content-type
text/xml
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
21e9d27179465c90b0e40f10154f2b65.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21e9d27179465c90b0e40f10154f2b65.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
81417ff3e11678b90a2215065bb67cfcdc0d5c6023313606b1321030632b1f4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Sun, 30 Apr 2023 02:20:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21e9d27179465c90b0e40f10154f2b65.jpeg
age
1335833
edge-cache-tag
320043323242041868727513955177363839410,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
320043323242041868727513955177363839410,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
710
req-referer
https://ninerecipes.com/
content-length
3558
x-request-id
5ff493cf91f9d4ff9d505aacf6a35034
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200130-IAD, cache-iad-kiad7000121-IAD, cache-lax10643-LGB, cache-iad-kjyo7100138-IAD, cache-yul12823-YUL
last-modified
Mon, 03 Apr 2023 08:39:33 GMT
server
nginx
x-timer
S1682821210.308329,VS0,VE1
etag
"2b902e97f8b8b9dad56830403a5f8b1d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 10, 1
21e9d27179465c90b0e40f10154f2b65.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21e9d27179465c90b0e40f10154f2b65.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
81417ff3e11678b90a2215065bb67cfcdc0d5c6023313606b1321030632b1f4d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Sun, 30 Apr 2023 02:20:10 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/21e9d27179465c90b0e40f10154f2b65.jpeg
age
1335833
edge-cache-tag
320043323242041868727513955177363839410,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
320043323242041868727513955177363839410,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
710
req-referer
https://ninerecipes.com/
content-length
3558
x-request-id
5ff493cf91f9d4ff9d505aacf6a35034
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200130-IAD, cache-iad-kiad7000121-IAD, cache-lax10643-LGB, cache-iad-kjyo7100138-IAD, cache-yul12823-YUL
last-modified
Mon, 03 Apr 2023 08:39:33 GMT
server
nginx
x-timer
S1682821210.334701,VS0,VE0
etag
"2b902e97f8b8b9dad56830403a5f8b1d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 10, 2
collect
www.google-analytics.com/ Frame 11EC 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=180781398&t=event&_s=2&dl=https%3A%2F%2Fio.jogo.studio%2Frender%2F889ab751-64e1-48d1-b311-5e03be70a349%3Fgame_id%3D8d47f80f-e65a-4571-95db-6d9e11238e90&dr=https%3A%2F%2Fwww.khaleejtimes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x340&je=0&ec=JOGO%20-%207dbe53bf-68cd-414e-B300-672a99a7eb9d&ea=JOGO_PLAYER_INTERVAL%20-%20889ab751-64e1-48d1-B311-5e03be70a349%20-%207dbe53bf-68cd-414e-B300-672a99a7eb9d&el=Teasers%20-%208d47f80f-E65a-4571-95db-6d9e11238e90&_u=KEDAAAABAAAAACAAAC~&jid=&gjid=&cid=2102482046.1682821189&tid=UA-228403240-1&_gid=1554748579.1682821189&z=1699363193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://io.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 29 Apr 2023 03:37:10 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81780
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
NRJS-41a5a2f008560c7bdc5
bam.nr-data.net/events/1/ 		24 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-41a5a2f008560c7bdc5?a=522948469&v=1.230.0&to=MgcDNxYDWBBXWkZbXwtNIAAQC1kNGUpbXFcJB0wCFhZfAFpc&rst=24587&ck=0&s=230759d243f299d9&ref=https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6c072bf7-1.230.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

Date
Sun, 30 Apr 2023 02:20:11 GMT
CF-Cache-Status
DYNAMIC
Server
cloudflare
Vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
Connection
keep-alive
CF-Ray
7bfc4ddb9eed0f6c-EWR
Content-Length
24

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
demand.trafficroots.com
URL
https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent=
Domain
cm.smadex.com
URL
https://cm.smadex.com/pixel?tl=1&redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8078%26xuid%3Dmy_external_user_id%26dongle%3D7du&gdpr=0&gdpr_consent=
Domain
cm.smadex.com
URL
https://cm.smadex.com/pixel?tl=1&redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8078%26xuid%3Dmy_external_user_id%26dongle%3D7du&gdpr=0&gdpr_consent=
Domain
cm.smadex.com
URL
https://cm.smadex.com/pixel?tl=1&redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8078%26xuid%3Dmy_external_user_id%26dongle%3D7du&gdpr=0&gdpr_consent=
Domain
openx.adhaven.com
URL
https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID
Domain
trace.mediago.io
URL
https://trace.mediago.io/ju/cs/taboola
Domain
ads.playground.xyz
URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lh2sahpf&c=5929998944819&slotId=2964999472409.5&uet=2&vast_v=not_specified
Domain
cookies.andbeyond.media
URL
https://cookies.andbeyond.media/3b3bd4177dc9cc764d515f98ec9e416d.gif?puid=caa4e1f7-081e-5278-9695-c2ccf2d81289

Verdicts & Comments Add Verdict or Comment

1130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| 51 object| 52 object| 53 object| 54 object| 55 object| 56 object| 57 object| 58 object| 59 object| 60 object| 61 object| 62 object| 63 object| 64 object| 65 object| 66 object| 67 object| 68 object| 69 object| 70 object| 71 object| 72 object| 73 object| 74 object| 75 object| 76 object| 77 object| 78 object| 79 object| 80 object| 81 object| 82 object| 83 object| 84 object| 85 object| 86 boolean| credentialless object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA function| RunClientPrayerTimes undefined| $ function| jQuery object| smartechclient string| SmartechObject function| smartech object| monetateQ undefined| valuez object| VUUKLE_CONFIG string| breadcrumbsection string| breadcrumbsubsection string| articleuuid number| init object| googletag string| adgh_p1 string| adgh_p2 string| adgh_p3 object| adgHdSc string| adgHscParam object| utag_data function| gallerySlideEvent number| NSC_pt_cy number| NSC_pt_cm number| NSC_pt_cd number| NSC_pt_cs object| NCS_fajar_time object| NCS_duhar_time object| NCS_asr_time object| NCS_maghrib_time object| NCS_isha_time function| loadVuukleWidgets object| XdUtils object| xdLocalStorage function| generateUUID function| setCookie function| $lvpl function| vuukleLogin function| newVuukleWidgets object| webpackChunk function| changeVuukleWidgetsTheme number| VUUKLE_PLATFORM function| removeVuukleWidgets function| generateVuukleAds object| ggeac object| google_tag_data object| google_js_reporting_queue object| rtbpbjs string| url22 function| getQueryString_val_new object| lineitemidcode number| adslot88 string| checkdomainurl string| urlbidder number| windowwidthbidder object| activeadunit2 function| refreshBid3 function| refreshBid1x1rtb function| refreshBid1rtb1 function| refreshBid1rtb number| randomvaldatatest2 number| unfillgoogle function| getPos number| randomvaldatatestand number| smailetest1 number| windowwidth1 object| anddebug object| newadunitandbeyond object| seedtag object| newtest1 object| anddebugtest number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| residual number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network string| sitemainurlandbyeond undefined| andbeyondhttp object| myElementrtbtracker object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult number| newunitcallback number| netacuitycpde object| block_url object| and_geo_block number| width number| height number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size1601status number| size1602status number| size1603status number| size1604status number| size1201status number| size1202status number| size1203status number| size1204status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size4681status number| size4682status number| size4683status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 object| activeadunit number| PREBID_TIMEOUT_NEW number| floor number| ref object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| lineitemidtest number| checkdomainrefresh function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| callback0 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| newtagtest boolean| utag_condload object| utag boolean| __tealium_twc_switch object| utag_cfg_ovrd undefined| google_measure_js_timing object| _vuukleGeo object| smartech_wnconfig undefined| spaData object| STAPI function| smtReloader string| timezonename object| apstag string| anddevice number| current_time object| adloox_pubint object| ignore object| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| invibes object| mnet boolean| apstagLOADED object| apscustom object| _aps number| intval object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| MzI0YWQ4Nzc3YWIyYWE3NmxvYWRlcl9qcw== string| MzI0YWQ4Nzc3YWIyYWE3NmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| regeneratorRuntime object| PlayStream object| lazyLoadOptions function| survey_click_func undefined| niframewidth object| lazyLoadInstance function| LazyLoad object| bootstrap object| randoms number| randomz string| adgf_p1 string| adgf_p2 string| adgf_p3 string| adgf_p4 string| adgf_p5 object| adgFtSc string| adgScParam object| infiniteArticles object| ScrollTrigger function| Swiper function| dpause function| initGallery function| setImmediate function| clearImmediate object| ID5 function| vuukleAuthUser number| numTrackedElements number| refreshIntervalId object| firedAlways object| firedOnce function| BlockAdBlock function| show_fly_by_offer function| show_casual_offer function| tealium_enrichment boolean| NCSBX string| NCSBX_UID object| NCSBX_UD object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| header object| stickyElem object| mega number| stickyElemBottom number| stickyElemPos number| currStickyPos function| getAfpadgCurrentDayId string| adgsrvrUrl object| scr object| vuukleAdConfiguration string| gtagRename object| dataLayer function| gtag number| _sf_startpt object| _sf_async_config object| head number| _sf_endpt object| _linkedin string| _linkedin_data_partner_id object| _uxa object| _izq function| fbq function| _fbq object| webp_configuration number| monetateT object| configuration_map object| andbeyondtemp number| custome_axt string| adunit2 number| iframe1 string| iframeid number| pos number| len string| pos123 string| temp number| sizeunfill300px number| sizeunfill336px number| sizeunfill250px number| sizeunfill0px number| sizeunfill600px number| sizeunfill728px number| sizeunfill90px number| sizeunfill970px number| sizeunfill320px number| sizeunfill50px number| sizeunfill120px number| sizeunfill160px number| sizeunfill240px number| sizeunfill468px number| sizeunfillleader number| sizeunfillleader2 number| sizeunfillgoogle number| sizeunfillinterstitial number| sizeunfillcom5 number| flag string| id string| pos1 number| sponsorandbeyond970250 string| test object| id1 number| status_bad number| aff number| width1 number| height1 number| width2 string| text object| andbeyond9702506 string| adunit2andbeyond9702506 object| Criteo number| sponsorandbeyond300 object| andbeyond30016 string| adunit2andbeyond30016 number| flag2 object| HanselPX object| Hansel number| BOXX_CLIENT_ID number| bxSx function| loadBxSDK object| cookieManager function| bxLog function| objIsEmpty object| bxErrMan object| bxlog object| bxcollect object| bxfail object| bxwarn object| bxerror object| bxPxMx boolean| bxSelfserve boolean| bxdebug boolean| bxDemo boolean| bxDev function| getLoadVuukleSettings object| adunit1x1 object| andbeyond16011 number| adunit2andbeyond16011 object| andbeyond30015 number| adunit2andbeyond30015 object| andbeyond72810 number| adunit2andbeyond72810 object| andbeyond72833 number| adunit2andbeyond72833 number| diff string| timezone number| hoursssss number| current_hour1 number| d number| current_hour2 number| flaglineitem number| refreshval number| number5 number| factor_session object| adunittest function| vuukleLoader object| vuuklehbChunk object| vuuklehb object| vuukleConsole object| vuukleSlots boolean| _VuukleDebug object| vuuklePlayerComponent number| vuukleLoaded object| container undefined| _izAlt object| _iz object| izConfig function| lintrk boolean| _already_called_lintrk object| CS_CONF object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| UXAnalytics number| cpm1 string| mediaType object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| TWAGORAINARTICLE boolean| afphChildLogger boolean| adg_comscore_flag string| crtg_nid string| crtg_cookiename string| crtg_varname function| crtg_getCookie string| adg_crtg_content number| crtg_rnd object| pubads string| PECGCookie undefined| pbsExp undefined| segmentJson object| targetData string| pbsCookie undefined| pbsjson undefined| segmentsObj undefined| campaigns boolean| tag string| adg_imagedetails object| xhr string| siteScript object| rfphr string| Domainscript string| sitename number| size object| monetate object| google_tag_manager function| onYouTubeIframeAPIReady object| aniplayerPos string| bxRecHost string| bxEveHost string| bxUploadHost function| getProductIdentifier function| uuidv4 object| boxxAutoTriggerConfig object| boxxPages object| scrape_init function| boxxSmartechEventDispatcher function| setBoxxToken function| getBoxxToken function| getBoxxCustomerId function| arrayFy function| bxWipeAll function| bxEmptyAll function| getLocalePid function| genRandToken function| boxxRunner object| bxExportable object| bxJsLogs boolean| bxExporting object| bxEvExportManager object| bxSesMan string| boxx_token_id string| BOXX_CUSTOMER_ID object| navTrackHeaders string| localBoxxCookie function| bxInjectCss function| bxInjectJs function| getCookie object| dismiss_list object| permissionData function| bxExecuteConfigs function| bxReloader string| bxExecutoken object| bxSuspects boolean| bxConfProcessing number| bxMaxWait object| bxNavData boolean| BOXX_DONOT_TRACK number| bxWUID function| callNavTrack object| BoxxClient string| idnew12 object| _cbm function| iFrameResize object| ProjectAgora function| addcss object| _taboola object| teadsscript function| _izooto boolean| afpfChildLogger number| innoCall number| spiceMCall number| partnerCount number| splashCount number| forLoopcount string| splashPara string| innoPara object| twoPartner object| partnerArr string| refUrl string| refUrl1 number| spiceposition number| blockedUrlinno number| blockedUrlnative number| blockedUrl number| burl1 number| negword number| val string| doublePixelpartnerId boolean| demoFlag string| demoDomain undefined| DemodomainArray undefined| tempDemodomainArray undefined| subDemoDomainArray number| PREBID_TIMEOUT object| adg_pbjs object| adUnits1 object| adgebraAdworld object| adg_slider string| deliveryChannel object| adNotSeved string| isDfpAppFlag object| RTB_LOG string| SiteDomain string| splashDC string| neg_keyword boolean| splashNotServed boolean| spotNotServed string| p1 string| p3 string| ADEp3Param boolean| ECGActiveFlag boolean| SegmentaionActiveFlag boolean| AdservingActiveFlag boolean| ADEActiveFlag boolean| PiggibackingActiveFlag object| splsKywrdDivs string| splsfle string| imgPosition string| adg_deviceType boolean| impulseResFalse boolean| isAdgebraValidIp string| ForkDetailsJson string| AdgDynamicDetails string| DynamicTrgDetails boolean| isHomePage boolean| notToServeFlag function| loadChannel undefined| customDataArray undefined| customData number| criteoAdserveFlag object| criteoCampIds object| JSONP function| adg_getURLParam1 function| pubCompetitorCheck function| update_comscore_flag function| adg_getMetaContentkeys function| screenSize function| getMetaTitleContentkeys function| callback_spot function| checkDynamicTarget function| nativeAdsCall function| create function| adgInnovation_callback function| innovationAdserve function| spotAdserve function| getExpireDate function| callsiteservlet function| adg_isIE function| lodUrl function| mobileTest function| getBidIdByDC function| findEndPointUrl function| AFPCall function| _RTB_DataLogger function| AdserveCalls function| AdNotServe function| getSiteSizeBySiteResponse function| imagePosition function| reloadAdgebraPixel function| reloadAdgPixel function| getNegativeKeyword function| geIframeStatus function| callback_NativeAds function| callback_NanoNativeAds function| iconImgClick function| inIframe function| adgCommonCanvasScript function| Splash_TP function| splash_tp_Callback object| siteConfigJson object| adgebraBidderObj object| dspDetailsObj string| master_bidId string| BidIdDetails string| bidderCampDetails boolean| AFPFPresent string| param object| _vuukleConfig object| sas object| apntag object| _ADAGIO object| closure_lm_350056 object| pbjs object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo_identitytag_135 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| confiant function| __vuukleCbb85c8980 number| _nonPersonalizedAds number| success number| timeflag string| idnew2 number| knew number| j number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| passivedivgptad16136256448550 number| activedivgptad16136256448550 number| time_refreshunitdivgptad16136256448550 number| nextnumberdivgptad16136256448550 number| newflag number| flagnewone number| passivedivgptad16361139662890 number| activedivgptad16361139662890 number| time_refreshunitdivgptad16361139662890 number| nextnumberdivgptad16361139662890 number| passivedivgptad16371510911520 number| activedivgptad16371510911520 number| time_refreshunitdivgptad16371510911520 number| nextnumberdivgptad16371510911520 number| passivedivgptad16248629444290 number| activedivgptad16248629444290 number| time_refreshunitdivgptad16248629444290 number| nextnumberdivgptad16248629444290 number| passivedivgptad16528574127930 number| activedivgptad16528574127930 number| time_refreshunitdivgptad16528574127930 number| nextnumberdivgptad16528574127930 number| passivedivgptad16528576194980 number| activedivgptad16528576194980 number| time_refreshunitdivgptad16528576194980 number| nextnumberdivgptad16528576194980 number| passivedivgptad16134806274400 number| activedivgptad16134806274400 number| time_refreshunitdivgptad16134806274400 number| nextnumberdivgptad16134806274400 number| passiveandbeyond9702506 number| activeandbeyond9702506 number| time_refreshunitandbeyond9702506 number| nextnumberandbeyond9702506 string| m1html number| passiveandbeyond30015 number| activeandbeyond30015 number| time_refreshunitandbeyond30015 number| nextnumberandbeyond30015 number| passiveandbeyond72833 number| activeandbeyond72833 number| time_refreshunitandbeyond72833 number| nextnumberandbeyond72833 number| passiveandbeyond72810 number| activeandbeyond72810 number| time_refreshunitandbeyond72810 number| nextnumberandbeyond72810 number| passiveandbeyond16011 number| activeandbeyond16011 number| time_refreshunitandbeyond16011 number| nextnumberandbeyond16011 number| passivedivgptad14974484742631 number| activedivgptad14974484742631 number| time_refreshunitdivgptad14974484742631 number| nextnumberdivgptad14974484742631 number| passivedivgptad16134810604490 number| activedivgptad16134810604490 number| time_refreshunitdivgptad16134810604490 number| nextnumberdivgptad16134810604490 number| passiveandbeyond30016 number| activeandbeyond30016 number| time_refreshunitandbeyond30016 number| nextnumberandbeyond30016 number| passivedivgptad16134811754840 number| activedivgptad16134811754840 number| time_refreshunitdivgptad16134811754840 number| nextnumberdivgptad16134811754840 number| flag56 number| flag34 object| andbeyond3009 number| flag_active number| visible string| zonename object| labelnew string| device object| restrict_bidder object| temp_ar undefined| temp_ar_new object| temp_ar_new1 string| keyname_new string| label_temp object| keyname_temp number| m string| temp_val number| adunit2andbeyond3009 number| widthidandbeyond3009 number| heightidandbeyond3009 string| adunit3 string| temp_caps number| flagvideo number| VIDEOFLAGandbeyond3009 number| flag33 object| webpackChunk_aniview_player object| avContentPlayer string| GoogleAnalyticsObject function| ga object| ONFOCUS object| DcInnov object| TRC object| _tblConsole undefined| msg object| teads number| passiveandbeyond3009 number| activeandbeyond3009 number| time_refreshunitandbeyond3009 number| nextnumberandbeyond3009 object| closure_lm_110942 object| gaplugins object| gaData number| videoflag object| criteo_pubtag_prebid_130 object| Criteo_prebid_130 function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| closeButton object| googDdmPs string| context object| videocode number| videounit string| contextvideounit number| taboola_view_id string| parameter string| nam object| placementData boolean| 4e508e86-4d10-40fc-a8f3-f21b3bfa8899 boolean| google_empty_script_included number| adg_width number| adg_height string| imgCaption string| img_hgt string| img_wdt object| adViewPortArr string| adg_domain string| splshparameter object| ObjectToserve boolean| isRtbCampaign string| p2 boolean| ADGSPLASHFLOW boolean| ADGFLAG string| partnerReferURL string| negativeKeyword string| servletURL object| adIframeArr number| objectLen undefined| respindx number| imgarrylen string| validImgRealCount number| AdImgCount function| isHidden function| validateImageDomain function| adg_getURLParam function| getAdgOffset function| adg_offset function| getAdgPosition function| adgQueryStringBuilder string| campId boolean| backfillcamp boolean| isFloatingBannerFlag string| viewableImpFlag boolean| pageSliderFlag boolean| viewableImpTigger boolean| viewPortAdFlag string| antiFloatingBannerFlag function| adgCallback function| insertAfter function| viewPortImp function| inViewportImage function| floatingBannerAgain function| getAbsObject function| getAbsPosition function| postionAgain function| rfp_splash number| ImgLoadTime boolean| splashCallFlag number| intervalVar function| imageWaitInterval function| callAdserving function| receiveMessage function| CALLTONOTSERVE function| impTrackerToSplash function| oldResize function| json1 object| cmTag object| _cm_wfCounters string| lastWfUrl object| obj function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| prebidAdUnits object| amazonTamUnits object| currentPageSlots string| REFRESH_KEY string| REFRESH_VALUE number| SECONDS_TO_WAIT_AFTER_VIEWABILITY function| refreshBid function| getDeviceType number| FAILSAFE_TIMEOUT object| requestManager function| prebid function| constructAds function| executeParallelAuctionAlongsidePrebid function| displayAds number| refInterval object| pbjsChunk object| adSize string| uuid object| google_image_requests function| webpackHotUpdate function| startCMTagMain string| category string| vpaidId function| OvaMediaPlayer function| arrive function| unbindArrive function| leave function| unbindLeave

441 Cookies

Domain/Path Name / Value
.taboola.com/khaleejtimesmena-p13238197/ Name: taboola_session_id
Value: v2_cee9076c1765ae81151a2dad5d03f2fa_5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9_1682821193_1682821193_CNawjgYQhNdFGIa81v_8MCABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABowPup8duG3vbwAXAB
.3lift.com/sync Name: sync
Value: CgoIgAIQ8MnW__wwCgoIgQIQ48bW__wwCgoIggIQoNDW__wwCgoIgwIQ2dDW__wwCgoIhwIQrLLW__wwCgkICRCsstb__DAKCQgLEKyy1v_8MAoKCIsCEPDJ1v_8MAoKCIwCEKyy1v_8MAoKCI4BEPDJ1v_8MAoJCA4QoNDW__wwCgoIjwIQoNDW__wwCgoIkAIQoNDW__wwCgoIkQIQ48bW__wwCgoIkgIQ48bW__wwCgoIkwIQoNDW__wwCgoIlAIQ48bW__wwCgkIFBDZ0Nb__DAKCgiVAhCg0Nb__DAKCgiaARDZ0Nb__DAKCQgbEOPG1v_8MAoKCJ0CEPDJ1v_8MAoKCJ4CENnQ1v_8MAoJCB8QrLLW__wwCgoInwIQ2dDW__wwCgoIoQEQrLLW__wwCgoIogIQoNDW__wwCgkIJBDZ0Nb__DAKCgioAhDZ0Nb__DAKCgipAhD90tb__DAKCgiqAhCg0Nb__DAKCgirAhDZ0Nb__DAKCgisAhDjxtb__DAKCgitAhDjxtb__DAKCgiuAhD90tb__DAKCgiwAhDwydb__DAKCgi4ARDZ0Nb__DAKCQg5EPDJ1v_8MAoJCDoQrLLW__wwCgoIvQEQ2dDW__wwCgkIPxCg0Nb__DAKCgjCARD90tb__DAKCQhJEOPG1v_8MAoKCM4BEOPG1v_8MAoKCNYBEPDJ1v_8MAoKCN4BEOPG1v_8MAoJCF8QrLLW__wwCgoI3wEQ_dLW__wwCgoI4gEQrLLW__wwCgoI4wEQ8MnW__wwCgoI5gEQrLLW__wwCgoI5wEQ8MnW__wwCgoI-wEQoNDW__wwCgoI_wEQ8MnW__ww
.admixer.net/bs Name: am-uid
Value: c487552ba4ca418fa215f37369d81dac
i.liadm.com/s Name: _li_ss
Value: CggKBgjSARD1FA
.khaleejtimes.com/ Name: visid_incap_1773870
Value: W4GWAqlsSniJL2Lhia+o1ELQTWQAAAAAQUIPAAAAAADeAVDLkeeraKMy5BgjpkkD
.khaleejtimes.com/ Name: nlbi_1773870
Value: 6MLaa1Af/0KMGoGQVzlQLAAAAAAe+mzXz0pm0lzS2KEjAW+o
.khaleejtimes.com/ Name: incap_ses_1170_1773870
Value: M2mLDKAJH0o5mCWZuq08EEPQTWQAAAAAaEXuGxZpDOwNXWZhBps8kQ==
www.khaleejtimes.com/ Name: user_sessions
Value: 1
www.khaleejtimes.com/ Name: __sts
Value: eyJzaWQiOjE2ODI4MjExODg1MDksInR4IjoxNjgyODIxMTg4NTA5LCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5raGFsZWVqdGltZXMuY29tJTJGdGVjaG5vbG9neSUyRm1pY3Jvc29mdC1zYXlzLWl0LWZvdW5kLW1hbGljaW91cy1zb2Z0d2FyZS1pbi1pdHMtc3lzdGVtcyIsInBldCI6MTY4MjgyMTE4ODUwOSwic2V0IjoxNjgyODIxMTg4NTA5fQ==
www.khaleejtimes.com/ Name: __stp
Value: eyJ2aXNpdCI6Im5ldyIsInV1aWQiOiJjNzhmYjQzMy0zMjY5LTQ5MTYtYWFlOS03NmIwNzBlNzQ4NzIifQ==
io.jogo.studio/ Name: _jui
Value: 0e0ba867-ff8f-757a-7a3b-2edabae9d15a
www.khaleejtimes.com/ Name: _rtbpbjs_userid_consent_data
Value: 3524755945110770
www.khaleejtimes.com/ Name: random_user
Value: 1
.io.jogo.studio/ Name: _ga
Value: GA1.3.2102482046.1682821189
.io.jogo.studio/ Name: _gid
Value: GA1.3.1554748579.1682821189
.khaleejtimes.com/ Name: _cs_mk_ga
Value: 0.5642306792470986_1682821189195
www.khaleejtimes.com/ Name: __stgeo
Value: IjAi
.tealiumiq.com/ Name: TAPID
Value: khaleejtimes/khaleejtimes>0187cff58b3d000b5ceccd3def6c03074006106c00b08|
.khaleejtimes.com/ Name: __gads
Value: ID=6670b295dca33162-22116e4f7bdf00c6:T=1682821188:S=ALNI_Ma1ZIMeOyk5idfmd5rvJrDTUlaDcg
.khaleejtimes.com/ Name: __gpi
Value: UID=00000be69c940dda:T=1682821188:RT=1682821188:S=ALNI_MY8PIwwKUIK0sohgRZ8Ie9iCMXrGQ
.lijit.com/ Name: ljt_reader
Value: GkJrZBZH2ygXJcZOSOi_0W40
.teads.tv/ Name: tt_viewer
Value: d2cb8617-dfa9-4bed-812e-d5bea6515049
.doubleclick.net/ Name: IDE
Value: AHWqTUk4WWIVA8gwlNuRu6wz6rkIz7VJSCn4gWN2ZsXD3F-Q3D_jKaWnNwdEicG_df0
.khaleejtimes.com/ Name: utag_main
Value: v_id:0187cff58b3d000b5ceccd3def6c03074006106c00b08$_sn:1$_se:1$_ss:1$_st:1682822988417$ses_id:1682821188417%3Bexp-session$_pn:1%3Bexp-session$dcsyncran:1%3Bexp-session$dc_visit:1$dc_event:1%3Bexp-session$dc_region:us-east-1%3Bexp-session
www.khaleejtimes.com/ Name: __stdf
Value: MA==
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 338689=5430379
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0
.smartadserver.com/ Name: pid
Value: 2403475317176069061
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1308948106%3B%24ql%3DHigh%3B%24qpc%3D28700%3B%24qt%3D124_1509_77271t%3B%24dma%3D0&c=1&l=1501522464&lo=384595258&lt=638184179894951866&o=1
.openx.net/ Name: i
Value: d0bf2acc-c6f6-096e-01ce-84c6e5ab343b|1682821189
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.betweendigital.com/ Name: tuuid
Value: caa4e1f7-081e-5278-9695-c2ccf2d81289
.tealiumiq.com/ Name: tcs.google_cver
Value: eyJraGFsZWVqdGltZXMva2hhbGVlanRpbWVzIjoiMXwxNjgyODIxMTg5NzY1In0=
.tealiumiq.com/ Name: tcs.google_gid
Value: eyJraGFsZWVqdGltZXMva2hhbGVlanRpbWVzIjoiQ0FFU0VFaWpjMlhPOXoyYjl4UXdtWW9IU0J3fDE2ODI4MjExODk3NjUifQ==
.khaleejtimes.com/ Name: _cs_c
Value: 0
.khaleejtimes.com/ Name: _cs_id
Value: 2ee5cbe7-2387-a7a5-c6be-3c77068b5ea8.1682821189.1.1682821189.1682821189.1.1716985189856
.khaleejtimes.com/ Name: _cs_s
Value: 1.0.0.1682822989859
.linkedin.com/ Name: li_sugr
Value: 1d7b3b10-07f8-4e61-9df1-435781e32f6e
.linkedin.com/ Name: bcookie
Value: "v=2&1da7abb1-72db-40ea-88e8-842a00cd660b"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3005:u=1:x=1:i=1682821189:t=1682907589:v=2:sig=AQHepGMf_x53LD-JpkESohp1JIFhWNGz"
.khaleejtimes.com/ Name: _cb
Value: DLdbaSM1EkPDFRuwZ
.khaleejtimes.com/ Name: _chartbeat2
Value: .1682821189904.1682821189904.1.DxEQigBfiAVditBVjBUZtVcD2LjIN.1
.khaleejtimes.com/ Name: _cb_svref
Value: null
.khaleejtimes.com/ Name: mt.v
Value: 2.151432051.1682821189973
.linkedin.com/ Name: UserMatchHistory
Value: AQJQaInM4KtMXQAAAYfP9ZIEFmsOuZ7KUeGXkzqpDhLT6AiLXT6w-B4Cllrd3-ICqIcxhBPFUtzeBQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKVKLPytV4pmgAAAYfP9ZIElmu6s3-ANZwikELxFiXl7zfbzqTIeuLT_e8R_uxIlxyPwulo8CccQ9xQjr8HRg
.khaleejtimes.com/ Name: bxSesT
Value: MTY4MjgyMTE5MDI1NQ%3D%3D
.khaleejtimes.com/ Name: bxSesC
Value: MTY4MjgyMTE5MDI1NQ%3D%3D
.khaleejtimes.com/ Name: boxx_token_id
Value: Yzc4ZmI0MzMtMzI2OS00OTE2LWFhZTktNzZiMDcwZTc0ODcy
www.khaleejtimes.com/ Name: ln_or
Value: eyIxMDA4NzMxIjoiZCJ9
.adnxs.com/ Name: uuid2
Value: 7906230784814628655
.www.linkedin.com/ Name: bscookie
Value: "v=1&202304300219507446cd75-3cfe-407a-8ed7-d87819f86c80AQGgRNQcGKmaHaCcsO7WB52YtIe3Q0Jt"
.khaleejtimes.com/ Name: _fbp
Value: fb.1.1682821190598.235822026
adgebra.co.in/ Name: IID
Value: "1040203432394497110254561_23050102"
.criteo.com/ Name: uid
Value: 4cba3614-0a55-4029-9bf6-6fae57427e17
.izooto.com/ Name: IZCID
Value: ed6b83f5-f83a-46ad-96c9-e5b6d6fc2cdf
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 8d29ae9cdc157d778c92c0c52e27883a
.yahoo.com/ Name: A3
Value: d=AQABBEfQTWQCEGzLHM5bYuCWS1k7hC-E2rwFEgEBAQEhT2RXZAAAAAAA_eMAAA&S=AQAAAkzHbLLeB5XoKodCRhxF0Dc
.khaleejtimes.com/ Name: _cc_id
Value: 8d29ae9cdc157d778c92c0c52e27883a
.khaleejtimes.com/ Name: panoramaId_expiry
Value: 1683425991454
.khaleejtimes.com/ Name: panoramaId
Value: 3c4a4051ac2f6424e8a8685569ac16d53938fe39a1c41677b301c6f3783825ca
.khaleejtimes.com/ Name: panoramaIdType
Value: panoIndiv
hulk.boxx.ai/ Name: AWSALBCORS
Value: waEB2S1IMGAZqZGr5Y6v+MZI87/q5Rx6G8BXgPyacufmoVwwRAK078HampADdh7KA95JgwUAwNDSvAXGLofmjUGkJQBvC9hIgcLYQ2ACJWY9yiJx7RAQOvGG+m14
.3lift.com/ Name: tluid
Value: 3877821143472078157452
.33across.com/ Name: 33x_ps
Value: u%3D212153202608429%3As1%3D1682821191989%3Ats%3D1682821191989
.tynt.com/ Name: uid
Value: M8v4xWRN0EiZEvsPHmoiCQ==
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D25146A7-FA5A-44E2-8074-F1A3074DE67C
.khaleejtimes.com/ Name: _ga
Value: GA1.2.2080641419.1682821189
.khaleejtimes.com/ Name: _gid
Value: GA1.2.1652133778.1682821192
.adtelligent.com/ Name: vmuid
Value: 8cb866ad2d5caa65
.adsrvr.org/ Name: TDID
Value: abb0385f-fb71-4da5-be13-d1ca93d34856
.bing.com/ Name: MUID
Value: 34776753A8676F3A3F9E7450A9B16EC5
.c.bing.com/ Name: MR
Value: 0
.zemanta.com/ Name: zuid
Value: kuIAmsv1By4MDjailSBd
.360yield.com/ Name: tuuid
Value: dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
.360yield.com/ Name: tuuid_lu
Value: 1682821192
.khaleejtimes.com/ Name: bxCacheInit
Value: MQ%3D%3D
.khaleejtimes.com/ Name: bxSegDetail
Value: eyJieFNlc1QiOjE2ODI4MjExOTAyNTUsInVzZXJUeXBlIjoibmV3IiwidXNlclJhbmRvbSI6MC4yMDUyMjYyMTE4OTQ4NTU1NywicHJ2TXYiOiI3MTQiLCJwdWJNdiI6ImJveHgiLCJ1c2VyU2VnIjoiX2RlZmF1bHQiLCJtb2RlbFNlZyI6ImJveHhfX2RlZmF1bHQifQ%3D%3D
.omnitagjs.com/ Name: ayl_visitor
Value: 18983ad2ee7bdd870b91633e3e36f3f6
.lkqd.net/ Name: lkqdid
Value: LjwtvUFo_gI
.lkqd.net/ Name: lkqdidts
Value: 1682821192
.bidswitch.net/ Name: tuuid
Value: 4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
.bidswitch.net/ Name: c
Value: 1682821192
.bidswitch.net/ Name: tuuid_lu
Value: 1682821192
www.clarity.ms/ Name: CLID
Value: b2854b23444b4690a03657cee10b9e2d.20230430.20240429
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AJGsunjaG4FJPvmH
.adtelligent.com/ Name: a733849
Value: 7906230784814628655
.lkqd.net/ Name: sr59
Value: 1|CAESEJl831r89Wwikx1tbSuuOgU|1682821192
.casalemedia.com/ Name: CMID
Value: ZE3QSKiBZz7mrFv9ttLKygAA
.casalemedia.com/ Name: CMPS
Value: 1459
.casalemedia.com/ Name: CMPRO
Value: 1459
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE0MTE2NzY2tzAwFOIz1NXNKDXOzTfIM_byqQIAK1pK9CQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjS3MDE3NzE0MTE2NzY2tzAwFOIz1NXNKDXOzTfIM_byqQIAK1pK9CQAAAA
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZE3QSAAGdt3yhgA9
.quantserve.com/ Name: mc
Value: 644dd048-c7e73-1d9ed-80a4a
.tapad.com/ Name: TapAd_TS
Value: 1682821192823
.tapad.com/ Name: TapAd_DID
Value: 68afccab-c100-4461-a445-3890741431f3
.adgrx.com/ Name: ADGRX_UID
Value: 7db5d42e-e6fd-11ed-a34e-d15af96d51e0
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7906230784814628655&KRTB&23339-7906230784814628655
.simpli.fi/ Name: suid
Value: 429FA571C8024762B89F507D54B48C58
.sitescout.com/ Name: ssi
Value: 8a409b54-c449-4f01-a499-90664ddef0b5#1682821192853
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-D25146A7-FA5A-44E2-8074-F1A3074DE67C&KRTB&23413-D25146A7-FA5A-44E2-8074-F1A3074DE67C&KRTB&23479-D25146A7-FA5A-44E2-8074-F1A3074DE67C
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:1d73644d-d048-4a00-afcb-6c18b71cf71f&KRTB&16736-uid:1d73644d-d048-4a00-afcb-6c18b71cf71f&KRTB&23019-uid:1d73644d-d048-4a00-afcb-6c18b71cf71f&KRTB&23114-uid:1d73644d-d048-4a00-afcb-6c18b71cf71f
.w55c.net/ Name: wfivefivec
Value: fYpSPiDn1PSWFi5
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1a8d4201-03ef-5afe-6631-c047a3312fff.cbZEVQiYHMvpRxJYFmjOpo5zB4rwBqDW1G9wcd1qBZA
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AGo1CAQPvWv5mMcBHozEv_5U4mb0.DpMq9MyQGfdVEMe9yCfjK0l5CIp%2FyA%2BSaXeIRkMgUdw
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AGo1CAQPvWv5mMcBHozEv_5U4mb0.DpMq9MyQGfdVEMe9yCfjK0l5CIp%2FyA%2BSaXeIRkMgUdw
.ipredictive.com/ Name: cu
Value: 275eb785-370e-447e-879f-7fd6dba0d1e9|1682821192864
.mathtag.com/ Name: uuid
Value: 5ded644d-d048-4900-9db9-f4be5bd2dfb7
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-8dec9353-583e-4c52-8dc5-83aeb3620aef&KRTB&23340-8dec9353-583e-4c52-8dc5-83aeb3620aef
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.bidr.io/ Name: bito
Value: AAAjOU7Im6EAACBud1f_9Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.doubleclick.net/ Name: APC
Value: AUJbPO4rJE0oA79wQM7za0WboSaoZ79UcHjZtKdBkEg3JaknXEmZ
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-Go1CAQPvWv5mMcBHozEv_5U4mb0&KRTB&23334-Go1CAQPvWv5mMcBHozEv_5U4mb0&KRTB&23417-Go1CAQPvWv5mMcBHozEv_5U4mb0&KRTB&23426-Go1CAQPvWv5mMcBHozEv_5U4mb0
.w55c.net/ Name: matchpubmatic
Value: 5
.bluekai.com/ Name: bku
Value: ikG99WMxEVHaBTxz
.amazon-adsystem.com/ Name: ad-id
Value: AzyV5avbNE-HkQrcf9njjQs
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.adtelligent.com/ Name: a297253
Value: 7906230784814628655
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-7db5d42e-e6fd-11ed-a34e-d15af96d51e0&KRTB&23275-7db5d42e-e6fd-11ed-a34e-d15af96d51e0
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 63a13001-1751-4eb2-a70a-aa6ea39a6000
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-uSkp4ustKb6ifirjuC4wt-skeOKiJS3nu3yz6CBt&KRTB&19420-uSkp4ustKb6ifirjuC4wt-skeOKiJS3nu3yz6CBt&KRTB&22979-uSkp4ustKb6ifirjuC4wt-skeOKiJS3nu3yz6CBt&KRTB&23462-uSkp4ustKb6ifirjuC4wt-skeOKiJS3nu3yz6CBt
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-978477414437337801
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:fYpSPiDn1PSWFi5&KRTB&23457-uid:fYpSPiDn1PSWFi5&KRTB&23421-uid:fYpSPiDn1PSWFi5
.adtelligent.com/ Name: a584890
Value: 7906230784814628655
.adform.net/ Name: C
Value: 1
.deepintent.com/ Name: CDIUSER
Value: di_bb7fe3469a6e4f3c81420
.adtelligent.com/ Name: a310570
Value: GkJrZBZH2ygXJcZOSOi_0W40
.turn.com/ Name: uid
Value: 3464934303237790935
.adtelligent.com/ Name: a309255
Value: 3acd9a5a-d6ee-0570-3094-8c3b00d7c54b
.dyntrk.com/ Name: dyn_u
Value: 04010023_644dd048f02af
.mookie1.com/ Name: id
Value: 10595844029665553908
.mookie1.com/ Name: mdata
Value: 1|10595844029665553908|1682821192997
.mookie1.com/ Name: ov
Value: 63183d24e173d4f1a21a8234f3ae83bd
.admanmedia.com/ Name: admtr
Value: 611927c9-b19d-413e-a399-edc6a02241e2
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-abb0385f-fb71-4da5-be13-d1ca93d34856&KRTB&22918-abb0385f-fb71-4da5-be13-d1ca93d34856&KRTB&23031-abb0385f-fb71-4da5-be13-d1ca93d34856
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEIuCokoupdqAG3MACwWQAUg&KRTB&22987-CAESEIuCokoupdqAG3MACwWQAUg&KRTB&23025-CAESEIuCokoupdqAG3MACwWQAUg&KRTB&23386-CAESEIuCokoupdqAG3MACwWQAUg
.thrtle.com/ Name: mc
Value: eyJpZCI6ImQ2OGQ0YmM5LTk4ODQtNDlmMy1hMmIwLWEzZDcxZTZkODcyZSIsImwiOjE2ODI4MjExOTMwOTMsInQiOjF9
.csync.loopme.me/ Name: viewer_token
Value: 92e3d4d5-9716-4f5e-b708-bda9da8c9680
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:429FA571C8024762B89F507D54B48C58
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33645_101EA6830_8FA46364&KRTB&23092-R33645_101EA6830_8FA46364
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-275eb785-370e-447e-879f-7fd6dba0d1e9&KRTB&23011-275eb785-370e-447e-879f-7fd6dba0d1e9&KRTB&23355-275eb785-370e-447e-879f-7fd6dba0d1e9
.rubiconproject.com/ Name: khaos
Value: LH2SAEWK-1A-5ERB
.technoratimedia.com/ Name: tads_uidp_88
Value: 626928932246947377724
.technoratimedia.com/ Name: tads_uidp_44
Value: LGOI3Y4H-2-E2ED
.technoratimedia.com/ Name: tads_uidp_77
Value: UQZ2Q6HZcRk7nq3bTYZk4bEnb0-uAzwa0SlIWJvu8lM
.technoratimedia.com/ Name: tads_uidp_45
Value: EF0F4970-4A41-469D-9D34-BA15B1A53E0E
.technoratimedia.com/ Name: tads_uidp_46
Value: 521413429746270274
.technoratimedia.com/ Name: tads_uidp_79
Value: d28d6ade-079a-434d-a248-4389abba0237
.technoratimedia.com/ Name: tads_uidp_37
Value: dcb54c1a-2b18-37c8-931d-6d01f0e2b2fc
.technoratimedia.com/ Name: tads_uidp_48
Value: ac8ac1f8-cc0c-4914-b9e5-9f4d60e0f1f7
.technoratimedia.com/ Name: tads_uidp_7
Value: f69af121-9cbb-4bc3-bb1f-97cccb9d1a52
.technoratimedia.com/ Name: tads_uidp_80
Value: y-UXS3WaxE2uE.Lhpf61H_vJaIErI5FCbQ~A
.technoratimedia.com/ Name: tads_uidp_70
Value: 1673948501052-981480834937-007220-006-006384
.technoratimedia.com/ Name: tads_uidp_82
Value: ZEpWYDEbkBsfCXuUgFkE2gAA&5255
.technoratimedia.com/ Name: tads_uidp_50
Value: 3bad6227-9571-02db-0c82-85a07e2d9d51
.technoratimedia.com/ Name: tads_uidp_61
Value: 212146417176477
.technoratimedia.com/ Name: tads_uidp_62
Value: 3258220101455759000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: tVykJqdJA7o1UpcW-2rKLwjgdd1y3pew
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-8925c9cf-862d-47c3-9323-2fb8a199c063-005
.technoratimedia.com/ Name: tads_uid
Value: 568200899A48499D9AF846BF5A46F6A4
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230331110957+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.adform.net/ Name: uid
Value: 4139660057828765566
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3464934303237790935&KRTB&23150-3464934303237790935
.sportradarserving.com/ Name: zuuid
Value: c4dd86a7-5678-49a7-ae61-326910133e40
.sportradarserving.com/ Name: c
Value: 1682821193
.sportradarserving.com/ Name: zuuid_lu
Value: 1682821193
.contextweb.com/ Name: V
Value: n0h9TTaSFk0n
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4a5fb7b3f356bc21
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAAjOU7Im6EAACBud1f_9Q
.sharethrough.com/ Name: stx_user_id
Value: 1b9b14f4-3cf0-4810-acfb-20126d2da168
.adtelligent.com/ Name: a289656
Value: dbe55149-b25f-40f7-b5ab-ccd9e16f2fcc
.go.sonobi.com/ Name: __uis
Value: 8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341&KRTB&23418-8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-6953a49e-bc91-3e36-a5e4-1a5828a1b00a
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMERwH02NBawN4yMlgAAAAAAA&KRTB&22713-AAAMERwH02NBawN4yMlgAAAAAAA&KRTB&22715-AAAMERwH02NBawN4yMlgAAAAAAA
.zeotap.com/ Name: zc
Value: f3802262-1e01-41c2-7c52-ea2294ef5952
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4139660057828765566&KRTB&23263-4139660057828765566&KRTB&23481-4139660057828765566
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1682821193
.console.adtarget.com.tr/ Name: vmuid
Value: 7ff839d6e5a54b30
.admanmedia.com/ Name: ac_r
Value: CS159|CS181
.playstream.media/ Name: aniC
Value:
.taboola.com/ Name: t_gid
Value: 5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
.pxl.iqm.com/ Name: ttacross
Value: MTY4NDAzMDc5Mzg3NA==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: b5b970f6-4794-4043-a6b9-526dc1551fab
.creativecdn.com/ Name: ts
Value: 1682821193
.creativecdn.com/ Name: u
Value: LK5U8UAZo2GVgnyxkra5
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJ3i9H5-AA3YEJ1f4DaYfOpw85kdToLW6K_z0eYdv1jkC1m_MkNJvpp30lbMC0
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22632381c622%22%2C%22f%22%3A1%2C%22ts%22%3A1682821193045%7D%2C%7B%22p%22%3A%22f46c881bee%22%2C%22f%22%3A1%2C%22ts%22%3A1682821193226%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1682821192120%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1682821192120%7D%2C%7B%22p%22%3A%226078aa809f%22%2C%22f%22%3A1%2C%22ts%22%3A1682821193964%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1682821192682%7D%2C%7B%22p%22%3A%22a3ec099f1a%22%2C%22f%22%3A1%2C%22ts%22%3A1682821193045%7D%2C%7B%22p%22%3A%22bac1bc34e2%22%2C%22f%22%3A1%2C%22ts%22%3A1682821192120%7D%2C%7B%22p%22%3A%220f90caf3cf%22%2C%22f%22%3A1%2C%22ts%22%3A1682821193045%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1682821192120%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1682821192682%7D%2C%7B%22p%22%3A%225cb91279ed%22%2C%22f%22%3A1%2C%22ts%22%3A1682821193045%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1682821193045%7D%2C%7B%22p%22%3A%22e3358483bc%22%2C%22f%22%3A1%2C%22ts%22%3A1682821193045%7D%2C%7B%22p%22%3A%22af668bdd51%22%2C%22f%22%3A1%2C%22ts%22%3A1682821193226%7D%2C%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1682821192682%7D%2C%7B%22p%22%3A%226f27415d53%22%2C%22f%22%3A1%2C%22ts%22%3A1682821193226%7D%2C%7B%22p%22%3A%229ca61abeef%22%2C%22f%22%3A1%2C%22ts%22%3A1682821193226%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1682821192682%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1682821192682%7D%2C%7B%22p%22%3A%22e4ec132db7%22%2C%22f%22%3A1%2C%22ts%22%3A1682821193226%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1682821192682%7D%2C%7B%22p%22%3A%226db3fb8a85%22%2C%22f%22%3A1%2C%22ts%22%3A1682821193226%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1682821192120%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1682821192120%7D%5D
.mfadsrvr.com/ Name: tuuid
Value: 5fc738f9-8cf6-4ead-96c1-1c7828490792
.mfadsrvr.com/ Name: c
Value: 1682821193
.console.adtarget.com.tr/ Name: a307457
Value: 4139660057828765566
.c.bing.com/ Name: SRM_B
Value: 34776753A8676F3A3F9E7450A9B16EC5
.console.adtarget.com.tr/ Name: a743845
Value: 4139660057828765566
.adtelligent.com/ Name: a318342
Value: 7ff839d6e5a54b30
.console.adtarget.com.tr/ Name: a307080
Value: LK5U8UAZo2GVgnyxkra5
.spotim.market/ Name: vmuid
Value: 91de8cda0809327e
www.khaleejtimes.com/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005%22%7D
.mookie1.com/ Name: syncdata_ZEO
Value: 1
.agkn.com/ Name: ab
Value: 0001%3A1GF2%2F6aVP7B2myN5Ikb0s%2Fmda2hLqDX0
.demdex.net/ Name: demdex
Value: 74528481465111208781197755918741327382
.openx.net/ Name: univ_id
Value: 537072971|abb0385f-fb71-4da5-be13-d1ca93d34856|1682821194486589
.krxd.net/ Name: _kuid_
Value: PhoreWqi
.mfadsrvr.com/ Name: tuuid_lu
Value: 1682821194
.spotxchange.com/ Name: audience
Value: 7eb8bdb0-e6fd-11ed-8934-101e43450403
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 34776753A8676F3A3F9E7450A9B16EC5
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.adtelligent.com/ Name: a307971
Value: AJGsunjaG4FJPvmH
.fwmrm.net/ Name: _uid
Value: "e5c59_7227661993246293179"
.adfarm1.adition.com/ Name: UserID1
Value: 7227661993255565453
.weborama.fr/ Name: AFFICHE_W
Value: 2GcRF5owkdvY46
.adtelligent.com/ Name: a541630
Value: RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
.dpm.demdex.net/ Name: dpm
Value: 74528481465111208781197755918741327382
.adnxs.com/ Name: anj
Value: dTM7k!M4.gDYRWSF']wIg2C'!n7G6w!]tco8i_iqf!oN/@E'zz<*Z0QN'+[e?fZ6.XGm0pW>)Q>.Lyp64F[5q%fvbyTD._*Pl[gSnU+i7n#DnW3O9Lu4/PlF5HM0K3]ndr5+i9M(ncAyAnA1U!!#GB-scQs
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIzODc3ODIxMTQzNDcyMDc4MTU3NDUyIiwiZXhwaXJlcyI6IjIwMjMtMDctMjlUMDI6MTk6NTVaIn19LCJiaXJ0aGRheSI6IjIwMjMtMDQtMzBUMDI6MTk6NTVaIn0=
.tidaltv.com/ Name: tidal_ttid
Value: f16a5e4b-bacc-4f83-9ca9-55ee06a547a4
.liadm.com/ Name: lidid
Value: d79cd71a-ba53-4911-9847-73f2b8e35abe
.pubmatic.com/ Name: SyncRTB3
Value: 1685404800%3A224%7C1683417600%3A38_15_223_2%7C1684022400%3A21_234_99_81_231_166_250_5_96_239_165_220_204_56_46_22_249_214_240_55_71_3_238_8_178_104_13_243_176_54_233_48_7%7C1683676800%3A63%7C1684108800%3A35%7C1687996800%3A69
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!2882-2!2882
.pippio.com/ Name: did
Value: Yu7-N-Z3ro-I4my7
.pippio.com/ Name: didts
Value: 1682821195
.pippio.com/ Name: nnls
Value:
.pubmatic.com/ Name: DPSync3
Value: 1683849600%3A257%7C1684022400%3A255_261_262_258_263_256_201_260_259%7C1683417600%3A248_253
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjGzsDK0MAIADngorgkAAAA="
.bluekai.com/ Name: bkdc
Value: phx
.media6degrees.com/ Name: clid
Value: 2rtwp57011701dsag5e7kpm2000000013b010h01401
.media6degrees.com/ Name: acs
Value: 012020k1rtwp57xzt10
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.w55c.net/ Name: matchcasale
Value: 5
adgebra.co.in/ Name: AFCSS
Value: "43678 2 99 1 23043003!23043002"
.w55c.net/ Name: matchtriplelift
Value: 5
.media.net/ Name: visitor-id
Value: 3258227951455735000V10
beacon.lynx.cognitivlabs.com/ Name: ss
Value: voavFjxoKrd%2FhEhdAg5hWSfUyXxXTLXkbzybbvyhi8UnPH0lGnAEHXr7%2BFK%2F%2FpK4jpgn%2FiuzLPgs%2B5e1%2BYjJAg%3D%3D
.lijit.com/ Name: _ljtrtb_76
Value: 6ffdcb55-85c5-0c94-1ca4-fa88f93d3894
match.sharethrough.com/ Name: AWSALBCORS
Value: Zi7W2X5jt3rrMX4lEB90gFg6AtL44Im+1b5WUAMbmwR9SaS+ZCQ7k0euEp1y9KAYkqlSE7V23lutFFiohnN+Xk07p5k/D9jvG/8Wza7KjlUlDIphmgUS2tUmxp55
.pippio.com/ Name: pxrc
Value: CMygt6IGEgQIAhAAEgYI7OsBEAA=
ads.avct.cloud/ Name: uuid
Value: 109c1fce-ad74-46c0-b5d3-0584821c0883
.sundaysky.com/ Name: sskyCreationTime
Value: 1682821196666
.sundaysky.com/ Name: sskyu
Value: d6.cbc68e875474459db9e07fb79c8b8c8b
.media.net/ Name: data-o
Value: cb3f7c0a-c471-0c79-3857-32403363951a~~3
.khaleejtimes.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8R4iQ17PXqWZjDE4Zn_xIVpR7pgCrWbfjW8adXBy9adknGqGuU52C1w39ldMnbr0LSYIhsBoG9BHsbzCnw0ObcYWYUbL8doNxqRHlFw6pzFoxbYTC9QFapy8S-Ykv-oMxdE6gOi1_3iVwiPZYfTN29FAce2Q%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.lijit.com/ Name: _ljtrtb_42
Value: 5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9
.ctnsnet.com/ Name: cid
Value: e7b476299e03423b876156b73e369518
.mxptint.net/ Name: mxpim
Value: R33645_101EA6830_8FA46364.1.0000000000000000644DD0480000000000000000644DD04C
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFkYWRoaGlkYWjxC4lvYmxh-EgQwTezNDR6JYbgG1uYGgMAAGmLr0AAAAA
.go.sonobi.com/ Name: __uir_tl
Value: 1
.go.sonobi.com/ Name: __uin_tl
Value: 3877821143472078157452
.owneriq.net/ Name: pmc
Value: 1
.owneriq.net/ Name: p2
Value: oxc
.owneriq.net/ Name: oxc
Value: 1
.owneriq.net/ Name: si
Value: Q7361075971502906703P
.kargo.com/ Name: ktcid
Value: 42172f3c-9132-02e5-5225-d89e4163dcbc
.bfmio.com/ Name: __187_cid
Value: D25146A7-FA5A-44E2-8074-F1A3074DE67C
.bfmio.com/ Name: __io_cid
Value: ce2cd22ad95e5ef01f94e72885dcf96ddb3de4b0
.acuityplatform.com/ Name: auid
Value: 773702687624
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqBMjP6jXVzZXJNYXRjaGluZ0lkJK6RbGFzdERyb3BUaW1lTWlsbGlzJQFDc35aWYKYbGFzdFN1Y2Nlc3NmdWxNYXRjaE1pbGxpcyUBQ3N+WlmCj3RoaXJkUGFydHlVc2VySWRVMzg3NzgyMTE0MzQ3MjA3ODE1NzQ1MvuANvpCzEMlAUNzflpgoEQlAUNzflpgoEUh+4EyMvpCJKxDJQFDc35aZq5EJQFDc35aZq5FYzdkZjM1ODI4LWMzZjYtMDA4My0wMWQ2LWE2YjMzMTI4M2ZjMfv7hnZlcnNpb27C+w=="
.adhaven.com/ Name: uid
Value: 4c_8ee4fae7-01e7-4502-8997-210ac70b1164
.openx.net/ Name: pd
Value: v2|1682821193.1.1.1.1|iKbwvPvMgahEgKkWg2gy.g6wvmmuYwtvJeSwrf8vuwike.t1vohMs7fIvIfYrZvVvshAn8lwvZmKnovDf4tpsvcsv5vEvUoqvR.sTw7w1lkjgeD.wswcwg
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-773702722627&KRTB&23428-773702722627
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1682842797078
.lijit.com/ Name: _ljtrtb_49
Value: n0h9TTaSFk0n
.storygize.net/ Name: U
Value: c46b7bec-929d-4934-b270-6a180796d2f4
.brand-display.com/ Name: _knxq_
Value: 9392106e-c708-905c-1a29a45f.1682821194.1.1682821197.1682821194
.ads.stickyadstv.com/ Name: UID
Value: cc81a97b6208b3457ac8a4a53d464
.ads.stickyadstv.com/ Name: uid-bp-23409
Value: 7f8fb08a-14bb-0269-0da6-4f2231ed20a0
.smartadserver.com/ Name: csync
Value: 25:5ded644d-d048-4900-9db9-f4be5bd2dfb7|31:4e88baf9-60d2-4b7a-980c-5c1c7c62d27c|80:MqGfLmCln3Ip9pwvM6aGe2Cszi4prZsrMPRJgkA5|91:D25146A7-FA5A-44E2-8074-F1A3074DE67C|94:ZE3QSAAGdt3yhgA9|100:169a826d-feb3-09f5-1c8a-f212a79fdc00|107:5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9|127:AAAjOU7Im6EAACBud1f_9Q|130:611927c9-b19d-413e-a399-edc6a02241e2|139:0
.zeotap.com/ Name: zsc
Value: k%7Fo%E5%01n%9E%D0%E6%04q%C0%E6%DA%24M%0D%94%0ATY%AE%81%40%8E%C2%C9%148%1A%A8%5DR%09%0B%21%AC%B8DN%83%F9%2A%B8%E1s%C47%B1JH%D0%C4%81%8C%7C%921%B1%C6%D9%9F%83G%5C%05%2C%27%C5%03%F7%88q%D9%80+%21%E0%A1G%9AK%8F%1B+%28%17h%E4%0D%99%A4%00G%EEz%DA%28%23%8B%F5%2A%7C%BD%D06%23%A7%E3f8W%04%5D%C6%E3%2B%F4%AD%B9%C6%3E%D1s%AF%98%E6s%B3%F5%D8%04%12%C1%1C%E6qS%E6%C6%16%DBh%BA%1E%F8%17%E9%C7W%C4%3DU%FCa
.justpremium.com/ Name: jpxumatched
Value: ox
.justpremium.com/ Name: jpxumaster
Value: um-571b01d7-2b5b-4da7-a270-6288b7ba8c8d-1682821197
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005%22%2C%22nxtrdr%22%3Afalse%7D
.adtelligent.com/ Name: a281178
Value: D25146A7-FA5A-44E2-8074-F1A3074DE67C
.lijit.com/ Name: _ljtrtb_92
Value: 7906230784814628655
.adscale.de/ Name: uu
Value: 90b806a7b13541588c42d5fba50371ae
.w55c.net/ Name: matchmedianet
Value: 5
.adsby.bidtheatre.com/ Name: __kuid
Value: 9d4122d2-c10e-4adb-a621-a8dfffb23968.452035197
.inmobi.com/ Name: idsp_c
Value: d5f7c002-8957-43c7-9ab5-8ad286266848
.media.net/ Name: data-dat
Value: setstatuscode~~1
.rlcdn.com/ Name: pxrc
Value: CMugt6IGEgUI6AcQABIFCOhHEAASBgi46wEQAg==
.blismedia.com/ Name: b
Value: 644DD04C543276FDC4E871C8BLIS
.adtelligent.com/ Name: a558003
Value: D25146A7-FA5A-44E2-8074-F1A3074DE67C
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1kb9|8gU.0.f64165fb-0ae8-02f2-13ff-64262894019e|80p.0.1|7dW.0.1|5Ql.0.5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9|7br.0.1|7dN.0.AAAjOU7Im6EAACBud1f_9Q
.lijit.com/ Name: _ljtrtb_1
Value: 3464934303237790935
.lijit.com/ Name: _ljtrtb_16
Value: 8a409b54-c449-4f01-a499-90664ddef0b5-644dd048-4341
.lijit.com/ Name: _ljtrtb_86
Value: LK5U8UAZo2GVgnyxkra5
.linksynergy.com/ Name: rmuid
Value: c627d1eb-5899-4018-b4dc-df80b3747a69
.linksynergy.com/ Name: icts
Value: 2023-04-30T02:19:57Z
.w55c.net/ Name: matchopenx
Value: 5
.hybrid.ai/ Name: vid
Value: 17ecc634317215966543
.media.net/ Name: data-rk
Value: 978477414437337801~~8
.sundaysky.com/ Name: sskya
Value: "e294Ont0czoiM3RucWg5Iix0OiJuaSJ9fQ=="
.cpx.to/ Name: cpSess
Value: 292f023b54261f11
.cpx.to/ Name: dsp_OPENX
Value: 432e3986-53d9-0a96-398e-b482801b1844#1682821197213
.4dex.io/ Name: uids
Value: eyJzeW5jcyI6eyIzM2Fjcm9zcyI6IjIwMjMtMDQtMzBUMDI6MTk6NTEuMjcyNjU2NDI5WiIsImFkeW91bGlrZSI6IjIwMjMtMDQtMzBUMDI6MTk6NTAuNDg1NTMwMjg4WiIsImluZGV4ZXhjaGFuZ2UiOiIyMDIzLTA0LTMwVDAyOjE5OjQ5LjQ1NzY4MjUwNVoiLCJvbmV0YWciOiIyMDIzLTA0LTMwVDAyOjE5OjUwLjAzNDc3MTQ1MloiLCJvcGVueCI6IjIwMjMtMDQtMzBUMDI6MTk6NTAuMDM4NDc1NjU2WiIsInB1Ym1hdGljIjoiMjAyMy0wNC0zMFQwMjoxOTo0OS40NTc2Njk0NTRaIiwicmljaGF1ZGllbmNlIjoiMjAyMy0wNC0zMFQwMjoxOTo1MS4yNzI2NzQ2MTZaIiwicnViaWNvbiI6IjIwMjMtMDQtMzBUMDI6MTk6NDkuNDU3Njc3NDVaIiwic21hcnQiOiIyMDIzLTA0LTMwVDAyOjE5OjUxLjI3MjY0OTQ1OVoiLCJzb3ZybiI6IjIwMjMtMDQtMzBUMDI6MTk6NTAuNDg1NTM1NDIzWiIsInRyaXBsZWxpZnQiOiIyMDIzLTA0LTMwVDAyOjE5OjUwLjAzNjA3NDc1OFoiLCJ5YWhvbyI6IjIwMjMtMDQtMzBUMDI6MTk6NTAuNDg1NTI2NzQ1WiJ9LCJ1aWRzIjp7IjMzYWNyb3NzIjp7InVpZCI6IjIxMjE1MzIwMjYwODQyOSIsImV4cGlyZXMiOiIyMDIzLTA2LTI5VDAyOjE5OjU0LjQxNDQ0Mzk3WiJ9LCJhZGFnaW8iOnsidWlkIjoiOTdjNjgyODUtMTk1NC00YmZjLWI1MzYtYWYwNjhkNzlkYjU0IiwiZXhwaXJlcyI6IjIwMjMtMDYtMjlUMDI6MTk6NDkuNDU3MzQ0Nzk3WiJ9LCJhZHlvdWxpa2UiOnsidWlkIjoiMTg5ODNhZDJlZTdiZGQ4NzBiOTE2MzNlM2UzNmYzZjYiLCJleHBpcmVzIjoiMjAyMy0wNi0yOVQwMjoxOTo1Mi41NjY1MDkxNDJaIn0sImFwcG5leHVzIjp7InVpZCI6Ijc5MDYyMzA3ODQ4MTQ2Mjg2NTUiLCJleHBpcmVzIjoiMjAyMy0wNi0yOVQwMjoxOTo1MS44OTAwMTA2MTlaIn0sImltcHJvdmVkaWdpdGFsIjp7InVpZCI6ImRiZTU1MTQ5LWIyNWYtNDBmNy1iNWFiLWNjZDllMTZmMmZjYyIsImV4cGlyZXMiOiIyMDIzLTA2LTI5VDAyOjE5OjUzLjA1NDQzMjE1MVoifSwiaW5kZXhleGNoYW5nZSI6eyJ1aWQiOiJaRTNRU0tpQlp6N21yRnY5dHRMS3lnQUFCYk1BQUFJQiIsImV4cGlyZXMiOiIyMDIzLTA2LTI5VDAyOjE5OjUzLjQyNzk0NjA3NFoifSwib3BlbngiOnsidWlkIjoiOGYxOTExMDAtYjgxOS0wNDUxLTE3YjEtNzEwOTVhMGUwZTJlIiwiZXhwaXJlcyI6IjIwMjMtMDYtMjlUMDI6MTk6NTMuMzMwNTg5MzA2WiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiJEMjUxNDZBNy1GQTVBLTQ0RTItODA3NC1GMUEzMDc0REU2N0MiLCJleHBpcmVzIjoiMjAyMy0wNi0yOVQwMjoxOTo1Ny4yMTAzMzY2NzZaIn0sInJ1Ymljb24iOnsidWlkIjoiTEgyU0FFV0stMUEtNUVSQiIsImV4cGlyZXMiOiIyMDIzLTA2LTI5VDAyOjE5OjU0Ljc0NzI2ODc1WiJ9LCJzbWFydCI6eyJ1aWQiOiIyNDAzNDc1MzE3MTc2MDY5MDYxIiwiZXhwaXJlcyI6IjIwMjMtMDYtMjlUMDI6MTk6NTIuNzQ2NTQwODM3WiJ9LCJzb3ZybiI6eyJ1aWQiOiJHa0pyWkJaSDJ5Z1hKY1pPU09pXzBXNDAiLCJleHBpcmVzIjoiMjAyMy0wNi0yOVQwMjoxOTo1My45MDYzNjIyNzVaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiMzg3NzgyMTE0MzQ3MjA3ODE1NzQ1MiIsImV4cGlyZXMiOiIyMDIzLTA2LTI5VDAyOjE5OjUyLjQzNTUxMDE3WiJ9LCJ5YWhvbyI6eyJ1aWQiOiJ5LThEaklIUFZFMnVGUjJ1T0tzVzRPQzlYQ205RmhTcTJRVTlkanpFVS1-QSIsImV4cGlyZXMiOiIyMDIzLTA2LTI5VDAyOjE5OjUyLjA4MDI4NjI5WiJ9fSwiYmRheSI6IjIwMjMtMDQtMzBUMDI6MTk6NDkuNDU3MTQ3MjQ4WiJ9
.adstanding.com/ Name: _adstanding_id
Value: 13a9ab20ca47528906189634db924386
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005&KRTB&17107-RX-25e123c1-91dd-4efb-b23f-8cb41c34b8bd-005
.quantserve.com/ Name: d
Value: EN8BKQHwKPijCJiTCuu4EJ9AqPoQ3N-xAA
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY4MjgyMTE5MzEwNCwiMjQiOjE2ODI4MjExOTc0MTEsIjI2IjoxNjgyODIxMTk1Mzc0LCI0OCI6MTY4MjgyMTE5NzE3OCwiMzkiOjE2ODI4MjExOTMyOTIsIjE3IjoxNjgyODIxMTk1MTA2LCI3IjoxNjgyODIxMTkzMjkyLCI3MCI6MTY4MjgyMTE5NDUwNH0
.adhigh.net/ Name: gi_u
Value: uL4sb4hLhO5f.AikABlGHz_WuLA
.socdm.com/ Name: SOC
Value: ZE3QTcCo8YAAABK4Jd4AAAAA
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsidHJpcGxlbGlmdCI6eyJ1aWQiOiIzODc3ODIxMTQzNDcyMDc4MTU3NDUyIiwiZXhwaXJlcyI6IjIwMjMtMDUtMTRUMDI6MTk6NTcuNDU0MjUxMjUyWiJ9LCJydWJpY29uIjp7InVpZCI6IkxIMlNBRVdLLTFBLTVFUkIiLCJleHBpcmVzIjoiMjAyMy0wNS0xNFQwMjoxOTo1Ny40NTQxOTE4NTlaIn19LCJiZGF5IjoiMjAyMy0wNC0zMFQwMjoxOTo1Ny40NTQxODkyMTVaIn0=
.getpublica.com/ Name: p_uid
Value: edcfbc6e-5934-40ed-b9ae-9bde8d444b7c
.id5-sync.com/ Name: id5
Value: 5567273a-3da5-78e6-bae4-4584bbe9ddf1#1682821189811#3
.realestate.com.au/ Name: mid
Value: 5327567025831386373
.lijit.com/ Name: _ljtrtb_12
Value: 7906230784814628655
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22113%22%3A%2220230430%22%2C%22140%22%3A%2220230430%22%2C%22108%22%3A%2220230430%22%2C%22149%22%3A%2220230430%22%7D
.lijit.com/ Name: _ljtrtb_85
Value: AAAjOU7Im6EAACBud1f_9Q
.metadsp.co.uk/ Name: c
Value: 1682821197
.metadsp.co.uk/ Name: ruuid
Value: 209ea27b-cab5-4690-810b-2c80f9149c53
.mrpdata.net/ Name: U
Value: 66861d9d-8365-f634-5470-103da54f3d73
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_08297017-5410-4ddd-bdec-48dd69d06f44
.lijit.com/ Name: _ljtrtb_80
Value: LH2SAEWK-1A-5ERB
.lijit.com/ Name: _ljtrtb_84
Value: c:0493722afcf1b6c27b31a620a7601a82
.nrich.ai/ Name: _nauid
Value: ea2faf13-0f1d-45a8-830a-a62f4301fb57
.lijit.com/ Name: _ljtrtb_2
Value: 429FA571C8024762B89F507D54B48C58
.lijit.com/ Name: _ljtrtb_43
Value: UE_axAJL2phLGNnFUUjDkQJCi8RLQ97BUhod67f8
.media.net/ Name: data-so
Value: 8de6b72b-50b4-4beb-9347-a7b5e9fcb8f6~~8
.media.net/ Name: data-mm
Value: 5ded644d-d048-4900-9db9-f4be5bd2dfb7~~8
.server.cpmstar.com/ Name: USER_ID
Value: %ee%07a%b1%c3%80%ffM%16%f8%0e%dbPiQ
.lijit.com/ Name: _ljtrtb_27
Value: abb0385f-fb71-4da5-be13-d1ca93d34856
.media.net/ Name: data-g
Value: CAESEMmLBoV6bqltIyU-ScOHw7M~~8
.c.appier.net/ Name: _auid
Value: zLYuFxOhBf6LtVVeTdBNZA
.media.net/ Name: data-xu
Value: fYpSPiDn1PSWFi5~~8
.media.net/ Name: data-c
Value: 4cba3614-0a55-4029-9bf6-6fae57427e17~~1
.media.net/ Name: data-c-ts
Value: 1682821197
.lijit.com/ Name: _ljtrtb_87
Value: 5fc738f9-8cf6-4ead-96c1-1c7828490792
.media.net/ Name: data-ttd
Value: abb0385f-fb71-4da5-be13-d1ca93d34856~~1
.media.net/ Name: data-mf
Value: 5fc738f9-8cf6-4ead-96c1-1c7828490792~~1
.adscale.de/ Name: cct
Value: 1682821197658
.adx.opera.com/ Name: UID
Value: OPU5fc07fb7ad0a4a48a8150d3f280228f9
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-zLYuFxOhBf6LtVVeTdBNZA
.pubmatic.com/ Name: PugT
Value: 1682821196
.admixer.net/ Name: am-uid
Value: c487552ba4ca418fa215f37369d81dac
.lijit.com/ Name: _ljtrtb_83
Value: LH2SAEWK-1A-5ERB
.mrpdata.net/ Name: DNT
Value: 00000000-0000-0000-0000-000000000000
.company-target.com/ Name: tuuid
Value: e0c09700-8f76-46de-8d0c-5ca610b6bb40
.company-target.com/ Name: tuuid_lu
Value: 1682821198|ix:0
.scorecardresearch.com/ Name: UID
Value: 13Ce91e2b0c1a0138fd84e41682821198
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 6
.lijit.com/ Name: _ljtrtb_94
Value: 644DD04C543276FDC4E871C8BLIS
.rlcdn.com/ Name: rlas3
Value: ZwPvXv+TB53P6DzXCcDbeoYKHd1TagNrP2cJFw66g7w=
.rkdms.com/ Name: sessionid
Value: h-1e31fd452a4dbee872c2ba525ab42958_t-1682821198
.rkdms.com/ Name: sc
Value: 13%3A108050
.adhigh.net/ Name: btw_sync
Value: LKIN
.pro-market.net/ Name: anProfile
Value: "p04huipe4068+1+1f=1+1g=1+1j=3k:1+rs=s+rt=26075300006078670000000000000012+s2=(rtwp59)+vm=15-3258227951455735000V10"
.pro-market.net/ Name: anHistory
Value: "p04huipe4068+2+!#7/y#B#8pO"
.metadsp.co.uk/ Name: ruuid_lu
Value: 1682821198
.realestate.com.au/ Name: External
Value: %2FTRIPLELIFT%3D3877821143472078157452%2F_EXP%3D1714357197%2F_exp%3D1714357198
.lijit.com/ Name: _ljtrtb_26
Value: 4e88baf9-60d2-4b7a-980c-5c1c7c62d27c
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: 4lwEUiOObA
.media.net/ Name: data-bs
Value: 4e88baf9-60d2-4b7a-980c-5c1c7c62d27c~~1
.lijit.com/ Name: _ljtrtb_71
Value: D25146A7-FA5A-44E2-8074-F1A3074DE67C
.lijit.com/ Name: _ljtrtb_58
Value: D25146A7-FA5A-44E2-8074-F1A3074DE67C
.as.ck-ie.com/ Name: CID
Value: 32613c77dfd63ecb55f0170df83f1c13a50a584e
.lijit.com/ Name: ljtrtb
Value: eJyNUctqHDEQ%2FJc9u0GPbnXLN%2B3MrGN7SfBjEsjFSJpRNl6yDsEGh5B%2FTyt3g2%2BiVNVdVf1nY93mfMPRBOcNC4rF4CQQbc42JPo1OlIoMewSJUCcHIhhhJ1NKsBxCjwo1wXl4ipScosQzOIAC2eIYipQtZVrcIvjqlzbuZLRxEIIFTECNmMhY4ygTgIuy9pMIQioT4MC6NGqEqMqT%2BYQ7%2B%2Fz3e5oTn0zK5ZLMV6oQStsAZdMUFbrYbE1R794FAp9s1I9BowevfHOswaPvmftLaCLGpLtIMYhB7eVuCPDI%2BEWZdA2zjZilLf%2F4O7S9OUabAKabreKx7dbZPv%2BFsW%2FMR4V1zLG0eBA6B2H3TjgJN3sdn9517WdU8%2BNhmPncqvNllAdF29zcCZzMDaL60xSZkrp8dPMlz%2FClNKwfVlse4g3veMehVowOa4EmmYFrJWhiAlghGxrjlcJGZ5f6nNBJqqxT%2B1X3V%2FTLHP6%2BuQuPn87%2FX49%2Fsq9A%2By55ukhv6arvft52F98PO3m%2BXE83lwN3%2BV2fxN5Ox%2BelsCt18x9VmhtqYUIhKoaqRFBr4nQskjrRxWtRffyf7%2BVvaIgtQXANS8QQ7UqYHGC0bBe6O8%2FXeSzSQ%3D%3D
.gammaplatform.com/ Name: _aCMP_31
Value: 1
.gammaplatform.com/ Name: _aCMP_35
Value: 1
.gammaplatform.com/ Name: _aCMP_5
Value: 1
.gammaplatform.com/ Name: _aCMP_7
Value: 1
.gammaplatform.com/ Name: _aCMS_3
Value: 1
.gammaplatform.com/ Name: _aGeoIp
Value: HK|Hong_Kong
.gammaplatform.com/ Name: _aUID
Value: wbjpnkexbbyt
.intentiq.com/ Name: intentIQCDate
Value: 1682821198749
.intentiq.com/ Name: IQPending
Value: pending
.intentiq.com/ Name: CSDT
Value: UEQ6Ml8wJlRjc0VGakM
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 2503514557#1682821198744#0#1682821198744
.media.net/ Name: data-r
Value: LH2SAEWK-1A-5ERB~~1
.resetdigital.co/ Name: ckbk
Value: 000000F4716E956B
.pubmatic.com/ Name: SPugT
Value: 1682821198
pool.admedo.com/ Name: tuuid
Value: a26ce991-3c2e-42bd-8480-75de3d4f19e3
pool.admedo.com/ Name: c
Value: 1682821198
pool.admedo.com/ Name: tuuid_lu
Value: 1682821199
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCOCAwqDtyuQ7EAUSFwoIcHVibWF0aWMSCwjuscCi7crkOxAFEhQKBXRhcGFkEgsIoLmSqe3K5DsQBRIVCgZjYXNhbGUSCwjuhcez7crkOxAFEhYKB3J1Ymljb24SCwiM_7ey7crkOxAFGAEgASgCMgsI_OTlj4TL5DsQBTgBWgc4aDl1MTFoYAI.
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.gumgum.com/ Name: vst
Value: u_d4b52a6b-cc18-4416-b0d4-1071372d77a7
.bumlam.com/ Name: suuid3
Value: IiQ4MWY5ZjdlMC1lNmZkLTExZWQtODZlMC0wMDI1OTBjMDY0N2M*
.id5-sync.com/ Name: 3pi
Value: 464#1682821197210#222458633#5f60a9e5-078e-4cc7-b806-0851ff27e86a-tuctb4755c9|434#1682821199151#926213507|2#1682821199372#876805385#7906230784814628655|3#1682821198207#-127857550#5ded644d-d048-4900-9db9-f4be5bd2dfb7|264#1682821199629#-381274905#abb0385f-fb71-4da5-be13-d1ca93d34856|441#1682821199925#-1767832563#u_d4b52a6b-cc18-4416-b0d4-1071372d77a7|108#1682821200201#-1062956568|429#1682821198698#663248132#D25146A7-FA5A-44E2-8074-F1A3074DE67C
.id5-sync.com/ Name: callback
Value:
.doubleclick.net/ Name: DSID
Value: NO_DATA
.khaleejtimes.com/ Name: push_status
Value: 5
.io.jogo.studio/ Name: _gat_tracker0
Value: 1
.aidata.io/ Name: __upin
Value: zVmPme1APYRgJ8ax/zMZcg
.aidata.io/ Name: __upints
Value: 1682821200
.prebid.a-mo.net/ Name: __amc
Value: 1_1682821200_1682821200
.a-mo.net/ Name: amuid2
Value: aad1d103-06ed-424a-b3a3-632bce6d6d8f
.prebid.a-mo.net/ Name: sd_amuid2
Value: aad1d103-06ed-424a-b3a3-632bce6d6d8f
www.khaleejtimes.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.aniview.com/ Name: aniC
Value: 1682821193788-914099371828-001571-011-006544
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1682821200!sovrn,1682821197!taboola,1682821196!triplelift,1682821195!the33across,1682821194
.khaleejtimes.com/ Name: cto_bidid
Value: 4nfWdF9BQzJRQnBqTWNCVGxEOTh3WUJwRnFVQ082b1ZqR2h1QXBvYlJLRVczQmFnVjNYYSUyRkg5NHloQld4QzB6UEFnamZRMiUyRjdRTWYlMkZGSHklMkZ3N3dHRDZDaTVmaXRsZ0MybFlDcjBGaSUyRkg1diUyQllDWkhpVEFzbVZtaiUyRjBhRVlodGhncjJI
.khaleejtimes.com/ Name: cto_bundle
Value: r6w9XV81RHJ3bXFIZUF3OFVPR3lGWG44QXZKRUJTRk5qZyUyQjZYaVpjN1ZaSjBMZUJCUEY1SGlocUYySHFGdGhYNlFoRlJDaWdDVkgxemw5M09MMXBFTDB5ZThuUlNlRTNLJTJGdFBmJTJCdmZnQndQQ3NSY1ZqJTJCUG5RZWVyZHVaZDlDWFE3RyUyRkVySTEyV3VGZGRJS1h4ciUyQnRxTk1CZlVxY2s1dzMybTl0aURYWXlJZm94ZlUlM0Q
.yandex.ru/ Name: yuidss
Value: 9961742841682821201
.yandex.ru/ Name: yandexuid
Value: 9961742841682821201
www.khaleejtimes.com/ Name: device_uuid
Value: 6faa9164-fc4f-49f4-bc1d-0b3d837c0c91
.adnxs.com/ Name: icu
Value: ChgIlJ91EAoYASABKAEwxqC3ogY4AUABSAEKGQjmqIkBEAoYASABKAEw0aC3ogY4AUABSAEQ0aC3ogYYAQ..
.lijit.com/ Name: ljtrtbexp
Value: eJxdjzsSgEAIQ%2B%2BytQWwfL2a491d18Ih5SMBkmvwONlTisLKjiEblSbFi8GddYLum6eK1csM%2B1UV%2FcGaZPckdWaHnwV%2ByJAKbMBwT%2F79JFl6dN2%2BfJKuc%2FsdOHrnws4tz%2F0As2JGJQ%3D%3D
.smaato.net/ Name: SCM
Value: 57a77c9
.smaato.net/ Name: SCMaps
Value: 57a77c9
.dotomi.com/ Name: DotomiTest
Value: 14affde8e1320fe8
.tns-counter.ru/ Name: guid
Value: 2981682D644DD052X1682821202
.khaleejtimes.com/ Name: _ga_2VVVMDVFQ8
Value: GS1.1.1682821190.1.1.1682821202.48.0.0
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.rubiconproject.com/ Name: audit
Value: 1|q/0+hV83oRQACy5Y7QxiuzBCWKCcGyq9pQnmfXl+gPceECEUBMheivCY0yYvI0KZAQ8oRkb1U6JBK03vAHceEEFncQAlNFZ+MPfXIs2yjLS1WE+YwqkY5lYCsYjooNzs5b3Ow/EMMjQcAkH8NIhEougeS1n2pg/R
.adkernel.com/ Name: SSPZ
Value: 180530
.adkernel.com/ Name: DSP2F_13
Value: 575919
.adkernel.com/ Name: ADKUID
Value: A917653340294673149
.analytics.yahoo.com/ Name: IDSYNC
Value: "199v~2bde:190u~2bde:18z8~2bde:18za~2bde:19ah~2bde:175w~2bde:18yl~2bde:191q~2bde:199l~2bde:196y~2bde"
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.go.sonobi.com/ Name: HAPLB8S
Value: s8534|ZE3QV
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
cpm.vuukle.net/ Name: ADKUID
Value: A917653340294673149
.tribalfusion.com/ Name: ANON_ID
Value: aSnTR8N3IdkSIdwFUxVZauZaHsY2s0qSJA6BYs8f0NE7yh6xZaLIwOgDapCYJDVZaUPgSDQcgCLPfAFBKFbUWrqmp09dlYP63q9lU0UD6F5VL8p5gmVfWl3Ffd0sJLGAGrAjRo0gJPFvNpDEmG4GRm0pMIV85xqcf7GZb1wiL9NDkZdZauwt7E2IBm0EdTIwrZaqNhipDoyAYJZdOojnvYPxTpZcsWwQYc7H8E8NbdCW2a
.betweendigital.com/ Name: ut
Value: ZE3QUwAD1HgMFx4XcY9wdiQF4vHk0qbkUjY79g==
sync-dmp.mobtrakk.com/ Name: chk
Value: 1
sync-dmp.mobtrakk.com/ Name: pid
Value: ZGNjMTFmMTExNTFlYTEz
.uuidksinc.net/ Name: jcsuuid
Value: Aeu8prBtiZnsAfpFmq2s
.toast.com/ Name: BID
Value: ZYDG7DMBIWUF69954ECL2524Y
.toast.com/ Name: txpub_1641267272
Value: caa4e1f7-081e-5278-9695-c2ccf2d81289_:_EXP_:_1698373204
.toast.com/ Name: txsync
Value: 1682821204
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiNDEzOTY2MDA1NzgyODc2NTU2NiIsImV4cGlyZXMiOiIyMDIzLTA1LTE0VDA0OjIwOjAxLjEwNjE3NTQ0NyswMjowMCJ9LCJpeCI6eyJ1aWQiOiJaRTNRU0tpQlp6N21yRnY5dHRMS3lnQUFcdTAwMjYxNDU5IiwiZXhwaXJlcyI6IjIwMjMtMDUtMTRUMDQ6MTk6NTkuNzA5MzA3NTE5KzAyOjAwIn0sInJ1Ymljb24iOnsidWlkIjoiTEgyU0FFV0stMUEtNUVSQiIsImV4cGlyZXMiOiIyMDIzLTA1LTE0VDA0OjIwOjAwLjU4NjMzOTI2NSswMjowMCJ9LCJzbWFydHlhZHMiOnsidWlkIjoiZDJkOTNkMWM2MDJlNDYwZGMyOWFlMzk1NDc1YmNhYWJjMmM3NWRhOTE5YmU5NzZlNGJhYTRhZThiMTFjMTlmMSIsImV4cGlyZXMiOiIyMDIzLTA1LTE0VDA0OjE5OjU5LjAwNDc4Mjc2NyswMjowMCJ9LCJzb3ZybiI6eyJ1aWQiOiJHa0pyWkJaSDJ5Z1hKY1pPU09pXzBXNDAiLCJleHBpcmVzIjoiMjAyMy0wNS0xNFQwNDoyMDowMC4zNjYxNDY1NDMrMDI6MDAifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIzODc3ODIxMTQzNDcyMDc4MTU3NDUyIiwiZXhwaXJlcyI6IjIwMjMtMDUtMTRUMDQ6MTk6NTcuNzM2MTc4ODU5KzAyOjAwIn0sInZpZG9vbXkiOnsidWlkIjoiYTZmMzdmMDEyMzAxMzA5OWE1OTViZTIyMTdmYzQzNWEiLCJleHBpcmVzIjoiMjAyMy0wNS0xNFQwNDoyMDowNC43OTYyNzIzNjIrMDI6MDAifX0sImJkYXkiOiIyMDIzLTA0LTMwVDA0OjE5OjU3LjczNjE3NzA1NCswMjowMCJ9
cs.chocolateplatform.com/ Name: sp_cookie
Value: sp-3c01dc9f60df497b9b4f237b250fc6ca

31 Console Messages

Source Level URL
Text
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network error URL: https://www.khaleejtimes.com/technology/fake_image.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.khaleejtimes.com/technology/fake_image.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.khaleejtimes.com/technology/fake_image.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.khaleejtimes.com/technology/fake_image.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://demand.trafficroots.com/sync.php?partner=3379&redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D137%26partneruserid%3D%7Btrafficroots_id%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.khaleejtimes.com/technology/fake_image.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://tags.bluekai.com/site/87734?id=f3802262-1e01-41c2-7c52-ea2294ef5952&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f3802262-1e01-41c2-7c52-ea2294ef5952&reqId=605f4901-6642-41d3-7f8d-0647fd7cfd0e&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.khaleejtimes.com/technology/fake_image.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://cm.smadex.com/pixel?tl=1&redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8078%26xuid%3Dmy_external_user_id%26dongle%3D7du&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cm.smadex.com/pixel?tl=1&redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8078%26xuid%3Dmy_external_user_id%26dongle%3D7du&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://cm.smadex.com/pixel?tl=1&redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8078%26xuid%3Dmy_external_user_id%26dongle%3D7du&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Message:
Failed to load resource: net::ERR_SOCKET_NOT_CONNECTED
network error URL: https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID
Message:
Failed to load resource: net::ERR_SOCKET_NOT_CONNECTED
network error URL: https://trace.mediago.io/ju/cs/taboola
Message:
Failed to load resource: net::ERR_SOCKET_NOT_CONNECTED
network error URL: https://tags.bluekai.com/site/27021?&id=3877821143472078157452
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.bluekai.com/site/27021?&id=3877821143472078157452
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tags.bluekai.com/site/27021?&id=3877821143472078157452
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:429FA571C8024762B89F507D54B48C58&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://p.adsymptotic.com/d/px/?_pid=16259&_psign=b376958ac9baec8bbf182ce1504b7fee&_puuid=3877821143472078157452&gdpr=0&consent=&_redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6891%26xuid%3D%24%7BUUID%7D%26dongle%3D2b64
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://p.adsymptotic.com/d/px/?_pid=16259&_psign=b376958ac9baec8bbf182ce1504b7fee&_puuid=3877821143472078157452&gdpr=0&consent=&_redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6891%26xuid%3D%24%7BUUID%7D%26dongle%3D2b64
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://p.adsymptotic.com/d/px/?_pid=16259&_psign=b376958ac9baec8bbf182ce1504b7fee&_puuid=3877821143472078157452&gdpr=0&consent=&_redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6891%26xuid%3D%24%7BUUID%7D%26dongle%3D2b64
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=R2tKclpCWkgyeWdYSmNaT1NPaV8wVzQw&gdpr=0
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LH2SAEWK-1A-5ERB&gdpr=0
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=4139660057828765566&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
Message:
Failed to load resource: the server responded with a status of 429 ()
network error URL: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=D25146A7-FA5A-44E2-8074-F1A3074DE67C&vid=a6f37f0123013099a595be2217fc435a&dspid=pubmatic
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
33across-match.dotomi.com
571f75a79109ac4f392f762d2acb3a54.safeframe.googlesyndication.com
8db497b7b96cbda92d4609919b0b0f00.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a.vidoomy.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
adgebra.co.in
ads.avct.cloud
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.scorecardresearch.com
ads.stickyadstv.com
ads.us.e-planning.net
ads163.adtelligent.com
ads62.adtelligent.com
adservice.google.ca
adservice.google.com
adxbid.info
akamai.tiqcdn.com
amazon-tam-match.dotomi.com
an.yandex.ru
analytics.google.com
aorta.clickagy.com
ap.lijit.com
api.khaleejtimes.com
api.vuukle.com
app.playstream.media
as.ck-ie.com
b1sync.zemanta.com
b9-imp-ipv6.tribalfusion.com
bam.nr-data.net
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
bttrack.com
c.amazon-adsystem.com
c.az.contentsquare.net
c.bing.com
c.clarity.ms
c1.adform.net
c21lg-d.media.net
c3.a-mo.net
cache.betweendigital.com
casale-match.dotomi.com
cdn-sdk.hansel.io
cdn.adgebra.in
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.doubleverify.com
cdn.id5-sync.com
cdn.izooto.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.prod.uidapi.com
cdn.taboola.com
cdn.vuukle.com
cdndc.netcoresmartech.com
cdnjs.cloudflare.com
cdnt.netcoresmartech.com
cdnx.tribalfusion.com
cds.taboola.com
ce.lijit.com
cm-exchange.toast.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cm.smadex.com
cms-xch-chicago.33across.com
cms.analytics.yahoo.com
cms.quantserve.com
collect.tealiumiq.com
connect.facebook.net
contextual.media.net
cookies.andbeyond.media
cookies.nextmillmedia.com
core.iprom.net
coronaliveupdates.khaleejtimes.com
cpm.vuukle.net
crb.kargo.com
creativecdn.com
cs.admanmedia.com
cs.chocolateplatform.com
cs.lkqd.net
cs.media.net
cs.mobfox.com
csi.gstatic.com
csync.loopme.me
ct.contentsquare.net
d.adroll.com
d.turn.com
data.adsrvr.org
datacloud.tealiumiq.com
de.tynt.com
demand.trafficroots.com
dis.criteo.com
dm-us.hybrid.ai
dmp.adblade.com
dmp.adform.net
dmp.brand-display.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eu-u.openx.net
eus.rubiconproject.com
eve.boxx.ai
events-ssc.33across.com
f.monetate.net
fastlane.rubiconproject.com
fei.pro-market.net
fundingchoicesmessages.google.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hblg.media.net
hde.tynt.com
hulk.boxx.ai
i.e-planning.net
i.liadm.com
i.w55c.net
ib.adnxs.com
ic.tynt.com
ice.360yield.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idpix.media6degrees.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
ih.adscale.de
image.khaleejtimes.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprnjmp.taboola.com
inv-nets.admixer.net
invstatic101.creativecdn.com
io.jogo.studio
ioms.bfmio.com
ipac.ctnsnet.com
j.mrpdata.net
jogo-assets.s3.amazonaws.com
js-agent.newrelic.com
js.boxx.ai
lb.eu-1-id5-sync.com
lg3.media.net
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
matching.truffle.bid
mid.rkdms.com
mp.4dex.io
mug.criteo.com
mweb.ck.inmobi.com
mwzeom.zeotap.com
nh.iz.do
nhwimp.izooto.com
oa.openxcdn.net
oajs.openx.net
odr.mookie1.com
onetag-sys.com
openx-ums.acuityplatform.com
openx.adhaven.com
openx2-match.dotomi.com
optimized-by.rubiconproject.com
osjs.netcoresmartech.com
ox-rtb-europe-west2.openx.net
ox-rtb-europe-west4.openx.net
oxp.mxptint.net
p.adlooxtracking.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
pahtuz.tech
palibzh.tech
partners.tremorhub.com
ping.chartbeat.net
pippio.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
play.jogo.studio
player.avplayer.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.andbeyond.media
prebid.media.net
prebid.playstream.media
prg-apac.smartadserver.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
psegment.netcoresmartech.com
pubads.g.doubleclick.net
publish.vuukle.com
pubmatic-match.dotomi.com
px.adhigh.net
px.ads.linkedin.com
px.owneriq.net
px4.ads.linkedin.com
pxl.iqm.com
qsearch-a.akamaihd.net
r.casalemedia.com
r.turn.com
rkbzwluhocwgxhhuwvjq.supabase.co
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.adstanding.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
rtbcdn.andbeyond.media
rtbdemand-d.openx.net
rtbpass-us.andbeyond.media
s.ad.smaato.net
s.adtelligent.com
s.amazon-adsystem.com
s.company-target.com
s.console.adtarget.com.tr
s.cpx.to
s.e-planning.net
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
s2s.aniview.com
sasinator.realestate.com.au
script.4dex.io
se.monetate.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.cpmstar.com
servx.playstream.media
sid.storygize.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.chartbeat.com
static.criteo.net
stats.g.doubleclick.net
streaming.playstream.media
sync-dmp.mobtrakk.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adtelligent.com
sync.bfmio.com
sync.bumlam.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.spotim.market
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
sync1.intentiq.com
sync2.resetdigital.co
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.contentsquare.net
t.teads.tv
taboola-d.openx.net
tags.bluekai.com
tags.crwdcntrl.net
tags.expo9.exponential.com
tags.rd.linksynergy.com
tags.tiqcdn.com
targeting.unrulymedia.com
tg.socdm.com
tg1.playstream.media
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
track1.aniview.com
track1.avplayer.com
trc.taboola.com
triplelift-match.dotomi.com
twa.netcoresmartech.com
u-iad04.e-planning.net
u.4dex.io
u.ipw.metadsp.co.uk
u.openx.net
ujm.hansel.io
um.simpli.fi
ums.acuityplatform.com
upload.boxx.ai
ups.analytics.yahoo.com
us-match.taboola.com
us-trc-events.taboola.com
us-u.openx.net
us-vid-events.taboola.com
us-wf.taboola.com
us.creativecdn.com
user-sync.adxpremium.services
usermatch.krxd.net
usersync.getpublica.com
vid.vidoomy.com
vidstat.taboola.com
vidstatb.taboola.com
visitor-service-us-east-1.tealiumiq.com
visitor.omnitagjs.com
vop.sundaysky.com
vpaid.vidoomy.com
vuukle-d.openx.net
vuukle.com
warp.media.net
wf.taboola.com
wrappers.geoedge.be
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.khaleejtimes.com
www.linkedin.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
ads.playground.xyz
cm.smadex.com
cookies.andbeyond.media
csi.gstatic.com
demand.trafficroots.com
openx.adhaven.com
trace.mediago.io
103.132.192.30
103.243.202.190
104.106.235.75
104.117.182.27
104.127.172.242
104.18.26.135
104.21.60.205
104.36.115.113
104.76.100.229
107.151.11.90
107.154.75.234
107.178.254.65
107.21.3.166
108.128.49.16
108.138.128.124
108.139.29.101
116.202.236.228
124.146.215.51
13.107.42.14
13.126.25.127
13.225.214.117
13.225.223.81
13.33.60.96
134.122.110.207
135.125.163.79
141.226.224.32
141.226.224.48
143.204.151.99
143.244.208.184
146.0.227.110
146.20.132.151
147.28.129.37
15.197.193.217
15.207.134.149
15.235.43.119
151.101.129.44
151.101.130.137
151.101.193.44
151.101.194.49
151.236.127.145
157.90.40.26
159.203.145.121
161.35.36.20
162.19.138.118
162.19.138.83
162.247.241.14
162.248.18.34
162.248.18.37
162.55.236.225
169.197.150.8
172.105.199.172
172.217.13.194
172.98.26.242
172.98.26.245
173.231.178.82
174.137.133.32
18.159.153.37
18.164.116.49
18.164.124.83
18.164.94.225
18.164.96.92
18.211.225.88
18.214.78.59
18.233.2.249
184.87.173.138
185.106.140.18
185.167.164.49
185.184.10.30
185.184.8.90
188.42.196.115
192.132.33.46
192.35.249.138
192.40.39.223
193.232.148.142
195.244.31.10
195.5.165.20
198.148.27.140
198.24.170.28
199.127.204.163
199.127.204.171
199.187.193.177
199.187.193.182
199.187.193.202
199.38.167.130
20.110.205.119
20.85.134.6
20.96.87.156
2001:4860:4802:32::181
2001:4860:4802:32::3
2001:6d0:4001::226
205.234.175.175
207.198.113.230
207.198.113.87
213.19.162.80
216.200.232.249
216.22.16.1
23.198.216.24
23.200.196.24
23.221.200.33
23.227.139.243
23.52.158.180
23.54.68.197
23.78.3.103
23.92.190.74
2400:52e0:1a00::1069:1
2400:52e0:1a00::845:1
2600:1400:9000::172c:edd0
2600:1400:9000::687e:74b8
2600:1400:9000::687e:769a
2600:141b:13::17d7:82bb
2600:141b:9000::684a:4129
2600:1901:0:8eee::
2600:1f18:1c96:4103:85f9:b152:a5d7:cc08
2600:1f18:4e9:5a02:6422:e7b:c10:ea7a
2600:1f18:612b:4216:bab5:2e60:d0c4:5889
2600:1f18:61c0:2204:1ecc:f6d6:4f40:b36c
2600:1f18:6593:f608:d96:5850:6736:187e
2600:1f18:765:4800:7681:18d0:4c60:ba77
2600:9000:21ec:3200:2:53b2:240:93a1
2600:9000:23ca:4800:c:7c62:1240:93a1
2600:9000:24f1:5c00:18:1fcd:351:7bc1
2600:9000:24f1:b000:9:a948:8e80:93a1
2600:9000:2510:6000:1b:6b7d:2300:93a1
2600:9000:2511:2a00:a:e047:752:b361
2600:9000:2511:ba00:7:2bfb:7c00:93a1
2600:9000:25c8:e800:1b:5138:8a40:93a1
2600:9000:25c8:f800:2:d490:4d80:93a1
2602:803:c002:300::99
2603:c020:400d:3000:b5b3:7157:5b47:80e4
2606:4700:10::6816:1957
2606:4700:10::6816:3456
2606:4700:10::6816:3ca8
2606:4700:10::6816:3da8
2606:4700:20::681a:8a9
2606:4700:3030::ac43:c1ca
2606:4700:3033::ac43:b4ab
2606:4700:3037::ac43:8a15
2606:4700:3037::ac43:9a47
2606:4700:4400::ac40:99f6
2606:4700::6811:180e
2606:4700::6811:3763
2606:4700::6812:130d
2606:4700::6812:17ea
2606:4700::6812:19ad
2606:4700::6812:272
2606:4700::6812:d841
2606:4700::6812:ddb
2606:4700::6813:9e13
2606:ae80:1450:16::2010
2607:4f00:958::2
2607:f8b0:4004:c17::9c
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:816::2001
2607:f8b0:4020:804::2002
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::2003
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2008
2607:f8b0:4020:806::200a
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2004
2607:f8b0:4020:807::2006
2620:100:a001::18
2620:100:a001::1d
2620:100:a001::4
2620:100:a005::d
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:4cb8:1820:80ca:50f7
2620:1ec:21::14
2620:1ec:29:1::40
2620:1ec:c11::200
2a02:6b8::90
2a02:6ea0:c400::12
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:400::300
2a04:4e42:400::485
2a04:4e42::714
2a06:8640:454::2
2a06:8640:799:0:ec4:7aff:fe6e:a48e
3.135.132.32
3.216.167.44
3.218.231.183
3.219.24.240
3.225.173.193
3.233.123.219
3.64.80.64
3.69.35.240
3.93.158.96
3.94.24.167
31.172.81.159
31.220.27.135
34.102.143.98
34.102.146.192
34.102.163.6
34.107.148.139
34.107.231.31
34.111.113.62
34.111.131.239
34.111.151.213
34.117.228.201
34.117.239.71
34.120.107.143
34.149.40.38
34.150.170.96
34.160.108.227
34.195.250.234
34.197.32.92
34.198.183.31
34.199.73.116
34.200.65.202
34.202.144.192
34.204.222.159
34.204.24.233
34.224.49.215
34.230.119.208
34.230.250.86
34.232.18.154
34.96.105.8
34.96.70.87
34.96.71.22
34.98.64.218
34.98.67.3
34.98.84.165
35.154.184.55
35.168.153.83
35.169.95.213
35.186.193.173
35.190.39.111
35.190.60.146
35.190.90.30
35.207.221.200
35.207.24.140
35.210.239.72
35.210.53.219
35.211.165.199
35.211.178.172
35.211.233.246
35.214.153.92
35.227.252.103
35.244.159.8
35.244.216.234
35.71.139.29
37.157.4.23
37.18.24.16
38.98.69.175
44.193.159.234
44.198.21.48
44.206.127.47
50.17.235.184
50.19.3.76
51.222.105.60
51.222.239.230
51.68.39.188
52.0.250.117
52.0.82.32
52.200.115.80
52.202.100.191
52.207.12.114
52.210.233.165
52.217.118.105
52.220.229.2
52.46.128.147
52.54.60.137
52.74.3.27
54.145.44.246
54.147.162.32
54.153.252.43
54.156.92.232
54.159.252.56
54.160.201.168
54.165.48.193
54.166.168.45
54.205.236.63
54.221.231.181
54.80.125.218
63.251.28.233
64.202.112.159
64.227.64.62
67.202.105.24
67.202.105.33
67.220.228.203
68.67.160.132
68.67.179.166
69.16.175.10
69.16.175.42
69.166.1.12
69.173.151.100
69.90.254.78
72.247.69.164
72.251.238.254
74.119.119.139
74.119.119.150
76.13.32.147
76.76.21.22
76.76.21.93
8.2.110.113
8.2.110.206
8.28.7.82
8.28.7.83
8.39.36.141
80.77.87.166
82.145.213.8
85.114.159.93
88.99.215.229
89.108.120.68
96.16.196.205
99.84.37.111
0097d683dc449274dbe4b316850fc81b3bf4af6862f1d2cc7479f6b7b4963a33
00eaf86be2967e16a405003c718163fd973c8300e021d055e93c69e9abb58ac1
00fb2fe756f41ed377ca8db30f48a3a47e622423f81c63bff0354f938ddd6efd
010e56690a5c7cda58de0835bf7f553df2c11f4b3dfe38b2a28600e57a920596
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
022e396474d22a62afc2010b78d9db41683790075a1cfd8246d8f9aa6ff4b7b9
02e559b2e2e0d24314a232b76794b9514ce44564c9243a1d56955c8c33569e86
02fddd8137770313efd007b7e22874ced5e55deeb7fa58ef78a5432110617403
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
034fecfb35c0ab9c11987eb422fa877340902626e79f77ceb52da51894356e1b
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04d01eca58d63785e5ac5e9a0387e12017b8d788bb221442aa1336dd54ada22d
04e770411ccf72a84bacbced76cfc34b470a47e8db87823d343bebc79bc70ace
0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05385461559fcd6a3a18e0da6baec5ab16810593e3ec08ffd27e68479bb3c7a4
053f4357254a0d8c4fc4770cf4de0bb837863ec661efa32a48fde9bb31620c02
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d1b3964e194f89543606f078e05c53d6b15e4dd2ba177b03c2d01fc3485012
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08e2c358ce13cb67f94ebb35b0f67c8763190a857c0db68da6eb196dfe9da46a
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
09aed5ce236949cf198a61ddb74881f899f5d11219c80ba24f40fb2ea73abd34
09b88b955172595961d81d607a021b04ab743e45cd9fa42a1bf16700c576f0e6
0a3d11b07d63fdf4f57562150f4cfd5ff77686cb8c15700a766d21b95e527816
0a96b43eaff5f46d5a979dbe0269f6e64d8fef024233ed560559f196df783073
0adad93e9361da7b723fe7331f055359aa69baf37b6aecd98cf5a8d238a3492d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b3e6447d0735009434a44eaa13b9c205202e3f0375b8fcf953fc7731753877d
0b5042dabe64b73275988334b34cf766353e02d2123a46427898356e70e1f133
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9914af88e832036cf246f40f4bf2964faaace3333027ef2632d7ab693fbf31
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d163df83c666ecaacb3dfb44ff300031b8581c194d107d276b7808432307c12
0daecfd72e20d17ad9731113b50578cd3ba20ff5f04bd1b4f728236211b04a1a
0e24cbb615f891e35b0b58c042f59c1aa70a1c5e4a09449bf670059fbd266cc3
0e45b36fbf9ad268dcfdae05313f895ec9abb87c84bb0bd0f17a0fe8d9ecc6c8
0e7c3ca603bd5f079199be2f969fb7c2cf24def5952920e26232364e6e97670e
0edf3d4cd79f37bae847c615743e67580af8cbabae3e373460516da85a1f39a0
0f415a865638ea539dda8b006a7d0a66cd015d3ef230d3f291ce5be917ced7ab
0f7ab069921694807aaf3f108b5eb4f14895e9bc7fdedaeb23c5d0bb97d50f78
10993fd60a35d34df6da9bff74cbd7012765f3f444e796902c3f917c59fdbf68
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
1215453532c8277607195fd7583b94417cf70354434f243aae86fec1ec275046
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
131ef292175dcda53aa7f96c3f97bae4fec8e003910def15444c2433b0a4907c
131ffab1e7eeefcc4df583141d90f01ed8c8540fbbaa520454ef99392787ce8c
13b85383874008ebf8ae2c26ab30c321b617a3539f489cad96968e570b5022fb
13bf0b2acc9f8e4187bd119b78087614dcf1b993cde84c7892327c4d362dcd33
14c479e76866a9044b466ca184294cceec6728f3b81c0ec8f2f501312247d7ae
1586e3e7788650f30f89a20dceed83d2928d6c43fbf198d06bd249497dfa273e
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
17cdb974b6f612cb0881ed02696b49e0ac3158018297538dab6c8f700dddcbff
17eb31ee568c54012757fffb75dfcaa54a02d363bf76a4e624f60725341824f3
181fb45c225b4951f4f869a0f07baa426e41debbf1875bf1e0c0ca30ab4de62d
1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1a106fff3b6d84593ca43e02c3001ea09328d1256a9a2f68fa7a16f8fed38160
1ac774570f935e6930359641bba8ab5dbb7897c71bdbbbb88b65896804ff619b
1ae977aeb162a1ae38e0b0d77dd9197e4311dd569ca9fed5a65ab67a67304852
1afa262e624f1634b15d619047f0addeb94a4f964711ae7d89997559ab75e77f
1b63846915a234d101da15a2951c3eba96da65786dd851082446ae056c00d943
1bd317fc2725d490a136af28191f1661ae331d27ac99b97659b34c1840679280
1bf872a6b59e7e76e364fc2e151dcb225f7d9284f3a82ddb31d1851842dfd22f
1c1f1fe9ae35f769f41e792602b476ac4cef7125bd640922550ce7a226edfe2c
1c62cb8e9ce2c4f1184d649ed105e7804631ccc8a9e70158596318c935afb033
1cff75fe5e91868ac4cc358ece8950368bb0bcaa3e1a7ee9dd85d2da074b7ac4
1d77e862946ba9861b6fbee1dcfbe53a721235e78a3d6c8293326c6cfdd8a504
1d77eed4fefedba8bb2a1d795a83af87736f30a34413fa3ad7f3095c0de9bd0a
1ddff8b731c76509264e6b48900f281a39b0e3aeb3e4df3a69fda9cc4ca437aa
1deed0f64c455d72ee8dc287ab7c57babec224e5da09332343fcbe1e49d74c0f
1e116d068314b1eb97ad95264d427d9a63c5baa0395467bdaeed4bf9ce9c760a
1e5b6d68ab32f145ca17f333ff43a2644b69887fbec215cb00a09cfc5ecc806b
1f3d0f38e9bbceb563be5a8f9318e660fb13fbb16d9318c1c8b5613f74ce28c2
1f3f3c7a291fd5b55f7c2c28d69447c45bfd2d3854f83d619914a4362f925344
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
201e718e15a6e4334e14cadf28ba10b8797ab4df1891717908a7012d1b367b51
2087756a0190b21c86565ef21cbf973911ee3702bc456bf77366caa594f4ffb4
20ef0f0c8d0eea98772412cea9b3b92612e3e53cb5e59152b5703165f56e8a53
214f104e4611818c162290e681f7849e9d24e48fe90b11ce845d75c63af672e9
218fa52eecc6f4bdc7fb2cf552d03e927747080b7a3618268efca457d8d65f5b
2202a7d9b9ff0c4d9c78df19784da343bcac13cb0bb0615696a4bd1c3fe67a58
22556cded59a6eadae9386548c55369b34f143aeea696e36755913c3ee68398f
24064c406fe2491c3ebbbf72c79978f422ec5582e0d5d2b5b7efdef53c67e132
241ac5b040ea3a3886808a0eba9dbb384ea930524092e128cfd8b189dcd4780d
249c4e456d6c2e9baf3ddc9ac020eb98fb4859487402ac0dcca8c5ed7d0ec536
25208c6ee960b928d8f697e0eba039bc6206cc9f22d6e2fe96aec93d91129dfd
252b7d20a88a955f223e2ac6a70dac6e8dd4a881828148cafdc4a3c32d132aef
2588f15b99661eddca2b5cdd109605c31e9fd379e1dcfb586e535a8df5180875
25faf4f1e6a26942f58177252d3512ea9eb880cbbb274b591049c8ebbd358647
26531e872adc86712eba0bd13fa0a20e7c99d9a1684e99cb4088662938686196
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26c7ad16a785070a5ad600d8a436223c93747e3984bdc5e29a3aae8423145773
26f9373308604b547b40979e71e3e852391fa4c65931639f6d7f7ca25a3deec1
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
282c2aa52f71affc729b0a337a619b287f795a5989732120d14926c819bea8f2
287c2bf68d6387779caaf3f83e4a6bef07562c2f12cb2a73e4d0c389c5707664
28e8ab9f67173c4206fc1232333fc189c04c06ef0f992e136418d75cac4d0185
28ec908a7b2abc463e0d119fb1bea7e02b85b938d3038a0a6c7ac08121d98d63
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b2f43a35cc7a3b2e758f41fbfa745596b8ccdaa0c8311868188707a88959491
2cf01fd4307a23f4e7029322521366ba0763c3295a089eecb90effb3095bf068
2dbb85491a2a609b5e2567e742a8fa6c4ae6a8184fb7250e6c210926f6e8729b
2deeac045484f266b07301af141d0c16c19e80712f590aafadd72771c3a35937
2deff8a9de0a8e8dc950e382c5382ade805ad576973e31ed01ba683e80bf9416
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f36340213734570a6392c4432b335594c82127c8b720653cb84e21e38195c5d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3128abcbb4f37862e885e75897a12fdefe8cb7a533a15cc268063d1faa05b7ee
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b0e9fdb06db87621b482f1779480186894a046458520d4754d853127f7b5de
31d2b3b76f623158be5983444ca708708089524b2a85ca15d84b015e656bb50e
3265096bf69a02b0ca8ee7695b3ef2985027792b8522e36ae1905084e71e7e52
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32af4b17e7758d6136775ea55c527bd1c6d50acae2882753af31a5b281925a6f
335ee0c30c9dc975874d7282df148de0184bfdb1969c060a482fd37061f00405
33b6da556107d63d603d250677b6e297ecb92d7d0c351d95228d9cd84cc5bd79
350f5577ffec4a6aaf7b9ff0d2d56ae9d4faed21c37bd071c2af7c119fad601d
35cc5991bbbb8879d58294a5ccb24de312af582fb8afccdf28c6a18032ba385b
36072157fc42d186866f4a3b9c31a9d40d2028b72e4f7962e47d97cb00df909b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36607fad23733017530ae863b127afca2a0fb3766b6027eaf58bca5f05b18e86
369f20e17ce9308e9e488e6fdbdf3aa0e3c8c4705b903c23cd610e7c41eedd16
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
391e874bad0ff56134b88787da08e7b5e40cf1ac537d77f34ff49c51318b7a41
392a17debd022eb8d935dbc2b72c7a9292db73342d4e0df11d8e23e107d094de
392c32f20b9f867852a946a6ed1c5e21476df9619083548b6585d80a3b5f9bd4
3a0a7021679268677dc4780116f6f8e8063ddc625b22f0246309a99a5ab010a9
3a36c712b92234bd72622d6641ea30cdb3b60cb3139bd7effb47b9871d2bbd17
3a51300a0219a84fc5e0da5637cbcefd69d3b322c322a333a7cd090a28b81579
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3ba702043ac26644d0046b531417c7dfd1651410568f0169b896d47445391676
3bd31baaa852b2827efc52e529477e1215d395b84774ceb6c2bc5a0d311eeff8
3c124e8d5cc4a724c0cc1650bbb0c64f90f6cd00807ec75353423d6cb0880390
3cb5b7ae5053d743996378c35733560214d3d896ade5c0de0d8b13a97f43039e
3cb9af59614886ae1cd4db1b3064ba594b52f6fc96047e0cade01d6e686bd5a5
3d3c91ae3f6664324e78e6267e87f6688d6b2ac9771e78aed7ff730b9db72d80
3d61c1112a762b263028c88de644e2b36cf932ad470ac342bb40048853488b28
3dc63db2627b9a19ef528d57af329aa3bbb7477384987e49a8639a8c95d60e0e
3e4501841b080bb07037abf532a254949716359acfbcfbb90d8b22d3b2292c01
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed44257a362e4f9f1e6014a2f6b210dfa6454672682487c893a7a49d59caffb
3f4b3c1281dc44c20857564876917b2e7fc89886757abb23fd27479fa47c6c9e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
412930d5c0e70458a49866b0d7621325c81aa80e8674d25520c656f908268ff7
41767a83d5d4ac0ece242b70cf76f657f08d0f1f9a5317d537bcaa855e7a1c52
41d2a510c497547671bf784771297431daf81c9c233744be4a2d3e9cf50fbff6
42cdcdb769ea227cf6f8f431e83bf096848f20d824d57e3e0c1435a04f8a8943
4338240292fb5e55dbd3b02b86f5ef5746790f77ba4085d33c2dc222fa0af88e
43f10459e0e3395a878434da39b980d98b6a1b3e7a641201e70e066ec1be7391
446527f98f82647f679f83ce8244e25531e659e09139f04fed06110ac35fd6bb
44bd9bc6aed7818f4de86e2df1a0684fcf3265ade3e502076c3d8cc41f77d993
4578d75a057e082ecae9ea9f2a90258999c97515975f4757ec1287736c8fec86
4643da5bd97b39eef5c003ceef6e2c798ddd2bb14578e6012d25270aa8414965
464f1c462b3312749eb7e4e7b9f10f53a751d8d440caaad9a7fb2d442eafa95c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4695f7145c72ca1152c1c40dd17d8152a83ed18254b02caeaeee67d3b8e38cd0
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
4751363e3eba4657995c6c85bc871da15bdbe7ce2910fdbc6783409697e94956
47d53987395f1d9fa218d31e1190fbc6a5e154813f5776a5584b76484993372e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b8498b15716ab0b4ca2b3e6b7a8acc89b3eeb3f6058c45d9fd43329b7a8af1
48bb64e099a56b73f5371f39db10019abc6a96e7b7ce5d815994d3bb428fb91a
4927f5f8d353eba6cb4f6177085d67b4b72a5ded8c59bacef7081f90e17e5764
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a7e514fe83f6c1ae141940885cd60d4b015afeb06060d2e9fd25948111b83de
4ad82b9ff77d441413f84f43d69a639fe1db49ff4bf2d4c497e180925ba2df77
4ad9cafb9b199d49b8c29323919b18b8b3b738b21d487022aef65c2e3f2b59cf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b91653d53f76ddaf492a61adad3c1be86528ee9f23d7a18a6044c4eed165cad
4bd3aa8d5ab8a3c0e2abde914c8d98ee974a9e24aba7a885166f5ec079d9bd29
4c603e6c8ea6b3bb4227d342496a3a2f17623545b0011e1e6e649934eaaa237b
4ca3cabc1328372ce02da2a6ec757830942603e70b1a0f7d6f804cb8115369ca
4cde20607a069eefd4289f5f75cbacac271db09ca6fb9fbfaf615876ee6f9257
4d103aa6459418648cbe913c21965506dec88b052033c15ece5c5800e39f7e34
4d90e240fa4110d3392d08a126fafec826be65d7bf60099df0cb1cc8e675d9c3
4d980babcc3034a2281384ecade658f924f7d5ea7773977e9cc04982938fdbf3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f74e5e060bc6b61fd7b3fa01f48a375f4343ac3d8c0e6d383108ed850cbd9e0
503b21999a416f6bab70f0119d86d140b092689fbadc4ac68d7248dc00d44f11
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
509818a7252ed5aa047b8929545c191bb83776dc12bbdd38dd3ea766bd6339f4
522c50189bf674504e642a78954b55de0671c5c6a6db66c50291fd31f04eede7
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
52e933f3e16543bf2d538de2c76a0a0dc2bce2c269298cee53c5f0790d43694d
533424fbd54e43c8b36e4a701a23bc01e364ed58b41cb4a1cc068d58cd7674fb
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6
534a37f80c2e3cd1ae1116c7a7a5156db3d6eaddada8a069b2c0e41a60d18149
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f1223587f76b8ec455590fb65770a1b2e1c4a03cf06c376662c87d622950ab
54f2e38ae86d8d9e274a7bddef5983ac8ae3a3250ac0652f7c97a663141f2ab8
55185a009c93d0a191aec891dfd0bf732e2235e677d1c56a656f96cdfabbecf3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56113fe1b4223dd56d57ee14cf9357472c38b9e11cb2613bc9ec6542708899d8
562d6598bbd6721a7bf5ddfeac9d1bdfd9dd1649fa872b447421e349f479728c
56f73d748f1825d9d83064b8ca4713d1de88f9311762cdd4a650963790dd0464
57c51e072bd11e2821e6bdd89323b42a255d5dffdfa76d98a86bc0b2eb22b125
58644b7dfa826a3291e2e5d6c2974b47906616e1aa03a2f757fdd1bde7796621
599f45a18de02b55e6232b832d95ff9c82089aad4c4cc155f653e59e9a84dc85
5a29df16d0e98e575ff17095bcb69330a3d08d6f635dc28725bbc55d93bb5a43
5a2fc5314baf482c6bd0d0b5b7d3cdf7cda61c76bfeca2a2749e004633675340
5a6cc23c9089f7dfc2efc1b647ece117e758d54463a4d55502646a1586dc87a8
5a790892e3f59eb135281d24001d57871f2fd0acfb6bbe3dd04c17191882b56b
5a8114ad8504adc4268146d74323e3a4887963470f7aa99299e0de2582c94b7c
5b047cd89ecfcf5c5add582f4d649b919d1135f6f1be093ebb67ef01a5e66816
5b7a230cbbda7dd4ec97eaab29d32c5fbbc814377c4fc70afd49f4fdf62081b1
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5da1b7de6689ca5f3bd142b9810450d30f13ff29781ae85e91dc34603762d34c
5dfe43a24f1392a0ea547b694951366354468b92f2ebfb4ef1881f8c043e2a94
5e375f49ca93ff98ec598cc69aa44bc6f6035f7b625e813caf89a04732075bdf
5e6f4958b892bb333d12e76dc67b9b2a0c83ee92905dc5cec11a1d55d3cef4dc
5f565becff747d2959be8ed75ebf7806a8bf39365e47bca31d7620fb8ab4479d
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
607979871888d521fe865871b1140d79e5e740487d40091cf30fe37c8185bf56
60b755dec036b63178a5f98d57a943c735fd07044365b6991f3ad7c18f7ffd0b
6107bf460934843cbde00678d356a436f2dd7c39ec331e8dbb7167e7f3858fc9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
630f2c32737f299f4fb2d92f4a739cf70a82ba38805ee48474f1aef3275f3919
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81
6344c20f5e2a231f73e2f211e982630c32ea054347f57d2de05a175ea856837d
64052d75c8ecd5b79757c5f04ec0c37fb9af5c924fbb156a2a59a6066d150d33
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
670afa7e8e7612fddbbf0576419d7c965e0de9c0499180e436164dfc493469b2
67909d26d442ea7f811330675268887ef1fedc1350d49e515d2dc05af63a7f1f
67ec6d3ee4197a632a6a7dbc670db89223d472fa7ed84a8912c8e535bd2d08bb
689b8031faf0dca362e8c69e4fcc57064f1819953089df54cb13ffa1e99eed13
68e12a98552e1d10d74c35c38a6324b2ffc6e1b552ca386894875ee9b60ea169
68f5a3044f06ca2b26041d8c42d2648237cb44f42f9b4d845c7d5a2176e51893
6933d67ffb0246d0b032c8c38d3826274f54beaf45c57518667c743639bab133
69f04517e8026c40b59c45b86cce990587bd1480ed65a966767c49f3afb9683b
6a7340bd2ef99577eeb08ed304d31165d886935141f857ec3381e8cc79646073
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aebeeb6bf1ba8322c350b3c1af7b20059e35ace343c7afdc4be63fa73f83f65
6b108ad68dfc4388a72abac7eaeb6541a3989a5bd72137817408e650f59b3d28
6b263dfa8ac0f9cc8dd04f53e64edeb7c3f2810c878056922f8c40143ef36a8f
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6edb7527e388f1e05e1149ef16447a5de634090134609b7f1af7bd8c628cccdc
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f6b9d913bd2f8037f3532e5b0b96a40de775af5eb2630b9657cf6630aa0405a
6f7a672905063aad9356b7ef6765444c18bfce767828e2e13f58d8b7c086d62e
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
708a0a926e9899dee2c1f6186acefa6f0e487470ec02bfade62d4d0e5feb61aa
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
726aa459952b3019a13f4a978d8d21f5c15079037f5fadc1f19c274a72c836e3
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
737efb481167e66dea7c1897cda5462ab4707a5a497d14e2308c6e440daa04b1
74310ee6db20fbe41a1846c0a9891e0682b14399739b32d7966bd002c846978e
74670ce4a6f85f9bb9c3c5577daa14f541cc8ffa4a78e53a963fdcb89a28e5cc
750d70bfb8a9982b827656699387de0b63da65b2e9a247768005d9775bad42b8
751a6620401c2363167c52c8d87ab4429a565a5c50b83d18086c1a1440349931
751ec40f43d9bf623dfdd7428af5bc9de1fe5a69ad13476fb4d1c83fbe2a4ef7
75c2348b29f873ab5133f2fce773d82d0c6dd3214dd38f4ba13f4326384ed29f
75e612c26270efc1fdbffdfd7ed5d8afc3cd3476a7c4a6929f2c5cee7c74f7c3
75faa4940e0719596e0f76f9bfbd86187f3d18c3f8a694d5ea7787fc37a6f87c
76798463eddb90b445b5afa2794723c876a9967d93147e66e53edf7d977ff295
778b8c45f798b148a4a47840ba693627ed601f94a0ae7310519d343622cea4f4
7807fe24a004099718a5efbffc7324857c239592c1a69004b20cec3c267640ec
781126d5e34ac565ffcda3761ec6dbd684fb04c8ef25077fc2b18e9ac5ce9660
78a7a477dfd5fa1bce60e2a72c55e54e93d56b926735a5ec12dcb1eb54a6b16b
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a1451faafbf928c8910f22381a71c7b745c1afadccdb2a974eeaaf1eaf3dd95
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7b1cfbaa380e6ccce30d4c8d933184d0fd4afa99f723635ab435f27ac1357fb9
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b210a349897ccfa6438232313c7ca253103e9c49d7dc5a27cbb77739649b8c1
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7b4dfe3872f77445c88075a0cbe72bbfbf29c8517e64b8890bdbe718871f8a58
7ba40f73a662de57c0241116a95ab2978386dc415c617597954e4ffb9207eef9
7baf7cf2143a1207d050c9703c84f21c569532124537094951ba10c77f1527c2
7bbb45c861f27816c52989a1e248d3310b9695fa67f138c13ce9f83a65968000
7c4514ee1b4d1222477d7f5310c0f048f14407d40fb76379f8dc71f46061b4d8
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7cb60ba2dca27f07f3a69364b2f08081e9c4be2daff3989c945a2bdd7c84df6e
7d453ce6b1cc84148d6690c7bc8be44c12a31fc336f0dd2b4dc594cca56a9b60
7d55af606774cf1f44ef679b3b0d6547b62c3e6e9b21e15a1f564b95f61db15b
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
7eba2d1aee4ce3a8fdc009639f3f545abe7dace06663d15651555b01f7bad873
7fb0deb629f2f0bf1c2d22934fdb8352b39c08538d7a1c7d93bd2fbbee446e69
7fd3f12e227ad1c43e9754985ee6ffbfb61ebcef4b934f8db363a60bd8a5456f
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81417ff3e11678b90a2215065bb67cfcdc0d5c6023313606b1321030632b1f4d
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5
82364aa14a038d1c4fa7b2117d6da03649c359cb1d0ac9b4984301d46b2f781b
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
826beafe476262db0e00d0915aebca5357b8e1767d7cbcbf1705864b17079df0
82c6f455e3ce5a6f7baa8fe7797a342cdebd548abaaaa22fc9779eb97cca6a66
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099
82e8f101d7a18ddfd757a3e4012adc2589264089d17ff413e30f1012eb454fc3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83971b5e8dbe1e8e1040a3dea04ab6e8db2f968bb51375a3fb058eee0151d2b1
847cb8c6c23cec1aa2c4bfd198db6afd925de9a4fcfc6d728b035f8b1a84d3ff
8501268c5970a2143146325aa4a0f20116fe32ea0935df39533f02285e031707
85cc5f4c151a72239700ae6445649fa0188d91a652829f39fb6fb84a85a9d1cf
85f6aeeb69393d338e4706202f7bdb924ee1c8f080a2c7b08e32e6740f8103ac
8672a67060014971abc05098134d02f0f36e6db12f133b26dab2aca6b460acd7
86b85472e101535843a1a3b428c3a1d4bed6446a67d0f14925496783946957dc
86fb1f94b0faa864ace933f2ba9cc72f61b7512901876b5062a44c439ca5f299
87b1a4929125f55c01aae89535cf480f88814672d10cb2fd25fd5e699db93b21
88bd2e8de2047c41f403372048227bd661edb58ca0ee2a116d94230bdc4290ef
88e7150c14087d8972359bdc5b4c7cdc27fd9977a3b5c81a4a147cdcfb3a146d
89f3720a41e038f20df288f117212b2abafc40763263c6219c925e2d7fd37853
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a390763b4b76871495b8577181dadec42d04097a73149d23293dca62191c8e6
8ad7099d333f71904333aa2ae7dd8813c05dd0ce2507e5b3e1f7a6ac8a835e5c
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8b0ec2a4125f6fa07cf2201cea163d49d69ab40e86cf9d7728a56c82466864ec
8b1f067b2ebcd200c7c87149bee7e37d78ecd4313eec70239e9afc720b0b299e
8bc4c3121763cd4c3e18645c9560b705d6b0aa9c32b9ec461ab9dda0fa8aec33
8bd592492aef00df3edb07d2c90d63d7ed56ab15bbd1cf40479764a9b249767a
8c96708d126553bbe6daf64ce6d78ce6395c5624862278cf3ef0b6339d3ae79c
8cd0b8f671e4015a53491d4fe83f0c4e4109bcdeaf69cdb6721bd22f345dcf59
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d02a0216c7957608c5c5523fedf8350c97727d425ec89a9e2268bd836e19c76
8d3920d4b8803c34a2c1c949f4659b0dbb7091043c6ec2cf9ab4d0ffc1a6a2da
8d984b9bfa1fa48b4af28f4efe607a8da5578c696a883046af706772c72b5e55
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fbe1923790a7655daa154224f16e1f63c6c3f0e4859c55014f967be3c9674f4
911212cd9043a8f325996d22c4222885c25aee27777f77c060caadf4407576c9
9161f345320ccafa2602a032f8e9d080e70b6a06ccd90635102d21d43d8fbce3
91eb473a9e30390b46fc1c777597c542a05a295d2b51bec5ede405eab6c7b3ed
92b929516542c42f391c5cf6ac806805d97e713543eb6825f86202eea75d06a9
92e1e0ccf9255353510c7a83c4982ab57c8ccbc6dcada192d4283bc9299f1f79
9383bd26857b252f47e2e1094de15cea4cd08d89ad767a66360debb10249daa0
93a8dba93d803963b4ec07ecd87b280fae33fd1cbaa6c85fbb1b970e45420bc0
93e377cee36ec7c9b93ed3f0335213023cee47a59cf8f6e75ad87b0676e4910b
940d08b3f6673b6c0056f581b7df738545a15bc8d6ab2e5e659bfc21e966ffee
94c9f2122880fde270b44d4bba545263bc7def5525addea1eed2a90311e4c10f
96abaf5dff457b64837aa49703a7e7de26aa2295e8c98bfa6d22e90df5c42942
970ee3ebedf4c26802bd44bb57773452c22273a2eb38e4d9947c3e756ee4f01c
974f3fdec0973d3d80a91558a63cc8c478c15ba2ca96ee1e523c86e23a25faf8
975541ff06da6183a79695e23f23d48c2baf116283ad084c15304722ee703cb7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98c1c3952e39513f931710057b2b2d1d7db92376a93a424c2a2d68d7ac265c3e
9946dd989fc8278f046304d6a180293c702c5c00ddd110b1211c9460e8cbff38
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa637751835dfd37a9a522829844b5273a8c4cecdb8acf62aebe0d9bc42fc90
9ade6964320289bb8e3ff358f771feaa8c5802b61ede8685d8678e11c0eacbf5
9b1fb531c79eb8ce9a6e9f833b9de4a43be31458e9a999dcced9147e0176d601
9b6850c7511093e8157d247b3f69f414d3462f9063502f5657a49b962a20a607
9b76acaf40bb58b64fcc644504641c93f5091e0aeddcc55db81ff58b4a802e6a
9b8625c4402d86800b7897daba8aab22235ca8ca1f711b577558ccf73b8817c7
9ca9f09fd888168eaa6fbaeb6305f77192e22689d6648f75249b27b89469fafa
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9e0c301fb1573fcaa0d27fdb9ab483fd85413a16d820260a5bb05c3770ae6846
9f1fe49a7edd35b3ef27a7bb2d268d542869d21746129290907f603bd5abf651
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
9f2fb59b64b281efcc410e321802f2cc16b377e594882efca16e81b79123f87c
9f878be7310ae8c9cb0334970d5a3ae14b0b4418374b8e73316756fc6abd1feb
9fd54de18bd55a2aa05527be682472a3f745643b68fb94853642e49238c748d9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1aca13a5b24687b2213a2a9d87cbd7f140a6eb4d4db480d4867a81a433813b2
a23bcdb46e4ffc54a9258dcf50cf432c5f7ae4ef90821da173dfeb7734328e97
a26efe4fa44a6ee75f4d5739b08b6f3e26328767a4fd1706a6e7406bda6d1a8b
a2b470ab522c93d1b665badfde6cc3b2b0e20f5aae67da6cb5a33a04d4db57c1
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a32f093a22b30f63302929734ba499c2d145cdc557acc98d60e64f9a0fc354b6
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a745a6b4cbef6176b15bd0553b45a0f975ea4553149c589918b8bd67a8f95ed9
a88ba17ef2dba59fbd83de0a0c2e4cc9943f59a4aa02697aa1b7b63d8de576cd
a916ad25314a5b4bf1c03c61993459abec19acd01c81340b1fe0dbad0769d4a6
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
a9cea7e92a9aaae8c3e42e6f69d902afbfe6780097d12dd44749884a3f13b65b
a9ceaf5986b74077d4fb4a4245624fc319e0fb4e10fa3c4685ec20df0618e0d4
a9dc555be897bfea533415a9c5f7c66cbbee4a0083a7ea7c301355d871db9d29
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa1f69d662c7d95bfb94c5afcfefd1af59cf7a6cb15fc5bd0006a22e88e9d340
aa43a53b8356156377ad8f6805d9724793592b9f69b232a68449db95f122002a
aa608a90a391b54d2d2cd8564888f2a8889ff6d765aa9243f9c8879109c02f68
ab4e05f71f7fa530de21eff6f93d08d8fa2310d3334f2b96fafaff07bb51fcd8
ab752958cf6ac9ee398484cf9c052e4aa602a7ac42414f9611971ab4cb5bc298
acbc7cb07df3f663fa2c5db0a43fef008aeef497ba2c63b67ab1cefea8cee704
ad29eb66606acc4f07dcccc95a8303fff89c45df13559a789595602f0d34b029
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad7a52eb5c60e9724d4fab21374478ca2e1b1954754e6339f0db7fcdac5d6ce9
adb944034df17c31287b1889cdee4fe29b9337abf394bd0c95cdab427c3be668
ae39c4374da7134b517cede6ab258386d4e05bac1bc3b6b60ee774f41ad56710
ae46728d5edbd2361cb2f016700fa91fd60e8a1aa58c93448c3d103773f683e9
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
afe499e3c8a9081533299439b8a7c453d3e26e37a4e998c78c6d991bcde1c0aa
afe4d24af88d4f319c100fde452f911fe27ba4e6fddfdcbce4f3ccb18ce6cdd6
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b0a2209b30a10e8badec7004d452aa7ccffdc47a91e6eee338e89487ebd2bd1b
b13a11c44787dc74263aabe4568f4b59bed570da3230f7d0d3a85b546fefa269
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22c24181aef4c86592047882219df2c54ed375b8eb626406bfe680932a847d9
b256b6f02bd17a546933247b7ce574c652d67d7b44271dfc82ec6978f0fd4e82
b2b04d90166cb5c1c8eea5700aebed77e4173ca6174f66b064a7cb7dcdd53c73
b456bc8a4c5bcd3530b11f6c0c7a768275e7576fa357bba54dbe52d997c9cc07
b5b36e77aeaf568eadb3105f8675a55c2b11d1433eff5240435f00fe1d4e3073
b6a613ee9108f1d682a41dbf67bf48474111f09ae1b3f9610371f9e9ab310ba1
b72cfac8cb0b77c7cf8c883323be0d0645e774b064eed4a86bdf6ac3456b095c
b75cc571ec1fabe33718e302a1fb0b4e2bfc9457d466a324c1277d37bc7b176d
b78491ce20ba2c1d55c81fe22ce2a7fe7ca63dac8947a54e076192045b199aae
b78740a0a4db38a1bc4dafe3e72b31090e88b8fd43c277ff3d7d1b5f2a8a318f
b7fa32d008fb5b25c34f1116cc5ab91cd0d79c74ef15bb1379fb55867156b5f8
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
b93094b526a560578a46424c69f3f6a95cd6fa0e0236ae6e1483c92ed5c8fce3
b9c77b52464985c96557e8d7c3030b01e75ca95174764105a9251401f74e08d6
b9c89a9a75a8bc7d40f824e863c46337c970be7db8c2559338bcd585319a2cbe
ba058243cb093f41c5a7597af182fa9de9b857c7c71ece455c6e8789cc48bcb7
bad77dc8dc37a42884db90838f1ee7ab15e11ecd4db29f774c1abbc605055d44
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb72cf9c29ae62c1145975ceebd315a18bc83fccb4e39adbfc44bc71e28efe55
bb87616c7749a4ecba4092856cd38095eaf6fbd0b6cc714bcd6c4b9cfa4ed647
bc4e3f0d398bd4cd4491920f46d59c3651a03f295ac0742ea5fed2e763c122e2
bc5d1608e8faa9ce1f32c86f9522fb3951871b156925d95f0cafaa36142d6d53
bd2df0fff950bce978c27cee54ed6e14e5e90d9e7f1829ab56da3fb21025ec48
bd89cb6278a8fd165825b97cd64f5b3bed95e1162c7278098ac3fd2344599d36
bdc0823ede609427284c29470a9d64c866e78bfd1f5f9efc8d626cda5a198419
be261bef0b49678870fd91d7a20f971d710ac25eacb427d33f977d309360aa26
be4f754acf2dd33169add8976c1264f647470efdc993927040e23c4d310a835f
bedeeebf08386db2b91ecafc38b0bee1fdcc3ce64f3c4c6841032e37b18084fc
befb2223097eb55e67086abd9f07bc26c7752a83a5e295cd7c82a5319c58dada
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
bf4a356b3b1356f6aed29f5c5cf9b86194dfd51da5ca5d96fd20ca3ed3f556a1
bff1d0795802004b484d517e95f830e775c5c5737e94eabc3fc40ef4a20d1980
c11475a06543ea87c9e6f7f9931a7dcfc31b51da1d6bd666491af81ebaa57bef
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
c1f54db519952f15cdfe918183fbcf04b56f390cfdf362d477146c27e8fb9641
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2215854f8c60c26080b0ecac5547a785dcb4c781c46f7e9dd790f111fe4e2fa
c2470fa517702252d19691e5a234f7e3224b117b1b04ad31f9f5a5cf01ccb779
c28ee863ec98028922af754b8f10e8fbd8d9563c4f159debcb860be5774f6643
c2ad3b2ad1c100ebb196165df8a0bfad3941024d991dcbef5c92437283e17b57
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c520fc9cb89d9d15c1d22f682ee51b6c67d9e7c1908e318ed17491d5f0a04d2a
c600b58247eb70a5942df1fcba17ac7e85ccd44065a7e328dc0bc20c68ddb9d9
c618c7e9c084380a134da48648d9f0e13335c31b815a3ba773b38a5d3f31a468
c657d48bf8c50dd0ed644753b4d9ee9205f74786c4454ccdce3778fb4ce4aace
c72a3cbeb621ca971f70d9d6c01cfce6c40c4c1b3db3aad9276adc7fb4dcb355
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7fc4a99ab664906d545b36b310a40b58d9e41986fcd9318ac8f6f90e41d61b3
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c82c27e5a79dbabd877a95bb9f4f4463fd637667053265f83697c75e37d59bcd
c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
c8a7ea184c79a6f61c400968314d03aae7c327f03efc03603f6a3cbada7bfb9a
c9b418d52625158f8dd70e9af7381f5531720b9e586e5de3d10b1945a87484db
c9cc7f2f661318dcf17d5e8d3ec1c12a08dfd8ff928687fd37334a0a4fbaec2e
c9ea3a0cd0f05d80da623a3acfaf32286774726cb1a497dbfb69c42df64acc82
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb64a4dc2a1d2a274cafa8d21ed85bee7f88dfed0230fb0bd1b9c21a2b80b03f
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc3513d258074fbe7209d263fe3acdd0a05ed0bee513af79907f6f4e00b8074e
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a
cebb34e81bc214a1167c7b197711c4775740f59316797d2ad5d94bf563e5ee89
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf958149641d7f9e2b1d88d52a27e67b85beb6dd537f7aeefb504bd15ed55423
cfec54cebb5ee1f328de0de1fcf0fa50c4470942dafd89c5dca6a615b76b1d45
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d06c733ba42b81cd66c7fcaabc75b51c59292cdbccdcfb6a88bf2b57d262047b
d0b516970f3856be4ffdcecab31460e16739338bb8f45ce453cbdccfcb992c6c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e246936131a4311c7f8924118f459c6a85631f69ccd4f82ed39e9e67822059
d115f066d16870ba630d489b6c3e867b3b9872470c952db01a7edec50f43f613
d12c53f7b9e48765ff13f9048d9907d820d3cad0a55d0e3b636833c6934fa167
d1baf1e3c12564049e49e6a2f91ab528957fa12cb80c3dc0b113329a44d4216c
d1d87072102cb71dd691db5ec1a789271e1d32b146ce23d1c1e61ce35b8d3f96
d25119a2eec6a2927cb5e0c73cd96b386a66ba2425d4b29f1fccb1d678df0412
d25316981c0cb2e550afb18968c43e8671490a024565b79962090158e9885974
d2df0eab310d57bd69d797a6483b3c1d0a7eee85897183c875884d00e31aa938
d30583adc0d9b6a72d824640542b65878246b166cbefacacabf1b9970bcc6531
d47ab5ceda04e9b910cb37c3df5ad1df8e2a0a5a532c05adf2cfb390884a7fcb
d4ac7b9a22acd55ab7954bd894e9f9ab46635576a00a3c5426e57eeba6c8d522
d5255be4074e1afdef6d0de837c627878f7b4ddbcd94306ec939d9d590cae09b
d526aa2b9979f07c6bdf4e2f6f88a8cdf4ee804d83e6a145c2a413ac0cf8301a
d5696db2dc829f5f619efc746a530132fde6fe453d11094e797b0472ae7f57b5
d597fa58624a8f68b7cf3516512f598a7607391e984455b4fdd4ada752bf04bf
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d708d6c0dc63199b60c859d18b67ca31990f854c8b70c745bc06a1a951c1ac56
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
d7e27be34c9ef9b56c5e8b9a4effd52e421bd261c78bf3f029be9e06c80a21c1
d7e8783dd44964affe69a07491abab9bc7a387ede7f970ddbb0d2496323a226f
d856729773804572ae4ff08581b1a3f4915e719100a524d8cfdab5a94a286f38
d8968086f7509df34c3278563dab87399da4f9dcdfb419818e3a309eedc70b88
d92edfbdab8264cef8edeef5841a3cfafcd88bcb13125c9efbc3b8ce55273efe
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
d9ebddedcebd351bb4e992c15921ef1378358eb1e02a8bae03d249506f2cd11a
dab3471b48b306859bda71528fb04d8476669dedbdcf718dfe3fe4f7fc2a3d2b
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc3a9f57d170277a873f982ef82f03618eddc165f93927fa1208a52ee9420772
dc6756e9d538e66128886e71b99ecba72c6b6e3376513e8485d407cfb0cc337c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
de006225f894ea65b2f9498bd46930a894b18bc0ba0ba73218cd60b448b7d0d6
de16da1c225f7b68b956cffa2474b3670c94122664fad14a8fbb1a21a2b7dcc7
de1d783a66403f4fd42541f7d5368dec4904a1b69716ba5ed33934f45b269ee1
de57e9b1e237ce59b3ce54520642f424df52c7edd337a8f25d1dde196e081fcb
dee87b4a75183197a54a48a0a995f89e2e44ae20f33b2e2d245c2a3deefcda03
df1c3c02da0a3738b0607cadefbbd5e2b43f097d5fa83c7c5f930f9c6c36f16e
df828377f1ffe5f66a592d3402c71d3ecab7af7db3f2a94ec13683b3f2000bfe
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e0348113b8ccf4e35c3b286df835658bf33a4c16fec83f2be1218641f9c35801
e06ad7657b5cd403f4bba73cab9f69c95c5ae04bc2ba4bf5194f339c1c3dfc32
e0b2cc3dd989aa705b0016746a4a3870819fa970c088f436568b14729fc8a2cd
e0ce94fbc61943bee9b14d4e1ea1372697ed04c9fcb60bd0775c3fbb8a8b56a8
e0e64c7e8fc73581213ab8a0e4eb7c0c0b3ddb44101f26c61b88082a8949067c
e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e1cbae1c8cc7d330811eae70eb3cb7a53a15c95a0e0a6bb3f182e50d66ba256c
e28e6eabd29c556d2d5f2b230f1dfc10592731db5431b478da7f78b461e4e425
e2ecb4da0bda46637c085b0e9596b3ca9dd08b7719568c4f7edfb60c6825b634
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e414cf6ad9c6d6a1540185a5f54ef2f6d69ee6e3cc591306f8c233b02116a535
e46b256f0d3d92c425777de3e35e1b94b56b73b46ab9de2a70771a0653e5cd87
e46c5981adb40c656d6d3ddacb36961c51d1d8edf0ecc92b8ee6bc116e59c641
e58004dda4a2d386f4ae995998ac168b98d2cc9130f4c1d5949f1ac18711783f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c
e6b76e1b1d1d355436a2bd73bc3156c864d204fc262f4053e2d3b6f06bf0143a
e6f7b1821046dbce1a798791060df115e0a15ddf2fc2e13f5f9252c54547c005
e737c93d0718df4c3fcc74861661deca1aae83c17e58c5858f93c57828c9bc70
e766140e98a78a0d3fcd76d9132d686308cbf4fb84eca14faed47234b6dc771b
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e7c182e95484334772fac15579416c5ee032e4d7aba4097671b75aeadaef27ee
e81ac04c60ab7220aa9cd87532645df3973ce19485be6a013e3b6d937a5683bb
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e939aab8082bc5f120556c66d2031f2386d4771833d0123c235052aa47650372
e95c4380875e6b1515643722783af5df81dd3061dd17a46442c8067ceea2c748
ea985ec5bafb5d87af1a778cbb5cecfc9465e3e3ff7752cefdfefa51fdfd074a
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eba19c5b4ba159d5d0a8d6938322c93f0d471508572e98e26ab7199d955becf3
ebbc68c100c2e68350ad74792b98b74b879c876690e489c418e71c48f9e5476a
ec40d0769e35f1cd7d4e746d86b659093bc6db07fe53f89d0b57013dca192539
ec81013fada9e239bb9d91316ba5cdfffaf0f7a1ea4220ae81c271db75b71a5a
ecd3ec992232b3f00101fdfdca7db9ad686e2ddc3a4b81c2bb2e23f44f44bddc
ed0d232c016cf825707d37ea930af18f0d26b3026e9ce25b0f1a77493ff94c1b
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ed8a3320b85003e4acda56beba20a58f9d931cbabc95024476a99be054813fe5
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ee1a27178227546d3dcc49e611a6d72e4f1c30080ee4493ae4085b58a49e28e6
ee54185d227b97546b9516a4930f7e72a810488ab8bf9c9ba7f897a782bd0437
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbc5fecc29d1c5f84a3ced8f23749b2fd21782c2a9b6c0d7892e10e8423a8f9
f00825326f1f1355cd8f5f89dfa670c1dde5e82e03c2f35f807565cc7fc8ab0d
f026ebea5fe71a5852e0a1d9fdca9c8e3c7bf4c280d038fbed94beff58d759ea
f164954f6574227054040a4e5b681bbafc9f96ed3b990b8386a60668eabe3722
f17774640004d46a45e36f51a1a98c4dc49f44ed3f3a3f6a9f5c944616858bba
f1d54379ce525de46e343b088d8e1d3c12bda490ab53e9f98e9bf898b4a9f380
f1fac34e48c936c6bcb5233da4cc47ac3f930c1fcaff2b448bdfc5a87df6a3ae
f26a50537389a2040f1ed6fc13fbb7bf2243b655e5ac83987ad9b3fdffad7b66
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5de908ba97e78d441fc38fc0e381f4b06f411a0ff4446f4802d07ea8d2109dc
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6859eb8f0f96a1493a47e0cab0144e6dba46b3c492042660dd5b02b6cec167b
f6e7252b0a8753b5022b83ce5975626bd71af7c287e5dc666a27040e6f4620da
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
f82688953d4cf3c84b0bff56b67bfd1029f6322e7d54c44223dd1fd31331979e
f86a3442bef993a54c8ce1a1f4c156edf3f1ad4f21962212e271391683aa1865
f875fd7b83a150ab400d3a8001a78e3fd605e37fec4e2ab179c5699b7adbd444
f8f848f050082d15f92a78e176abaf199bc20a3dfd27346380cbb0f30e82a1ed
f9773eb5c89a03f79cd489b64a2950d9cc28ec6e967685c2778a1c1b3bc7bca9
f9937055a3e5f4869a849e96f1feeab3ae50c5ed77f9a583e39df26b78dab0a7
fa7749f9ed2bd6c466571dfb10f2d42f2f65097b3b27cd6843c77d60e414c281
faa53cdd00b6939b8b21bbeaf5a9ee5b232324929b9fe103d1d09866abc6c546
fab9f4d23b765cf8285509954519a71ad449c700342201c673be2ece0facdc56
fb3149acc1a470e383c61bd190d7bf4035b374715887d3be2776a5b13cd9cd88
fc9e10a0daad7032ddc6da634395e9346474aa1f06effa3d1b48daed02b80bea
fceb64d831bc39e6dba8c3205ae7eec9103130dcb0708d3156830a4cd059af4a
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fdd598282893dd73b323d8f312504651d44597bb1df42c3a29545ccc10174550
fed44db63b6074275eb766a1f26429ab8de4c8af550b9212c87fbd9d387693d7
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffa12a66b77bcb1fc0cc691ed439b877e084a91bd9f5537e651306fcf6246049
ffa2a6b09118ed53d7c8db904843ac666fe463ed8485a6d4443360e91203ac64