urlscan.io logo urlscan.io
SecurityTrails logo

www.khaleejtimes.com Open in urlscan Pro
107.154.76.234  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Submission: On May 21 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 170 IPs in 19 countries across 133 domains to perform 800 HTTP transactions. The main IP is 107.154.76.234, located in District Heights, United States and belongs to INCAPSULA, US. The main domain is www.khaleejtimes.com. The Cisco Umbrella rank of the primary domain is 289533.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q2 on May 15th 2023. Valid for: 6 months.
This is the only time www.khaleejtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
33 107.154.76.234 19551 (INCAPSULA)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 69.16.175.10 20446 (STACKPATH...)
33 2a00:1450:400... 15169 (GOOGLE)
1 18.172.226.23 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a04:4e42::485 54113 (FASTLY)
1 2.16.202.104 20940 (AKAMAI-ASN1)
4 35.207.221.200 19527 (GOOGLE-2)
1 2600:9000:211... 16509 (AMAZON-02)
15 76.76.21.142 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 23.45.104.216 16625 (AKAMAI-AS)
3 69.16.175.42 20446 (STACKPATH...)
2 13.228.87.248 16509 (AMAZON-02)
1 13.234.23.58 16509 (AMAZON-02)
6 18.172.209.231 16509 (AMAZON-02)
2 34.107.231.31 396982 (GOOGLE-CL...)
1 2600:9000:256... 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
2 18.211.132.19 14618 (AMAZON-AES)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
4 104.18.27.135 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 162.19.138.116 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.155.129.21 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
10 2a02:2638:d::2 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
4 141.95.98.64 16276 (OVH)
2 4 34.254.125.132 16509 (AMAZON-02)
2 35.190.39.111 15169 (GOOGLE)
14 76.76.21.61 16509 (AMAZON-02)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
12 35.244.159.8 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 178.250.7.13 44788 (ASN-CRITE...)
2 52.217.234.33 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
53 172.67.10.198 13335 (CLOUDFLAR...)
9 147.75.84.158 54825 (PACKET)
9 18.195.70.167 16509 (AMAZON-02)
13 2a0c:5c81:514... 55081 (24SHELLS)
11 89.149.192.64 60781 (LEASEWEB-...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
9 2602:803:c003... 26667 (RUBICONPR...)
5 32 37.252.171.84 29990 (ASN-APPNEX)
6 21 188.42.191.196 7979 (SERVERS-COM)
8 185.106.140.18 7979 (SERVERS-COM)
7 103.132.192.30 138552 (RTBHOUSE-...)
11 2a02:2638:d::a 44788 (ASN-CRITE...)
18 216.52.2.39 32475 (SINGLEHOP...)
5 2.18.232.7 16625 (AKAMAI-AS)
8 52.57.203.214 16509 (AMAZON-02)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
11 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
3 161.35.36.20 14061 (DIGITALOC...)
6 34.203.16.225 14618 (AMAZON-AES)
7 151.101.66.137 54113 (FASTLY)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 34.98.64.218 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.196.26.133 14618 (AMAZON-AES)
14 2400:52e0:1e0... 200325 (BUNNYCDN)
2 162.247.243.29 54113 (FASTLY)
1 185.64.189.112 62713 (AS-PUBMATIC)
3 34.107.148.139 396982 (GOOGLE-CL...)
1 10 51.89.9.252 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
3 11 23.201.255.110 16625 (AKAMAI-AS)
1 185.86.138.155 201081 (SMARTADSE...)
4 37.252.171.149 29990 (ASN-APPNEX)
1 2 193.3.178.3 399668 (E-PLANNING-)
1 67.202.105.31 32748 (STEADFAST)
1 2a0c:5c81:516... 55081 (24SHELLS)
7 23.35.236.201 16625 (AKAMAI-AS)
1 14 185.239.172.77 55081 (24SHELLS)
1 2a0c:5c81:515... 55081 (24SHELLS)
2 2a02:6ea0:c70... 60068 (CDN77 ^_^)
11 11 213.19.147.44 3356 (LEVEL3)
2 2 2001:678:cb4:... 56396 (AMOBEE)
3 5 35.227.252.103 15169 (GOOGLE)
3 18.172.208.109 16509 (AMAZON-02)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
7 2a00:1450:400... 15169 (GOOGLE)
4 78.46.90.238 24940 (HETZNER-AS)
1 3 185.29.132.246 30419 (MEDIAMATH...)
1 2 95.101.148.198 16625 (AKAMAI-AS)
1 151.101.1.108 54113 (FASTLY)
1 8.43.72.98 26667 (RUBICONPR...)
1 98.98.134.242 21859 (ZEN-ECN)
1 1 8.2.110.24 46636 (NATCOWEB)
5 193.3.178.4 399668 (E-PLANNING-)
1 193.3.178.2 399668 (E-PLANNING-)
1 1 52.23.144.17 14618 (AMAZON-AES)
1 69.166.1.10 27630 (AS-XFERNET)
3 10 185.80.39.216 27381 (CASALE-MEDIA)
1 205.234.175.175 30081 (CACHENETW...)
1 19 2606:4700:10:... 13335 (CLOUDFLAR...)
8 15 69.173.144.138 26667 (RUBICONPR...)
2 6 198.47.127.19 62713 (AS-PUBMATIC)
1 178.250.1.6 44788 (ASN-CRITE...)
1 4 138.201.63.165 24940 (HETZNER-AS)
8 8 185.184.8.90 204995 (RTB-HOUSE...)
8 10 37.157.4.29 198622 (ADFORM)
12 18 142.250.186.130 15169 (GOOGLE)
3 4 34.111.113.62 396982 (GOOGLE-CL...)
4 6 37.157.6.233 198622 (ADFORM)
13 15.197.193.217 16509 (AMAZON-02)
1 2a04:4e42::300 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.18.203.230 16509 (AMAZON-02)
1 54.78.254.47 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 3 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.83 24961 (MYLOC-AS ...)
1 1 212.82.100.182 34010 (YAHOO-IRD)
3 3.71.149.231 16509 (AMAZON-02)
1 1 18.158.141.138 16509 (AMAZON-02)
1 34.160.236.64 15169 (GOOGLE)
2 34.243.48.125 16509 (AMAZON-02)
6 13 162.55.236.224 24940 (HETZNER-AS)
2 3 151.101.2.49 54113 (FASTLY)
1 1 3.225.9.20 14618 (AMAZON-AES)
3 6 52.94.223.167 16509 (AMAZON-02)
1 104.111.217.14 16625 (AKAMAI-AS)
1 1 34.246.243.171 16509 (AMAZON-02)
10 10 3.70.117.93 16509 (AMAZON-02)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
3 5 52.46.130.91 16509 (AMAZON-02)
1 1 141.226.228.48 200478 (TABOOLA-AS)
2 3 35.204.74.118 396982 (GOOGLE-CL...)
2 2 2620:116:800d... 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
8 76.223.111.18 16509 (AMAZON-02)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.190.0.66 15169 (GOOGLE)
2 3 178.250.1.9 44788 (ASN-CRITE...)
1 2 104.111.217.42 16625 (AKAMAI-AS)
2 2 185.29.132.241 30419 (MEDIAMATH...)
13 185.64.189.110 62713 (AS-PUBMATIC)
1 1 193.0.160.130 54312 (ROCKETFUEL)
8 185.64.190.80 62713 (AS-PUBMATIC)
2 2 213.155.156.166 1299 (TWELVE99 ...)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.5.106.217 14618 (AMAZON-AES)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
1 2 104.103.93.163 16625 (AKAMAI-AS)
1 194.97.158.1 5539 (SPACENET ...)
1 18.132.62.161 16509 (AMAZON-02)
1 151.101.129.108 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.145.129 16509 (AMAZON-02)
1 18.172.226.105 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.132.54.180 16509 (AMAZON-02)
3 198.47.127.20 62713 (AS-PUBMATIC)
9 35.241.34.106 15169 (GOOGLE)
5 5 54.220.255.219 16509 (AMAZON-02)
1 1 185.86.139.94 201081 (SMARTADSE...)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 44.195.241.23 14618 (AMAZON-AES)
1 35.186.193.173 15169 (GOOGLE)
1 1 35.214.153.92 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 72.251.241.206 32475 (SINGLEHOP...)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 52.220.229.2 16509 (AMAZON-02)
1 1 141.94.240.143 16276 (OVH)
2 2 141.94.171.214 16276 (OVH)
1 162.55.120.196 24940 (HETZNER-AS)
1 2 77.243.51.122 42697 (NETIC-AS)
1 1 141.94.170.64 16276 (OVH)
1 1 3.65.236.207 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 98.98.134.243 21859 (ZEN-ECN)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 37.252.173.215 29990 (ASN-APPNEX)
1 1 64.227.64.62 14061 (DIGITALOC...)
4 34.201.214.156 14618 (AMAZON-AES)
1 95.101.148.20 16625 (AKAMAI-AS)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2 194.190.76.38 48061 (UMA-TECH-AS)
1 159.69.59.100 24940 (HETZNER-AS)
1 151.236.118.210 204720 (CDNETWORKS)
1 1 8.2.110.113 46636 (NATCOWEB)
5 135.125.163.79 16276 (OVH)
2 2 35.210.53.219 19527 (GOOGLE-2)
12 8.2.110.114 46636 (NATCOWEB)
6 6 95.101.54.217 20940 (AKAMAI-ASN1)
6 52.58.149.75 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 3 31.172.81.159 44066 (DE-FIRSTC...)
2 2 89.108.120.68 197695 (AS-REG)
1 2 2a02:6b8::90 208722 (GLOBAL_DC)
1 2 2001:6d0:4001... 52016 (ADFACT)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 18.192.19.216 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
800 170
33    107.154.76.234 (District Heights, United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.76.234.ip.incapdns.net
www.khaleejtimes.com
1    2a02:26f0:480:f::213:7ed4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdnt.netcoresmartech.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
rtbcdn.andbeyond.media
33    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    18.172.226.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-226-23.bcn50.r.cloudfront.net
image.khaleejtimes.com
2    2606:4700:10::6816:3ca8 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.vuukle.com
2    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2.16.202.104 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-104.deploy.static.akamaitechnologies.com
osjs.netcoresmartech.com
4    35.207.221.200 (Mumbai, India)

ASN19527 (GOOGLE-2, US)
PTR: 200.221.207.35.bc.googleusercontent.com
adgebra.co.in
1    2600:9000:2117:9200:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
15    76.76.21.142 (Walnut, United States)

ASN16509 (AMAZON-02, US)
io.jogo.studio
1    2606:4700:10::6816:3da8 (United States)

ASN13335 (CLOUDFLARENET, US)
vuukle.com
1    23.45.104.216 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-104-216.deploy.static.akamaitechnologies.com
akamai.tiqcdn.com
3    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
rtbpass-us.andbeyond.media
player.avplayer.com
2    13.228.87.248 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-87-248.ap-southeast-1.compute.amazonaws.com
prebid.andbeyond.media
1    13.234.23.58 (Mumbai, India)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-234-23-58.ap-south-1.compute.amazonaws.com
twa.netcoresmartech.com
6    18.172.209.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-209-231.bcn50.r.cloudfront.net
c.amazon-adsystem.com
2    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
1    2600:9000:256f:c400:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
13    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    18.211.132.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-132-19.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
4    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    104.18.27.135 (None, )

ASN13335 (CLOUDFLARENET, US)
rkbzwluhocwgxhhuwvjq.supabase.co
4    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    18.155.129.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-21.cdg52.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:c400:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
10    2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
4    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
4    34.254.125.132 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-125-132.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
14    76.76.21.61 (Walnut, United States)

ASN16509 (AMAZON-02, US)
play.jogo.studio
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
rtbdemand-d.openx.net
u.openx.net
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    52.217.234.33 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
jogo-assets.s3.amazonaws.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
53    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
9    147.75.84.158 (North Holland, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
9    18.195.70.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-70-167.eu-central-1.compute.amazonaws.com
tlx.3lift.com
13    2a0c:5c81:5142::2 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
ads59.adtelligent.com
11    89.149.192.64 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
prg-apac.smartadserver.com
9    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
9    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
32    37.252.171.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
21    188.42.191.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
8    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
7    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
11    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
18    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
5    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
8    52.57.203.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-203-214.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    2a02:26f0:480:25::1726:6211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.playstream.media
11    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
21    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    161.35.36.20 (Enfield, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 471786.cloudwaysapps.com
coronaliveupdates.khaleejtimes.com
6    34.203.16.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-16-225.compute-1.amazonaws.com
track1.aniview.com
7    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    2a02:26f0:480:794::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
rtbdemand-d.openx.net
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    34.196.26.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-26-133.compute-1.amazonaws.com
go1.aniview.com
14    2400:52e0:1e00::1053:1 (Germany)

ASN200325 (BUNNYCDN, SI)
stream.playstream.media
streaming.playstream.media
2    162.247.243.29 (United States)

ASN54113 (FASTLY, US)
bam.nr-data.net
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
10    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
6    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
11    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
1    185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
2    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
1    67.202.105.31 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net
ic.tynt.com
1    2a0c:5c81:5161:0:225:90ff:fefb:20e3 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
7    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
14    185.239.172.77 (United Kingdom)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
sync.console.adtarget.com.tr
1    2a0c:5c81:5150:0:8a51:fbff:fe39:aff0 (Brent, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
2    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
11    213.19.147.44 (Amsterdam, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
5    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    18.172.208.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-208-109.bcn50.r.cloudfront.net
aax.amazon-adsystem.com
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
7    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de
hal9000.redintelligence.net
3    185.29.132.246 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
2    95.101.148.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-198.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
1    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel.sitescout.com
1    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
5    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
u-ams03.e-planning.net
1    193.3.178.2 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
1    52.23.144.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-144-17.compute-1.amazonaws.com
ssp.disqus.com
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
10    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum.casalemedia.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
1    205.234.175.175 (Cantonment, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
19    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
15    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
6    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
4    138.201.63.165 (Esslingen am Neckar, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de
hal90005.redintelligence.net
8    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
10    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
18    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
4    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
6    37.157.6.233 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
13    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f600:4cde:8aa:915a:85c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:6b31:92d5:e6c3:c9bd (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    52.18.203.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-203-230.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.83 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
3    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    18.158.141.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-141-138.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    34.243.48.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-48-125.eu-west-1.compute.amazonaws.com
beacon.krxd.net
13    162.55.236.224 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.236.55.162.clients.your-server.de
sync.richaudience.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    3.225.9.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-9-20.compute-1.amazonaws.com
usermatch.krxd.net
6    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.111.217.14 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-14.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.246.243.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-243-171.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
10    3.70.117.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-117-93.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
5    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
3    35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com
um.simpli.fi
2    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    2a05:d018:d29:3602:f6c9:c47f:7f05:2962 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
8    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
sync.teads.tv
2    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
13    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    193.0.160.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
8    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    213.155.156.166 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.5.106.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-106-217.compute-1.amazonaws.com
a.audrte.com
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    104.103.93.163 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-93-163.deploy.static.akamaitechnologies.com
www.awin1.com
1    194.97.158.1 (Coburg, Germany)

ASN5539 (SPACENET SpaceNET AG, DE)
PTR: sammelfrontend.pl2.spacenet.de
www.more-and-more.de
1    18.132.62.161 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-62-161.eu-west-2.compute.amazonaws.com
track.webgains.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    13.32.145.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-145-129.cdg50.r.cloudfront.net
analytics.webgains.io
1    18.172.226.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-226-105.bcn50.r.cloudfront.net
cdn.track.production.webgains.team
2    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.132.54.180 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-54-180.eu-west-2.compute.amazonaws.com
api.webgains.io
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
9    35.241.34.106 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 106.34.241.35.bc.googleusercontent.com
c.4dex.io
5    54.220.255.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-255-219.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    44.195.241.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-241-23.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    35.214.153.92 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 92.153.214.35.bc.googleusercontent.com
csync.loopme.me
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    72.251.241.206 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
1    141.94.240.143 (France)

ASN16276 (OVH, FR)
PTR: bixel-9.cloudy.ovh
green.erne.co
2    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel-eu.onaudience.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.170.64 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-7.cloudy.ovh
pixel.onaudience.com
1    3.65.236.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-236-207.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    98.98.134.243 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
4    34.201.214.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-214-156.compute-1.amazonaws.com
track1.avplayer.com
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
1    2606:4700:3035::6815:23e9 (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
2    194.190.76.38 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.senders.matchtv.ru
px.adhigh.net
1    159.69.59.100 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.59.69.159.clients.your-server.de
sync.dmp.otm-r.com
1    151.236.118.210 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
1    8.2.110.113 (United States)

ASN46636 (NATCOWEB, US)
as.ck-ie.com
5    135.125.163.79 (France)

ASN16276 (OVH, FR)
PTR: ns3190286.ip-135-125-163.eu
user-sync.adxpremium.services
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
12    8.2.110.114 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
6    95.101.54.217 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-217.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
6    52.58.149.75 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-149-75.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2a02:6ea0:c700::11 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vpaid.vidoomy.com
3    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
2    2001:6d0:4001::226 (Russian Federation)

ASN52016 (ADFACT, RU)
www.tns-counter.ru
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    18.192.19.216 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-19-216.eu-central-1.compute.amazonaws.com
a.vidoomy.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
53 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5934
csync.smilewanted.com — Cisco Umbrella Rank: 3794
static.smilewanted.com — Cisco Umbrella Rank: 10486
91 KB
52 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
323 KB
39 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
fra1-ib.adnxs.com — Cisco Umbrella Rank: 7677
cdn.adnxs.com — Cisco Umbrella Rank: 1499
acdn.adnxs.com — Cisco Umbrella Rank: 583
secure.adnxs.com — Cisco Umbrella Rank: 417
85 KB
38 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 477
ads.pubmatic.com — Cisco Umbrella Rank: 492
image6.pubmatic.com — Cisco Umbrella Rank: 682
simage2.pubmatic.com — Cisco Umbrella Rank: 660
image2.pubmatic.com — Cisco Umbrella Rank: 820
simage4.pubmatic.com — Cisco Umbrella Rank: 1193
64 KB
37 khaleejtimes.com
www.khaleejtimes.com — Cisco Umbrella Rank: 289533
image.khaleejtimes.com — Cisco Umbrella Rank: 224054
coronaliveupdates.khaleejtimes.com — Cisco Umbrella Rank: 995624
619 KB
36 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 469
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 953
eus.rubiconproject.com — Cisco Umbrella Rank: 566
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 967
pixel.rubiconproject.com — Cisco Umbrella Rank: 315
token.rubiconproject.com — Cisco Umbrella Rank: 573
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2060
64 KB
30 googlesyndication.com
ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 132
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
269 KB
29 jogo.studio
io.jogo.studio — Cisco Umbrella Rank: 722622
play.jogo.studio — Cisco Umbrella Rank: 850777
441 KB
26 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5975
ghb1.adtelligent.com — Cisco Umbrella Rank: 8678
ghb2.adtelligent.com — Cisco Umbrella Rank: 10526
ads59.adtelligent.com — Cisco Umbrella Rank: 537147
s.adtelligent.com — Cisco Umbrella Rank: 10455
sync.adtelligent.com — Cisco Umbrella Rank: 4967
28 KB
24 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1856
adservice.google.com — Cisco Umbrella Rank: 68
www.google.com — Cisco Umbrella Rank: 2
57 KB
22 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1572
cache.betweendigital.com — Cisco Umbrella Rank: 23942
12 KB
21 openx.net
oajs.openx.net Failed
google-bidout-d.openx.net — Cisco Umbrella Rank: 2602
rtbdemand-d.openx.net — Cisco Umbrella Rank: 38683
rtb.openx.net — Cisco Umbrella Rank: 1172
u.openx.net — Cisco Umbrella Rank: 619
3 KB
20 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1351
mp.4dex.io — Cisco Umbrella Rank: 1975
c.4dex.io — Cisco Umbrella Rank: 6374
27 KB
20 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 413
mug.criteo.com — Cisco Umbrella Rank: 2837
bidder.criteo.com — Cisco Umbrella Rank: 723
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16347
ads.eu.criteo.com — Cisco Umbrella Rank: 8856
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10084
dis.criteo.com — Cisco Umbrella Rank: 575
ssp-sync.criteo.com Failed
31 KB
20 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 286
aax.amazon-adsystem.com — Cisco Umbrella Rank: 387
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 950
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
130 KB
19 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3268
mwzeom.zeotap.com — Cisco Umbrella Rank: 2748
5 KB
18 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 834
x.bidswitch.net — Cisco Umbrella Rank: 290
5 KB
18 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 597
3 KB
17 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 508
eb2.3lift.com — Cisco Umbrella Rank: 358
6 KB
16 adform.net
cm.adform.net — Cisco Umbrella Rank: 1155
dmp.adform.net — Cisco Umbrella Rank: 2844
c1.adform.net — Cisco Umbrella Rank: 562
5 KB
16 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2758
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 19744
creativecdn.com — Cisco Umbrella Rank: 531
6 KB
15 playstream.media
app.playstream.media Failed
tg1.playstream.media — Cisco Umbrella Rank: 53428
stream.playstream.media
streaming.playstream.media — Cisco Umbrella Rank: 63458
4 MB
13 ck-ie.com
as.ck-ie.com — Cisco Umbrella Rank: 7607
us.ck-ie.com — Cisco Umbrella Rank: 2738
484 B
13 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1783
3 KB
13 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 306
3 KB
13 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 10551
user-sync.adxpremium.services — Cisco Umbrella Rank: 14847
22 KB
13 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 10534
ssbsync.smartadserver.com — Cisco Umbrella Rank: 724
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 592
7 KB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 639
csm.eu.criteo.net — Cisco Umbrella Rank: 8905
120 KB
11 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
580 KB
10 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1248
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431
8 KB
10 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 514
5 KB
10 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 729
2 KB
9 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 4573
u-ams03.e-planning.net — Cisco Umbrella Rank: 49102
s.e-planning.net — Cisco Umbrella Rank: 8459
i.e-planning.net — Cisco Umbrella Rank: 7805
4 KB
9 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 855
1 KB
8 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 41405
hal90005.redintelligence.net — Cisco Umbrella Rank: 338947
75 KB
8 aniview.com
track1.aniview.com — Cisco Umbrella Rank: 2002
player.aniview.com — Cisco Umbrella Rank: 2020
go1.aniview.com — Cisco Umbrella Rank: 6114
131 KB
7 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 4147
pixel.mathtag.com — Cisco Umbrella Rank: 978
sync.mathtag.com — Cisco Umbrella Rank: 482
4 KB
7 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 389
23 KB
7 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1373
sync.teads.tv — Cisco Umbrella Rank: 1255
133 KB
6 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 518
6 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 560
3 KB
6 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 991
ups.analytics.yahoo.com — Cisco Umbrella Rank: 272
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 423
2 KB
6 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 14425
track1.avplayer.com — Cisco Umbrella Rank: 17888
314 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 862
id5-sync.com — Cisco Umbrella Rank: 421
36 KB
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 520
3 KB
5 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 26468
cr.frontend.weborama.fr — Cisco Umbrella Rank: 26762
2 KB
5 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2323
vpaid.vidoomy.com — Cisco Umbrella Rank: 2900
a.vidoomy.com — Cisco Umbrella Rank: 2504
20 KB
5 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1025
bcp.crwdcntrl.net — Cisco Umbrella Rank: 863
sync.crwdcntrl.net — Cisco Umbrella Rank: 755
13 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 9037
1 KB
5 andbeyond.media
rtbcdn.andbeyond.media — Cisco Umbrella Rank: 29689
rtbpass-us.andbeyond.media — Cisco Umbrella Rank: 33114
prebid.andbeyond.media — Cisco Umbrella Rank: 23867
199 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 1870
3 KB
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 447
2 KB
4 media.net
prebid.media.net — Cisco Umbrella Rank: 1346
contextual.media.net — Cisco Umbrella Rank: 599
9 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
4 supabase.co
rkbzwluhocwgxhhuwvjq.supabase.co — Cisco Umbrella Rank: 836551
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
287 KB
4 adgebra.co.in
adgebra.co.in — Cisco Umbrella Rank: 50817
3 KB
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3772
2 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 15136
pixel.onaudience.com — Cisco Umbrella Rank: 2808
2 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 21135
api.webgains.io — Cisco Umbrella Rank: 56810
31 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 742
s.tribalfusion.com — Cisco Umbrella Rank: 1808
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 722
1 KB
3 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 606
1 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 601
usermatch.krxd.net — Cisco Umbrella Rank: 1456
936 B
3 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 24729
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 23566
2 KB
3 vuukle.com
cdn.vuukle.com — Cisco Umbrella Rank: 17950
vuukle.com — Cisco Umbrella Rank: 9153
57 KB
3 netcoresmartech.com
cdnt.netcoresmartech.com — Cisco Umbrella Rank: 38120
osjs.netcoresmartech.com — Cisco Umbrella Rank: 49863
twa.netcoresmartech.com — Cisco Umbrella Rank: 33035
70 KB
2 tns-counter.ru
www.tns-counter.ru — Cisco Umbrella Rank: 13059
704 B
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 3501
670 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 17662
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 4604
748 B
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 19115
824 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1176
1 KB
2 gstatic.com
fonts.gstatic.com
26 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16768
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4789
564 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 686
997 B
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1470
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 200
2 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1484
751 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 635
sync.taboola.com — Cisco Umbrella Rank: 882
346 B
2 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3357
pixel-sync.sitescout.com — Cisco Umbrella Rank: 607
374 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 812
952 B
2 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 239
766 B
2 amazonaws.com
jogo-assets.s3.amazonaws.com
67 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 3109
381 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 939
814 B
2 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 437
fonts.googleapis.com — Cisco Umbrella Rank: 35
121 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 677
455 B
2 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 23428
4 KB
2 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1027
akamai.tiqcdn.com — Cisco Umbrella Rank: 10215
25 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 344
4 KB
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1131
228 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 21479
70 B
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 15269
3 KB
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2106
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 3605
464 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3044
104 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 5890
345 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6059
1 erne.co
green.erne.co — Cisco Umbrella Rank: 20357
412 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2592
641 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2066
308 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1253
283 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5565
277 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 849
225 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5255
370 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 645
936 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 550
706 B
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 59947
3 KB
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 44502
2 KB
1 more-and-more.de
www.more-and-more.de — Cisco Umbrella Rank: 268698
1 KB
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 195628
931 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
795 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 6168
553 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 339
650 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 23976
367 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 532
145 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1108
213 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 493
533 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 22601
84 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 115114
659 B
1 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 8206
324 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 9738
411 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 874
498 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1295
300 B
1 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 5850
482 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1040
477 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 7792
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 199
27 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2334
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2631
2 KB
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 26743
3 KB
800 133
Domain Requested by
36 csync.smilewanted.com rtbpass-us.andbeyond.media
csync.smilewanted.com
33 securepubads.g.doubleclick.net www.khaleejtimes.com
securepubads.g.doubleclick.net
www.googletagservices.com
33 www.khaleejtimes.com www.khaleejtimes.com
32 ib.adnxs.com 5 redirects rtbpass-us.andbeyond.media
spl.zeotap.com
acdn.adnxs.com
21 tpc.googlesyndication.com securepubads.g.doubleclick.net
ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
21 ads.betweendigital.com 6 redirects rtbpass-us.andbeyond.media
ads.betweendigital.com
www.khaleejtimes.com
18 cm.g.doubleclick.net 12 redirects spl.zeotap.com
eus.rubiconproject.com
www.khaleejtimes.com
ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
18 ap.lijit.com rtbpass-us.andbeyond.media
www.khaleejtimes.com
csync.smilewanted.com
adxbid.info
16 mwzeom.zeotap.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
www.khaleejtimes.com
15 io.jogo.studio www.khaleejtimes.com
io.jogo.studio
14 play.jogo.studio io.jogo.studio
play.jogo.studio
www.khaleejtimes.com
13 simage2.pubmatic.com ads.pubmatic.com
www.khaleejtimes.com
13 sync.richaudience.com 6 redirects spl.zeotap.com
csync.smilewanted.com
13 match.adsrvr.org spl.zeotap.com
ssum.casalemedia.com
eus.rubiconproject.com
www.khaleejtimes.com
ads.pubmatic.com
rtbpass-us.andbeyond.media
csync.smilewanted.com
13 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
www.khaleejtimes.com
12 us.ck-ie.com csync.smilewanted.com
12 sync.adtelligent.com ads59.adtelligent.com
www.khaleejtimes.com
s.adtelligent.com
s.console.adtarget.com.tr
ads.us.e-planning.net
ads.pubmatic.com
11 www.googletagservices.com securepubads.g.doubleclick.net
ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
11 bidder.criteo.com rtbpass-us.andbeyond.media
static.criteo.net
11 prg-apac.smartadserver.com rtbpass-us.andbeyond.media
11 prebid.smilewanted.com rtbpass-us.andbeyond.media
10 x.bidswitch.net 10 redirects
10 cm.adform.net 8 redirects s.console.adtarget.com.tr
10 sync.1rx.io 10 redirects
10 onetag-sys.com 1 redirects rtbpass-us.andbeyond.media
ads59.adtelligent.com
ads.us.e-planning.net
s.adtelligent.com
www.khaleejtimes.com
cache.betweendigital.com
10 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
rtbpass-us.andbeyond.media
static.criteo.net
9 streaming.playstream.media player.avplayer.com
9 c.4dex.io www.khaleejtimes.com
9 pixel.rubiconproject.com 4 redirects s.adtelligent.com
eus.rubiconproject.com
adxbid.info
www.khaleejtimes.com
9 rtbdemand-d.openx.net rtbpass-us.andbeyond.media
9 fastlane.rubiconproject.com rtbpass-us.andbeyond.media
9 mp.4dex.io rtbpass-us.andbeyond.media
9 tlx.3lift.com rtbpass-us.andbeyond.media
9 prebid.a-mo.net rtbpass-us.andbeyond.media
8 image2.pubmatic.com ads.pubmatic.com
www.khaleejtimes.com
8 eb2.3lift.com ads.us.e-planning.net
rtbpass-us.andbeyond.media
adxbid.info
8 creativecdn.com 8 redirects
8 eus.rubiconproject.com player.aniview.com
eus.rubiconproject.com
ads.us.e-planning.net
rtbpass-us.andbeyond.media
cache.betweendigital.com
8 grid.bidswitch.net rtbpass-us.andbeyond.media
8 rtb.adxpremium.services rtbpass-us.andbeyond.media
7 pagead2.googlesyndication.com ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
www.googletagservices.com
7 ads.pubmatic.com ads59.adtelligent.com
s.adtelligent.com
ads.us.e-planning.net
www.khaleejtimes.com
rtbpass-us.andbeyond.media
adxbid.info
7 js-agent.newrelic.com coronaliveupdates.khaleejtimes.com
7 prebid-asia.creativecdn.com rtbpass-us.andbeyond.media
6 match.sharethrough.com csync.smilewanted.com
6 ads.stickyadstv.com 6 redirects
6 static.smilewanted.com csync.smilewanted.com
6 u.openx.net rtbpass-us.andbeyond.media
6 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
6 aax-eu.amazon-adsystem.com 3 redirects ads.us.e-planning.net
eus.rubiconproject.com
ads.pubmatic.com
6 image6.pubmatic.com 2 redirects ads.pubmatic.com
spl.zeotap.com
6 www.google.com securepubads.g.doubleclick.net
ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
6 ads59.adtelligent.com www.khaleejtimes.com
ads59.adtelligent.com
6 track1.aniview.com www.khaleejtimes.com
player.aniview.com
6 c.amazon-adsystem.com rtbcdn.andbeyond.media
c.amazon-adsystem.com
player.aniview.com
5 user-sync.adxpremium.services adxbid.info
ads.pubmatic.com
vid.vidoomy.com
5 match.prod.bidr.io 5 redirects
5 s.amazon-adsystem.com 3 redirects ssum.casalemedia.com
eus.rubiconproject.com
5 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
5 rtb.openx.net 3 redirects ads.us.e-planning.net
ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
5 stream.playstream.media player.avplayer.com
5 a.teads.tv rtbpass-us.andbeyond.media
securepubads.g.doubleclick.net
a.teads.tv
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.de securepubads.g.doubleclick.net
4 track1.avplayer.com player.avplayer.com
4 a.audrte.com 3 redirects www.khaleejtimes.com
4 token.rubiconproject.com 4 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 hal90005.redintelligence.net 1 redirects www.khaleejtimes.com
hal90005.redintelligence.net
4 hal9000.redintelligence.net www.khaleejtimes.com
hal90005.redintelligence.net
4 fra1-ib.adnxs.com ads59.adtelligent.com
fra1-ib.adnxs.com
cdn.adnxs.com
4 id5-sync.com cdn.id5-sync.com
rtbpass-us.andbeyond.media
4 www.google-analytics.com io.jogo.studio
www.google-analytics.com
www.khaleejtimes.com
4 rkbzwluhocwgxhhuwvjq.supabase.co io.jogo.studio
4 www.googletagmanager.com io.jogo.studio
www.googletagmanager.com
adv.office-partner.de
4 adgebra.co.in www.khaleejtimes.com
adgebra.co.in
3 sync.bumlam.com 3 redirects
3 simage4.pubmatic.com ads.pubmatic.com
3 dis.criteo.com 2 redirects www.khaleejtimes.com
3 um.simpli.fi 2 redirects www.khaleejtimes.com
3 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
3 ups.analytics.yahoo.com ads.us.e-planning.net
www.khaleejtimes.com
ads.betweendigital.com
3 idsync.frontend.weborama.fr 2 redirects www.khaleejtimes.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 ssum.casalemedia.com 2 redirects ads.us.e-planning.net
3 tags.mathtag.com 1 redirects www.khaleejtimes.com
fra1-ib.adnxs.com
3 aax.amazon-adsystem.com c.amazon-adsystem.com
3 secure-assets.rubiconproject.com 3 redirects
3 prebid.media.net rtbpass-us.andbeyond.media
3 coronaliveupdates.khaleejtimes.com securepubads.g.doubleclick.net
coronaliveupdates.khaleejtimes.com
3 ghb.adtelligent.com rtbpass-us.andbeyond.media
2 a.vidoomy.com www.khaleejtimes.com
2 www.tns-counter.ru 1 redirects www.khaleejtimes.com
2 an.yandex.ru 1 redirects www.khaleejtimes.com
2 x01.aidata.io 2 redirects
2 pool.admedo.com 2 redirects
2 px.adhigh.net 2 redirects
2 uipglob.semasio.net 1 redirects www.khaleejtimes.com
2 pixel-eu.onaudience.com 2 redirects
2 api.webgains.io analytics.webgains.io
2 fonts.gstatic.com fonts.googleapis.com
2 www.awin1.com 1 redirects www.khaleejtimes.com
2 cr.frontend.weborama.fr 2 redirects
2 sync.crwdcntrl.net 1 redirects www.khaleejtimes.com
2 d5p.de17a.com 2 redirects
2 sync.mathtag.com 2 redirects
2 pixel-eu.rubiconproject.com eus.rubiconproject.com
2 sync.teads.tv 1 redirects www.khaleejtimes.com
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 pr-bh.ybp.yahoo.com 1 redirects www.khaleejtimes.com
2 cms.quantserve.com 2 redirects
2 csm.eu.criteo.net ads.eu.criteo.com
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 dsp.adfarm1.adition.com 2 redirects
2 dpm.demdex.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 sync.console.adtarget.com.tr 1 redirects s.console.adtarget.com.tr
2 pixel.mathtag.com 1 redirects fra1-ib.adnxs.com
2 ad.turn.com 2 redirects
2 vid.vidoomy.com www.khaleejtimes.com
adxbid.info
2 ads.us.e-planning.net 1 redirects ads59.adtelligent.com
2 bam.nr-data.net js-agent.newrelic.com
2 player.avplayer.com tg1.playstream.media
player.avplayer.com
2 ghb2.adtelligent.com rtbpass-us.andbeyond.media
2 ghb1.adtelligent.com rtbpass-us.andbeyond.media
2 script.4dex.io rtbpass-us.andbeyond.media
script.4dex.io
2 jogo-assets.s3.amazonaws.com play.jogo.studio
2 gum.criteo.com 1 redirects static.criteo.net
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
2 ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
rtbpass-us.andbeyond.media
2 cdn.id5-sync.com www.khaleejtimes.com
securepubads.g.doubleclick.net
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 p.adlooxtracking.com rtbcdn.andbeyond.media
p.adlooxtracking.com
2 prebid.andbeyond.media rtbcdn.andbeyond.media
www.khaleejtimes.com
2 cdn.jsdelivr.net www.khaleejtimes.com
securepubads.g.doubleclick.net
2 cdn.vuukle.com www.khaleejtimes.com
cdn.vuukle.com
2 rtbcdn.andbeyond.media www.khaleejtimes.com
1 stats.g.doubleclick.net www.google-analytics.com
1 sync.adkernel.com www.khaleejtimes.com
1 vpaid.vidoomy.com vid.vidoomy.com
1 as.ck-ie.com 1 redirects
1 cache.betweendigital.com ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
1 adxbid.info rtbpass-us.andbeyond.media
1 contextual.media.net rtbpass-us.andbeyond.media
1 match.adsby.bidtheatre.com 1 redirects
1 secure.adnxs.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pixel-sync.sitescout.com www.khaleejtimes.com
1 pubmatic-match.dotomi.com www.khaleejtimes.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 matching.truffle.bid ads.pubmatic.com
1 green.erne.co 1 redirects
1 cm-supply-web.gammaplatform.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 cdn.track.production.webgains.team www.khaleejtimes.com
1 analytics.webgains.io track.webgains.com
1 fonts.googleapis.com hal90005.redintelligence.net
1 acdn.adnxs.com www.khaleejtimes.com
1 track.webgains.com www.khaleejtimes.com
1 www.more-and-more.de hal90005.redintelligence.net
1 adv.office-partner.de hal90005.redintelligence.net
1 p.rfihub.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 s.tribalfusion.com www.khaleejtimes.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 sync.taboola.com 1 redirects
1 ssum-sec.casalemedia.com ssum.casalemedia.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 i.e-planning.net ads.us.e-planning.net
1 sync.go.sonobi.com ads.us.e-planning.net
1 ssp.disqus.com 1 redirects
1 s.e-planning.net ads.us.e-planning.net
1 sync.admanmedia.com 1 redirects
1 pixel.sitescout.com ads.us.e-planning.net
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 cdn.adnxs.com fra1-ib.adnxs.com
1 ads.eu.criteo.com ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
1 rtb.fr3.eu.criteo.com www.khaleejtimes.com
1 sync.targeting.unrulymedia.com 1 redirects
1 s.console.adtarget.com.tr ads59.adtelligent.com
1 s.adtelligent.com ads59.adtelligent.com
1 ic.tynt.com ads59.adtelligent.com
1 ssbsync.smartadserver.com player.aniview.com
1 hbopenbid.pubmatic.com rtbpass-us.andbeyond.media
1 go1.aniview.com player.aniview.com
1 player.aniview.com player.avplayer.com
1 tg1.playstream.media securepubads.g.doubleclick.net
1 mug.criteo.com www.khaleejtimes.com
1 cdnjs.cloudflare.com play.jogo.studio
1 google-bidout-d.openx.net oa.openxcdn.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 imasdk.googleapis.com io.jogo.studio
1 wrappers.geoedge.be rtbpass-us.andbeyond.media
1 twa.netcoresmartech.com osjs.netcoresmartech.com
1 rtbpass-us.andbeyond.media rtbcdn.andbeyond.media
1 akamai.tiqcdn.com tags.tiqcdn.com
1 vuukle.com cdn.vuukle.com
1 tags.tiqcdn.com www.khaleejtimes.com
1 osjs.netcoresmartech.com cdnt.netcoresmartech.com
1 image.khaleejtimes.com www.khaleejtimes.com
1 cdnt.netcoresmartech.com www.khaleejtimes.com
0 ssp-sync.criteo.com Failed static.criteo.net
0 oajs.openx.net Failed oa.openxcdn.net
0 app.playstream.media Failed www.khaleejtimes.com
800 231
Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-05-15 -
2023-11-11		 6 months crt.sh
cdnt.netcoresmartech.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-04-09		 a year crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2023-02-14 -
2024-03-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
image.khaleejtimes.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-10-25		 8 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-05 -
2024-05-04		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
www.adgebra.co.in
Go Daddy Secure Certificate Authority - G2		 2022-12-18 -
2024-01-07		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.jogo.studio
R3		 2023-05-16 -
2023-08-14		 3 months crt.sh
*.tiqcdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-14		 a year crt.sh
*.netcorecloud.net
GlobalSign RSA OV SSL CA 2018		 2022-12-26 -
2024-01-27		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-03-25 -
2023-06-23		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-10		 8 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-04-28 -
2023-07-28		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-03-30 -
2023-06-28		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.a-mo.net
R3		 2023-04-13 -
2023-07-12		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-02 -
2023-07-01		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-05 -
2023-07-04		 3 months crt.sh
teads.tv
R3		 2023-05-11 -
2023-08-09		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
ghb2.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-05 -
2023-07-04		 3 months crt.sh
wl.aniview.com
R3		 2023-04-29 -
2023-07-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
coronaliveupdates.khaleejtimes.com
R3		 2023-05-06 -
2023-08-04		 3 months crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-09-08		 a year crt.sh
*.aniview.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-04		 10 months crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
stream.playstream.media
R3		 2023-05-10 -
2023-08-08		 3 months crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-05-09 -
2023-08-07		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
ads59.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-04-01 -
2023-06-30		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
ads.us.e-planning.net
R3		 2023-05-06 -
2023-08-04		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-03-28 -
2023-06-26		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-03-25 -
2023-06-23		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2023-03-24 -
2023-06-22		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2023-06-25		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-13 -
2023-08-10		 3 months crt.sh
redintelligence.net
R3		 2023-04-10 -
2023-07-09		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.e-planning.net
R3		 2023-05-06 -
2023-08-04		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-02-09		 a year crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-18 -
2023-08-18		 3 months crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2023-03-23 -
2023-06-21		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
dmp.theadex.com
R3		 2023-04-24 -
2023-07-23		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-26 -
2023-06-29		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
adv.office-partner.de
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
*.more-and-more.de
Sectigo RSA Domain Validation Secure Server CA		 2023-01-26 -
2024-02-26		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-10 -
2024-03-09		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M02		 2023-03-02 -
2023-09-21		 7 months crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M01		 2023-02-28 -
2023-10-28		 8 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
c.4dex.io
GTS CA 1D4		 2023-05-04 -
2023-08-02		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-03-01 -
2023-05-30		 3 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
truffle.bid
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
adxbid.info
E1		 2023-04-12 -
2023-07-11		 3 months crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G2		 2022-05-27 -
2023-06-28		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-16 -
2024-03-18		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
streaming.playstream.media
R3		 2023-05-12 -
2023-08-10		 3 months crt.sh

This page contains 180 frames:

Primary Page: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Frame ID: DA8C74429DE3EA95DDC721704D21DA8E
Requests: 327 HTTP requests in this frame

Frame: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Frame ID: 1F1C23F2475CDF38548C21A0C0581B5E
Requests: 26 HTTP requests in this frame

Frame: https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6298F481523F97E71463C9FD599C3770
Requests: 1 HTTP requests in this frame

Frame: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Frame ID: BEC56517C337CC27C1C9BD1AB2C0F654
Requests: 17 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.khaleejtimes.com
Frame ID: 447FA7D0619BF53F9E4BF3DED6B6A54B
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: E923A39BBE2913B7BD970AF98F7C75E0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstR4A1wXXaOKmW7qQxrMx-nLXjtWWAwXSGdnQMmPUkYpTcEqq4VRnyeW-0_MAWskQ99XwC_u7lA5OjwH-NreqG2Os8eRNgDfJKhnUPTWjDTRQTwCCKitetqUaVHsvXzLp-bU3dpi-NHI2nyRjkmlKZurp9ZHcY7ANBu7n7T9d95ksnFnHqkS9iP3EO_xmB9xke48r5IjWAaai9F5CYebkc-P3V5DNAboibjZcLSg0pnoyvRrwR2DtajJvWDlZzgmxAVfVcIE-cZH0VLr9SHSBbzJ-89VKqjVuold3_WOvjSGiCyLY7H6Cbm_JKvhxYGOYgdg9qDLc3HCs3ijpJE&sai=AMfl-YRY5Twg9nOroX3U6kM06cOuTXFLOtMLXtM0hFY442OStKqYQGHXWPL0f1wX3orBeQDRDV8Y2yqP9kMPKi_ktnttCUSzpMSUe1Hx3ZFDgVgFD9MZD7jNymQKLh5d6xkYdGesBaMtk-G0YD4aTTIHXG_t1DilyKUAqMmjiIzUjQ77&sig=Cg0ArKJSzJ7dNjGUx543EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 970FBE1ABDC49DBDF31E7CDFD06099FB
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6V16NNOqQG8xOQZ7S9auVHGWul1p9LCHbGT31nwlNgeg89WeRwBjfHom8-29M2wekd5W18ejYAPGh8N2dRqI8eL3_Vf_6ViJSGv0MWM87nd8L3Gpg7n5QQf6MMGd0lmnP_CMuFyKrRhuFPPNTTjJs3eixH48vf5EWOEK0swvA_-NzU3VNPBoz-J8BcBfEd_L97WAVHsy_gfBphKKkCeqM-t80MJgI4OZI_yjjlGhl7Z8DC6LpooRCuUfrOEpSf6TSwX23VmsNxP12-kLEt7gMg_fxFf0wkzWE8JrCZxlLzP2E6_5uO2UGzTsDzvLskkHrPd615TMZ-7k5Pfj1c40o&sai=AMfl-YS6m-4nWgPAkUv8yv6yXRCmNlTC53yLkG74fGbwFJhcv6mblvqMQisgGYK39Yv1WbYUuWRuVQP5w2RcEGiMOBTPMrGkKGXzlg3Ch69SdN1ZX-5jijLjKZbN86WQ8b6iehzvGanD71etqgJiv6sdfduzd-OxSwTzwGKLYwXLEK4a&sig=Cg0ArKJSzNmcVKs6-76-EAE&uach_m=[UACH]&adurl=
Frame ID: D34BDA3E40A1337E4CE803E5DC9590A9
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSqxkMLZSpAkNyqa8QJJAXzhbqB4oEBPjVNKq7mWMbKbZGa1ep_yov3esuLG-6GE6cZV_9wuApdzkLLuMkSK6hgEcTTF_3TotzB1MTmTZ_qaOto7D6QIGBCFDVLc0WIqNoEoVzyHd0Gjr3cIt83TWOHX32gr3b4u2l03ntx6euELy929zsnz7MtHeLg_mTCKXQy-c0kHGxyFz4ek65VyYh2iRQM8iimz2JOQB4kWz2v-exBwvtXYshVhFE6YAWf7z8K-aapGJLxAPZbn3n9xNf7h1jSEzrxS8_gDnEZEESHwxfzd3nMEd3e5XFrLam1QHPBxJeGuUT5qrdMoo3tTwxLg&sai=AMfl-YRBn8ufaxOhb1vDF2MaMgiqzFXMbJD-8YOd0dW4QeziU3JzP3lRAZwPfHvQdu0E6n9kUgeTMaLEwTrrt-__zlEo81HsMuezXUvEDAwmPccVNt_Z6wgsXiBHU5-Xyk567TnilHbJWnX_0bBiuv5zTafkS4HezDNrSD71-_j0Etnr&sig=Cg0ArKJSzN3AYdzDGdHyEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 19924A8BF898C5293E752FAA8EC1473E
Requests: 5 HTTP requests in this frame

Frame: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Frame ID: CC17D2765095D3E63AFE204782C151F1
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3NNfbW_WUhQ1Dg6Hx6GTUSATsXlLXdRFTo9j7uJD1o1LqkfgHU0XfWUW5qJGcfGsj6ZchMGjVcgnScamVK3FQQHwfD_10tgp5yuNmIgTdz-497CTJxTy_o3HaDmDoB18sNgEyFU5EbsX9ckcq0fjCfgaZl2ZcTrEQfGN7ObnRmrsQMXwXPzHEYtO0a1D0TQitRyVWsB9Ek5AZ6BBEIqRIzG5U711V6vyQGIfvvPgYadPLgRdmHXM2pXcMYgAr7pqIvstDJ-_ZOHwX8W8O1Xr8BbrjHXz44lto9vLsio2Y2Yp59mSABQsjzzU-21ksN7Cj_fRVG7pj-DIjVC-TyQgQMeXHpleGjBgJ&sai=AMfl-YRVapMsoMAleEiZTdwA87RaFB_D5Sg1QTZoXkpvU6rqGi864DVj37Y1sNVVcAsh1HYMTv8HhuHYryWJJql2BphFFAFH7f5i5qJQcaVkhjTPfVGAXVV3qetAmT78069f3iur-iskUic05BZGpN_H&sig=Cg0ArKJSzCZrX8yV_ad2EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2E7B9FE313150CACD27C3A16F864B195
Requests: 5 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=631834db55e9564951409ee5
Frame ID: D29E1C3870871577928AC11BFB232E89
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZOqWCSnUAhkEZiM1er3EQsN2QbI5-QqIn4WpuDOeeyiwjL0H0vhSnQZ0eh8NLPdG2acMKuUPqkTJGmGVjZzFTVqStXp6K8A_QmS1AYESEicCBuFGnzsMmwNqR_k_ouZWlKcz5DPznULwrtuTtLB2JXsFXuwTcyCtwXn3ZFxJPwY8DBrnHExKUhVbjA--cOkaGvH-0hKT8tx29bryg6SUIwV_YNXDJWGcJyVU_JcoqjcTsGyZp2m4RZdqNiShd-Rq3GBa3weLG8RLJAQ6gnEnxVpk8oX6TRmMYnz073r5DbEvNddntT4SKIe5ONWaXcutlMSirBbmqRhx-JpeFebQ&sai=AMfl-YTRv-rpLS0d4Df59JjpMPf8kyajuaSIINuH4S5XZaqoFDSIBNxLmO6Y56Hpca9w2YJRhgknCILqWdfbyrsMFbEZnddTcSgLBOfIr4T-HC78G1dRxS0ZcxvFzEnruIQ&sig=Cg0ArKJSzGqnnKR24biBEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 22B391544CC30F2D6255276054581C85
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSphs9ki6tegTUMu6heEXw1jW-HJZJv5c3asVUWfbYYbK2jWYvmj6lVCqM251TRuEJg-cvjKGy7zb_oyIpv8Nf7uhoUDTlENrWYIF0v3LARocllk7Piyw0N1dL2br1xgqKqMCT-kZs42UIooZduMSnYDTpg_inInoOZiNGKDGbtoPafpUt_J2l9FtQX5j_jS1UXXb0Tj6rgsHdiJ45oJFRilgwFKJJEXC-VJsSc1-a1Ss121-e85VkqJp98vpvYoR2dj3NwFNYVBDHTmYMRNBGGzUhV6cNc3NtBTick64OCuqakvdGXAYGff6BQGfUevlQKEAb-E0RQw-5c9nMqA&sai=AMfl-YSK5W9VyZ9Pzcotw-rtRE6JpkOQxKVIPLpVpfD5Xgee4zfBmPamFAgoHZHDQC2UEq7C4-v2gtlpvT1FobcS9kAt7YSHCkA1XkDwRBnkVmXsFgM4mw0zfXIZg6ZvK4Q&sig=Cg0ArKJSzCQhKMwe-l8sEAE&uach_m=[UACH]&adurl=
Frame ID: AD368ACE8DD3BE2E7FBE4CDE5020D96B
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8tiZcKEdqj4u_qZs7FiVhW5-3jb9C5O56d9i6MAiSQxPSaSLqhqiaK58oFmiK-HVANNaNIljUJVJlDXJRh0EI_Lr1Y4MgbaAs9hQatapknsx5l-ShwzIg_3vJe97PrfD8ovZXKxJ6iqe814Vdtka-GXT5vSzFczbIfve9jDcWQYBvgcjfMte6LZPTfTY_HSAIAWNVmd-dIGpdIHlk7USuNiSCbZaZEo2pyhymAcnL75PG3ODo3j0Zsp5X-eaFtakj0cls-KZiaJuSR6A2gQz9lG2_y6RRrlhaGf0H1DDu-_BZUp3CWH8lkfu3hbwIX-vDZLLv_NtH9hye4vfr-A&sai=AMfl-YR8h13_l-snX0BsEcIAbCZcD_XkVTuphpjL1RF8MkGTNPg6MgXcLKIXZUgBPUgJ4r6jwKKYzkPml0aErPcdaK00Lsobg5S_puAD6tGckacTD6vjiIBDoCx6L3vgQqM&sig=Cg0ArKJSzMmq3mYXg5Q-EAE&uach_m=[UACH]&adurl=
Frame ID: 3200099E2E2B4098E324A41A07133B1D
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNwroWyJBD5ayQzmAKZceKrPGVjyQ7cAEFjnOkuwgaIZdwfNxRmehWiGIFoX0EA--AYD2eRM6J0sbG4hQ0J3M7Oj-75pq20sMLxxxFJSrHXksE19ttx4pYMkZP5zmOUimACxrnzoEd4u_4aBB3m6lda1wUKb96Y9qb9B1OUS01uQ4OJjU2NSVNRAc63GAbbIYvD7D_uVt1T19N8vvXI18Qdc0aBOmoMunWk7RnxWCuOX6qKyjS6-UMSi2IanRXzpGZuFD_dMvDmJ5GnNX4hloi3WXPgMIHPChJdigZG0FpV522NBR2jkUJwW4G7S__fthlcbLuvlBkB5GBS0p0PFo&sai=AMfl-YTatZ6fL5qKr3V5uxeAiZKZLPc0n5_bvmp0lus6hnAEmuuZ3PTKFtWF8pf-gAKL18sLmaSMz0Rwg05NhkQ3YMhAVmabgkDRSrcTGNT3x-C1tCAwWZfFJ4vX19-ltek&sig=Cg0ArKJSzDieeDDmzjW6EAE&uach_m=[UACH]&adurl=
Frame ID: 729E600655E014512ECBFB1E06FE4062
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Frame ID: 6D2DF676B8BCAA05200304D381B369BA
Requests: 11 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=33&gdpr=1&gdpr_consent=&rdir=
Frame ID: C022EC11E2E5E34FCB6759983A4A4EF7
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 92BCAA1211318997A2563C9E1342E76F
Requests: 4 HTTP requests in this frame

Frame: https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 56CB579F135D3F05876645DD3EF994A7
Requests: 11 HTTP requests in this frame

Frame: https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https://www.khaleejtimes.com/&e=wqT_3QKMGfBMjAwAAAMA1gAFAQigmKqjBhC13q7o8NHnmAoY8vKEhNyljLkOKjYJWYtPATCesT8RZhXbSek-rT8ZAAAAAClc7z8hZhXbSek-rT8pWYsJJMgxAAAAgD0Ktz8wkrL0CTiUXUAdSAhQl5C7tgFYlPyRAWAAaPvYuQF4AIABAYoBA1VTRJIFBvC2mAGgAaAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAvm_WuoCHWh0dHBzOi8vd3d3LmtoYWxlZWp0aW1lcy5jb20v8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNDEyMDAzODQzNTc4NTY1MTI5M_ICzAEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEq0BaHR0BYY0cGl4ZWwubWF0aHRhZy4Bg6BjbGljay9pbWc_ZXhjaF9haWQ9NTI2NDkyODc4NzI1MzQ2MjAxJm10XwEaSn0AARsgaWQ9NjYyMjM5BQ4oYWRpZD0yMTY1MzYBHShzaWQ9NDU2MjMxMgEPFGV4aWQ9MQUpGGluYXBwPTABFkRvcz0mcmVkaXJlY3Q98gIXChM5FjxnZHByX3N0cl0SAPICGQoUOhoARGZsYWddEgEw8gIeChRbQURfQSFLMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITSvUAkPICxgoKEltOT1RJRklDQVRJT05fVVJJXRKvCjxpbWcgc3JjPWgt-Qx0YWdzMnIBFG5vdGlmeTVzGD1hcG4mc18hfgULIYHAYVc5NXEyakx6SXpMeUF2VFZSRmQxcFVUVE5PYlVWMFRVUkJkMDFETUhkTlJFRjNURgUQEEVRWFJOBRAJIAhFUVgJIPCwTHpReE1qQXdNemcwTXpVM09EVTJOVEV5T1RNdk5qWXlNak01TXk4ME5UWXlNekV5THpFekwwdDRaak5vYUhWUE1HbFlZVFJwU0Rab2VWZDZOMHhMU2t4bVRWVndaeTF4UkZsc05TMVZiSEp6ZHpndk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRFcgMTXdkMAXIBE1WESAARQUQOugADGN2TUMJcAkIZvAALFlXMXpMekF2TlRjdyEYcEx6azVPUzh4TmpJdk1tRXdNem94WWpJd09qWTZaITSgRG82THpBdU1EQXdMekUyT0RRM01EUXlPRGd2TVRZNE5EY3hOamc0T0MF9PBGeE9USTVNVFl4THcvVHp4UTd2ekVsVzNXQlFBTlpLSzNFYjVBTjljJm5vZGVpZD00MDEzJmdyb3VwPWNkZyZhdWN0aW9uaWRSagMQcGJzX2FyIgAcc2hhcmRrZXlSPwAuiQMAY32zPGJwPWFfYWdpaWNhJm1pbl9B-SB3aW49JHtBVUNF2_CVTUlOX1RPX1dJTn0mbmZ5X2FjdD1MRDV3ZXcmYmZpcD0xODUuMjkuMTM1LjE0MyZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0PScxJyBzdHlsZT0nZGlzcGxheTpub25lOyBvdmVyZmxvdzpoaWRkZW4nBUNlbgkuNGxlZnQ6LTEwcHg7dG9wDQoQIHBvc2khVCQ6YWJzb2x1dGUnZZ4EJ2htnwBwQhIFEGV2ZW50ZZ8EbXSB2xgxMzY4ODc1gaeR2xQ3NjQmdjGBxwR2MlJsASx2Mz02NTE4NzEmdjSV_gR2NS4nBUhuc3luYz0xJm5vX2F0dHI9MScgUgwBAC9W6AAAORHnAQmC5gBChQQZ5SWuKG1tSW1wVHJhY2smlYkAYqG5CDEyMDpuBggmc3QV0sHKED1bSU1QqXUBDwBdLtsCctMAgC9kaXY-gAMAiAMBkAMAmAMUoAMBqgPTBgqLBmh0dHA6L0a2AABu_jsF_jsF7jsFrTt8aHJXVTk0WVU1bVRuRkdTVVIyTW1GQlptWnJOazB2TVOFRwB3gaMET1T-OwX-OwX-OwXiOwVoS2ZPdmtHcF9lVjRUSWc1b09tbnFDX2pqMkV3LmAC_jsFnjsFEHByaWNlvREYUFJJQ0V9Ji46BS4YBQhmM1VSGQVeggUOLwgMYXBpJmWLDG51cmyxOghzMnNSgAigGhI3MzQ1NDI1NTE0NzQ0ODI5OTciCTM4MjY1MDM5MSoGMTAxOTM2Ogca2wjw18ADrALIAwDYA6-wMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDM6MWIyMDo2OmYwMTE6OjVlqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBJeQu7YB-gQSCQAAAGBtDUlAEQAAAOBNQiFAiAUBmAUAoAWZ58mpvc-epweqBRAzQjYwMDkwNUQyOTgxRTcywAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGAA7dCzAA8D_QBvmrAdoGFgoQBREdAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapnRTIBwDSBw0VbAEtCNoHBgnpaOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAQ..&s=30c09b9c0820331e8b2bcd3e8e0ebeb5e0085c01&pp=0.0570
Frame ID: 8201E5BDCD29FBAD3107F868BA7A49F1
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP17QECVk_4W2htiaOkmLQNiwXuFks-V_u5TKbXjDSTKakV-W_9AXSBWA1TogDPjr_-7R9k_quV8vYi-kLXTPPp5vPFmHMSQa03oqDfd-XSaazK_vA6hg16TvCPepsuRmsMGUKebLYc0_GfKE6GZC1OOVZdwMDDcbtB_buab1h33YyKq-H508XQxgXIPvuKUpOQJtIOyo--TpasnSLelz7Zy1Q-GgEMbZOPBrgr8UEw0C0RPdtSOkcJhZL1U7sBPw6lqytax_-vlN8uIuMLcNxffiY-XLBrgNNrQ6HWNeMAOoY-ioiLs8gUoF8gfOSxkuLocPZXLJ3jJyCFy9JRXU&sai=AMfl-YSiLcyzLSrgeuM0FjxW6ox7WR8UvX9jT-DJHGzUQgOcF0rciMj7di0blZdnsfCB7lOLQuHzrEW2mBWh3Y06dF2bINZWVyI6cfnWgjurdxPdCfK1ppviItyXBRXpQGs&sig=Cg0ArKJSzL1UQ0e0HFWQEAE&uach_m=[UACH]&adurl=
Frame ID: 5556200848880A7A6993E92D17CEC7AE
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 98468F0E9D9542B6335C00A35A0F305B
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 5D98E698F36CE80CBEFFB3715244137E
Requests: 8 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: E05363115AA270B29278C9B4FB599517
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 7D26BB02D68C38608BB9E2AC556D5BAE
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: F5C5EEEF25FFE1EF606CC3A1D56CFFA1
Requests: 12 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2436496733646849807
Frame ID: 956D23E009288BC09B3CBB83364355C7
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: B8A1EC37B317CF168F69025CE1133149
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGqMIQACrL4Kd8IPAAH8nYY6hdHvl4zb2X8O0Q&u=%7CmnVyqarO45%2F1O9XRKdgJ0iBTRTG7GZ5wp0MQUtnxjMw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9cTlJgqEZnthwGUqKNi4MkjlPejYi92vMYodVXZF_9yDqGpQAOgAZAYVGYTgLXAq-6I4AVCc78jNhssEm7sMRX3R1zMcLa33vxrkiop0IU3zQxEOpcYu3uuE19jSvhpIR0J6i2XFCazLwcKRUotSs1ERamCHGZ9eJ-GPAqxy5rrHJzb7ZBgg6tkDaU_1NdcdatMn_qDb27uY0MfGYuJunip1m6IG73g1f7MkWtXbBYZuR1UNqfKsL_-o-y2VDeHXQyfAhoulV_KYaYkz_d1e1Gd_oK6vnNC0RGGAyfFpPEMjqQNAj3d_h558x4JU_gpkcOiYqUn7r5BIbx-6qmry1whPh8LWIP-X6Q64ZPJiMa9TW3o3XF5i8_9pRiooPx6pNwW6Lh_izm3CELWYZrVwh6a2xSxlyXHQJzo2JsgKrw509bGrdXRLjCRAKVu2lPS6zZsdUBDQiQyKFPEUEDw-iLPORvOZfYhOYkjnZwJsmwX14t4uhEliY7NJ5QLAvnljMIBuyOISbXl8ozjGyqSlPv3pBlCF3iDzM5JqhiXY3TEnP-unvr260WyaHGxKd7l8TWWeQ8M5TdkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9RokIYxqZL7ZCo-E3wOd-YeQBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODczMTIxMDc2NTIwMjIzN8gBCakCkmz4C7Mgsj7gAgCoAwGqBMECT9CNT4kaZHazmWAcoM2wwx9BXMFzGeiikwqBhrVtY8-ceMM4z0bZYoxc08Kdi-qG3OcgwwM8Nl6Nh2nueUpUFtcNBMPHLXr1J-C1vnb_fj5maDpA2hBS3Mk3tcfmJIa_ApgqCavt_8Fwu7m0YzT2dxdER4BNo-wXkHLwVJXBlHnbmBABlVyda-7UC00o1RbalXy4Uar647H8p_Yck_WFJVI06YHDnuOBudokWWE9Yr8zv8wIDF4L53mBYxKh0_ZVNdvX2lG8hwihQwpoGoLOgNoRLHvV-UP28ZbnnrOyM4xXZ-db2qeLpqYG8zW48-v6rZy8mr2aOuvSi6wuhfN-AlI2FfnQ-RzoBqpHXjmMsENDSFt5ZkIT8bQcb0B046KgYE7HngNQ1If-CVH1U7B1od-bLDLDETo2akidler5ffTH4AQBgAabsIrStMCSxaIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjI5NTg1MDUwNzI4NjA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wFXevlAErLxuIdO1qigYmJNL-FQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Frame ID: A05D08F617752F14A995840A126A4499
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D2237C42478B1CB20CF857A964E581FE
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 1FCD36E2789A46F737FBC10C033AB15C
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
Frame ID: 42C90941F861EC4F47AC1AE82425BB17
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 99478DA245464DFEBA15B1AB680D20A4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: AECE7541468144A9CF0FFDD87F659340
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361&cmp=0
Frame ID: 4A5BB5E9E2EF8F4D4DEA3B00B4E0BE49
Requests: 34 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: D060AD19D09B23C15AB583F9D5A0B291
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: C535613925DD8FF511F9974B299236FE
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=JZDFbgINDlnL4b3EFNuO&pi=admatic&tc=1
Frame ID: E98C00401064ECD8FB14FFDBBF2CF360
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 10248430064F04617249E1E04DB35FB9
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID
Frame ID: 893E1BC67EE8946CD75BA858B5581241
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: EC0643EBFCED3B0836479C4A318C3C25
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D25db92053c080c79%26uid%3D
Frame ID: 48CE3D1C4D28B8BC0DEA7CAAC81D75FA
Requests: 3 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AKVN5nn693WGyx1B
Frame ID: 19B888E86FF1FDA556F4FC5925E5A62A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4dce646a-8c21-4700-bc3b-6d10e335bd91&gdpr=-1&gdpr_consent=
Frame ID: E1DB79E0667DF80A7850FBC7475E36DB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588524873530900
Frame ID: 8C4E11A84BCFA524CCA1C96A49180AAE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=
Frame ID: CE8B637AF6C4B69678EB37FE329A055B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=6036709849711314043
Frame ID: 8D367CCF894E4573E7E78F2499DFDA04
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=227EFB13-0300-4E8A-A54E-65179FF0E58E&redir=true&gdpr=-1&gdpr_consent=
Frame ID: DC7AAA607DFABFA1404B6EEE5B5EC063
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=227EFB13-0300-4E8A-A54E-65179FF0E58E
Frame ID: BA26CE51900F84E9680E2A0303E44A47
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 11E7D3A9A5555125567C6FD341F3FD69
Requests: 2 HTTP requests in this frame

Frame: https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Frame ID: F4754AF9AC8368D4FB17D2D0A7A6BE9C
Requests: 1 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=38088700128374800951427012331005&a=6110ddfe
Frame ID: 4338321677B89CF74E034AA74823127A
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11924&pub_id=1929161
Frame ID: 67733DBF95BBEDE81EB6434471855265
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF8JwgLaYTD1nEfi9R7EuCe09IOiXfecuv6OFHF29NVqRTcoMPEpjIZEBQlFzkT0Nr5nc6MEDJkXsnqFnzZfjCM1nf4PCzuz7b5qNxHqRZb51OIIqo84Wh1qArOuTz7X0rFP3tFg3eRH4MnL38RriyBnS6peu5bkunvw5ZHqcRNHyegm-3Jz74MHtso13ZGNcy6cA8MZzzue7rHCarrVca3OCnpNCWs_pSfBLrsLEuetWPo9TAk3kwWSX_wPT2gK54RkcW8nWbqfMCzh8da4hnwD1yn6H42y4mIxb779S3OI2Nn9rBnJlzFzUw3pJpIdyHKycW7Gti_UrTLB_IoQ&sai=AMfl-YRjR49b-M_Nwr7VPfw3x7ce99qfBvz4nevcp9kgsUyuK8Cu48oShfpNcvHPehgP7bk_rWxjj5MXDUDtk2o4D_tchYixYxcNm10mKgytGxFnb227dN2mria2oS4PmcQ&sig=Cg0ArKJSzE6-gKAOp5BDEAE&uach_m=[UACH]&adurl=
Frame ID: 41E046B1DFD58613228AD6F3DBA3A173
Requests: 8 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=227EFB13-0300-4E8A-A54E-65179FF0E58E&gdpr=0&gdpr_consent=
Frame ID: B1C19527EC2E75E91A177332649B3D3B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=k6NJ3530TY-I9EqNlvZS3ZHzT9qIp0eKkKe5aQsB
Frame ID: 054F91A806162A951989D0BE8D9DBAC9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2436496733646849807&gdpr=0&gdpr_consent=
Frame ID: D44F086AD4ACD86046327756630093FE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7235749824706050196&gdpr=0&gdpr_consent=
Frame ID: F4AC6AC723243ABFA8FAE6C38C1BB78F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: C00E3436242381795D1E3DB3C8F57D5E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACYeE7I1RgAAB-5Gc64Dw&gdpr=0&gdpr_consent=
Frame ID: 0DA802CC2A643219DE5F3547478D8EBF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pFSVi-rqWzFhSoaoUjFz6rnVm60&gdpr=0&gdpr_consent=
Frame ID: 0F51451214371ACA5862C708F670EC56
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 0545B33074D53F578189C1A1E9CFFD01
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 5444D8DFA0E645E2CE5F62331E7977B9
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 6E8DCEA3B637B3291A22F18DFDB61356
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: B8CB1C48BD96A6714E93AC4868217ECE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=227EFB13-0300-4E8A-A54E-65179FF0E58E&gdpr=0&gdpr_consent=
Frame ID: A8E6075FA4FAC258FA30D5C78BB95835
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 03107E9C153D957C00B5478939A6D91F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1qemlcnb07vw
Frame ID: 4CC268F7054C87CFAB447305B3345DE4
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9y7pfzHtWbhWXajWQaRVaXgb&gdpr=0&gdpr_consent=
Frame ID: D662BF815B2D98A2C652F990AE8B5076
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 976C8E032D1019F13BFCB803012B07F4
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5894146621
Frame ID: EE2F01AD22A79A63CD1CC0FAFF8CBEDF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:214002DBEB96486A800EB4C15C0CF2EC&gdpr=0&gdpr_consent=
Frame ID: 80B55254251BE65312BE9214CBEA60A3
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=227EFB13-0300-4E8A-A54E-65179FF0E58E
Frame ID: 8B3487B6B5D37EBB582C06AFED740064
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=25db92053c080c79&uid=227EFB13-0300-4E8A-A54E-65179FF0E58E
Frame ID: 28C11E7972E6E85584CF619BFBD05384
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7379DE3CDCE7D4E7434CF5A9DE0C1725
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 10D53216E9F356E02D9178B181735C7E
Requests: 5 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13413210
Frame ID: A91BDA4485453FE59560E7D526981926
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: A86B9F0746FA81BCD0463066E71152AB
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 834CA0BFAB4D8A80BE0A9982926F6907
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: EDF77315680E0C53CA6B80F5F67B6EEE
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: EC57726319CD3D2F11FCD014CB161CD2
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 7338155D31A4BD93C6C650749CF3658A
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A427E8CB26E86320D7642145840611EB
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 7001F2A19C79999E0472E875E4651255
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13413210
Frame ID: 593D404C6B8D5AC2C8322C19301FD4BC
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 9EB0E63D333D84FF91FAFA1686C3D786
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 2BA6CC061A81733CB9A6D2C8179B5EEB
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13413210
Frame ID: D17581848382C5076150BE2A99A4BF43
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156181
Frame ID: 03D817B1B5BF32A622F219D9208D1AE0
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E577F19924063F6D3281D8A2D8DE0D42
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1684704289312
Frame ID: 91324579B7CB53DC95C2CDF336921D1F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: B454471813C9B8603B08EA8F2E1E99BF
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 7AEAF5D837AF54A6B3AED861DC86B085
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13413210
Frame ID: 50838AF229FA9A36F914EB985C0F9932
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 146E4459C776B3548B88FD9AB5BBD1D4
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 942DD59289E37A34A7C59DF538D1C7A3
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 6616A1A2D6B252DD78E66A462D8D46FD
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 37BB94D99564FAD140E1F539C49FB5E6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: C094B429EE2DDC71DAEA5411D90E335F
Requests: 2 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 3E619F0EAD9956D082E76B99F0518ABE
Requests: 7 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 1A0E480E465157A26D4A98611C39BB96
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: D5283DBF8A3A5C8439524A86284548FF
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: E7DB83638F5B7E9DCCC5CD88954B0B74
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 06B50970AE9FEB71D9054F6FE3228809
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 7D11CF005B40922E944DC2A5772E6A49
Requests: 2 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=215e4620-cedb-528e-a1f0-42f0c59aced0&CACHEBUSTER=950092
Frame ID: 6898384393BDDF92CF286C7D649FA434
Requests: 5 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=227EFB13-0300-4E8A-A54E-65179FF0E58E
Frame ID: CBB16601FD13C152DB34201323B2AC05
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: D5A17F4F3C2E1314F3069058B3CC8CDC
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 6A57434846F91709588322D02C1BB6A6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 9CC1EC134BFB99D542B673D70A3FD1AE
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 3A345991E78B7826B365AAC83262C380
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 664C71EB5AF77D38452645EAED373129
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 40FCE402D2F5968BBBF88569C9A32966
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: DACDBF4D23C89CA5999A809AE3C23A83
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: D69361494D0A454444480B2B81183640
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 76F3AD44F77B29F1D6815A5281091707
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: FB3A064BBF511B12F549C268BC1C7064
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: CABF590108B38901F0183B1A02C8B1D2
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 76EF7C7DB66F1BF8C7516DF2A0AC6E44
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: EA836931DD2018DA618778A57998EFC2
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 19CF6ACD5677DC0BA1056027C85A4F63
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 8A9938808BB8690C363018CE0E8AF3A2
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 9FB91D2A7214AA68E546145996D5D2A4
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 173E722E7BD1947C714BFEAD2C95E620
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Frame ID: 7C2CF2131FB088A72349B0A3F2B947D9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8607225507
Frame ID: D7417E683289AEB7DDD2FBDB99827FAF
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8702170863
Frame ID: DE0AAFB06C1E8948BDB47148ED23CF17
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6880188574
Frame ID: 4C70E794D095E4B3437A2E8DF353A62E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3568982113
Frame ID: 45A938C02FD55D3563390F490F731076
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5711190541
Frame ID: FCDFDB7E903F84461728B20879C35CE4
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4010052887
Frame ID: 0DFD502D325067A4FDAFAD2791B39874
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Frame ID: 9C9F4E7BDB17FD31BDEC65DD07BE11AB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Frame ID: FEAE55C2BFCC71AB0177E23CEE717B30
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Frame ID: D7E6EBC2BBFE4D991FC37FC7DF56ED11
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Frame ID: 409C3007330DF2DDF0256F6C1A7EAE15
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Frame ID: B5B38640A0A92F2C515A95D69BE26830
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Frame ID: 5D3F54C36AA1A4F376D7B3870EDFE7C2
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: B7D368FB517644CCF0BEE6896701B6F1
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 357024DC8723BD5BF3E108EAD7E13831
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: E95092A14D1809C4E6112C55C29CB143
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: A28E684E0C71FAB2737465B574717C5A
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 5DB393CF40A7FEEF2160500A4518A557
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 59B51D02B298C8FF270DE4FFDB24EB63
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Frame ID: 3087085DE4C3CEFC1144783941A4C78F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Frame ID: E7615D2B108950A2EC0DC138DAE53D33
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Frame ID: D5C45A4B87E145D60A9F860172411655
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Frame ID: 52879B72CDFCA17BAC98B086F97CB549
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Frame ID: F8936ABBC8832B8D705747FD5A662765
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Frame ID: D21BE52FE069BDEFB66CB84D0937888C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/c935c1a7db325e43432d1c329359734?gdpr_consent=&gdpr=0
Frame ID: 882773B676B4B191247B1A6944E11F4E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/d9e4644cd1689f309df9c01a7e7ddb73?gdpr_consent=&gdpr=0
Frame ID: 1A800EE0BBFF1A8D841448EABBF9F7F1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
Frame ID: A1DE6EBE7FE76ECDE9BA13B371D8A470
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
Frame ID: BC2E2BBF43978BC5925467A902C247D6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
Frame ID: 336B07C487F0DF384790DCE09E62038E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/aff71cc6722b2e370c7c4e856133e?gdpr_consent=&gdpr=0
Frame ID: F6BC0A096CADE90C2B85D274244AA7EC
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 41D06FA4C661DFDC87C6ED5F1787322D
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 854F496309F25A219AAFA39C2FF92DE8
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 4A55AC54850DEF51FF189AEF5EF6A5A7
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: F05E7C68B330B3AE0975DC85C7220D21
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: CA8E3CAB84CD95CC60A58E53BDFFA53D
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: B04908F5416696753303527E9C2D8140
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 406D555B860A76BE6A093E8DDC566DFE
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 60D8531813BFC46A2918E5C307F9F78D
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 910F205BCDEE33D8397EAC2E04C5E0EA
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 59A9C55CB1C9E9EFE740D98386707213
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 50F4700DA3403838BB6CBF9B86F82E9F
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: 79C5B5A5B07FB1FF17A11F49C96F9A4B
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Frame ID: EDF6049B6D584BCF6F8961FD02034F6C
Requests: 6 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Frame ID: 7C1B4D981D7204C9C330546A4ED8D6AC
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Frame ID: BEBF623471A68DB8F653793606635718
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Frame ID: 0CA7D8DA1D527661E6791E5E56B0CF3F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Frame ID: D3AE635615145BF7014D24B33D2E4BB2
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Frame ID: 8E81D6976B954E704515C3CFDAD5DB8F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Frame ID: 594ECCA77E71EC07813305C8A4E93789
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 6348630FB94ABC03FE81E3F071D2A38B
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=227EFB13-0300-4E8A-A54E-65179FF0E58E
Frame ID: 4D1E0B8D383679DFA451475A2521924C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 65F19BA9520F0787E7BCC0DAB42982E8
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 10666213112606BBD751D7FA1A37821C
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=227EFB13-0300-4E8A-A54E-65179FF0E58E
Frame ID: 13D40FB5A38B8BDEDE16B341542B1D30
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Microsoft says it found malicious software in its systems - News | Khaleej Times

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

800
Requests

89 %
HTTPS

27 %
IPv6

133
Domains

231
Subdomains

170
IPs

19
Countries

9072 kB
Transfer

19052 kB
Size

161
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 121
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=khaleejtimes.com&sn=ChromeSyncframe&so=0&topUrl=www.khaleejtimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=gEBWWnxBUW9uR25yRVRUZHFRcW9oNU55WFNpMUNCV2MweU9kd3FFa0dtSzVvMks1ZkdaaUNkKzFrRkxWU1FwWlViZjdESW5KZmpGVGtpMXhtMFRTdW9YMG93c1FOOVB4RWZkR0lOSjdyY0puQlpTY1R5TS9GWDZGUFhSMDhuRVE0UlJWVEErbGJGS3hCUzF6Z002NTlCcUUzN2xQdUhGK1NzRDJnTHQxbzdSNmFJNkhERGc2dEQzOE9YMW1XQ0JzZzNhc2NxdE4vMTFna3FVT2RzNDV4Unp0Y0laL1lEOW1nQklDa3U0a2o0NktaUy9pT1YxRUplaGgyeGY1NnR6QjZJN1N6NTBaaUNhN1Q5VlVhK21FOFhFWnArSGRDMmtDMEY0NXBkK1RMclljQWs0TT18&cppv=2
Request Chain 327
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Request Chain 355
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 359
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2436496733646849807
Request Chain 362
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1684704289536 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=824123797 HTTP 302
  • https://sync.1rx.io/usersync/turn/7435423427955502766?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-71d0441c-488d-4c74-9981-98c0af1a5d92-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-71d0441c-488d-4c74-9981-98c0af1a5d92-003 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-71d0441c-488d-4c74-9981-98c0af1a5d92-003
Request Chain 364
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2436496733646849807
Request Chain 365
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2436496733646849807
Request Chain 366
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=cb8b4ec9-455e-4036-a028-b8109ceccf4e
Request Chain 383
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTVRFd1pUTTNObUV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMjAwMzg0MzU3ODU2NTEyOTMvNjYyMjM5My80NTYyMzEyLzEzL0t4ZjNoaHVPMGlYYTRpSDZoeVd6N0xLSkxmTVVwZy1xRFlsNS1VbHJzdzgvMS8xMy8wLzAvOTU2ODAzLzAvMjE2NTM2LzY1MTg3MS8xLzAvMC9NREF3TURBd01EQXRNREF3TUMwd01EQXdMVEF3TURBdE1EQXdNREF3TURBd01EQXcvMC8wLzAvMC8wLzQxMjAwMzg0MzU3ODU2NTEyOTMvYW1zLzAvNTcwLzQxLzk5OS8xNjIvMmEwMzoxYjIwOjY6ZjAwMDo6LzAuMDAwLzE2ODQ3MDQyODgvMTY4NDcxNjg4OC8xMy8xOTI5MTYxLw/TzxQ7vzElW3WBQANZKK3Eb5AN9c&nodeid=4013&group=cdg&auctionid=4120038435785651293&pbs_auctionid=4120038435785651293&shardkey=4120038435785651293&sid=4562312&cid=6622393&bp=a_agiica&min_bid_win=${AUCTION_MIN_TO_WIN}&nfy_act=LD5wew&bfip=185.29.135.143&type=imp&client=c2s HTTP 302
  • https://tags.mathtag.com/ck-confirm?bid_id=4120038435785651293&node_id=4013&exch_id=13
Request Chain 393
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D25db92053c080c79%26uid%3D%5BUID%5D HTTP 302
  • https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=25db92053c080c79&uid=b4a77657-9fae-48df-962b-3e6b29bb7c16
Request Chain 395
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D25db92053c080c79%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=25db92053c080c79&uid=2436496733646849807
Request Chain 396
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D25db92053c080c79%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=25db92053c080c79&uid=ua-45d8e49a-f512-37ba-96df-f6d180718235
Request Chain 400
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 401
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
Request Chain 418
  • https://hal90005.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=f98e71f86b&subid=&uid=cd6e10bfdd9eb145&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4120038435785651293%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ancestorOrigins=https%3A%2F%2Fwww.khaleejtimes.com%2Chttps%3A%2F%2Fwww.khaleejtimes.com&random=2607334094740&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90005.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=f98e71f86b&subid=&uid=cd6e10bfdd9eb145&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4120038435785651293%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ancestorOrigins=https%3A%2F%2Fwww.khaleejtimes.com%2Chttps%3A%2F%2Fwww.khaleejtimes.com&random=2607334094740&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 423
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=JZDFbgINDlnL4b3EFNuO&pi=admatic&tc=1
Request Chain 426
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=643771586a11b1af
Request Chain 429
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=3607a55c-0d68-4607-a60c-08adbb8446e7&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Request Chain 435
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=72995de4-ae21-4bba-a0c1-fef04bfcbddc&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 436
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f432d651-438d-4a12-488a-5d0bab32aa0a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f432d651-438d-4a12-488a-5d0bab32aa0a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=78074799062161329934217329638359355741&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Request Chain 438
  • https://bn01.er.bemail.it/zeotap.php?_bid=f432d651-438d-4a12-488a-5d0bab32aa0a&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023052123-30700-0.850364001684704289-1b47aac5c7ecd94c2a70b8c80bd70d6d&zdid=533&env=mWeb
Request Chain 439
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7235749824706050196&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Request Chain 440
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=f432d651-438d-4a12-488a-5d0bab32aa0a HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f432d651-438d-4a12-488a-5d0bab32aa0a
Request Chain 441
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f432d651-438d-4a12-488a-5d0bab32aa0a&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f432d651-438d-4a12-488a-5d0bab32aa0a&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361&bounce=1&random=4173271630 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=ugt9GWzEfU0HBqIJf0HDee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Request Chain 443
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f432d651-438d-4a12-488a-5d0bab32aa0a?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Request Chain 444
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
Request Chain 445
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CZnoZ%2BZikE7UAKqThdVI4MRQU5aHTKyN%2BS41iYitP1U%3D
Request Chain 449
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361&_test=ZGqMIgALyP6p8gBL HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZGqMIgALyP6p8gBL&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Request Chain 450
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=4dce646a-8c21-4700-bc3b-6d10e335bd91&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Request Chain 451
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=PkYDmSyN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=f432d651-438d-4a12-488a-5d0bab32aa0a
Request Chain 452
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f432d651-438d-4a12-488a-5d0bab32aa0a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f432d651-438d-4a12-488a-5d0bab32aa0a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361&dcc=t
Request Chain 454
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361&puid=eb317360-f81d-11ed-8f69-d1554a111ef4
Request Chain 455
  • https://pixel.rubiconproject.com/token?pid=41544&puid=f432d651-438d-4a12-488a-5d0bab32aa0a&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LHXXFOBQ-28-MCUH&env=mWeb&zpartnerid=1770&gdpr=1
Request Chain 456
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=f432d651-438d-4a12-488a-5d0bab32aa0a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26gdpr%3D1%26gdpr_consent%3D%7Bconsent_string%7D%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Request Chain 462
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZGqMIafnr1JaVOFSog4XFwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFlrA4vWfo8IdVcz6eZ_8ww&google_cver=1
Request Chain 464
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGqMIafnr1JaVOFSog4XFwAACJkAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPwFbIaafzhQ-qNQQRMZDsM&google_cver=1
Request Chain 465
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGqMIafnr1JaVOFSog4XFwAACJkAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGqMIafnr1JaVOFSog4XFwAACJkAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 466
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZGqMIafnr1JaVOFSog4XFwAA%262201&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=c9f31d2d-fedb-4cd1-9b9d-4f4d8d58bef6-tuctb6411a1
Request Chain 467
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3826047752475214887&expiration=1685913889
Request Chain 468
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=214002DBEB96486A800EB4C15C0CF2EC
Request Chain 469
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Qc9XfE-YUyxamFQuRJpMfkOfUXlay1kpQss_20Zp
Request Chain 471
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTQ1Y2I5NzkyOThlNzc0ZWY4ZDNjZTE2M2U2MTU3YmU5NDRkZjU0MQ&us_privacy=1---
Request Chain 472
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEETdKFEIAmKh_YKca4bnrro&google_cver=1
Request Chain 474
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Vh8bC1ZdQAaJr-F7QJIcTg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Vh8bC1ZdQAaJr-F7QJIcTg
Request Chain 475
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHXXFOBQ-28-MCUH&us_privacy=1---
Request Chain 476
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhYWEZPQlEtMjgtTUNVSA==&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJlIbqP_Ezzv495IgCh5CjE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhYWEZPQlEtMjgtTUNVSA==&google_push=
Request Chain 477
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=JNSe4Hu6Tky_wvZ6_AH8Dw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=JNSe4Hu6Tky_wvZ6_AH8Dw
Request Chain 478
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5zIMxTt6l3Cyi2-mrzd3fsn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eS2srIJE2oKYh2DfDNFV.3SjDnBS4O8qSVjIng--~A
Request Chain 482
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELeMhgop7sH_P2QALzQcePc&google_cver=1&google_push=ATf1kGP3LdB5wvqUbkdvPtbe1UzX0e6Zc5DAdb2eW64887xS3A5XoU8bw-Kivx9YqDI-8zpLdAQmMqebRDr-D-EZf84dlFC3FEk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP3LdB5wvqUbkdvPtbe1UzX0e6Zc5DAdb2eW64887xS3A5XoU8bw-Kivx9YqDI-8zpLdAQmMqebRDr-D-EZf84dlFC3FEk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELeMhgop7sH_P2QALzQcePc&google_cver=1&google_push=ATf1kGP3LdB5wvqUbkdvPtbe1UzX0e6Zc5DAdb2eW64887xS3A5XoU8bw-Kivx9YqDI-8zpLdAQmMqebRDr-D-EZf84dlFC3FEk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP3LdB5wvqUbkdvPtbe1UzX0e6Zc5DAdb2eW64887xS3A5XoU8bw-Kivx9YqDI-8zpLdAQmMqebRDr-D-EZf84dlFC3FEk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 483
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBnGJyBHVz0vvcfStF4Cf0U&google_cver=1&google_push=ATf1kGOFj7Wa1B1Z-xb5hEToSCJkK8DQFRn_Np5PRSnF63G7qVm4v1V2vAc1IwmDR37WenK1WyUCW6tqyR8gwiRXzRsUdrCPtTs HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xKUCIZfGSV2tHUtTTcAaVQ2&google_push=ATf1kGOFj7Wa1B1Z-xb5hEToSCJkK8DQFRn_Np5PRSnF63G7qVm4v1V2vAc1IwmDR37WenK1WyUCW6tqyR8gwiRXzRsUdrCPtTs
Request Chain 484
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&google_gid=CAESEEmADbSe3IiaPRDk9V_VmKc&google_cver=1&google_push=ATf1kGOynh3r5HgpmbpaoAAjjULKEO3QkDf6CBofDWC20ztPmOPzTovzkkOja390rRgODn5zoscBeppCHcAVagyr_a4N9ZDw9w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-GtTerFplICB2eHOKNSZmSewl32wvq81k5PPbiw&google_push=PUSH_DATA HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Request Chain 486
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGU0Eyg6ulD1MFBsI_6lEGw&google_cver=1&google_push=ATf1kGNjAlIxFRd6hl2_p1boozuRM5PoWnCegnmnhnAW3u0Gr4N58RVJ0u6DskgfJ4TDQFk26c2knPtCiKIrwhvgTqcVPb-P6Qg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNjAlIxFRd6hl2_p1boozuRM5PoWnCegnmnhnAW3u0Gr4N58RVJ0u6DskgfJ4TDQFk26c2knPtCiKIrwhvgTqcVPb-P6Qg HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 487
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELNTKECd0iRDVpNBVPI84Eg&google_cver=1&google_push=ATf1kGOQFwcwMEZnZodpLW8ZMBFUm9NADGWMjESgZ4mseF0lo4jiLohbXc4EGh3fYHBO07IWe5o2eaad40UAj1ebDDCUxXk-apOK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGOQFwcwMEZnZodpLW8ZMBFUm9NADGWMjESgZ4mseF0lo4jiLohbXc4EGh3fYHBO07IWe5o2eaad40UAj1ebDDCUxXk-apOK HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 488
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJhrusEXJfzitoydCbw3-Nk&google_cver=1&google_push=ATf1kGOJMW2LXo43X9l64VbzEhPuAtLZAj5okzZylJ3tVfrSZJ1i4ecb4ceXWh6z71JUGymeh8RixsZe3XRJRNwRukU8JMPE64-G HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJhrusEXJfzitoydCbw3-Nk&google_cver=1&google_push=ATf1kGOJMW2LXo43X9l64VbzEhPuAtLZAj5okzZylJ3tVfrSZJ1i4ecb4ceXWh6z71JUGymeh8RixsZe3XRJRNwRukU8JMPE64-G HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&%%GOOGLE_PUSH_PAIR%%
Request Chain 493
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=-1&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4dce646a-8c21-4700-bc3b-6d10e335bd91&gdpr=-1&gdpr_consent=
Request Chain 494
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D-1%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588524873530900
Request Chain 495
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=-1&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=
Request Chain 496
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=6036709849711314043
Request Chain 499
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=In77EwMAToqlTmUXn_Dljg%3D%3D&gdpr=-1&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=-1&gdpr_consent=
Request Chain 501
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=-1&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=-1&gdpr_consent=&bounce=1&random=2441904610 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=227EFB13-0300-4E8A-A54E-65179FF0E58E
Request Chain 502
  • https://a.audrte.com/match?gdpr=-1&gdpr_consent=&p=M1717054901&uid=227EFB13-0300-4E8A-A54E-65179FF0E58E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aGEyU3U0NDY3Z0hTSlN3am12OTAtdzl2UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3743094787952999567&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 503
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjI3RUZCMTMtMDMwMC00RThBLUE1NEUtNjUxNzlGRjBFNThF&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
Request Chain 504
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=CAESELTnZlzusHko7Y3kVtljyK8&google_cver=1
Request Chain 506
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=&piggybackCookie=3743094787952999567
Request Chain 513
  • https://www.awin1.com/cshow.php?s=3004312&v=11842&q=424689&r=296283&pref1=38088700128374800951427012331005&pv=1 HTTP 302
  • https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Request Chain 556
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=k6NJ3530TY-I9EqNlvZS3ZHzT9qIp0eKkKe5aQsB
Request Chain 557
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2436496733646849807&gdpr=0&gdpr_consent=
Request Chain 558
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7235749824706050196&gdpr=0&gdpr_consent=
Request Chain 560
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDWWVFN0kxUmdBQUItNUdjNjREdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACYeE7I1RgAAB-5Gc64Dw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7681514413390398551&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACYeE7I1RgAAB-5Gc64Dw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7681514413390398551%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7681514413390398551&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACYeE7I1RgAAB-5Gc64Dw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACYeE7I1RgAAB-5Gc64Dw&gdpr=0&gdpr_consent=
Request Chain 561
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pFSVi-rqWzFhSoaoUjFz6rnVm60&gdpr=0&gdpr_consent=
Request Chain 563
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 566
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=227EFB13-0300-4E8A-A54E-65179FF0E58E&gdpr=0&gdpr_consent=
Request Chain 568
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1qemlcnb07vw
Request Chain 569
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=41b420c4d09502a1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253D9y7pfzHtWbhWXajWQaRVaXgb%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D9y7pfzHtWbhWXajWQaRVaXgb%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9y7pfzHtWbhWXajWQaRVaXgb&gdpr=0&gdpr_consent=
Request Chain 571
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5894146621
Request Chain 572
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:214002DBEB96486A800EB4C15C0CF2EC&gdpr=0&gdpr_consent=
Request Chain 575
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=227EFB13-0300-4E8A-A54E-65179FF0E58E&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=227EFB13-0300-4E8A-A54E-65179FF0E58E&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 576
  • https://pixel.onaudience.com/?partner=214&mapped=227EFB13-0300-4E8A-A54E-65179FF0E58E&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 579
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_5e613b7e-092c-4995-9532-b79d840f4c93&bsw_param=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 582
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2436496733646849807
Request Chain 583
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7435423427955502766&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 584
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c2506c40-e6fc-457f-a1bd-710d19cdf3a1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 624
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D0bc226ec-00c9-4392-8f4c-1f7a26a8640e&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=4dce646a-8c21-4700-bc3b-6d10e335bd91&expires=30&ssp=between&bsw_param=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&gdpr=&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
Request Chain 625
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=xLEZUR6J6Jg.AikABlGIQDN01g
Request Chain 639
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=068c319a644dcf8f49620c02b133461608e3497c2a250dec18a459f192666475
Request Chain 652
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 653
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 654
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 655
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 656
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 657
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Request Chain 658
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=0bc226ec-00c9-4392-8f4c-1f7a26a8640e HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=0bc226ec-00c9-4392-8f4c-1f7a26a8640e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=c3419085-38d9-44fe-a469-0f6b8b9ee694&user_group=1&ssp=between&bsw_param=0bc226ec-00c9-4392-8f4c-1f7a26a8640e HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
Request Chain 659
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8607225507
Request Chain 660
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8702170863
Request Chain 661
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6880188574
Request Chain 662
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3568982113
Request Chain 663
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5711190541
Request Chain 664
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4010052887
Request Chain 665
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Request Chain 666
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Request Chain 667
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Request Chain 668
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Request Chain 669
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Request Chain 670
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Request Chain 677
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Request Chain 678
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Request Chain 679
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Request Chain 680
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Request Chain 681
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Request Chain 682
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Request Chain 683
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/c935c1a7db325e43432d1c329359734?gdpr_consent=&gdpr=0
Request Chain 684
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/d9e4644cd1689f309df9c01a7e7ddb73?gdpr_consent=&gdpr=0
Request Chain 685
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
Request Chain 686
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
Request Chain 687
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
Request Chain 688
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/aff71cc6722b2e370c7c4e856133e?gdpr_consent=&gdpr=0
Request Chain 702
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZGqMIafnr1JaVOFSog4XFwAA%262201
Request Chain 703
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Request Chain 704
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Request Chain 705
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Request Chain 706
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Request Chain 707
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Request Chain 709
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Request Chain 713
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARimmKqjBqIBEO4JxPz4HRHtocQAJZDIJDc* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=ee09c4fc-f81d-11ed-a1c4-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=ee09c4fc-f81d-11ed-a1c4-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=8Ric515DVCyrfg%2Bl%2FYWApQ& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/ee09c4fc-f81d-11ed-a1c4-002590c82437 HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/ee09c4fc-f81d-11ed-a1c4-002590c82437?redir-setuniq=1
Request Chain 715
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=3743094787952999567
Request Chain 718
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 721
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/950092 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/950092
Request Chain 723
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=215e4620-cedb-528e-a1f0-42f0c59aced0&expires=60 HTTP 302
  • https://sync.adkernel.com/user-sync?dsp=336050&t=image&uid=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
Request Chain 725
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf HTTP 303
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=3743094787952999567&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
Request Chain 726
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=cb8b4ec9-455e-4036-a028-b8109ceccf4e&vid=a6f37f0123013099a595be2217fc435a&dspid=openx

800 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request microsoft-says-it-found-malicious-software-in-its-systems
www.khaleejtimes.com/technology/ 		164 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
8ff6d5296b4dc804338b03bd16513a52fd290819e810d9661b00a6f5b8206e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=60, public
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:46 GMT
link
<https://www.khaleejtimes.com/wp-json/>; rel="https://api.w.org/" <https://www.khaleejtimes.com/?p=137997>; rel=shortlink
refresh
600;URL=?_refresh=true
server
imio
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-cf-id
xJEUBZatusLgxMu3rI1meoVGVPXO80xSfdQlkmt-lh-1Q0zBeWrwqg==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-cdn
Imperva
x-iinfo
6-35838214-35838217 NNNN CT(1 4 0) RT(1684704285438 15) q(0 0 0 0) r(0 12) U24
bootstrap.min.css
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/bootstrap/ 		157 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/bootstrap/bootstrap.min.css
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
3cb5b7ae5053d743996378c35733560214d3d896ade5c0de0d8b13a97f43039e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 11:03:30 GMT
content-encoding
gzip
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
2283676
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838261 NNNN CT(4 4 0) RT(1684704285438 1231) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 19 Apr 2023 08:09:44 GMT
server
imio
etag
W/"643fa1c8-2725b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
7t94E0jYUKU3szIJldnKiwTJByZlQKAE_lZj9RyxCHt9efb9KXQZVg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
fonts.css
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
7c4514ee1b4d1222477d7f5310c0f048f14407d40fb76379f8dc71f46061b4d8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 02:53:53 GMT
content-encoding
gzip
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
1967453
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838263 NNNN CT(2 5 0) RT(1684704285438 1234) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 28 Apr 2023 05:57:27 GMT
server
imio
etag
W/"644b6047-28cb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
qfmd2mCup41sY03SFxcXTWGphwxqaK9aFJJ66QDHD2ZnwCWLskCeyA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
style-2-18-2021.css
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/ 		204 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/style-2-18-2021.css?v=1.8.6
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
6a08c41bdde65acc280ba9a11728b159b413ff8eb8c0d1d055c0569148b6b2a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 18:57:10 GMT
content-encoding
gzip
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
1996056
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838265 NNNN CT(3 4 0) RT(1684704285438 1237) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 28 Apr 2023 05:57:27 GMT
server
imio
etag
W/"644b6047-32fb0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
8SLcgHxmN6NO1cXBOeL2N9OTDiTsFKjZUYroa-KX9ooENmcFiTpgTg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
style-2-18-2021-custom.css
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/style-2-18-2021-custom.css?v=1.6.2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
fb3149acc1a470e383c61bd190d7bf4035b374715887d3be2776a5b13cd9cd88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 02:53:53 GMT
content-encoding
gzip
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
1967453
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838267 NNNY CT(2 2 0) RT(1684704285438 1238) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 28 Apr 2023 05:57:27 GMT
server
imio
etag
W/"644b6047-192a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
TpvBp-jJoQpXC2tTOYEAGGk_Zg9MU5KsKFaHI_y7syC7W6-OMwQryQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
all.min.css
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fa/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fa/all.min.css
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 08:26:47 GMT
content-encoding
gzip
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
2811479
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838269 NNNY CT(2 4 0) RT(1684704285438 1240) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 19 Apr 2023 08:09:44 GMT
server
imio
etag
W/"643fa1c8-e7d0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
CL1cK104FGpy4d4xSBFH8BbHb-vC3fQJ5KIN2oZUilDmXqwHpCyyVw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
xdLocalStorage.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scripts/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scripts/xdLocalStorage.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
218fa52eecc6f4bdc7fb2cf552d03e927747080b7a3618268efca457d8d65f5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 19:40:30 GMT
content-encoding
gzip
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
92656
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838217 PNNN RT(1684704285438 1324) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 19 May 2023 16:07:33 GMT
server
imio
etag
W/"64679ec5-1040"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
FF6UpzVj4s9_kA-zvHlqotZPQDuc2o0F4s_oDtv4DYHU3x30Dk3TMg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
xd-utils.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scripts/services/ 		406 B
496 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scripts/services/xd-utils.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
f9773eb5c89a03f79cd489b64a2950d9cc28ec6e967685c2778a1c1b3bc7bca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 07:19:09 GMT
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
50737
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838267 PNYy RT(1684704285438 1325) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 19 May 2023 16:07:33 GMT
server
imio
etag
"64679ec5-196"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
PWRbxIKK4_WeosGKQYVlHTw97n9QWAfK45ztnGFDPNNttCamNGS9fg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
device.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scripts/services/ 		1 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scripts/services/device.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
7baf7cf2143a1207d050c9703c84f21c569532124537094951ba10c77f1527c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 08:46:38 GMT
content-encoding
gzip
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
1946288
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838269 PNNy RT(1684704285438 1327) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 28 Apr 2023 05:57:28 GMT
server
imio
etag
W/"644b6048-556"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
b_Lkh0jrRcbFzIyOuJ25pgZyilOba4dt9WNBkxLsKIPt0zda_gWGEQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
prayer_script.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		6 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/prayer_script.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
7cb60ba2dca27f07f3a69364b2f08081e9c4be2daff3989c945a2bdd7c84df6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 05 Apr 2023 05:06:59 GMT
content-encoding
gzip
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
4033067
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838267 PNNy RT(1684704285438 1241) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 05 Apr 2023 04:59:20 GMT
server
imio
etag
W/"642d0028-19d4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
uW01-YywacdQXt3qk5OjhVW1tjCkbGxbJk9ClSDjmMO4uVfiqlxo1Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-3.6.0.min.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/jquery-3.6.0.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 21:11:50 GMT
content-encoding
gzip
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
13306376
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838269 PNNy RT(1684704285438 1243) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 16 Dec 2022 09:46:58 GMT
server
imio
etag
W/"639c3e92-15d9d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
SO1lxlb3IDb6vQziIuUVkUOB3Oipnmw8Y3fHMui32byfgy20lKzCoQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
smartechclient.js
cdnt.netcoresmartech.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnt.netcoresmartech.com/smartechclient.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06d1b3964e194f89543606f078e05c53d6b15e4dd2ba177b03c2d01fc3485012

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:46 GMT
content-encoding
gzip
last-modified
Wed, 25 Jan 2023 16:31:56 GMT
server
AmazonS3
x-amz-request-id
B9GB74TKS2K97BHR
etag
"04ad8e816f76434405b913fe1b6f1a9f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=246183
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467973_34831764_282527402_11_590_5_0";dur=1
accept-ranges
bytes
content-length
990
x-amz-id-2
QVKIootpbrYdLRZOeA7/K2qdTQsV+N+7wOlrMbBOB+eKvOjJNdnw96M7Ftn+8amgez5m2aLSyaw=
expires
Wed, 24 May 2023 17:47:49 GMT
swiper-bundle.min.css
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/swiper-bundle.min.css
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
1deed0f64c455d72ee8dc287ab7c57babec224e5da09332343fcbe1e49d74c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 23:29:18 GMT
content-encoding
gzip
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
2325328
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838217 PNNN RT(1684704285438 1290) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 19 Apr 2023 08:09:44 GMT
server
imio
etag
W/"643fa1c8-3660"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000
x-amz-cf-id
r7w_aCQAskyvDZoP0IQTe5rnCk0jkTkXuPyoo5gY92ZIWUZtOVdI1w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
prodprebidheader-107957.js
rtbcdn.andbeyond.media/ 		593 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.andbeyond.media/prodprebidheader-107957.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
6145c3f2f37fd6ce0582974bb1428eb8641921e188060367a08ae218865097cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:47 GMT
Content-Encoding
gzip
Last-Modified
Sun, 21 May 2023 15:12:13 GMT
ETag
"1684681933"
X-HW
1684704287.dop146.am5.t,1684704287.cds307.am5.shn,1684704287.dop146.am5.t,1684704287.cds315.am5.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2903
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
16944
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b4ac5140df0933d993e169cc4cf9d80288628af1e78d4c4eba13d951074194e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25325
x-xss-protection
0
server
cafe
etag
771 / 19498 / m202305150101 / config-hash: 12351717780372853951
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 21 May 2023 21:24:47 GMT
khaleej-times-logo.svg
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/images/khaleej-times-logo.svg
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
3ba702043ac26644d0046b531417c7dfd1651410568f0169b896d47445391676
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 09:30:39 GMT
content-encoding
gzip
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
4449247
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838217 PNNN RT(1684704285438 1330) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 31 Mar 2023 05:15:27 GMT
server
imio
etag
W/"64266c6f-16c3"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
x-amz-cf-id
pZnFN2L8tfQjzumpceHJeZPtB4yLrj4id7J5zNZY-hvG5YFB0h5YGw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
masjid-small-nf.svg
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/images/masjid-small-nf.svg
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
1215453532c8277607195fd7583b94417cf70354434f243aae86fec1ec275046
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 12 May 2023 02:40:49 GMT
content-encoding
gzip
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
845037
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838269 PNNy RT(1684704285438 1332) q(0 0 0 -1) r(0 0) U24
last-modified
Tue, 09 May 2023 07:57:20 GMT
server
imio
etag
W/"6459fce0-aa1"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
x-amz-cf-id
EbOmpxzbJOHFciDjwzyDgYTmEFb8NrvRPSiXtsesgJjtC5SQeR5G9w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
masjid-small-hover-nf.svg
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/images/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/images/masjid-small-hover-nf.svg
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
b456bc8a4c5bcd3530b11f6c0c7a768275e7576fa357bba54dbe52d997c9cc07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 10 May 2023 23:33:17 GMT
content-encoding
gzip
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
942689
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838261 PNNN RT(1684704285438 1333) q(0 0 0 -1) r(0 0) U24
last-modified
Tue, 09 May 2023 07:57:20 GMT
server
imio
etag
W/"6459fce0-ac4"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=315360000
x-amz-cf-id
1EY-29b10wXcdapCaYY9G89UTHlpVRQIwC_SWXvlTsrNr6ZwAvPkDA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
image.khaleejtimes.com/ 		97 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.khaleejtimes.com/?uuid=2f9d37be-b15e-5b80-8cfb-f79067b050c4&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.8521&x=0&y=0&width=1500&height=844
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.226.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-226-23.bcn50.r.cloudfront.net
Software
nginx /
Resource Hash
aa43a53b8356156377ad8f6805d9724793592b9f69b232a68449db95f122002a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
public
date
Sun, 21 May 2023 11:04:53 GMT
via
1.1 e409c264b1c6b5f19b464ccd27f6f0f4.cloudfront.net (CloudFront)
last-modified
Sun, 21 May 2023 11:04:53 +0000
server
nginx
x-amz-cf-pop
BCN50-P2
age
37194
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
aZBow-aItRNvZCbUqsS3407AlTVX_eeeZjg8gVJ_vKu6ENiaWjRX4w==
expires
Fri, 17 Nov 2023 11:04:53 GMT
prod-global-537953.js
rtbcdn.andbeyond.media/ 		699 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.andbeyond.media/prod-global-537953.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
fe3c3b1171caf3a6409c5ba815652abc11e28c83e363c40adfa2dcccb2c1b08c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:47 GMT
Content-Encoding
gzip
Last-Modified
Sun, 21 May 2023 15:13:33 GMT
ETag
"1684682013"
X-HW
1684704287.dop236.am5.t,1684704287.cds323.am5.shn,1684704287.dop236.am5.t,1684704287.cds011.am5.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2949
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
39736
platform.js
cdn.vuukle.com/ 		211 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/platform.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce359e122e7f286581b95cb9254d522cf283970d06196fb69c8a1b844fb8d0d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
cf-cache-status
HIT
age
204632
cf-polished
origSize=216041
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 19 May 2023 12:32:30 GMT
server
cloudflare
etag
W/"64676c5e-34be9"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=1800
cf-ray
7cafe361b86e39ca-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
vod.js
app.playstream.media/js/ 		0
0
intersection-observer.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/intersection-observer.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
5da1b7de6689ca5f3bd142b9810450d30f13ff29781ae85e91dc34603762d34c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 12:58:40 GMT
content-encoding
gzip
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
10311966
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838217 PNNN RT(1684704285438 1307) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 20 Jan 2023 06:01:21 GMT
server
imio
etag
W/"63ca2e31-1b4f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
z0mU7tQ6OzViS2piQQAVbnFhaUjPJ11PRWNLXt36gadsL5SVWGlHsA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
lazyload.min.js
cdn.jsdelivr.net/npm/vanilla-lazyload@17.4.0/dist/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vanilla-lazyload@17.4.0/dist/lazyload.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
52e933f3e16543bf2d538de2c76a0a0dc2bce2c269298cee53c5f0790d43694d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 May 2023 21:24:47 GMT
x-content-type-options
nosniff
content-encoding
br
age
1686295
x-jsd-version
17.4.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2821
x-served-by
cache-fra-eddf8230083-FRA
x-jsd-version-type
version
etag
W/"1d99-sBjYQg767ak4wapTiZ59CfMr0g0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.validate.min.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/form-validation/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/form-validation/jquery.validate.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 11 May 2023 07:45:52 GMT
content-encoding
gzip
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
913134
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838217 PNNN RT(1684704285438 1312) q(0 0 0 -1) r(0 0) U24
last-modified
Tue, 09 May 2023 07:57:20 GMT
server
imio
etag
W/"6459fce0-5f30"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
ShB3itqokbDV4oSFYM8lKMTE3KzrhRQ-dCiosUP44_dtg9aHiYN2aw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
formfunction.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/form-validation/ 		847 B
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/form-validation/formfunction.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
48b8498b15716ab0b4ca2b3e6b7a8acc89b3eeb3f6058c45d9fd43329b7a8af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 11:35:46 GMT
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
294540
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838269 PNYy RT(1684704285438 1313) q(0 0 0 -1) r(0 0) U24
last-modified
Tue, 16 May 2023 18:21:27 GMT
server
imio
etag
"6463c9a7-34f"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
Y9YAyXBpOsvWOoWrXeemtwIuRB9FbeD58Nxwy_rMRQ8NU52oa4O6JA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/main.js?7222022
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
bb72cf9c29ae62c1145975ceebd315a18bc83fccb4e39adbfc44bc71e28efe55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 08:26:47 GMT
content-encoding
gzip
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
2811479
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838265 PNNN RT(1684704285438 1314) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 19 Apr 2023 08:09:44 GMT
server
imio
etag
W/"643fa1c8-24b1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
8DdzLiy0YI0xka_RCW3QV1wtxCGBdIMbOV4qV4te7vGfciNw5Gn_aw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
bootstrap.min.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/bootstrap/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/bootstrap/bootstrap.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
ea107fb35814d42810150e6cf3fd033292e4b043068cde833d583608288ae6bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:48:35 GMT
content-encoding
gzip
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
2306171
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838263 PNNN RT(1684704285438 1315) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 19 Apr 2023 08:09:44 GMT
server
imio
etag
W/"643fa1c8-f6df"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
Ua0ic5PxK4tAmDsmgLFKkh6EyIGFWQDpTcw5G2FAenu-Fkotnf7RzA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
countdown.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		1 KB
714 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/countdown.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
dee87b4a75183197a54a48a0a995f89e2e44ae20f33b2e2d245c2a3deefcda03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 04:48:35 GMT
content-encoding
gzip
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
2306171
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838261 PNNN RT(1684704285438 1316) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 19 Apr 2023 08:09:44 GMT
server
imio
etag
W/"643fa1c8-5dc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
_aaNt0RZa9pLliHeUGMduG8Lx3KXVJljOGuKTVix2sRGDKhTTlD4-Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
ScrollTrigger.min.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ScrollTrigger.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
94c9f2122880fde270b44d4bba545263bc7def5525addea1eed2a90311e4c10f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 21:14:38 GMT
content-encoding
gzip
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
173408
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838269 PNNy RT(1684704285438 1318) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 19 May 2023 16:07:33 GMT
server
imio
etag
W/"64679ec5-3180"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
Vf3cILipPUWiz9mnJweL3aFo-1FjPBKbO5RLwwgEXjnH_YfM0AJFaQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
swiper-bundle.min.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/swiper-bundle.min.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
54f1223587f76b8ec455590fb65770a1b2e1c4a03cf06c376662c87d622950ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:58:48 GMT
content-encoding
gzip
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
2255158
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838263 PNNN RT(1684704285438 1321) q(0 0 0 -1) r(0 0) U24
last-modified
Wed, 19 Apr 2023 08:09:44 GMT
server
imio
etag
W/"643fa1c8-223f0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
GonVWaSpfR4Z2glQFsOQjp3RLwh6ETudG3KP5A_nM5PeqeK5MhYz6g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
article.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/article.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
0f415a865638ea539dda8b006a7d0a66cd015d3ef230d3f291ce5be917ced7ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 02:53:53 GMT
content-encoding
gzip
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
1967453
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838269 PNNy RT(1684704285438 1323) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 28 Apr 2023 05:57:28 GMT
server
imio
etag
W/"644b6048-117d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
n_KcsTbpRUPoyDgBdX4KVp63lSpZyAyE6N_AS2oc33JzG8mdOfdNtg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
scroll-load-more.js
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/scroll-load-more.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
1f3f3c7a291fd5b55f7c2c28d69447c45bfd2d3854f83d619914a4362f925344
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 02:53:53 GMT
content-encoding
gzip
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
1967453
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838265 PNNN RT(1684704285438 1323) q(0 0 0 -1) r(0 0) U24
last-modified
Fri, 28 Apr 2023 05:57:28 GMT
server
imio
etag
W/"644b6048-1163"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-id
FG8UFfI5nsgdIZLgiQcg9Hs3afxi6hk-PTCL6Qpz5OT8c_jf1owWTQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
_Incapsula_Resource
www.khaleejtimes.com/ 		130 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1133503120
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
/
Resource Hash
1d8dc4cd22c0f8597011b86b15694f0d6c6d593526934116305ea0587f328954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
18796
content-type
application/javascript
js-versioning
osjs.netcoresmartech.com/v1/ 		230 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&siteid=cdf05e30364b953ee8f1b09e48d0473e&rc=s
Requested by
Host: cdnt.netcoresmartech.com
URL: https://cdnt.netcoresmartech.com/smartechclient.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.202.104 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-202-104.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
266795985aff5653c2b183ca7d74dfe729870a4c3703eee99ea0b0429fa3ab2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
gzip
last-modified
Fri, 19 May 2023 05:38:33 GMT
x-amzn-requestid
f64cbb5f-898d-49ec-9fde-261d2ec25778
x-amzn-trace-id
Root=1-64670b89-05c029c01d1caac83dc04268;Sampled=0;lineage=8d157353:0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=375251
content-disposition
inline; filename=smartech-sdk.js
server-timing
cdn-cache; desc=HIT, edge; dur=46, ak_p; desc="467973_34654820_110770233_4622_719_5_0";dur=1
x-amz-apigw-id
FJ69kF3PhcwFmYg=
content-length
69121
afph.js
adgebra.co.in/afph/ 		677 B
845 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/afph/afph.js?p1=5823&p2=&p3=0
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
599f45a18de02b55e6232b832d95ff9c82089aad4c4cc155f653e59e9a84dc85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
via
1.1 google
last-modified
Mon, 09 Jan 2023 16:39:10 GMT
accept-ranges
bytes
content-length
677
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/javascript
utag.js
tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/ 		95 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2117:9200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db824f39669af4e202874506b9aaffc7203367b927a0e8ad01d79f14be5877c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
HdlCSim34QkF3_xJIFFJkKQU5UMGa12x
content-encoding
br
via
1.1 3f9306979b5980e4ed5b4d76ee3eeb8a.cloudfront.net (CloudFront)
date
Sun, 21 May 2023 21:23:28 GMT
last-modified
Fri, 19 May 2023 04:07:43 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C1
age
92
x-amz-server-side-encryption
AES256
etag
W/"96730a5c30a7f6ade744d7ca1f461ec0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
U3eCuAtJb0ZO3LbPfahgA3zqQE7SvuV3vOrSqfvdWfyum5-WqDbTtA==
889ab751-64e1-48d1-b311-5e03be70a349
io.jogo.studio/render/ Frame 1F1C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Next.js
Resource Hash
66995f751bc32c701e5a0959c05ad928020d0d2ce1c3fd1a21470c129052cfdf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 21 May 2023 21:24:47 GMT
server
Vercel
strict-transport-security
max-age=63072000
x-matched-path
/render/[id]
x-powered-by
Next.js
x-vercel-cache
MISS
x-vercel-id
fra1::iad1::244kl-1684704286999-db7e857cc963
fa-solid-900.woff2
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/webfonts/fa-solid-900.woff2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fa/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fa/all.min.css
Origin
https://www.khaleejtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 02:53:53 GMT
via
1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
1967453
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838267 PNNy RT(1684704285438 1339) q(0 0 0 -1) r(0 0) U24
content-length
80300
last-modified
Fri, 28 Apr 2023 05:57:28 GMT
server
imio
etag
"644b6048-139ac"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
N-7a-KnbP5SLgE45MpZxcAqzxZGlTKaajL7uEngf7IDgKLC1kHCTGA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proximanova-regular-webfont.woff2
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/proxima-regular/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/proxima-regular/proximanova-regular-webfont.woff2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
c2ad3b2ad1c100ebb196165df8a0bfad3941024d991dcbef5c92437283e17b57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Origin
https://www.khaleejtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:26:07 GMT
via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
241118
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838261 PNNN RT(1684704285438 1341) q(0 0 0 -1) r(0 0) U24
content-length
19964
last-modified
Thu, 18 May 2023 12:15:18 GMT
server
imio
etag
"646616d6-4dfc"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
b968hQAyFuHmwxYLNd0zFB8yuWqZnCym4hUj-QFbz4BBPQBQDLI5fQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
proxima-nova-bold-webfont.woff2
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/proxima-bold/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/proxima-bold/proxima-nova-bold-webfont.woff2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
cc3513d258074fbe7209d263fe3acdd0a05ed0bee513af79907f6f4e00b8074e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Origin
https://www.khaleejtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 14 May 2023 01:36:15 GMT
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
676111
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838217 PNNN RT(1684704285438 1342) q(0 0 0 -1) r(0 0) U24
content-length
20500
last-modified
Sat, 13 May 2023 07:40:11 GMT
server
imio
etag
"645f3edb-5014"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
6o2Q_xiz4UzIJYcl9E3Nutezj4m7P12LomYvSrUZ4gN4IHI8JBLEfQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
LyonDisplay-Bold.woff2
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/lyon/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/lyon/LyonDisplay-Bold.woff2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
d856729773804572ae4ff08581b1a3f4915e719100a524d8cfdab5a94a286f38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Origin
https://www.khaleejtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 11 May 2023 07:45:52 GMT
via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
913134
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838269 PNNy RT(1684704285438 1342) q(0 0 0 -1) r(0 0) U24
content-length
47860
last-modified
Tue, 09 May 2023 07:57:19 GMT
server
imio
etag
"6459fcdf-baf4"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
G9UT75ROKsIzjmiZLKB7TPAphzIL9OS3QOi9shJ2gLtSBDZ3b5i9UQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
LyonDisplay-Medium.woff2
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/lyon/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/lyon/LyonDisplay-Medium.woff2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
e81ac04c60ab7220aa9cd87532645df3973ce19485be6a013e3b6d937a5683bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Origin
https://www.khaleejtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 18:59:48 GMT
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
2255097
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838263 PNNN RT(1684704285438 1343) q(0 0 0 -1) r(0 0) U24
content-length
47856
last-modified
Wed, 19 Apr 2023 08:09:44 GMT
server
imio
etag
"643fa1c8-baf0"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
frCOngfdOn_dj7yiU-9z2jswAR2z8x6sMkEPPfm-ldTRwHyKxjoIOQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
LyonDisplay-Regular.woff2
www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/lyon/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts/lyon/LyonDisplay-Regular.woff2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
a88ba17ef2dba59fbd83de0a0c2e4cc9943f59a4aa02697aa1b7b63d8de576cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/css/fonts.css
Origin
https://www.khaleejtimes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 11:35:46 GMT
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
age
294541
x-cache
Hit from cloudfront
x-iinfo
6-35838214-35838265 PNNN RT(1684704285438 1344) q(0 0 0 -1) r(0 0) U24
content-length
47240
last-modified
Tue, 16 May 2023 18:21:27 GMT
server
imio
etag
"6463c9a7-b888"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
CvWB0WnDgNljNzUtbMmOE-ZetpBGUAGsCmOO8t29l-NnFMfq7bWGJQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
getGeo
vuukle.com/ 		90 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vuukle.com/getGeo
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3da8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
accept-ch
sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-viewport-width
server
cloudflare
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,POST,OPTIONS
access-control-allow-origin
*
content-type
application/json;charset=UTF-8
cf-ray
7cafe36248409c12-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
location.js
akamai.tiqcdn.com/location/ 		18 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://akamai.tiqcdn.com/location/location.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/khaleejtimes/khaleejtimes/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.104.216 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-104-216.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:47 GMT
Last-Modified
Mon, 30 Apr 2018 23:09:19 GMT
Server
AkamaiNetStorage
ETag
"6c98be5fda77913799e8ef24b86a7abd:1525129759"
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-EdgeScape-Location
Cache-Control
max-age=1296000
X-EdgeScape-Location
country_code=DE,region_code=HE,city=FRANKFURT,areacode=0,zip=0,bandwidth=5000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18
Expires
Mon, 05 Jun 2023 21:24:47 GMT
prebid_KT_7.19.0.js
rtbpass-us.andbeyond.media/ 		457 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prodprebidheader-107957.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
630f2c32737f299f4fb2d92f4a739cf70a82ba38805ee48474f1aef3275f3919

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Nov 2022 10:32:16 GMT
ETag
"1668767536"
X-HW
1684704287.dop240.am5.t,1684704287.cds318.am5.shn,1684704287.dop240.am5.t,1684704287.cds202.am5.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=27595992
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
145622
maxmind.php
prebid.andbeyond.media/ 		213 B
443 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/maxmind.php
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-537953.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.87.248 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-87-248.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
98068c616a32d668c09de8b1b000b024804f914a44f3b467d790eeafcafcc88b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 May 2023 21:24:47 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Content-Length
213
Content-Type
text/html; charset=UTF-8
df
twa.netcoresmartech.com/ 		57 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://twa.netcoresmartech.com/df?user_key=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG
Requested by
Host: osjs.netcoresmartech.com
URL: https://osjs.netcoresmartech.com/v1/js-versioning?clientkey=ADGMOT35CHFLVDHBJNIG50K96A9QE9OFJ0MFRRECSBJVVNO5PTBG&siteid=cdf05e30364b953ee8f1b09e48d0473e&rc=s
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.234.23.58 Mumbai, India, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-234-23-58.ap-south-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
9f878be7310ae8c9cb0334970d5a3ae14b0b4418374b8e73316756fc6abd1feb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 May 2023 21:24:47 GMT
server
awselb/2.0
content-length
57
content-type
application/json
cnsnt.platform.js
cdn.vuukle.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.vuukle.com/cnsnt.platform.js
Requested by
Host: cdn.vuukle.com
URL: https://cdn.vuukle.com/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ca8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a4df945707077b2311159554c1c2e9b35284a3046e2801e78537c5219a0a9f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
cf-cache-status
HIT
age
2904
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 19 May 2023 12:32:37 GMT
server
cloudflare
etag
W/"64676c65-f1b"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=7200
cf-ray
7cafe362693139ca-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/ 		408 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
38908
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128722
x-xss-protection
0
server
cafe
etag
7615930951174331818
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 20 May 2024 10:36:19 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		6 KB
969 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fb38c0d2cba4bf9f4dfd88d9a580c95073a541138099db7b2287f7c498e25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
944
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:47 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-537953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.209.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-209-231.bcn50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:43:42 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 303d44788e5ef8d8a9f0811e1fdf733c.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, BCN50-P1
age
2466
x-amz-server-side-encryption
AES256
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
FZGmWeTSvVhVQ3nj-sL3vC50-VcEtlKvALRoFFqwSrGKB7zUZrOCsA==
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-537953.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:34:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
3046
etag
W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3703
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:256f:c400:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Sun, 21 May 2023 00:07:46 GMT
via
1.1 303d44788e5ef8d8a9f0811e1fdf733c.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
BCN50-P1
age
76626
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
Q3x-WvsoonD6Iv-7M-w-NFQo72xuOzhfTBb1xVI9_rRjf_0XzUatuw==
213794966
fundingchoicesmessages.google.com/i/ 		132 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/213794966?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
64629436ad861896b613ad520973cc32a6cd96e3fcf77264408d0b8493b92db2
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-cAz9lrO8nNwbqZFcJSN8xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-cAz9lrO8nNwbqZFcJSN8xw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
impstats.php
prebid.andbeyond.media/ 		69 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/impstats.php?aff=537953&type=pv
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/wp-content/themes/ktd-theme/assets/js/jquery-3.6.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.87.248 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-87-248.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
d0b516970f3856be4ffdcecab31460e16739338bb8f45ce453cbdccfcb992c6c

Request headers

Accept
*/*
Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 May 2023 21:24:48 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Content-Length
69
Content-Type
text/html; charset=UTF-8
config
c.amazon-adsystem.com/cdn/prod/ 		469 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.khaleejtimes.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.209.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-209-231.bcn50.r.cloudfront.net
Software
Server /
Resource Hash
c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 16:19:36 GMT
via
1.1 303d44788e5ef8d8a9f0811e1fdf733c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BCN50-P1
age
18311
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
469
x-amz-cf-id
ZQoOYvS8vlubSMXfdvJpZg7cq7ai5GHeF0jUPyju-brtuvJPV-dW4Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.209.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-209-231.bcn50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 327c500723be5bbd35817bb5bf5e2cee.cloudfront.net (CloudFront)
date
Sun, 21 May 2023 21:24:47 GMT
x-amz-cf-pop
BCN50-P1
age
426
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
8e3Y-5hDOGYduoioHmhLM1c3JoWWgezMFHKncrw-FMqeBF6C0g9mBQ==
1429b362a1e7b6b1.p.ttf
io.jogo.studio/_next/static/media/ Frame 1F1C 		54 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/media/1429b362a1e7b6b1.p.ttf
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a745a6b4cbef6176b15bd0553b45a0f975ea4553149c589918b8bd67a8f95ed9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Origin
https://io.jogo.studio
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::244kl-1684704287378-e72223e3435b
age
352978
x-matched-path
/_next/static/media/1429b362a1e7b6b1.p.ttf
etag
W/"55d82c9b8b89f02f2da5fb94f4417403"
x-vercel-cache
HIT
content-type
font/ttf
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="1429b362a1e7b6b1.p.ttf"
68ed24b5501f589a.p.woff2
io.jogo.studio/_next/static/media/ Frame 1F1C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/media/68ed24b5501f589a.p.woff2
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6f6b9d913bd2f8037f3532e5b0b96a40de775af5eb2630b9657cf6630aa0405a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Origin
https://io.jogo.studio
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::6n48z-1684704287378-4ac16d839069
age
359096
x-matched-path
/_next/static/media/68ed24b5501f589a.p.woff2
etag
"685a54ef9c9ccc5f1d6d535c877e0bb0"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="68ed24b5501f589a.p.woff2"
accept-ranges
bytes
content-length
21072
3b556990c95b5e34.p.woff2
io.jogo.studio/_next/static/media/ Frame 1F1C 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/media/3b556990c95b5e34.p.woff2
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4578d75a057e082ecae9ea9f2a90258999c97515975f4757ec1287736c8fec86
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Origin
https://io.jogo.studio
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::tbbs7-1684704287379-3dea2a3eab2a
age
355687
x-matched-path
/_next/static/media/3b556990c95b5e34.p.woff2
etag
"d490252e9e1d1260412e9f318f371e00"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="3b556990c95b5e34.p.woff2"
accept-ranges
bytes
content-length
20900
3bbf0494f424c443.p.woff2
io.jogo.studio/_next/static/media/ Frame 1F1C 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/media/3bbf0494f424c443.p.woff2
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
85cc5f4c151a72239700ae6445649fa0188d91a652829f39fb6fb84a85a9d1cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Origin
https://io.jogo.studio
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::8p9st-1684704287382-073eda1e23b8
age
346915
x-matched-path
/_next/static/media/3bbf0494f424c443.p.woff2
etag
"b19299ae5365b79d126ea8b355313e24"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="3bbf0494f424c443.p.woff2"
accept-ranges
bytes
content-length
20960
4a1b5bf8fc72ed9c.p.woff2
io.jogo.studio/_next/static/media/ Frame 1F1C 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/media/4a1b5bf8fc72ed9c.p.woff2
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a9cea7e92a9aaae8c3e42e6f69d902afbfe6780097d12dd44749884a3f13b65b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Origin
https://io.jogo.studio
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::hmmmm-1684704287379-58c9a9ec7b0e
age
346457
x-matched-path
/_next/static/media/4a1b5bf8fc72ed9c.p.woff2
etag
"1d37f5b1683be2ee7f054f4c74e84884"
x-vercel-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="4a1b5bf8fc72ed9c.p.woff2"
accept-ranges
bytes
content-length
20840
844fb53cbcc3b5be.css
io.jogo.studio/_next/static/css/ Frame 1F1C 		37 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/css/844fb53cbcc3b5be.css
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
63c4d9f07defa3ae60b43104ce4a7c297ddb803f3ded208e2921a5edfa33e3c6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::qzn5z-1684704287378-6c98a2864262
age
356725
x-matched-path
/_next/static/css/844fb53cbcc3b5be.css
etag
W/"b26f2860862311b0e2f7fc9503e9c0ea"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="844fb53cbcc3b5be.css"
webpack-c4acd79e87956a0e.js
io.jogo.studio/_next/static/chunks/ Frame 1F1C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/webpack-c4acd79e87956a0e.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f1bf716d0aab2ca3bf086e288d33db5b10bc1d1ad808145f445a9f829277b3ba
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::4277t-1684704287380-27fca666d6bb
age
361018
x-matched-path
/_next/static/chunks/webpack-c4acd79e87956a0e.js
etag
W/"081da58a0e1ce19949470fc79a20dec7"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="webpack-c4acd79e87956a0e.js"
framework-114634acb84f8baa.js
io.jogo.studio/_next/static/chunks/ Frame 1F1C 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/framework-114634acb84f8baa.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
cc76e8d9def9ded50761a877750bab9afab8d4873351a0088e44811c8a4f54e3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::qzn5z-1684704287381-3fd5fdecba8e
age
360125
x-matched-path
/_next/static/chunks/framework-114634acb84f8baa.js
etag
W/"d61e3f6bff4284ac6fd9b3f3048ea293"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="framework-114634acb84f8baa.js"
main-dc1c692d63c50e17.js
io.jogo.studio/_next/static/chunks/ Frame 1F1C 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/main-dc1c692d63c50e17.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
d4fa6191cc6b0b2e1f00efde5834f37557df2f242dda4e4c81b75350abf33784
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::kbhrd-1684704287381-100947762230
age
361353
x-matched-path
/_next/static/chunks/main-dc1c692d63c50e17.js
etag
W/"cd8745ee950d8c0e216ddd033a9f61e2"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="main-dc1c692d63c50e17.js"
_app-766a48a9405dafc7.js
io.jogo.studio/_next/static/chunks/pages/ Frame 1F1C 		908 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/pages/_app-766a48a9405dafc7.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
e38c6ad3fc07cba395a8bdc1705465609660d2386f33a9778d6931e79bea7192
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::xx7rv-1684704287384-4033053f3c3f
age
366497
x-matched-path
/_next/static/chunks/pages/_app-766a48a9405dafc7.js
etag
"f56ccc024755ff2ea8172d0027c6c73a"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_app-766a48a9405dafc7.js"
accept-ranges
bytes
content-length
908
365-4e8094d6a73ab40a.js
io.jogo.studio/_next/static/chunks/ Frame 1F1C 		309 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/365-4e8094d6a73ab40a.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4c495153f7453aba9f3c1a2b2e703f7677ae9f8aeeed225d21e55d8600ea9006
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::qzn5z-1684704287384-4d162610ab4b
age
360502
x-matched-path
/_next/static/chunks/365-4e8094d6a73ab40a.js
etag
W/"a8f0a75339b62fa0942da62e23a3cb12"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="365-4e8094d6a73ab40a.js"
%5Bid%5D-c7d080b8184d68e3.js
io.jogo.studio/_next/static/chunks/pages/render/ Frame 1F1C 		92 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/chunks/pages/render/%5Bid%5D-c7d080b8184d68e3.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
925a5f0e63e0e04865bcbd9fa3753eee68e78bcf4e61263e076ba50b3e0f2b8e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::tbbs7-1684704287384-be6a3560d738
age
363884
x-matched-path
/_next/static/chunks/pages/render/%5Bid%5D-c7d080b8184d68e3.js
etag
W/"380f18ddd7ea46f32437ea6f673b4878"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="[id]-c7d080b8184d68e3.js"
_buildManifest.js
io.jogo.studio/_next/static/txIi1q_jN0HCVMQUaezrE/ Frame 1F1C 		473 B
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/txIi1q_jN0HCVMQUaezrE/_buildManifest.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
3fabc653cd5bb12da9e77bb24188ec2933cee18eeb535c747329100df4bb651a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::244kl-1684704287384-5cdbae23c2b3
age
356155
x-matched-path
/_next/static/txIi1q_jN0HCVMQUaezrE/_buildManifest.js
etag
"60e54238861302c1b555a33de829ae4f"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_buildManifest.js"
accept-ranges
bytes
content-length
473
_ssgManifest.js
io.jogo.studio/_next/static/txIi1q_jN0HCVMQUaezrE/ Frame 1F1C 		77 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://io.jogo.studio/_next/static/txIi1q_jN0HCVMQUaezrE/_ssgManifest.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.142 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/render/889ab751-64e1-48d1-b311-5e03be70a349?game_id=8d47f80f-e65a-4571-95db-6d9e11238e90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::6n48z-1684704287384-db6613695143
age
365415
x-matched-path
/_next/static/txIi1q_jN0HCVMQUaezrE/_ssgManifest.js
etag
"b6652df95db52feb4daf4eca35380933"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_ssgManifest.js"
accept-ranges
bytes
content-length
77
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.132.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-132-19.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.khaleejtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 21 May 2023 21:24:47 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
8HGAAJ5SPG01V3HV
age
3150
etag
W/"b58faeda0c1d193bc50dd25a7640d8ba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7cafe364ca301d92-FRA
x-amz-id-2
f161amAWddzOEKqFyIw1z52Y5MNS/KtI81MQGyxgUMhTiDS4PahByU0RD15HxgWIBN24MAWKZrTTCx8w+NnXNA==
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.211.132.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-132-19.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Sun, 21 May 2023 21:24:47 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
js
www.googletagmanager.com/gtag/ Frame 1F1C 		236 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2VVVMDVFQ8
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/main-dc1c692d63c50e17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54dd6beabd97e49e418326139ad5133d33f894a96d7eb8a0a801103629918ced
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83041
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 May 2023 21:24:47 GMT
js
www.googletagmanager.com/gtag/ Frame 1F1C 		237 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-51FKX7T04F
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/main-dc1c692d63c50e17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a8b24eb9adb77960444c3ce362e8a7b3e90991bc75972fa3797414333e731b5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83391
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 May 2023 21:24:47 GMT
games
rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/games?select=*&id=eq.8d47f80f-e65a-4571-95db-6d9e11238e90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
accept-profile,apikey,authorization,x-client-info
Access-Control-Request-Method
GET
Origin
https://io.jogo.studio
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
accept-profile,apikey,authorization,x-client-info
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
7cafe3650ee1925b-FRA
content-length
0
date
Sun, 21 May 2023 21:24:47 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
analytics.js
www.google-analytics.com/ Frame 1F1C 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/365-4e8094d6a73ab40a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 May 2023 21:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1187
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 21 May 2023 23:05:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 1F1C 		359 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/main-dc1c692d63c50e17.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77851be5afb51840c7809b09bcaf75d2220513c2d5a3ac5fb66b173cd3032c34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122524
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:47 GMT
games
rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/ Frame 1F1C 		535 B
919 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/games?select=*&id=eq.8d47f80f-e65a-4571-95db-6d9e11238e90
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/365-4e8094d6a73ab40a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bbb45c861f27816c52989a1e248d3310b9695fa67f138c13ce9f83a65968000
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

x-client-info
@supabase/auth-helpers-nextjs@0.6.1
accept-language
de-DE,de;q=0.9
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InJrYnp3bHVob2N3Z3hoaHV3dmpxIiwicm9sZSI6ImFub24iLCJpYXQiOjE2NjIyMDU5MjksImV4cCI6MTk3Nzc4MTkyOX0.RlyNAaJcDlAb27v8fXazW8vgdGilu-Cy-CWWV0-br6I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept
application/vnd.pgrst.object+json
accept-profile
public
Referer
https://io.jogo.studio/
apikey
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InJrYnp3bHVob2N3Z3hoaHV3dmpxIiwicm9sZSI6ImFub24iLCJpYXQiOjE2NjIyMDU5MjksImV4cCI6MTk3Nzc4MTkyOX0.RlyNAaJcDlAb27v8fXazW8vgdGilu-Cy-CWWV0-br6I

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
via
kong/2.8.1
cf-cache-status
DYNAMIC
x-kong-proxy-latency
1
content-range
0-0/*
x-kong-upstream-latency
3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/vnd.pgrst.object+json; charset=utf-8
access-control-allow-origin
*
sb-gateway-version
1
access-control-expose-headers
Content-Encoding, Content-Location, Content-Range, Content-Type, Date, Location, Server, Transfer-Encoding, Range-Unit
content-profile
public
access-control-allow-credentials
true
cf-ray
7cafe3657f1f925b-FRA
content-location
/games?id=eq.8d47f80f-e65a-4571-95db-6d9e11238e90&select=%2A
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
b54ccb6daa7b61513f2fa7b8bb4a11bb6b18e1fc60356298093a678e150194cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
AGSKWxXfA6Y_aOLEM_DvFmlQ8WQXtkIi7JFt9BANUYkkkrt_uV3LAGoFA0V5B0bNmU7_i9mgPjQknDg7hy0TF_aBnuA=
fundingchoicesmessages.google.com/f/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXfA6Y_aOLEM_DvFmlQ8WQXtkIi7JFt9BANUYkkkrt_uV3LAGoFA0V5B0bNmU7_i9mgPjQknDg7hy0TF_aBnuA=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0NzA0Mjg3LDU3NDAwMDAwMF0sIkEzQjlBNEM0LTdCOUItNEQyQy1BQTc4LUNGRUFGOUJBRjc2NyIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vd3d3LmtoYWxlZWp0aW1lcy5jb20vdGVjaG5vbG9neS9taWNyb3NvZnQtc2F5cy1pdC1mb3VuZC1tYWxpY2lvdXMtc29mdHdhcmUtaW4taXRzLXN5c3RlbXMiLG51bGwsW1s4LCJqeVNIWThmc1B3NCJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jySHY8fsPw4.es5.O/d=1/rs=AJlcJMwtoSPxx6HDqAquT_ru_CMqGzXMxw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
945f49c4c0138839c121abb3a2c06f831b1fb3aa53cfd06c8c3e2ce29aeca950
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-QNHmZMp9zNpfDR1Pwl2trw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-QNHmZMp9zNpfDR1Pwl2trw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 May 2023 21:24:47 GMT
x-content-type-options
nosniff
content-encoding
br
age
36323
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230083-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:23:16 GMT
via
1.1 google
age
91
x-guploader-uploadid
ADPycdtFjYaTb8wJzdln_amY1soedC7zxDyTukqqyA1kk_Voli4ywgWGkX8tScsTTGI49A-avwCeA2R5LJou9VOjj3X2ukLtzPbz
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Sun, 21 May 2023 22:23:16 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.129.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-129-21.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 05:55:32 GMT
content-encoding
gzip
via
1.1 fab151d68d1a2f6afb087e422136c6fe.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:14:05 GMT
server
AmazonS3
x-amz-cf-pop
CDG52-P4
age
55756
x-amz-server-side-encryption
AES256
etag
W/"37e703da55f96b973658b8e7aeed0e93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ra9JUA08fxwvNduDgf96wmN0zK-kN-hOOpEvb-AQvyDygK5CUacw7Q==
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
QNZFRY7R9FJXK93W
age
1588
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7cafe3657abc1d92-FRA
x-amz-id-2
KKDhfGIrvMmWhKAufCzBC/nz7h+uhfzoYa3jYlHOyQKecIUrTE2oMNZPuo/P7zreNiWhD3nwINo=
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:c400:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 02:36:56 GMT
Via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
67672
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
qoVrPer5ki3DCgVr0ZeGa4e9S9AXfY_AOYR5F0qHjOV68QsImzT_kg==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 09:30:55 GMT
content-encoding
gzip
age
129232
x-guploader-uploadid
ADPycdulo62n1Oz3OsP18omM7Whzc8GGJLsUOW8hRKueo04UFAsHphh0sQrfyUH2LYgBzdVpvOez23Ksj_TnHOEACBWSrQ7WPdtv
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sun, 19 May 2024 09:30:55 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 22 May 2023 21:24:47 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		108 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4500757940506256&correlator=2457131430005669&eid=31074723%2C31074767%2C31074770%2C21065724&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=78059622%2CResponsive-Article-Leaderboard%2CResponsive-Article-Leaderboard-footer%2CResponsive-Article-MPU-1%2CResponsive-Article-MPU-2%2CResponsive-Article-1x1%2CResponsive-Desktop-Expandable-1x1%2CResponsive-Article-2%2CResponsive-Article-1x1-3%2CResponsive-InfiniteArticle-1x1%2CArticle-Ear-Pannel-Left%2CArticle-Ear-Pannel-Right&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11&prev_iu_szs=970x250%2C970x250%2C300x250%2C300x250%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C200x90%2C200x90&ifi=1&adks=2487631899%2C1679779604%2C1730754477%2C1148906708%2C1669407057%2C305519743%2C3176091703%2C2620213831%2C2241084736%2C2312031536%2C124803191&didk=133259870~2576079926~2743617896~2155438624~1740274211~907667141~690822902~590468794~1402576866~3605971641~632977312&sfv=1-0-40&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684&ppid=0188403359540015a4db97394a3d03074006106c00b08&sc=1&cookie_enabled=1&abxe=1&dt=1684704287596&lmt=1684704287&dlt=1684704286874&idt=405&adxs=315%2C-9%2C1160%2C-9%2C0%2C0%2C0%2C0%2C-9%2C126%2C1274&adys=367%2C-9%2C569%2C-9%2C0%2C3%2C1%2C2%2C-9%2C47%2C47&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C0%7C-1%7C0%7C0%7C0%7C0%7C-1%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=1010x295%7C0x-1%7C314x290%7C0x-1%7C1600x4065%7C1600x4065%7C1600x4065%7C1600x4065%7C0x-1%7C337x90%7C200x90&msz=970x0%7C0x-1%7C314x0%7C0x-1%7C1x-1%7C1600x-1%7C1x-1%7C1x-1%7C0x-1%7C337x90%7C200x90&fws=4%2C2%2C516%2C2%2C4%2C4%2C4%2C4%2C2%2C4%2C4&ohw=1600%2C0%2C314%2C0%2C1600%2C1600%2C1600%2C1600%2C0%2C1600%2C1600&ga_vid=190675365.1684704288&ga_sid=1684704288&ga_hid=62371786&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY47bNgYQxSABSAghkEhkKCnB1YmNpZC5vcmcY47bNgYQxSABSAghkEhcKCHJ0YmhvdXNlGOO2zYGEMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjjts2BhDFIAFICCGQSFAoFb3BlbngY47bNgYQxSABSAghkEhkKCnVpZGFwaS5jb20Y47bNgYQxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjjts2BhDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
247e3962eaea826932f71f2c28687a45361c108bb322911000e39e81c5c0e9b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22948
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2,-2,-2,6106059726,-2,-2,6020109098,6018178041
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2,-2,-2,138404537902,-2,-2,138398957916,138392066579
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6298 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 May 2023 21:24:47 GMT
expires
Mon, 20 May 2024 21:24:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
984.json
id5-sync.com/g/v2/ 		241 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
664839fae0b46d6ae74a6823fd6ddbc01b3b48eb70f127adb9b88913962af37e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
increment
id5-sync.com/api/esp/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
AGSKWxX4v81yj1hrlb2kMtraMPddoj5SFKlhy9n0JH8C1_mFSzFz6l3v3H_YyLjBw0TM0373MRL8zMrcMsaJppllcjHR78DeYlTLEiiJmqKuf6xPFVjoPGunNa1fkP8oawRNAaByfRfUPg==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX4v81yj1hrlb2kMtraMPddoj5SFKlhy9n0JH8C1_mFSzFz6l3v3H_YyLjBw0TM0373MRL8zMrcMsaJppllcjHR78DeYlTLEiiJmqKuf6xPFVjoPGunNa1fkP8oawRNAaByfRfUPg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0NzA0Mjg3LDY0NDAwMDAwMF0sIkEzQjlBNEM0LTdCOUItNEQyQy1BQTc4LUNGRUFGOUJBRjc2NyIsbnVsbCxudWxsLFtudWxsLFs3LDEwXV0sImh0dHBzOi8vd3d3LmtoYWxlZWp0aW1lcy5jb20vdGVjaG5vbG9neS9taWNyb3NvZnQtc2F5cy1pdC1mb3VuZC1tYWxpY2lvdXMtc29mdHdhcmUtaW4taXRzLXN5c3RlbXMiLG51bGwsW1s4LCJqeVNIWThmc1B3NCJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jySHY8fsPw4.es5.O/d=1/rs=AJlcJMwtoSPxx6HDqAquT_ru_CMqGzXMxw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
745be6a9dfd6ab6f635d5c7f274ba06d4fd585a2e9826a3d3dfbb80ed86833ef
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BJKQzH1Gf-DUeSrU_R5Guw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-BJKQzH1Gf-DUeSrU_R5Guw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.125.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-125-132.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
1227f39117252b4cc7cde1d26eb66b8f5988e3eee43bc90840a486389e5799c3

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache
x-server
10.45.30.193
access-control-allow-credentials
true
content-length
60
expires
0
esp
oajs.openx.net/ 		0
0
encrypt
esp.rtbhouse.com/ 		285 B
381 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b86560f085f830750ceb8fc15fed79bcfd1ad6fffd62442fe393eba49cb96c4e

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
via
1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
0034649d7ebb7f101593f889b8bd5d23
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.khaleejtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.khaleejtimes.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 21 May 2023 21:24:47 GMT
server
Google Frontend
vary
Origin
via
1.1 google
x-cloud-trace-context
b1b1b3a4d9a70a8a2669056b1d3d4bdb
teasers-kt
play.jogo.studio/games/ Frame BEC5 		16 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/framework-114634acb84f8baa.js
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel / Next.js
Resource Hash
3869f14c73e1f0e3ad0b1ca4576193c67aa668224e66727e0441403d71d94304
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://io.jogo.studio/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 21 May 2023 21:24:47 GMT
server
Vercel
strict-transport-security
max-age=63072000
x-matched-path
/games/teasers-kt
x-powered-by
Next.js
x-vercel-cache
MISS
x-vercel-id
fra1::iad1::hmtjv-1684704287694-35f014bdff45
stats_game_start
rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/ Frame 1F1C 		325 B
721 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/stats_game_start
Requested by
Host: io.jogo.studio
URL: https://io.jogo.studio/_next/static/chunks/365-4e8094d6a73ab40a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bb085d6347230042868f7144f787f8bb42d3a6cc4f2a2bd3581b866a5b1e570
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

X-Client-Info
supabase-js/1.35.7
Prefer
return=representation
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InJrYnp3bHVob2N3Z3hoaHV3dmpxIiwicm9sZSI6ImFub24iLCJpYXQiOjE2NjIyMDU5MjksImV4cCI6MTk3Nzc4MTkyOX0.RlyNAaJcDlAb27v8fXazW8vgdGilu-Cy-CWWV0-br6I
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json
Content-Profile
public
Referer
https://io.jogo.studio/
apikey
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZSIsInJlZiI6InJrYnp3bHVob2N3Z3hoaHV3dmpxIiwicm9sZSI6ImFub24iLCJpYXQiOjE2NjIyMDU5MjksImV4cCI6MTk3Nzc4MTkyOX0.RlyNAaJcDlAb27v8fXazW8vgdGilu-Cy-CWWV0-br6I

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=2592000; includeSubDomains
via
kong/2.8.1
cf-cache-status
DYNAMIC
x-kong-proxy-latency
0
content-range
*/*
x-kong-upstream-latency
4
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
sb-gateway-version
1
access-control-expose-headers
Content-Encoding, Content-Location, Content-Range, Content-Type, Date, Location, Server, Transfer-Encoding, Range-Unit
content-profile
public
access-control-allow-credentials
true
cf-ray
7cafe3660cbc8fca-FRA
stats_game_start
rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rkbzwluhocwgxhhuwvjq.supabase.co/rest/v1/stats_game_start
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
apikey,authorization,content-profile,content-type,prefer,x-client-info
Access-Control-Request-Method
POST
Origin
https://io.jogo.studio
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
apikey,authorization,content-profile,content-type,prefer,x-client-info
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS,TRACE,CONNECT
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray
7cafe365eca18fca-FRA
content-length
0
date
Sun, 21 May 2023 21:24:47 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ Frame 1F1C 		237 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-51FKX7T04F&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2VVVMDVFQ8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12a69d3e1e6b9ed7b511c34f52616efdfc2fc4c71d869d3508aaedff7e2ebacb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83364
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 May 2023 21:24:47 GMT
syncframe
gum.criteo.com/ Frame 447F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.khaleejtimes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 21 May 2023 21:24:47 GMT
server
Kestrel
server-processing-duration-in-ticks
378250
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
afphChild.js
adgebra.co.in/afph/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/afph/afphChild.js?hrId=2023052121
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/afph/afph.js?p1=5823&p2=&p3=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
42cdcdb769ea227cf6f8f431e83bf096848f20d824d57e3e0c1435a04f8a8943

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 09 Jan 2023 16:39:10 GMT
accept-ranges
bytes
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/javascript
pd
google-bidout-d.openx.net/w/1.0/ Frame E923 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 21 May 2023 21:24:47 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ Frame BEC5 		84 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2085597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27198
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1514f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QxYhpkWZvm3AmXcwpwKZ3TdPDipy3ivX%2FsVFdyYnOe7vCUJq9cfj1CWg5rsPp2cs7195pL0YGxYKQuMgtq5PDZWox%2BBIRwO90KwdgolXLpMeEucn4v33ZVIiC63cf51VvBxuE9CAoftdmIfZGmnfsAkE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7cafe3670ba65b6e-FRA
expires
Fri, 10 May 2024 21:24:47 GMT
e47cb46f42d0a3a2.css
play.jogo.studio/_next/static/css/ Frame BEC5 		74 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/css/e47cb46f42d0a3a2.css
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
92fa2c5c66416bd03074738627fa68c7760f2490ed3cfc06333fea315c39ab3d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::hmtjv-1684704287837-97e77a09d9cb
age
351019
x-matched-path
/_next/static/css/e47cb46f42d0a3a2.css
etag
W/"ab089b4a9f02f9ebc9f8d092eedce53c"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="e47cb46f42d0a3a2.css"
webpack-b1eca26087bc920a.js
play.jogo.studio/_next/static/chunks/ Frame BEC5 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/webpack-b1eca26087bc920a.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
a9a0ec309855e6c4eedbc0860050693ffc2bfbee82abb8444210fb6d653b6dce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::twkml-1684704287841-e0701b8432b1
age
2563
x-matched-path
/_next/static/chunks/webpack-b1eca26087bc920a.js
etag
W/"e838254f789579010cce82362418d204"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="webpack-b1eca26087bc920a.js"
framework-3671d8951bf44e4e.js
play.jogo.studio/_next/static/chunks/ Frame BEC5 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/framework-3671d8951bf44e4e.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::ct6ws-1684704287841-15fe0da9ca6f
age
314709
x-matched-path
/_next/static/chunks/framework-3671d8951bf44e4e.js
etag
W/"6081d0683ad8f48c96c1fa6ba4b00a6c"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="framework-3671d8951bf44e4e.js"
main-403c8612371c9360.js
play.jogo.studio/_next/static/chunks/ Frame BEC5 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/main-403c8612371c9360.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::chw2q-1684704287841-399733882865
age
311418
x-matched-path
/_next/static/chunks/main-403c8612371c9360.js
etag
W/"8de5f1bfeb434ccf34a254a49093706a"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="main-403c8612371c9360.js"
_app-812fc922862a982c.js
play.jogo.studio/_next/static/chunks/pages/ Frame BEC5 		1 KB
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/pages/_app-812fc922862a982c.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
13486084978086d1741399d998d31623ede7dea6e995ff068432eb2ee8a7472e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::ct6ws-1684704287841-a0e2744ba2b3
age
315914
x-matched-path
/_next/static/chunks/pages/_app-812fc922862a982c.js
etag
W/"629b7ab6cdc1a474f56e51c47a306ffa"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_app-812fc922862a982c.js"
29107295-629d7e677eb34f36.js
play.jogo.studio/_next/static/chunks/ Frame BEC5 		68 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/29107295-629d7e677eb34f36.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
96abaf5dff457b64837aa49703a7e7de26aa2295e8c98bfa6d22e90df5c42942
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::v4f62-1684704287841-979ca77b3d23
age
356750
x-matched-path
/_next/static/chunks/29107295-629d7e677eb34f36.js
etag
W/"033cf7f3a25c1797c17ea043ddbd09c5"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="29107295-629d7e677eb34f36.js"
5675-5b337a3e18396823.js
play.jogo.studio/_next/static/chunks/ Frame BEC5 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/5675-5b337a3e18396823.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
28e8ab9f67173c4206fc1232333fc189c04c06ef0f992e136418d75cac4d0185
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::xx7rv-1684704287841-43018422a55a
age
24242
x-matched-path
/_next/static/chunks/5675-5b337a3e18396823.js
etag
W/"714c582ae4510f70b09352123113799b"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="5675-5b337a3e18396823.js"
3437-f452af78cd7bc007.js
play.jogo.studio/_next/static/chunks/ Frame BEC5 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/3437-f452af78cd7bc007.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
f164954f6574227054040a4e5b681bbafc9f96ed3b990b8386a60668eabe3722
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::75fnk-1684704287841-0c7e2c7231f7
age
353339
x-matched-path
/_next/static/chunks/3437-f452af78cd7bc007.js
etag
W/"4dcfb05abba550d14a4dce925f4791c7"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="3437-f452af78cd7bc007.js"
6064-b31fd1870750dabd.js
play.jogo.studio/_next/static/chunks/ Frame BEC5 		33 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/6064-b31fd1870750dabd.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
64052d75c8ecd5b79757c5f04ec0c37fb9af5c924fbb156a2a59a6066d150d33
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::75fnk-1684704287841-60ac3a8b3387
age
354214
x-matched-path
/_next/static/chunks/6064-b31fd1870750dabd.js
etag
W/"da94d8027dda9b86446e4c4f6da7bdf2"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="6064-b31fd1870750dabd.js"
teasers-kt-d3319e26daa7c62a.js
play.jogo.studio/_next/static/chunks/pages/games/ Frame BEC5 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/chunks/pages/games/teasers-kt-d3319e26daa7c62a.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
9f2fb59b64b281efcc410e321802f2cc16b377e594882efca16e81b79123f87c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::5zjzm-1684704287841-cbf3d2c40ee9
age
339967
x-matched-path
/_next/static/chunks/pages/games/teasers-kt-d3319e26daa7c62a.js
etag
W/"a9688aa4af35e0c791f71287105c5ea9"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="teasers-kt-d3319e26daa7c62a.js"
_buildManifest.js
play.jogo.studio/_next/static/fIhDdySJgVFkXmPutagcH/ Frame BEC5 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/fIhDdySJgVFkXmPutagcH/_buildManifest.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
dc31daa98edc405e29b229ee42a96b7b4ecf94dbfa654e3a0ca451c64f5437b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::s8gtw-1684704287842-caa8cc3c2441
age
345743
x-matched-path
/_next/static/fIhDdySJgVFkXmPutagcH/_buildManifest.js
etag
W/"9d2c746893512fdd8ed81401903b58ab"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_buildManifest.js"
_ssgManifest.js
play.jogo.studio/_next/static/fIhDdySJgVFkXmPutagcH/ Frame BEC5 		77 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.jogo.studio/_next/static/fIhDdySJgVFkXmPutagcH/_ssgManifest.js
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::pxnx5-1684704287842-221f4820ee69
age
318493
x-matched-path
/_next/static/fIhDdySJgVFkXmPutagcH/_ssgManifest.js
etag
"b6652df95db52feb4daf4eca35380933"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
content-disposition
inline; filename="_ssgManifest.js"
accept-ranges
bytes
content-length
77
sid
mug.criteo.com/ Frame 447F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=khaleejtimes.com&sn=ChromeSyncframe&so=0&topUrl=www.khaleejtimes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=gEBWWnxBUW9uR25yRVRUZHFRcW9oNU55WFNpMUNCV2MweU9kd3FFa0dtSzVvMks1ZkdaaUNkKzFrRkxWU1FwWlViZjdESW5KZmpGVGtpMXhtMFRTdW9YMG93c1FOOVB4RWZkR0lOSjdyY0puQlpTY1R5TS9GWDZGUFhSMD...
446 B
671 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=gEBWWnxBUW9uR25yRVRUZHFRcW9oNU55WFNpMUNCV2MweU9kd3FFa0dtSzVvMks1ZkdaaUNkKzFrRkxWU1FwWlViZjdESW5KZmpGVGtpMXhtMFRTdW9YMG93c1FOOVB4RWZkR0lOSjdyY0puQlpTY1R5TS9GWDZGUFhSMDhuRVE0UlJWVEErbGJGS3hCUzF6Z002NTlCcUUzN2xQdUhGK1NzRDJnTHQxbzdSNmFJNkhERGc2dEQzOE9YMW1XQ0JzZzNhc2NxdE4vMTFna3FVT2RzNDV4Unp0Y0laL1lEOW1nQklDa3U0a2o0NktaUy9pT1YxRUplaGgyeGY1NnR6QjZJN1N6NTBaaUNhN1Q5VlVhK21FOFhFWnArSGRDMmtDMEY0NXBkK1RMclljQWs0TT18&cppv=2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f357ef703004e5535dadf76db6b5c638bef199b8457ab75b7009ba8e48b4c1e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1157924
expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=gEBWWnxBUW9uR25yRVRUZHFRcW9oNU55WFNpMUNCV2MweU9kd3FFa0dtSzVvMks1ZkdaaUNkKzFrRkxWU1FwWlViZjdESW5KZmpGVGtpMXhtMFRTdW9YMG93c1FOOVB4RWZkR0lOSjdyY0puQlpTY1R5TS9GWDZGUFhSMDhuRVE0UlJWVEErbGJGS3hCUzF6Z002NTlCcUUzN2xQdUhGK1NzRDJnTHQxbzdSNmFJNkhERGc2dEQzOE9YMW1XQ0JzZzNhc2NxdE4vMTFna3FVT2RzNDV4Unp0Y0laL1lEOW1nQklDa3U0a2o0NktaUy9pT1YxRUplaGgyeGY1NnR6QjZJN1N6NTBaaUNhN1Q5VlVhK21FOFhFWnArSGRDMmtDMEY0NXBkK1RMclljQWs0TT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
441294
content-length
0
expires
0
proximanova-regular-webfont.woff2
jogo-assets.s3.amazonaws.com/fonts/ Frame BEC5 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jogo-assets.s3.amazonaws.com/fonts/proximanova-regular-webfont.woff2
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/_next/static/css/e47cb46f42d0a3a2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.234.33 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c2ad3b2ad1c100ebb196165df8a0bfad3941024d991dcbef5c92437283e17b57

Request headers

Referer
https://play.jogo.studio/
Origin
https://play.jogo.studio
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Last-Modified
Tue, 18 Apr 2023 10:05:18 GMT
Server
AmazonS3
x-amz-request-id
G811TF1HXXH988EV
ETag
"26f29fbc44abfbef4387f6fe478bc72c"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
*
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
19964
x-amz-id-2
enWMMsGFefQovZelej5BPWZ/rlf7Sk3PB9wjruM1A7nvNDccdTeRhJrcaH5T3avyK2o8Af8Uq9Y=
LyonDisplay-Regular.woff2
jogo-assets.s3.amazonaws.com/fonts/ Frame BEC5 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://jogo-assets.s3.amazonaws.com/fonts/LyonDisplay-Regular.woff2
Requested by
Host: play.jogo.studio
URL: https://play.jogo.studio/_next/static/css/e47cb46f42d0a3a2.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.234.33 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a88ba17ef2dba59fbd83de0a0c2e4cc9943f59a4aa02697aa1b7b63d8de576cd

Request headers

Referer
https://play.jogo.studio/
Origin
https://play.jogo.studio
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Last-Modified
Tue, 18 Apr 2023 10:05:14 GMT
Server
AmazonS3
x-amz-request-id
G817JS7SN9RF0MVH
ETag
"aac2e93444ca5fa6d031b698f226107c"
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
3000
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
*
Content-Type
binary/octet-stream
Accept-Ranges
bytes
Content-Length
47240
x-amz-id-2
hm7ovbnV6IqC9kpIgtdXj+42sxIp4kXjPQZn1qvemnCxor/COto8Y75hHCkerJoL63x8maQs90U=
china.svg
play.jogo.studio/assets/img/flags/ Frame BEC5 		795 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.jogo.studio/assets/img/flags/china.svg
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
c1f228412a5062bbd02fbc3e54727820e0dbbdbc1bdc4aa7563ddceb36b4c43c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.jogo.studio/games/teasers-kt?gi=8d47f80f-e65a-4571-95db-6d9e11238e90&ra=false&pc=6392e5&key=value&h=325
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
strict-transport-security
max-age=63072000
server
Vercel
x-vercel-id
fra1:fra1::ct6ws-1684704287925-cb9e0c690b7b
age
356950
x-matched-path
/assets/img/flags/china.svg
etag
"01b1e16506941b544ede62b2d65fdbad"
x-vercel-cache
HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="china.svg"
accept-ranges
bytes
content-length
795
GetImageDetails
adgebra.co.in/Adg_Analytics/ 		232 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/Adg_Analytics/GetImageDetails?docurl=https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems&rand=12
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/afph/afphChild.js?hrId=2023052121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
0f0c93d61ddacd2a463e26c48388b266af9ba29ac8350a93da8e2e8a34897dc9

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:47 GMT
via
1.1 google
access-control-allow-credentials
true
content-length
232
content-type
application/json;charset=UTF-8
RFPSegmentDomainReaderServlet
adgebra.co.in/afpf/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adgebra.co.in/afpf/RFPSegmentDomainReaderServlet?sitename=khaleejtimes.com
Requested by
Host: adgebra.co.in
URL: https://adgebra.co.in/afph/afphChild.js?hrId=2023052121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.207.221.200 Mumbai, India, ASN19527 (GOOGLE-2, US),
Reverse DNS
200.221.207.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Sun, 21 May 2023 21:24:48 GMT
via
1.1 google
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With,Origin, Control-Request-Method,remember-me, Access-Control-Request-Headers,Authorization, x-auth-token
content-length
0
access-control-allow-methods
GET, OPTIONS, HEAD, PUT, POST
localstore.js
script.4dex.io/ 		483 B
1019 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Wed, 23 Nov 2022 15:43:18 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1129113
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5D2CFdOkUPfkij8idDie%2F5slTOuy9YfpRQVofIKkjxSOxorPzq3j2mhiwUZJdqHaYt9Vv4O%2BmX95smWwCYc2ZMPFLOI6hk0biYT3tQhhxsYTRQRp5GLxBHJpyd3eM1DI9M2xhHJq4A841IW"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7cafe368ef0a9b4b-FRA
/
prebid.smilewanted.com/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cafe36919e630f4-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:47 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=4000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.70.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-70-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
accept-ch
user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
8c9a01989ab359ae49fd2cc6d88fa19573ca9d821c406d7f609798ec385184c9

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 May 2023 21:24:47 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1148
v1
prg-apac.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		120 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d57624e2142c095ed2f3a272993bba05c78f5dd74d506df528c531d063ee38a8

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 21 May 2023 21:24:48 GMT
x-err
Validating the Prebid Request adunits. no valid non-debug AdUnits
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Invalid placement: _err_quota_
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cafe3691e615caa-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
806 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=411704&zone_id=2315214&size_id=9&rp_schain=1.0,1!andbeyond.media,11200,1,,,&rf=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tk_flint=rtbpbjs_lite_v7.19.0&x_source.tid=59052405-d415-47c0-99f9-309f0c5ecbc7&l_pb_bid_id=14c6ca4b425be68&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6063476216175467
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0c3895563e0d6ac7eee8c3e63104a88e94362940db038dcd798e57216b8a65d8

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
240
expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		73 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=59052405-d415-47c0-99f9-309f0c5ecbc7&nocache=1684704288150&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=160x600&divids=andbeyond16011&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
42cee2e27defcb69a0a9fb3c5a924941832f377bd43b4911c1715ae8d08b0b80

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		139 B
956 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
47b301120322150cd15540a4f62e4ef4a8c35efb7ba9a8a963e92a0d0c267d01
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
AN-X-Request-Uuid
bba4dec6-a5f7-4827-95af-9e6078db7662
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
892 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ad8a9b3cef87914f33f7b56763743b9757e9a00f4ef51d07b40adb32e3272e7a

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=93084277949&lsavail=1&bundle=-7RiQ185NE1tdFZla2l3RTlxdVZvdWIzanlQbXNIUWwyQ0JrNnZ1YiUyQjl0YVdYNW02R3BQUTA1Q3RxNjl5bjRMbkV1YVU3JTJGNzNTclhYa1ZobG9pYUw4eEp1Sk9VdVNLZ0U3Z2hLYktBMlhTRGJKNHV3MzhOVTFiRGhmZ0NxV2s3SzRTWCUyQmliTUk2bVdYMmRXOTVDWThPQTdmakdmWHZ2RnhOYVk0U1J1bTY3Uk1IdkElM0Q
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bid
ap.lijit.com/rtb/ 		24 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
fb537badda1a1e8a1486124a463f351371f8bf1835ac092c289c7cc88ae23938

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ 		19 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
AN-X-Request-Uuid
ccc3535b-36c9-4605-a4bc-a6f3043defe7
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cafe36919e830f4-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:47 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=2000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.70.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-70-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
accept-ch
sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb1.adtelligent.com/v2/auction/ 		2 KB
977 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
c545b18b28243dcdab260a9ea339ee9bc14dc1a6ef7f80403e1aed341cb6bfaa

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 May 2023 21:24:47 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
662
v1
prg-apac.smartadserver.com/prebid/ 		171 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		120 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b83170de46f2a101235baa70a3d7247f1e7f1d5a4fecb78ab1bbc925dc21f01

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 21 May 2023 21:24:48 GMT
x-err
Validating the Prebid Request adunits. no valid non-debug AdUnits
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Invalid placement: _err_quota_
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cafe3691e635caa-FRA
expires
0
bid-request
a.teads.tv/hb/ 		16 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 21 May 2023 21:24:48 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=411704&zone_id=2315196&size_id=15&alt_size_ids=13%2C13%2C14&rp_schain=1.0,1!andbeyond.media,11200,1,,,&rf=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tk_flint=rtbpbjs_lite_v7.19.0&x_source.tid=aae00cf2-b222-4ccc-9c9c-3a6e0881c187&l_pb_bid_id=47ae65ee0d99826&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7670946484009735
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0d7ed7cd3c4c3f4a8a7ad540a14feaa919c09922ccf31dfd7b6d24f1ed54acd3

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		72 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=aae00cf2-b222-4ccc-9c9c-3a6e0881c187&nocache=1684704288169&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C200x200&divids=andbeyond30015&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f0a0cffde73e8eec390fd35e2224d17a1be1db827afa4839d1869e07ed78af2d

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
AN-X-Request-Uuid
ad39301c-7847-45f3-8eda-727afcfb5f58
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=76969835352&lsavail=1&bundle=-7RiQ185NE1tdFZla2l3RTlxdVZvdWIzanlQbXNIUWwyQ0JrNnZ1YiUyQjl0YVdYNW02R3BQUTA1Q3RxNjl5bjRMbkV1YVU3JTJGNzNTclhYa1ZobG9pYUw4eEp1Sk9VdVNLZ0U3Z2hLYktBMlhTRGJKNHV3MzhOVTFiRGhmZ0NxV2s3SzRTWCUyQmliTUk2bVdYMmRXOTVDWThPQTdmakdmWHZ2RnhOYVk0U1J1bTY3Uk1IdkElM0Q
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ef80eda708c15b582d12df476df5d766c2662ea16fd402809e1ed2e975851b3d

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
bid
ap.lijit.com/rtb/ 		94 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
8e6c018d0a23bfb940bb0dbe871dbb4d9064bbabb25b1ccc9543a74e6b4fddc2

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbjson
grid.bidswitch.net/ 		24 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.203.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-203-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4c5fb719afdaf24db59c2a13c89d1de70d58da336d8adcec0e3862ff8f5ca58b

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
content-length
49
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		19 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
AN-X-Request-Uuid
f5afb295-ede6-4a03-9610-dd44333b3f30
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4500757940506256&correlator=131782344782031&eid=31074723%2C31074767%2C31074770%2C21065724&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C537953_KT_Teads_Inread_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=12&adks=4285747688&didk=1040295764&sfv=1-0-40&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&ppid=0188403359540015a4db97394a3d03074006106c00b08&sc=1&cookie_enabled=1&abxe=1&dt=1684704288195&lmt=1684704288&dlt=1684704286874&idt=405&adxs=0&adys=4611&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=1600x4611&msz=1600x0&fws=4&ohw=1600&ga_vid=190675365.1684704288&ga_sid=1684704288&ga_hid=62371786&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY47bNgYQxSABSAghkEhkKCnB1YmNpZC5vcmcYgLfNgYQxSABSAghqEoICCghydGJob3VzZRLsAVZVU01jeUU0SEVEOGordmZiNGNtN1lSWFFiNWZBZTJlMG14enB4T3FTWVY1Qzl3WURDMmc3Y0xXN1l4WjZmSXBUM0hTZXQzaSs1ekdRZjQ2cWNRVlFLZlk2d2lIY1lDZDRYeVl2bWg3STZOb0hiNEdBbndrSThqL1pMSHRvR2VEeUJXS3NXbW9aMUtZK0lCM3hlQjRmM3RUbTl6THIwbVR6SjhPSzdQd0FrS2t3OTVkYUJGNE5hV0pEV3MyQ25xSzZHY3VaWFlSR09lZjFXSWN4VDlDQ0NXSnRqRlZTVUZXS3kxb2VQbTR5RG89GK64zYGEMUgAEh0KDmVzcC5jcml0ZW8uY29tGOO2zYGEMUgAUgIIZBIUCgVvcGVueBjNuM2BhDFIAFICCG8SGQoKdWlkYXBpLmNvbRjjts2BhDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKO3zYGEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18238305f99afdd3aa635ba5700763f46f8a220a5cdee2a341e6e751bdd95557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11344
x-xss-protection
0
google-lineitem-id
6020071586
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138392158722
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cafe3694a2530f4-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=2000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.70.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-70-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
accept-ch
sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb2.adtelligent.com/v2/auction/ 		2 KB
979 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
71d2abaaf1a53f29cd98be194600a95a2d23a98ee7c54710112d01777d494fcf

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 May 2023 21:24:47 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
664
v1
prg-apac.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:47 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		120 B
195 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f21eb23d62f9c0388b1705d1da5e34703037a1714b50e23e5a78f46c7db550

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 21 May 2023 21:24:48 GMT
x-err
Validating the Prebid Request adunits. no valid non-debug AdUnits
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Invalid placement: _err_quota_
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cafe3694e965caa-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=411704&zone_id=2315200&size_id=2&alt_size_ids=1&rp_schain=1.0,1!andbeyond.media,11200,1,,,&rf=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tk_flint=rtbpbjs_lite_v7.19.0&x_source.tid=5d35b69d-1efb-4147-94a9-17a0f2cbd490&l_pb_bid_id=800c537bffa3c3a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.19383034808896382
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
89b7e674780e99d0cc3f790f13d84570f0a87c64b4b9f4f9d414e2f667c77883

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
240
expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		73 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5d35b69d-1efb-4147-94a9-17a0f2cbd490&nocache=1684704288208&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=728x90%2C468x60%2C600x100%2C640x100&divids=andbeyond72810&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
29084f5a42362de97014ca7735be826d9b6b875cf1579555fd7230a4a158bd10

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
AN-X-Request-Uuid
71ded288-4b9c-4b3a-8b93-93c52dc2b5f8
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
892 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=84989330838&lsavail=1&bundle=-7RiQ185NE1tdFZla2l3RTlxdVZvdWIzanlQbXNIUWwyQ0JrNnZ1YiUyQjl0YVdYNW02R3BQUTA1Q3RxNjl5bjRMbkV1YVU3JTJGNzNTclhYa1ZobG9pYUw4eEp1Sk9VdVNLZ0U3Z2hLYktBMlhTRGJKNHV3MzhOVTFiRGhmZ0NxV2s3SzRTWCUyQmliTUk2bVdYMmRXOTVDWThPQTdmakdmWHZ2RnhOYVk0U1J1bTY3Uk1IdkElM0Q
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
630e69f10d18ce82e983d65970ba458cea03873c828288c11b51722279825a13

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1982
Expires
0
bid
ap.lijit.com/rtb/ 		95 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
cfa01769d544975c07f1898af69500e3fe96550cda2ca585691410fbda435e63

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbjson
grid.bidswitch.net/ 		24 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.203.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-203-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
25266ef2a4c7863e3b54e363bd504de20685023d568bbb11bbe9eda693c75d76

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
content-length
49
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		19 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
AN-X-Request-Uuid
049dd5d0-b111-4b0b-b481-de36fb3adc33
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
2211944
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 23 Nov 2022 15:43:17 GMT
Server
cloudflare
ETag
W/"c56b6332dacf72f135afcd153ae22448"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wkRWVohyx0q%2FaTq%2F2n3pIV6A%2FG0nhLNi2iI%2Bi2eOJ87WC9Ai0EofTpeFmup5efHCq41MnbOCkvW0P5CxXN6Qn16bFw8s6Z9EK8mMrssaArs1%2B5CtF5o8OhZmay7HJcZ9igbVl4kCc6VL0C2"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7cafe3698f1635e8-FRA
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cafe3695a3230f4-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:47 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=2000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.70.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-70-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4da98a6add41fa59e22e486e788a9b33e343f53909c1e75d7ccdc18357a063ae

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 May 2023 21:24:47 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1155
v1
prg-apac.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		120 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a8333d51ff3aeb5d41a60b039ffcad5f85ff61fff6115bbdaf658595b0c3eba

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 21 May 2023 21:24:48 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: andbeyond72833, Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cafe3696eae5caa-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
575 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=411704&zone_id=2315200&size_id=2&alt_size_ids=1&rp_schain=1.0,1!andbeyond.media,11200,1,,,&rf=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tk_flint=rtbpbjs_lite_v7.19.0&x_source.tid=3572546e-08a7-4240-8105-5523df57d9d2&l_pb_bid_id=112afba75bb27ac9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.26615553023106764
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
db95337620b6cdf5ab3ccdb781f4129a4eb8a541f58a5105d96a77de986c279e

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
240
expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		72 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=3572546e-08a7-4240-8105-5523df57d9d2&nocache=1684704288220&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=728x90%2C468x60%2C600x100%2C640x100&divids=andbeyond72833&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
ddac7c0056a1d640bc539434eff300aae8e8e667165c26f4dc6e404832993e71

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
AN-X-Request-Uuid
690ff503-f3f8-404f-91d7-798a3e4018cd
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
50e0bbfec5c43e7d2ad553603e5001c98ad6404041ce9bc9288566a606a725b0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbjson
grid.bidswitch.net/ 		25 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.203.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-203-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
38bdcd9c400544acb68abceb45a5f7b3af7d791f7f90262fed22fca5151bfa1e

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
50
content-type
application/json
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=99097131633&lsavail=1&bundle=-7RiQ185NE1tdFZla2l3RTlxdVZvdWIzanlQbXNIUWwyQ0JrNnZ1YiUyQjl0YVdYNW02R3BQUTA1Q3RxNjl5bjRMbkV1YVU3JTJGNzNTclhYa1ZobG9pYUw4eEp1Sk9VdVNLZ0U3Z2hLYktBMlhTRGJKNHV3MzhOVTFiRGhmZ0NxV2s3SzRTWCUyQmliTUk2bVdYMmRXOTVDWThPQTdmakdmWHZ2RnhOYVk0U1J1bTY3Uk1IdkElM0Q
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
bid
ap.lijit.com/rtb/ 		25 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
336297a422404f9343c75e4fa26dbfdc22a9628de7ac268724d37e48de2f64a6

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
ib.adnxs.com/ut/v3/ 		146 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
ff3ec62c559412e89c50177f99a719acb9822512af32b775e72081931c622d71
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
AN-X-Request-Uuid
9e5c2a94-e37d-4a3d-a156-a1e00e01ae39
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
146
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 970F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstR4A1wXXaOKmW7qQxrMx-nLXjtWWAwXSGdnQMmPUkYpTcEqq4VRnyeW-0_MAWskQ99XwC_u7lA5OjwH-NreqG2Os8eRNgDfJKhnUPTWjDTRQTwCCKitetqUaVHsvXzLp-bU3dpi-NHI2nyRjkmlKZurp9ZHcY7ANBu7n7T9d95ksnFnHqkS9iP3EO_xmB9xke48r5IjWAaai9F5CYebkc-P3V5DNAboibjZcLSg0pnoyvRrwR2DtajJvWDlZzgmxAVfVcIE-cZH0VLr9SHSBbzJ-89VKqjVuold3_WOvjSGiCyLY7H6Cbm_JKvhxYGOYgdg9qDLc3HCs3ijpJE&sai=AMfl-YRY5Twg9nOroX3U6kM06cOuTXFLOtMLXtM0hFY442OStKqYQGHXWPL0f1wX3orBeQDRDV8Y2yqP9kMPKi_ktnttCUSzpMSUe1Hx3ZFDgVgFD9MZD7jNymQKLh5d6xkYdGesBaMtk-G0YD4aTTIHXG_t1DilyKUAqMmjiIzUjQ77&sig=Cg0ArKJSzJ7dNjGUx543EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:48 GMT
spt
tg1.playstream.media/api/adserver/ Frame 970F 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.playstream.media/api/adserver/spt?AV_TAGID=631aee2ff1cefe19794600a6&AV_PUBLISHERID=631834db55e9564951409ee5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:25::1726:6211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
7a100bdec68db10959adc9160f48f444085fab4beb0405e052de2a7959e74566

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

X-Bamboo-C-SkSt
1
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
Date
Sun, 21 May 2023 21:24:48 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Vary
Accept-Encoding
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length
7611
Expires
Sun, 21 May 2023 21:29:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 970F 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2023 21:24:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame D34B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6V16NNOqQG8xOQZ7S9auVHGWul1p9LCHbGT31nwlNgeg89WeRwBjfHom8-29M2wekd5W18ejYAPGh8N2dRqI8eL3_Vf_6ViJSGv0MWM87nd8L3Gpg7n5QQf6MMGd0lmnP_CMuFyKrRhuFPPNTTjJs3eixH48vf5EWOEK0swvA_-NzU3VNPBoz-J8BcBfEd_L97WAVHsy_gfBphKKkCeqM-t80MJgI4OZI_yjjlGhl7Z8DC6LpooRCuUfrOEpSf6TSwX23VmsNxP12-kLEt7gMg_fxFf0wkzWE8JrCZxlLzP2E6_5uO2UGzTsDzvLskkHrPd615TMZ-7k5Pfj1c40o&sai=AMfl-YS6m-4nWgPAkUv8yv6yXRCmNlTC53yLkG74fGbwFJhcv6mblvqMQisgGYK39Yv1WbYUuWRuVQP5w2RcEGiMOBTPMrGkKGXzlg3Ch69SdN1ZX-5jijLjKZbN86WQ8b6iehzvGanD71etqgJiv6sdfduzd-OxSwTzwGKLYwXLEK4a&sig=Cg0ArKJSzNmcVKs6-76-EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:48 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame D34B 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
38901
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame D34B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:27:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
3453
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 20:27:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D34B 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2023 21:24:48 GMT
15559941659952093314
tpc.googlesyndication.com/simgad/ Frame D34B 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15559941659952093314
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60b755dec036b63178a5f98d57a943c735fd07044365b6991f3ad7c18f7ffd0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 17:27:42 GMT
x-content-type-options
nosniff
age
187026
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9850
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 04:04:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 18 May 2024 17:27:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1992 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuSqxkMLZSpAkNyqa8QJJAXzhbqB4oEBPjVNKq7mWMbKbZGa1ep_yov3esuLG-6GE6cZV_9wuApdzkLLuMkSK6hgEcTTF_3TotzB1MTmTZ_qaOto7D6QIGBCFDVLc0WIqNoEoVzyHd0Gjr3cIt83TWOHX32gr3b4u2l03ntx6euELy929zsnz7MtHeLg_mTCKXQy-c0kHGxyFz4ek65VyYh2iRQM8iimz2JOQB4kWz2v-exBwvtXYshVhFE6YAWf7z8K-aapGJLxAPZbn3n9xNf7h1jSEzrxS8_gDnEZEESHwxfzd3nMEd3e5XFrLam1QHPBxJeGuUT5qrdMoo3tTwxLg&sai=AMfl-YRBn8ufaxOhb1vDF2MaMgiqzFXMbJD-8YOd0dW4QeziU3JzP3lRAZwPfHvQdu0E6n9kUgeTMaLEwTrrt-__zlEo81HsMuezXUvEDAwmPccVNt_Z6wgsXiBHU5-Xyk567TnilHbJWnX_0bBiuv5zTafkS4HezDNrSD71-_j0Etnr&sig=Cg0ArKJSzN3AYdzDGdHyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:48 GMT
mini.php
coronaliveupdates.khaleejtimes.com/tracker/ Frame CC17 		29 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.36.20 Enfield, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
471786.cloudwaysapps.com
Software
nginx /
Resource Hash
938402cc9e0fd0c5d8f813c2c3a328952bb78b86b8556a4b7678ff6c053e6bbb

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
10916
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:17:50 GMT
expires
Sun, 21 May 2023 21:27:50 GMT
server
nginx
vary
Accept-Encoding,User-Agent
x-cache
MISS
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1992 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2023 21:24:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2E7B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3NNfbW_WUhQ1Dg6Hx6GTUSATsXlLXdRFTo9j7uJD1o1LqkfgHU0XfWUW5qJGcfGsj6ZchMGjVcgnScamVK3FQQHwfD_10tgp5yuNmIgTdz-497CTJxTy_o3HaDmDoB18sNgEyFU5EbsX9ckcq0fjCfgaZl2ZcTrEQfGN7ObnRmrsQMXwXPzHEYtO0a1D0TQitRyVWsB9Ek5AZ6BBEIqRIzG5U711V6vyQGIfvvPgYadPLgRdmHXM2pXcMYgAr7pqIvstDJ-_ZOHwX8W8O1Xr8BbrjHXz44lto9vLsio2Y2Yp59mSABQsjzzU-21ksN7Cj_fRVG7pj-DIjVC-TyQgQMeXHpleGjBgJ&sai=AMfl-YRVapMsoMAleEiZTdwA87RaFB_D5Sg1QTZoXkpvU6rqGi864DVj37Y1sNVVcAsh1HYMTv8HhuHYryWJJql2BphFFAFH7f5i5qJQcaVkhjTPfVGAXVV3qetAmT78069f3iur-iskUic05BZGpN_H&sig=Cg0ArKJSzCZrX8yV_ad2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:48 GMT
tag
a.teads.tv/page/149011/ Frame 2E7B 		1 KB
876 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/page/149011/tag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f57ccbf05a395a79cc4d9e89cc6dd51c25f9eefaddf7f3a30acfe0b00b49c2c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, must-revalidate, max-age=3600
access-control-allow-credentials
true
content-length
534
expires
Sun, 21 May 2023 22:24:48 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E7B 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2023 21:24:48 GMT
teads-format.min.js
a.teads.tv/media/format/v3/ 		596 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/page/149011/tag
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
48057ce15d71e4fca4e37f5fd751f992bef87b6fcf527c4731556cf65652864e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
br
last-modified
Tue, 16 May 2023 14:02:32 GMT
x-amz-request-id
S79TW0DE69W8ZXRF
etag
"e820de15bfa4bf6d31aea69f9479d632"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, must-revalidate, max-age=1800, no-transform
x-bucket
e
accept-ranges
bytes
content-length
132878
x-amz-id-2
ZNcP8N/KJNl+o2UOfTBbxoiPD+MPeN7h9cIAiNmeb2dtTeBBwR15JEeAoqgozWEmf2cFLgrOGWs=
expires
Sun, 21 May 2023 21:54:48 GMT
avcplayer.js
player.avplayer.com/script/8.3/v/ 		777 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by
Host: tg1.playstream.media
URL: https://tg1.playstream.media/api/adserver/spt?AV_TAGID=631aee2ff1cefe19794600a6&AV_PUBLISHERID=631834db55e9564951409ee5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
236768803f6d8708c2e38ce3528b8f816b680fc91eca167bb99fc79067499335

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 10:18:22 GMT
etag
"1684232302"
x-hw
1684704288.dop029.am5.t,1684704288.cds113.am5.hn,1684704288.cds018.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
203944
track
track1.aniview.com/ Frame 970F 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=631834db55e9564951409ee5&cid=631aed0efe3b5c12d06b24f5&cb=1684704288390&r=www.khaleejtimes.com&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&d35=&d65=idanTest4&d66=8&d74=&e=playerLoaded&str=viewable
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.16.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-16-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bg.jpg
coronaliveupdates.khaleejtimes.com/images/corona/ Frame CC17 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronaliveupdates.khaleejtimes.com/images/corona/bg.jpg?v=1
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.36.20 Enfield, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
471786.cloudwaysapps.com
Software
nginx /
Resource Hash
8bd592492aef00df3edb07d2c90d63d7ed56ab15bbd1cf40479764a9b249767a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:17:50 GMT
last-modified
Fri, 18 Sep 2020 05:04:03 GMT
server
nginx
etag
"5f643fc3-5dc"
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
1500
halfvirus.png
coronaliveupdates.khaleejtimes.com/images/corona/ Frame CC17 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://coronaliveupdates.khaleejtimes.com/images/corona/halfvirus.png?v=3
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
161.35.36.20 Enfield, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
471786.cloudwaysapps.com
Software
nginx /
Resource Hash
1ddff8b731c76509264e6b48900f281a39b0e3aeb3e4df3a69fda9cc4ca437aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:17:50 GMT
last-modified
Fri, 18 Sep 2020 05:04:04 GMT
server
nginx
etag
"5f643fc4-2f9a"
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
12186
async-api.ad3273bd-1.232.0.min.js
js-agent.newrelic.com/ Frame CC17 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
OjwEEoZjF9pbnlt.Cg9dV5pJF0e7Bjo3
content-encoding
gzip
via
1.1 varnish
date
Sun, 21 May 2023 21:24:48 GMT
strict-transport-security
max-age=300
x-amz-request-id
2HV6J6QHFFESHJRR
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1353
x-amz-id-2
BXEPYmEflhh8Vht8sn9Q1DUjjjCdyno/0vK0P4vna65JsDaTt7F35BfMmDx7zQLw8OCOg9e2TFA=
x-served-by
cache-fra-eddf8230123-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684704289.611692,VS0,VE0
etag
"d7011e3a3501d54c9be8929572a18598"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
6739
session-manager.2a8d47d1-1.232.0.min.js
js-agent.newrelic.com/ Frame CC17 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/session-manager.2a8d47d1-1.232.0.min.js
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
D9U.McFOdEj4dYMN5VJBUueQRx486Iwz
content-encoding
gzip
via
1.1 varnish
date
Sun, 21 May 2023 21:24:48 GMT
strict-transport-security
max-age=300
x-amz-request-id
33YC9JCZQM6STQJG
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
5781
x-amz-id-2
MFfb7MGqGrqmfqqSXBRxyB8p3seuC8FOIGAdlP3GdJhGKDscVqHW57p863nKhRGgnkRzZizmvC4=
x-served-by
cache-fra-eddf8230123-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684704289.611826,VS0,VE0
etag
"e42e9b9282d7865427c32ad60eea44b4"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5280
truncated
/ Frame D34B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0a099afdb6576b9fbb6114a71584b71b51e9eaf3a3a364dcadbb39bada884954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 970F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44faf0e7b6d8f01cee052dbe498101504b689c4994046facfecf95303d7874ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame D34B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNnnRwqdGX_SHNAxW5kezMo99V8rmySNC4FwCkB58wekxpC6fCTRRzaLhyfgpzQA-Bngfucdjs-ae-C6tcFNdjczTo5MJwutPav9ffnLjoSdEM66pJSOjnBIAehJoEGOXB6fI7BpNltsLgPI_3zOAgQplXdRjKe5MB5llhkdBDozUUFt90iWnUVmqp8iYRj3vO1zXnYDlw1I2dFXGxFu5AQ0R8WMYXYBXDc-dD5EFnWYVVfcMe5IxhngwdDoIc4J--y5nFU9w6HIbgauundohswnRXMZKUzqQ6d1NEV-DjKcWipXByvUusb3au_kQeU4OBEZSm4h6V9OK0tgfFOrslDFA&sai=AMfl-YQebJD-IkvnPDvKhIEV_FyBIDT2Y15frF78AoHsye2fDdGfE8UR4aUBIUiIq3-oKad5mP0QTkhRQG7fLem9GUYjYqMu279dcHcWMccEV6zi30GGloqtKfA6_zRWBMrXCWpFAT9uZhuuojKxcUB6NebsE_fQQTS_mLTEjXlHJFig&sig=Cg0ArKJSzCXKc9pUHk2PEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1992 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvYU1pIo6PKLdYH5JNOY8-OpxDl6oauk2ygV2SMWfWjpJ4bS88bZaozxlsJeJc8tt0iWOaYe8AgxWFI_BxCsXJHDmdJMQ2kDx7jxxVCWQdsqnGYz6mxIgvIvSL_5XGOGaFDosV2H-0QI8KIXlSFnt7VyH37c8sTZOdmtpbixOTQlTkD6uGkQzbM5aJw8fhdRSLhg8-5OkQL6fIetFYahuq-wjSWpRGBUl6LioqpynULxMZMak1pVC7DbYQ_GVUQy_5tHJG6l6KzEEyDZUxor5lBzGG6N12wpRuDRnkPnXApLlFhImJKTTSS_IonkcybGdt1WtTAHGpDy4ZhX3G-HQrotU0v&sai=AMfl-YRVlFJSPD4zpsKllZ4AT-jth3r3YC6ynVzq94GQZxRuTm2qSYRqv5rQuWdJEVSDSfc9WWbY-Eb5L_PzUEj9lS-9mBDiHA0CJIPvx6pva48tARvUX7a0FoClSkIwAkn3uw0-YaXFzNnrMTm-a27f3sUDii8Ta5swLnGra0IbBcdz&sig=Cg0ArKJSzNlyJNq4D2pREAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:48 GMT
truncated
/ Frame 1992 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aee3dc918f6914bd1be017931fe4c92c4e0c0f250732412c67ee56fd9e1cb166

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 2E7B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a8ac6c57b7e119e8096c440cf6d07db5e58c5dbf22c1ed0d365b63a934fa612

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 2E7B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0WGnVLXqTiI6pxngdUUeAYYz19Sa08V4klup5aOscDjOpAWUvDbCs6Hw037Zq2LPWFmjSoWkL32mqdVj3y-pdd_Pdco15Z1fIhs7TJ0m4V4-uQuHzA9KrKW86eZf91hxiG3ZWcab_cYqR9auVMVSJFaDEs9CfLMX_6Ln-1TVu6gomuiECg1nFFRCYdHpzyHqfr-y_Iu7AIZVY6djINHkH7aQ5SZ6UzUaAppwszBRXwgVHgtTx5apMXDSzFuvIV4p1_EbXV4umcJqXkGZiKI16RNeXUT5uh_nTIo0bQn1zmLP7ieFzwWZSiiRMuOHd2ljvYjqF2CYkuMBt20e9ljqiHHDklr42R7BPZhU&sai=AMfl-YQVMShmvLmJDhphdmZpuKtnbADZD9xt8c1JaYNb_sHPu8zyF8vL1MhtyqtYpnmX7GgKmNDxYF8mHQixudQMSpMpqnfd0NXvX1i16xGhCVuYplbItfAtHpEJafbgQp-Q7AkAn84Xgk18hqzFD5i6&sig=Cg0ArKJSzDWinBEI_9VPEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:48 GMT
hls.min.js
player.avplayer.com/script/8.3/v/libs/ 		410 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
9a88e807420c2f67221f88191656528e006780c45b3b3385b6ae03057dee04c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
last-modified
Tue, 16 May 2023 10:18:23 GMT
etag
"1684232303"
x-hw
1684704288.dop029.am5.t,1684704288.cds113.am5.hn,1684704288.cds309.am5.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
116574
AVmanager.js
player.aniview.com/script/6.1/ Frame D29E 		464 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=631834db55e9564951409ee5
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:480:794::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d4faa882ab3b54fa5846433de78887ec5890283ecc525ffdb2b86fe9659ea612

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvDIE8IIK8bZDSjLzvF-yTsfJ7uHj-H1jNFdONAtOzpSEZL8P9UzGfOCo7aFKgG6SW4AlQLGK44nwsUUENF_l2lwqdhp7rC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
126959
last-modified
Sun, 21 May 2023 05:59:29 GMT
server
UploadServer
etag
"17c81023808a9eaca75b582baaaefaec"
vary
Accept-Encoding
x-goog-generation
1684648769056242
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=UaGSzA==, md5=F8gQI4CKnqynW1grqq767A==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
126959
accept-ranges
bytes
expires
Sun, 21 May 2023 21:34:48 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=9.107535087413162
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-IGlDbw-mpLFEvHyKNVB2eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-IGlDbw-mpLFEvHyKNVB2eA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=8.611650980560528
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-SwpHKZgKOFsTFsdmVLGECg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-SwpHKZgKOFsTFsdmVLGECg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 970F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-gicxyfGRnn1BIsgny1iFDRGp_BUd_N8-qWK1pYrp_vA3XcdYsSm1JEgNk__ZuXTEShPazuRWoZyR2VBXA9dxE457HBHSNisg8aDNVBXOWUczI-Iy2sxinlb0em38GdxP1mTi5FV0VnHNCDmIOQxkvpi9T4WFGpnehcsEzNoFbEL7swNZufWx7U6Oa7P_l7XON08ki-B8ZUYFhfDu25kCxd79vP5gBmsHsq0sJRIqXKPKgT8whNVi795DsWB17CDa0WNMzua9bbK7BmW0S8C77hK_AIBxvT6Ul3Mst3reGgQvcPL6DOPpQK3avNWb7plFiOcarGS7Ztlfau80lQw&sai=AMfl-YTX-9pnwypTOhOQlMrVPn_lqC53CBcrtK7BmzodyjIAflL4PCXv3ToOYwmV82ON9PSqdHdi8MMCV9oAxmpj53pbcDn53nlnB96SOCBd9Ez_O41UNT9MjbYJe0bPOoPKgfrWDs-l71xayxhBDI8hWe8_8ydEyk8BazXq0GmTybSX&sig=Cg0ArKJSzBuW1CTdXnusEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:48 GMT
lazy-loader.c8cd494b-1.232.0.min.js
js-agent.newrelic.com/ Frame CC17 		921 B
616 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/lazy-loader.c8cd494b-1.232.0.min.js
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
JxOZDsaCO.84OJr88feb47MQNIiB.lPY
content-encoding
gzip
via
1.1 varnish
date
Sun, 21 May 2023 21:24:48 GMT
strict-transport-security
max-age=300
x-amz-request-id
HFKEC7V8RSG7GQ3Z
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
410
x-amz-id-2
sMPeOof8K4e91kQ20uXJDDwefRnsVFND0s9EnxyiOeAw9CM1xr2qBuk5sozOrYVezXVrvqQ6llg=
x-served-by
cache-fra-eddf8230123-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684704289.825829,VS0,VE0
etag
"43b458adcc5ab7566291590de5438262"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5178
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cafe36d7eca30f4-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=2000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.70.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-70-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb1.adtelligent.com/v2/auction/ 		2 KB
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
3fdb7e26e4ae6e08554a76bd91c694600b1732fbcd577229abd25eeb26c9406e

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
661
v1
prg-apac.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		120 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a49f8584d52903e5a375bf01bad3f17e645664d979bd85d459fb6f5bd04da01a

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 21 May 2023 21:24:48 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cafe36d8a8c5caa-FRA
expires
0
bid-request
a.teads.tv/hb/ 		16 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 21 May 2023 21:24:48 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=411704&zone_id=2315204&size_id=57&rp_schain=1.0,1!andbeyond.media,11200,1,,,&rf=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tk_flint=rtbpbjs_lite_v7.19.0&x_source.tid=efeaa4b7-db1b-442d-acec-caa44a4d212b&l_pb_bid_id=14878be29e4c053f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9694226848436598
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ce4de014bac6272a0141ca4fd6330ed1394b6841599767fe73d396c659754e46

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=efeaa4b7-db1b-442d-acec-caa44a4d212b&nocache=1684704288883&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=970x250&divids=andbeyond9702506&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3bbcb66dfb82f4e9fa92d126e3895f1fbcdd7377c745702bb8160eb5e674fa08

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
AN-X-Request-Uuid
1d8839e4-528e-40c3-be97-e7b51c8c4916
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
63a3f1e4ab1e9be9fe5b9de73da34ca3ec20143a256e208675e7184f1f34ded0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbjson
grid.bidswitch.net/ 		23 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.203.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-203-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
592b697407a55d555db9ca976647f48cbc1db21d2a6e91d1b7eac3dc97ef98a4

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
48
content-type
application/json
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=33448241310&lsavail=1&bundle=-7RiQ185NE1tdFZla2l3RTlxdVZvdWIzanlQbXNIUWwyQ0JrNnZ1YiUyQjl0YVdYNW02R3BQUTA1Q3RxNjl5bjRMbkV1YVU3JTJGNzNTclhYa1ZobG9pYUw4eEp1Sk9VdVNLZ0U3Z2hLYktBMlhTRGJKNHV3MzhOVTFiRGhmZ0NxV2s3SzRTWCUyQmliTUk2bVdYMmRXOTVDWThPQTdmakdmWHZ2RnhOYVk0U1J1bTY3Uk1IdkElM0Q
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
AN-X-Request-Uuid
9e10b3ed-f2da-4a55-82bb-37e17abcf4d8
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4500757940506256&correlator=3431826986227474&eid=31074723%2C31074767%2C31074770%2C21065724&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C537953-300-250-15&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=13&adks=3498125349&didk=1585714553&sfv=1-0-40&prev_scp=adunit%3D15%26prebidtrue%3D0%26refresh1%3D0&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&ppid=0188403359540015a4db97394a3d03074006106c00b08&sc=1&cookie=ID%3Dff43b30b6b4172dc%3AT%3D1684704288%3AS%3DALNI_MYpz3mEm-ctRPcFstSdz5R9DDrF1Q&gpic=UID%3D00000c19e495ae9f%3AT%3D1684704288%3ART%3D1684704288%3AS%3DALNI_MYSFLEA9UfQk8o1h4bauwISk_nLOg&abxe=1&dt=1684704288894&lmt=1684704288&dlt=1684704286874&idt=405&adxs=478&adys=1480&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=325x-1&msz=300x-1&fws=4&ohw=325&psts=ABHeCvgIZ3uH-L7IVnoG_r3ZIv_NjeoUCPY_kJEj4LzwSecgH96zNVhvYM_glYjnndCOuxh7YlM3m4ZlaiktTSNPligovkOw5LE&ga_vid=190675365.1684704288&ga_sid=1684704288&ga_hid=62371786&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY47bNgYQxSABSAghkEhkKCnB1YmNpZC5vcmcYgLfNgYQxSABSAghqEoICCghydGJob3VzZRLsAVZVU01jeUU0SEVEOGordmZiNGNtN1lSWFFiNWZBZTJlMG14enB4T3FTWVY1Qzl3WURDMmc3Y0xXN1l4WjZmSXBUM0hTZXQzaSs1ekdRZjQ2cWNRVlFLZlk2d2lIY1lDZDRYeVl2bWg3STZOb0hiNEdBbndrSThqL1pMSHRvR2VEeUJXS3NXbW9aMUtZK0lCM3hlQjRmM3RUbTl6THIwbVR6SjhPSzdQd0FrS2t3OTVkYUJGNE5hV0pEV3MyQ25xSzZHY3VaWFlSR09lZjFXSWN4VDlDQ0NXSnRqRlZTVUZXS3kxb2VQbTR5RG89GK64zYGEMUgAEh0KDmVzcC5jcml0ZW8uY29tGOO2zYGEMUgAUgIIZBIUCgVvcGVueBjNuM2BhDFIAFICCG8SGQoKdWlkYXBpLmNvbRjjts2BhDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKO3zYGEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5063549b71f73f872548f84830c018d25376fecdca4bcd842a4b16e2294fa51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22355
x-xss-protection
0
google-lineitem-id
6095641153
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138402703060
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cafe36daee430f4-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:47 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=2000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.70.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-70-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb2.adtelligent.com/v2/auction/ 		2 KB
974 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
ec89ad1bca7d220be2de7fab9f9c45727bc317db17ea831a31f056b68c222cbd

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
659
v1
prg-apac.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		120 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2320609fa96b411b62c766bbe32c1d7badb2c63035790fd5881d6990fd017a7

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 21 May 2023 21:24:48 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: andbeyond30016, Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cafe36daaa95caa-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=411704&zone_id=2315196&size_id=15&alt_size_ids=13%2C13%2C14&rp_schain=1.0,1!andbeyond.media,11200,1,,,&rf=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tk_flint=rtbpbjs_lite_v7.19.0&x_source.tid=b7fa7a4d-c5dc-4964-b840-639c426babe0&l_pb_bid_id=178dfc778af84c22&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6045895628306612
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9c5374e90ba00460d960ab5fc3dec9d1127a771bf1c39d6f977ba69bc75ca715

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b7fa7a4d-c5dc-4964-b840-639c426babe0&nocache=1684704288901&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C200x200&divids=andbeyond30016&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
545c4415392682b1efe8c657768a3c8448fa9a86ffce07cca8354a820ff233c0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
AN-X-Request-Uuid
611a5371-f0e0-463e-86ac-9dc040762baf
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=19408269251&lsavail=1&bundle=-7RiQ185NE1tdFZla2l3RTlxdVZvdWIzanlQbXNIUWwyQ0JrNnZ1YiUyQjl0YVdYNW02R3BQUTA1Q3RxNjl5bjRMbkV1YVU3JTJGNzNTclhYa1ZobG9pYUw4eEp1Sk9VdVNLZ0U3Z2hLYktBMlhTRGJKNHV3MzhOVTFiRGhmZ0NxV2s3SzRTWCUyQmliTUk2bVdYMmRXOTVDWThPQTdmakdmWHZ2RnhOYVk0U1J1bTY3Uk1IdkElM0Q
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
7ea12d1bb8dcc5fa967d9e66da4f6ecf46989d8c2b2e6a3d8bb6fafce2bddddf

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
bid
ap.lijit.com/rtb/ 		95 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
9c6cbd78925cea1166fabf67fa2caa278ee8e4b1ac78fad7d0f5641cc0bf1ab8

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbjson
grid.bidswitch.net/ 		25 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.203.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-203-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3cf4950f7ab40fad2232c6a84ae20cba639b79aa6a47ef82465e08466e7eca1f

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:48 GMT
AN-X-Request-Uuid
c22f310c-7378-4f69-8042-899f700ea7e0
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4500757940506256&correlator=4231004687635875&eid=31074723%2C31074767%2C31074770%2C21065724&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C537953-728-90-33&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=14&adks=1089077029&didk=1483249010&sfv=1-0-40&prev_scp=adunit%3D33%26prebidtrue%3D0%26refresh1%3D0%26hb_format_adtelligen%3Dbanner%26hb_size_adtelligent%3D468x60%26hb_adid_adtelligent%3D19808739a3c1a99a%26hb_bidder_adtelligen%3Dadtelligent%26hb_size%3D468x60%26hb_format%3Dbanner%26rtb_pb%3D0.00%26hb_adid%3D19808739a3c1a99a%26hb_bidder%3Dadtelligent&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&ppid=0188403359540015a4db97394a3d03074006106c00b08&sc=1&cookie=ID%3Dff43b30b6b4172dc%3AT%3D1684704288%3AS%3DALNI_MYpz3mEm-ctRPcFstSdz5R9DDrF1Q&gpic=UID%3D00000c19e495ae9f%3AT%3D1684704288%3ART%3D1684704288%3AS%3DALNI_MYSFLEA9UfQk8o1h4bauwISk_nLOg&abxe=1&dt=1684704288910&lmt=1684704288&dlt=1684704286874&idt=405&adxs=313&adys=3394&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&psts=ABHeCvgIZ3uH-L7IVnoG_r3ZIv_NjeoUCPY_kJEj4LzwSecgH96zNVhvYM_glYjnndCOuxh7YlM3m4ZlaiktTSNPligovkOw5LE&ga_vid=190675365.1684704288&ga_sid=1684704288&ga_hid=62371786&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY47bNgYQxSABSAghkEhkKCnB1YmNpZC5vcmcYgLfNgYQxSABSAghqEoICCghydGJob3VzZRLsAVZVU01jeUU0SEVEOGordmZiNGNtN1lSWFFiNWZBZTJlMG14enB4T3FTWVY1Qzl3WURDMmc3Y0xXN1l4WjZmSXBUM0hTZXQzaSs1ekdRZjQ2cWNRVlFLZlk2d2lIY1lDZDRYeVl2bWg3STZOb0hiNEdBbndrSThqL1pMSHRvR2VEeUJXS3NXbW9aMUtZK0lCM3hlQjRmM3RUbTl6THIwbVR6SjhPSzdQd0FrS2t3OTVkYUJGNE5hV0pEV3MyQ25xSzZHY3VaWFlSR09lZjFXSWN4VDlDQ0NXSnRqRlZTVUZXS3kxb2VQbTR5RG89GK64zYGEMUgAEh0KDmVzcC5jcml0ZW8uY29tGOO2zYGEMUgAUgIIZBIUCgVvcGVueBjNuM2BhDFIAFICCG8SGQoKdWlkYXBpLmNvbRjjts2BhDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKO3zYGEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c52ce3f1cba1378ca4ed711d3da9b4f0330bd928b482ce0de0b81d93d273850
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22268
x-xss-protection
0
google-lineitem-id
6095641153
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138402261957
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4500757940506256&correlator=1758407264338055&eid=31074723%2C31074767%2C31074770%2C21065724&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C537953-160-600-11&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=15&adks=1068659335&didk=1494374574&sfv=1-0-40&prev_scp=adunit%3D11%26prebidtrue%3D0%26refresh1%3D0%26hb_format_adtelligen%3Dbanner%26hb_size_adtelligent%3D160x600%26hb_adid_adtelligent%3D1971d202ae248d4%26hb_bidder_adtelligen%3Dadtelligent%26hb_size%3D160x600%26hb_format%3Dbanner%26rtb_pb%3D0.04%26hb_adid%3D1971d202ae248d4%26hb_bidder%3Dadtelligent&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&ppid=0188403359540015a4db97394a3d03074006106c00b08&sc=1&cookie=ID%3Dff43b30b6b4172dc%3AT%3D1684704288%3AS%3DALNI_MYpz3mEm-ctRPcFstSdz5R9DDrF1Q&gpic=UID%3D00000c19e495ae9f%3AT%3D1684704288%3ART%3D1684704288%3AS%3DALNI_MYSFLEA9UfQk8o1h4bauwISk_nLOg&abxe=1&dt=1684704288918&lmt=1684704288&dlt=1684704286874&idt=405&adxs=111&adys=972&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=4&ohw=160&psts=ABHeCvgIZ3uH-L7IVnoG_r3ZIv_NjeoUCPY_kJEj4LzwSecgH96zNVhvYM_glYjnndCOuxh7YlM3m4ZlaiktTSNPligovkOw5LE&ga_vid=190675365.1684704288&ga_sid=1684704288&ga_hid=62371786&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY47bNgYQxSABSAghkEhkKCnB1YmNpZC5vcmcYgLfNgYQxSABSAghqEoICCghydGJob3VzZRLsAVZVU01jeUU0SEVEOGordmZiNGNtN1lSWFFiNWZBZTJlMG14enB4T3FTWVY1Qzl3WURDMmc3Y0xXN1l4WjZmSXBUM0hTZXQzaSs1ekdRZjQ2cWNRVlFLZlk2d2lIY1lDZDRYeVl2bWg3STZOb0hiNEdBbndrSThqL1pMSHRvR2VEeUJXS3NXbW9aMUtZK0lCM3hlQjRmM3RUbTl6THIwbVR6SjhPSzdQd0FrS2t3OTVkYUJGNE5hV0pEV3MyQ25xSzZHY3VaWFlSR09lZjFXSWN4VDlDQ0NXSnRqRlZTVUZXS3kxb2VQbTR5RG89GK64zYGEMUgAEh0KDmVzcC5jcml0ZW8uY29tGOO2zYGEMUgAUgIIZBIUCgVvcGVueBjNuM2BhDFIAFICCG8SGQoKdWlkYXBpLmNvbRjjts2BhDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKO3zYGEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b0f3b579513d9db8f002b025e8052f0bd429edef0e8d327abeaafb804b01eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11562
x-xss-protection
0
google-lineitem-id
5974150993
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138255098608
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4500757940506256&correlator=1368309825371665&eid=31074723%2C31074767%2C31074770%2C21065724&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C537953-728-90-10&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=16&adks=3239753485&didk=1483248444&sfv=1-0-40&prev_scp=adunit%3D10%26prebidtrue%3D0%26refresh1%3D0&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&ppid=0188403359540015a4db97394a3d03074006106c00b08&sc=1&cookie=ID%3Dff43b30b6b4172dc%3AT%3D1684704288%3AS%3DALNI_MYpz3mEm-ctRPcFstSdz5R9DDrF1Q&gpic=UID%3D00000c19e495ae9f%3AT%3D1684704288%3ART%3D1684704288%3AS%3DALNI_MYSFLEA9UfQk8o1h4bauwISk_nLOg&abxe=1&dt=1684704288923&lmt=1684704288&dlt=1684704286874&idt=405&adxs=313&adys=4121&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=740x-1&msz=728x-1&fws=4&ohw=740&psts=ABHeCvgIZ3uH-L7IVnoG_r3ZIv_NjeoUCPY_kJEj4LzwSecgH96zNVhvYM_glYjnndCOuxh7YlM3m4ZlaiktTSNPligovkOw5LE&ga_vid=190675365.1684704288&ga_sid=1684704288&ga_hid=62371786&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY47bNgYQxSABSAghkEhkKCnB1YmNpZC5vcmcYgLfNgYQxSABSAghqEoICCghydGJob3VzZRLsAVZVU01jeUU0SEVEOGordmZiNGNtN1lSWFFiNWZBZTJlMG14enB4T3FTWVY1Qzl3WURDMmc3Y0xXN1l4WjZmSXBUM0hTZXQzaSs1ekdRZjQ2cWNRVlFLZlk2d2lIY1lDZDRYeVl2bWg3STZOb0hiNEdBbndrSThqL1pMSHRvR2VEeUJXS3NXbW9aMUtZK0lCM3hlQjRmM3RUbTl6THIwbVR6SjhPSzdQd0FrS2t3OTVkYUJGNE5hV0pEV3MyQ25xSzZHY3VaWFlSR09lZjFXSWN4VDlDQ0NXSnRqRlZTVUZXS3kxb2VQbTR5RG89GK64zYGEMUgAEh0KDmVzcC5jcml0ZW8uY29tGOO2zYGEMUgAUgIIZBIUCgVvcGVueBjNuM2BhDFIAFICCG8SGQoKdWlkYXBpLmNvbRjjts2BhDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKO3zYGEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2617dc197a762d85e81cd8ddb7565f82ab8bb0258edc7299497a5c9474ee977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22758
x-xss-protection
0
google-lineitem-id
6095641153
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138402261900
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		49 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=631aee2ff1cefe19794600a6&AV_PUBLISHERID=631834db55e9564951409ee5&AV_VIDEOURL=https%3A%2F%2Fstream.playstream.media%2Fstorage%2Fvideos%2F2dc152e2-61f0-498a-9671-672b6cd21f19%2Findex.m3u8&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&AV_CHANNELID=631aed0efe3b5c12d06b24f5&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=www.khaleejtimes.com&AV_DADPOS=1&AV_PLACEMENT=1&AV_TAG=631aee2ff1cefe19794600a6&AV_TEMPLATE=631b0172f36a5539bb36a6c9&AV_GPID=/631834db55e9564951409ee5/631aee2ff1cefe19794600a6/www.khaleejtimes.com&d36=6.2.101&responsive=1&sver=4&avtoken=288951&omv=1.0.1&AV_D65=idanTest4&AV_D66=8.3.7&clsid=fe9c04b2-9865-48cc-b89f-9c1fe6eec471&rando=72&AV_WIDTH=640&AV_HEIGHT=360&AV_CCPA=1---&AV_DNT=0&cb=1684704288953&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=631834db55e9564951409ee5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.26.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-196-26-133.compute-1.amazonaws.com
Software
/
Resource Hash
085d5d4ebefe1127eb2556b5d8feda6e703357b5a930a31f2df882be9ea15f14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.khaleejtimes.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 10 May 2023 07:38:09 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.khaleejtimes.com&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&d36=6.2.101&apppkg=&fv=1&proto=https&d65=idanTest4&d66=8.3.7&clsid=fe9c04b2-9865-48cc-b89f-9c1fe6eec471&rando=72&pid=631834db55e9564951409ee5&cid=631aed0efe3b5c12d06b24f5&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&e=inventory&vi=85&cb=1684704288952
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.16.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-16-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
875.2c240adb-1.232.0.min.js
js-agent.newrelic.com/ Frame CC17 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/875.2c240adb-1.232.0.min.js
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
hJYscwmqXwVNvHS80_0vRqxt_Uk.MPpY
content-encoding
gzip
via
1.1 varnish
date
Sun, 21 May 2023 21:24:48 GMT
strict-transport-security
max-age=300
x-amz-request-id
33Y6DMYX2M755T46
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
3692
x-amz-id-2
12ESXK8BgHWgzbN3nQPaydy+L59jXSGMNsIQOuRJSUSgpXbpopBHG7CYiWTsgYBLZaJ3F98QqLg=
x-served-by
cache-fra-eddf8230123-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684704289.963243,VS0,VE0
etag
"12b760183a18786621f95a5599ea91d1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5118
page_view_event-aggregate.5a238c1f-1.232.0.min.js
js-agent.newrelic.com/ Frame CC17 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_event-aggregate.5a238c1f-1.232.0.min.js
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
m6hQu7Qmu3oSTIZPOga15if6q1_usD02
content-encoding
gzip
via
1.1 varnish
date
Sun, 21 May 2023 21:24:48 GMT
strict-transport-security
max-age=300
x-amz-request-id
33Y1F68V5R4G1R1S
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4123
x-amz-id-2
LE8Mmxf56EgzLRhRoenpxF0OXZIwo/pswFnDB4N8n+EeKaME6HXt1Xk7L6rvqhOxcNjSk/xOwSY=
x-served-by
cache-fra-eddf8230123-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684704289.963437,VS0,VE0
etag
"397497131773c37606e11fcb4222917f"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5105
page_view_timing-aggregate.ddd91465-1.232.0.min.js
js-agent.newrelic.com/ Frame CC17 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/page_view_timing-aggregate.ddd91465-1.232.0.min.js
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
ZN8S09QpTi3DRaBHssxUl.rChDa0uNQQ
content-encoding
gzip
via
1.1 varnish
date
Sun, 21 May 2023 21:24:48 GMT
strict-transport-security
max-age=300
x-amz-request-id
33Y867HS6MYT7985
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
4571
x-amz-id-2
CILtP2UgtVGD48J+UTjWq+irCqTwzRZs1VccfZLy4xzSBKIMwL+jwnc8ZZpkzmwxwhHr4pdQKRs=
x-served-by
cache-fra-eddf8230123-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684704289.963630,VS0,VE0
etag
"38f4d68378bfe3989db669dc9385b7c0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5112
metrics-aggregate.c2ad263a-1.232.0.min.js
js-agent.newrelic.com/ Frame CC17 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/metrics-aggregate.c2ad263a-1.232.0.min.js
Requested by
Host: coronaliveupdates.khaleejtimes.com
URL: https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
Kwxbmu4apiKNi1wg_2QBa578nUzXK.xS
content-encoding
gzip
via
1.1 varnish
date
Sun, 21 May 2023 21:24:48 GMT
strict-transport-security
max-age=300
x-amz-request-id
33YF3D3MNZZ7XXTH
x-amz-server-side-encryption
AES256
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1663
x-amz-id-2
0t28v8WC4ksNHlPsbHnq2BFvbag9JdhBEGj1l2cZmwZMryjnQUGTG7J4qr+P0dP0z2Q8RhqNGa0=
x-served-by
cache-fra-eddf8230123-FRA
last-modified
Mon, 08 May 2023 21:20:25 GMT
server
AmazonS3
x-timer
S1684704289.963631,VS0,VE0
etag
"581d99ebc34c05e0a160a0c4a848cae7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
5113
AGSKWxWCe_Hdjgd49BrsmQHy6hnW8gtk7hZlQnBIDC74dzTUNDpdd4buj3GNcitLL2Ql1u-7LS4TkTSjsZC6fjw9_xYRB2X3bffWgXjS8B6Dy0tL5L8dZ_Z8AwMLAmqW6ZXH8xjfqZbVXw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCe_Hdjgd49BrsmQHy6hnW8gtk7hZlQnBIDC74dzTUNDpdd4buj3GNcitLL2Ql1u-7LS4TkTSjsZC6fjw9_xYRB2X3bffWgXjS8B6Dy0tL5L8dZ_Z8AwMLAmqW6ZXH8xjfqZbVXw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jySHY8fsPw4.es5.O/d=1/rs=AJlcJMwtoSPxx6HDqAquT_ru_CMqGzXMxw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rUIwcxpN4PcXI1iILJSbbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rUIwcxpN4PcXI1iILJSbbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
index.m3u8
stream.playstream.media/storage/videos/2dc152e2-61f0-498a-9671-672b6cd21f19/ 		114 B
720 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.playstream.media/storage/videos/2dc152e2-61f0-498a-9671-672b6cd21f19/index.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
393077388c411f863ac4b3edef836f4c46c03c7a54c7e6b04dbf51be1515d788

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:24:49 GMT
cdn-edgestorageid
1053
cdn-cachedat
05/03/2023 07:47:07
cdn-pullzone
1024237
content-length
114
last-modified
Wed, 03 May 2023 07:33:47 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"64520e5b-72"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
da797a8bbb9a6777d575bd50a2143e18
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
NRJS-004eae0ecd9d1313a6a
bam.nr-data.net/1/ Frame CC17 		49 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/NRJS-004eae0ecd9d1313a6a?a=1771017370&v=1.232.0&to=YgdWZxRWW0NVW0JfDFtNYUEPGEFCVVtdUxEaD11dDxlFWEQ%3D&rst=691&ck=0&s=0&ref=https://coronaliveupdates.khaleejtimes.com/tracker/mini.php&be=87&fe=89&dc=24&perf=%7B%22timing%22:%7B%22of%22:1684704288300,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:18,%22c%22:18,%22s%22:35,%22ce%22:54,%22rq%22:54,%22rp%22:87,%22rpe%22:87,%22di%22:111,%22ds%22:111,%22de%22:111,%22dc%22:174,%22l%22:174,%22le%22:175%7D,%22navigation%22:%7B%7D%7D&fp=112&fcp=112&at=TkBVEVxMSE0%3D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://coronaliveupdates.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
49
x-served-by
cache-fra-eddf8230138-FRA
index_0_250.m3u8
stream.playstream.media/storage/videos/2dc152e2-61f0-498a-9671-672b6cd21f19/ 		1 KB
939 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.playstream.media/storage/videos/2dc152e2-61f0-498a-9671-672b6cd21f19/index_0_250.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
5e28191f04b40f71e4b6dfd01eb3c060412ec05ce34f00cfa9a19ea08396d148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-cachedat
05/03/2023 07:47:07
cdn-pullzone
1024237
last-modified
Wed, 03 May 2023 07:33:47 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"64520e5b-426"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
97edf5f2579e5a420420b27bd19413e0
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
index_0_250_00000.ts
stream.playstream.media/storage/videos/2dc152e2-61f0-498a-9671-672b6cd21f19/ 		532 KB
533 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.playstream.media/storage/videos/2dc152e2-61f0-498a-9671-672b6cd21f19/index_0_250_00000.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
a6795b787bb257267d31c355a51d4bf54b5fbcde4d021523f8362f8b0f314750

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:24:49 GMT
cdn-edgestorageid
1047
cdn-cachedat
05/03/2023 07:47:14
cdn-pullzone
1024237
content-length
544824
last-modified
Wed, 03 May 2023 07:33:14 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"64520e3a-85038"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
1c30c44248f7cd6e3c00a3505cdffa5f
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
06f68ada-3fd7-4488-a1c7-c67bb8365d9e
https://www.khaleejtimes.com/ 		94 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.khaleejtimes.com/06f68ada-3fd7-4488-a1c7-c67bb8365d9e
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd2df0fff950bce978c27cee54ed6e14e5e90d9e7f1829ab56da3fb21025ec48

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
96496
Content-Type
text/javascript
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4500757940506256&correlator=1136997258677466&eid=31074723%2C31074767%2C31074770%2C21065724&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C698907-970-250-6&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=17&adks=4184082431&didk=3593958507&sfv=1-0-40&prev_scp=adunit%3DResponsive-Article-Leaderboard%26prebidtrue%3D0%26refresh1%3D0&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&ppid=0188403359540015a4db97394a3d03074006106c00b08&sc=1&cookie=ID%3Dff43b30b6b4172dc%3AT%3D1684704288%3AS%3DALNI_MYpz3mEm-ctRPcFstSdz5R9DDrF1Q&gpic=UID%3D00000c19e495ae9f%3AT%3D1684704288%3ART%3D1684704288%3AS%3DALNI_MYSFLEA9UfQk8o1h4bauwISk_nLOg&abxe=1&dt=1684704289127&lmt=1684704289&dlt=1684704286874&idt=405&adxs=315&adys=259&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=4&ohw=1600&psts=ABHeCvgIZ3uH-L7IVnoG_r3ZIv_NjeoUCPY_kJEj4LzwSecgH96zNVhvYM_glYjnndCOuxh7YlM3m4ZlaiktTSNPligovkOw5LE&ga_vid=190675365.1684704288&ga_sid=1684704288&ga_hid=62371786&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY47bNgYQxSABSAghkEhkKCnB1YmNpZC5vcmcYgLfNgYQxSABSAghqEoICCghydGJob3VzZRLsAVZVU01jeUU0SEVEOGordmZiNGNtN1lSWFFiNWZBZTJlMG14enB4T3FTWVY1Qzl3WURDMmc3Y0xXN1l4WjZmSXBUM0hTZXQzaSs1ekdRZjQ2cWNRVlFLZlk2d2lIY1lDZDRYeVl2bWg3STZOb0hiNEdBbndrSThqL1pMSHRvR2VEeUJXS3NXbW9aMUtZK0lCM3hlQjRmM3RUbTl6THIwbVR6SjhPSzdQd0FrS2t3OTVkYUJGNE5hV0pEV3MyQ25xSzZHY3VaWFlSR09lZjFXSWN4VDlDQ0NXSnRqRlZTVUZXS3kxb2VQbTR5RG89GK64zYGEMUgAEh0KDmVzcC5jcml0ZW8uY29tGOO2zYGEMUgAUgIIZBIUCgVvcGVueBjNuM2BhDFIAFICCG8SGQoKdWlkYXBpLmNvbRjjts2BhDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKO3zYGEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24966832331ab59451484a7d052077a5714e977f1453866b4d2ec0fee35d043e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13993
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4500757940506256&correlator=610530134587182&eid=31074723%2C31074767%2C31074770%2C21065724&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C698907-300-250-16&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=18&adks=1887997246&didk=1585714558&sfv=1-0-40&prev_scp=adunit%3DResponsive-Article-MPU-1%26prebidtrue%3D0%26refresh1%3D0&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0&ppid=0188403359540015a4db97394a3d03074006106c00b08&sc=1&cookie=ID%3Dff43b30b6b4172dc%3AT%3D1684704288%3AS%3DALNI_MYpz3mEm-ctRPcFstSdz5R9DDrF1Q&gpic=UID%3D00000c19e495ae9f%3AT%3D1684704288%3ART%3D1684704288%3AS%3DALNI_MYSFLEA9UfQk8o1h4bauwISk_nLOg&abxe=1&dt=1684704289149&lmt=1684704289&dlt=1684704286874&idt=405&adxs=1167&adys=586&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=314&psts=ABHeCvgIZ3uH-L7IVnoG_r3ZIv_NjeoUCPY_kJEj4LzwSecgH96zNVhvYM_glYjnndCOuxh7YlM3m4ZlaiktTSNPligovkOw5LE&ga_vid=190675365.1684704288&ga_sid=1684704288&ga_hid=62371786&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY47bNgYQxSABSAghkEhkKCnB1YmNpZC5vcmcYgLfNgYQxSABSAghqEoICCghydGJob3VzZRLsAVZVU01jeUU0SEVEOGordmZiNGNtN1lSWFFiNWZBZTJlMG14enB4T3FTWVY1Qzl3WURDMmc3Y0xXN1l4WjZmSXBUM0hTZXQzaSs1ekdRZjQ2cWNRVlFLZlk2d2lIY1lDZDRYeVl2bWg3STZOb0hiNEdBbndrSThqL1pMSHRvR2VEeUJXS3NXbW9aMUtZK0lCM3hlQjRmM3RUbTl6THIwbVR6SjhPSzdQd0FrS2t3OTVkYUJGNE5hV0pEV3MyQ25xSzZHY3VaWFlSR09lZjFXSWN4VDlDQ0NXSnRqRlZTVUZXS3kxb2VQbTR5RG89GK64zYGEMUgAEh0KDmVzcC5jcml0ZW8uY29tGOO2zYGEMUgAUgIIZBIUCgVvcGVueBjNuM2BhDFIAFICCG8SGQoKdWlkYXBpLmNvbRjjts2BhDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKO3zYGEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0385b1c02d10237ca62f17611df60ff00e9a25544a4740b2fe476542a4e414a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22377
x-xss-protection
0
google-lineitem-id
6096372437
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138402262257
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
prebid.smilewanted.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cafe36fc8e230f4-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=3000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.70.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-70-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
accept-ch
user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect
x-auction-status
29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		2 KB
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e83997559675f6551113312d77202b517d94f21f94498432d32b6c420f9e7bdb

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
649
v1
prg-apac.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:48 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		120 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b327186720d13b25a4cc421af86f32847f5b41a9935f64a89fef4656026141b

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 21 May 2023 21:24:49 GMT
x-err
Validating the Prebid Request adunits. no valid non-debug AdUnits
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Invalid placement: _err_quota_
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cafe36fccb35caa-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=411704&zone_id=2315196&size_id=15&alt_size_ids=13%2C13%2C14&rp_schain=1.0,1!andbeyond.media,11200,1,,,&rf=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tk_flint=rtbpbjs_lite_v7.19.0&x_source.tid=f3521e82-d4e7-4437-b0bf-2c220fa9e3a1&l_pb_bid_id=213695df7bda6dc8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23839374513440625
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
84fc470f579998df8b2fa9738e0e107917b427f159bd56ee6f33e9b4455a3fb0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
AN-X-Request-Uuid
1f4a0b0a-2997-42aa-ae88-573eb83dad8f
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f3521e82-d4e7-4437-b0bf-2c220fa9e3a1&nocache=1684704289248&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C200x200&divids=andbeyond3009&aucs=&auid=556673179&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b6c65444bd5b5ca70d3fc832022b2a1645bf52a8beefd3ef95bada3862b01825

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:48 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
AN-X-Request-Uuid
519e0533-42dc-4ff7-bd56-609e8e67d9cb
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
AN-X-Request-Uuid
d3e57956-d8d8-49db-8ca7-5d8b5e787dc5
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
prebid.media.net/rtb/ 		338 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
9720cecf20062f51f9fc3932187b2ce6e3e5273d9cb5e76262add46b294d3071

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sun, 21 May 2023 21:24:49 GMT
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.19.0&cb=18965949733&lsavail=1&bundle=-7RiQ185NE1tdFZla2l3RTlxdVZvdWIzanlQbXNIUWwyQ0JrNnZ1YiUyQjl0YVdYNW02R3BQUTA1Q3RxNjl5bjRMbkV1YVU3JTJGNzNTclhYa1ZobG9pYUw4eEp1Sk9VdVNLZ0U3Z2hLYktBMlhTRGJKNHV3MzhOVTFiRGhmZ0NxV2s3SzRTWCUyQmliTUk2bVdYMmRXOTVDWThPQTdmakdmWHZ2RnhOYVk0U1J1bTY3Uk1IdkElM0Q
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b345dc6a6472b02c4d8c4590ddd8cbf3100bf251b314b1380329b79d01ef61

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1983
Expires
0
bid
ap.lijit.com/rtb/ 		95 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
372b7de5f1b5de379c6a80e0f2b9209b672550c6ffa9abf11d39b98e06ef5551

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
182 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:49 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
hbjson
grid.bidswitch.net/ 		25 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.203.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-203-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2dedbeae823e515580ff0f09eb46a4142d77d96ed9f13b22303c4a1cd630b1fd

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
access-control-allow-credentials
true
content-length
50
content-type
application/json
prebid-request
onetag-sys.com/ 		15 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
AN-X-Request-Uuid
8c81b95d-c969-45e7-9414-ac7d007c0b54
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 22B3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZOqWCSnUAhkEZiM1er3EQsN2QbI5-QqIn4WpuDOeeyiwjL0H0vhSnQZ0eh8NLPdG2acMKuUPqkTJGmGVjZzFTVqStXp6K8A_QmS1AYESEicCBuFGnzsMmwNqR_k_ouZWlKcz5DPznULwrtuTtLB2JXsFXuwTcyCtwXn3ZFxJPwY8DBrnHExKUhVbjA--cOkaGvH-0hKT8tx29bryg6SUIwV_YNXDJWGcJyVU_JcoqjcTsGyZp2m4RZdqNiShd-Rq3GBa3weLG8RLJAQ6gnEnxVpk8oX6TRmMYnz073r5DbEvNddntT4SKIe5ONWaXcutlMSirBbmqRhx-JpeFebQ&sai=AMfl-YTRv-rpLS0d4Df59JjpMPf8kyajuaSIINuH4S5XZaqoFDSIBNxLmO6Y56Hpca9w2YJRhgknCILqWdfbyrsMFbEZnddTcSgLBOfIr4T-HC78G1dRxS0ZcxvFzEnruIQ&sig=Cg0ArKJSzGqnnKR24biBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
ads59.adtelligent.com/display/ Frame 22B3 		21 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/display/?adid=3B600905D2981E72&aid=724993&cb=1950685034
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
53ae96025c322ab2412350573203e61b5515c310b9cb50ee55f02a448bfd2275

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
10350
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 22B3 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2023 21:24:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AD36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSphs9ki6tegTUMu6heEXw1jW-HJZJv5c3asVUWfbYYbK2jWYvmj6lVCqM251TRuEJg-cvjKGy7zb_oyIpv8Nf7uhoUDTlENrWYIF0v3LARocllk7Piyw0N1dL2br1xgqKqMCT-kZs42UIooZduMSnYDTpg_inInoOZiNGKDGbtoPafpUt_J2l9FtQX5j_jS1UXXb0Tj6rgsHdiJ45oJFRilgwFKJJEXC-VJsSc1-a1Ss121-e85VkqJp98vpvYoR2dj3NwFNYVBDHTmYMRNBGGzUhV6cNc3NtBTick64OCuqakvdGXAYGff6BQGfUevlQKEAb-E0RQw-5c9nMqA&sai=AMfl-YSK5W9VyZ9Pzcotw-rtRE6JpkOQxKVIPLpVpfD5Xgee4zfBmPamFAgoHZHDQC2UEq7C4-v2gtlpvT1FobcS9kAt7YSHCkA1XkDwRBnkVmXsFgM4mw0zfXIZg6ZvK4Q&sig=Cg0ArKJSzCQhKMwe-l8sEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame AD36 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
38902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame AD36 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:27:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
3454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 20:27:15 GMT
l
www.google.com/ads/measurement/ Frame AD36 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT6qshtGO3oOJ5IBYOXBTNo58_8D1E8S3X0jyintbZP1MbtjrLzOIJwPdePDfxxxiqcqltYuTKfFmJ3ActcdfXBXWdhdw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AD36 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2023 21:24:49 GMT
18150714126883370403
tpc.googlesyndication.com/simgad/ Frame AD36 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18150714126883370403
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ffd7a1a980c9042363af0f2ace2cd50ad742e62f5357e4b57da1606e57e85a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:01:08 GMT
x-content-type-options
nosniff
age
127421
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41558
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:55:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 May 2024 10:01:08 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3200 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8tiZcKEdqj4u_qZs7FiVhW5-3jb9C5O56d9i6MAiSQxPSaSLqhqiaK58oFmiK-HVANNaNIljUJVJlDXJRh0EI_Lr1Y4MgbaAs9hQatapknsx5l-ShwzIg_3vJe97PrfD8ovZXKxJ6iqe814Vdtka-GXT5vSzFczbIfve9jDcWQYBvgcjfMte6LZPTfTY_HSAIAWNVmd-dIGpdIHlk7USuNiSCbZaZEo2pyhymAcnL75PG3ODo3j0Zsp5X-eaFtakj0cls-KZiaJuSR6A2gQz9lG2_y6RRrlhaGf0H1DDu-_BZUp3CWH8lkfu3hbwIX-vDZLLv_NtH9hye4vfr-A&sai=AMfl-YR8h13_l-snX0BsEcIAbCZcD_XkVTuphpjL1RF8MkGTNPg6MgXcLKIXZUgBPUgJ4r6jwKKYzkPml0aErPcdaK00Lsobg5S_puAD6tGckacTD6vjiIBDoCx6L3vgQqM&sig=Cg0ArKJSzMmq3mYXg5Q-EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
18150714126883370403
tpc.googlesyndication.com/simgad/ Frame 3200 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18150714126883370403
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ffd7a1a980c9042363af0f2ace2cd50ad742e62f5357e4b57da1606e57e85a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 10:01:08 GMT
x-content-type-options
nosniff
age
127421
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41558
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:55:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 May 2024 10:01:08 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 3200 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
38902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 3200 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:27:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
3454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 20:27:15 GMT
l
www.google.com/ads/measurement/ Frame 3200 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSe-AaKMIWF0stiY9mX2MZb8nUiKgdixjaqQb6rnkHNgHqFdNECdEoFSVAvrR7BAPVGUaf3ymflSHkbkGlASk7x9Q1cbg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3200 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2023 21:24:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 729E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNwroWyJBD5ayQzmAKZceKrPGVjyQ7cAEFjnOkuwgaIZdwfNxRmehWiGIFoX0EA--AYD2eRM6J0sbG4hQ0J3M7Oj-75pq20sMLxxxFJSrHXksE19ttx4pYMkZP5zmOUimACxrnzoEd4u_4aBB3m6lda1wUKb96Y9qb9B1OUS01uQ4OJjU2NSVNRAc63GAbbIYvD7D_uVt1T19N8vvXI18Qdc0aBOmoMunWk7RnxWCuOX6qKyjS6-UMSi2IanRXzpGZuFD_dMvDmJ5GnNX4hloi3WXPgMIHPChJdigZG0FpV522NBR2jkUJwW4G7S__fthlcbLuvlBkB5GBS0p0PFo&sai=AMfl-YTatZ6fL5qKr3V5uxeAiZKZLPc0n5_bvmp0lus6hnAEmuuZ3PTKFtWF8pf-gAKL18sLmaSMz0Rwg05NhkQ3YMhAVmabgkDRSrcTGNT3x-C1tCAwWZfFJ4vX19-ltek&sig=Cg0ArKJSzDieeDDmzjW6EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 729E 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
38902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 729E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:27:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
3454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 20:27:15 GMT
l
www.google.com/ads/measurement/ Frame 729E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaJb4UGV0wP1oBPQdrnRlDggvPwZi3VcrDEwunk39nxtit9EnaObUDTJ7GH3cO-UyD3K_7-qOKMbtx6IINOuecVr1ajQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 729E 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2023 21:24:49 GMT
2733177347293647796
tpc.googlesyndication.com/simgad/ Frame 729E 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2733177347293647796
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
745a0cfd6511ebe10755631eba8e109555c7cbd60f3acc939575640ddd1f20d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:35:04 GMT
x-content-type-options
nosniff
age
82185
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32293
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:52:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 May 2024 22:35:04 GMT
usync.html
eus.rubiconproject.com/ Frame 6D2D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=aniview&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=631834db55e9564951409ee5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:49 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 21 May 2023 21:24:49 GMT
location
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
server
AkamaiGHost
sync
ssbsync.smartadserver.com/api/ Frame C022 		0
75 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=33&gdpr=1&gdpr_consent=&rdir=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=631834db55e9564951409ee5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sun, 21 May 2023 21:24:48 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 92BC 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=631834db55e9564951409ee5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.209.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-209-231.bcn50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:43:42 GMT
content-encoding
gzip
via
1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 303d44788e5ef8d8a9f0811e1fdf733c.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 21:23:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, BCN50-P1
age
2468
x-amz-server-side-encryption
AES256
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
6r6KJChe-AyR248DVZEOwa4h2oMggaZdX_fLVklEf7j1bxFz_YaOzw==
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.khaleejtimes.com&rs=www.khaleejtimes.com&sid=56625&t=1684704289&cip=185.213.155.173&sn=&tgt=0&osv=10&bv=113.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=631834db55e9564951409ee5&test=&d64=cca847778f5e05041fa3e42bb8981150&d63=cca847778f5e05041fa3e42bb8981150&aafaid=&proto=https&uid=1684704289246-971398736648-001199-006-005516&cha=0.7&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&d35=&d36=6.2.101&cb=2127410503&d39=&d65=idanTest4&d66=8.3.7&d73=&apppkg=&d9=1000&d37=realtime&pt=2&d66=8.3.7&d74=&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&cvid=&cpid=&str=viewable&AV_WIDTH=640&AV_HEIGHT=360&&ppid=631834db55e9564951409ee5&nid=5e7b9048180bd02ded4b0937&pcid=631aed0efe3b5c12d06b24f5&ncid=6422904273d6a50c1601fe5a&pasid=6422909efce73161aa093855&e=request&cb=1684704289343&asid=64228ac94da45b17aa05c33a%2C64228a9a4da45b17aa05c338%2C637c936cc263d024510ed273%2C64228afb1b07c872200fcac6&ofpr=%2C%2C%2C&fpo=%2C%2C%2C&ri=1%2C1%2C1%2C1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.16.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-16-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.khaleejtimes.com&rs=www.khaleejtimes.com&sid=56625&t=1684704289&cip=185.213.155.173&sn=&tgt=0&osv=10&bv=113.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=631834db55e9564951409ee5&test=&d64=cca847778f5e05041fa3e42bb8981150&d63=cca847778f5e05041fa3e42bb8981150&aafaid=&proto=https&uid=1684704289246-971398736648-001199-006-005516&cha=0.7&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&d35=&d36=6.2.101&cb=2127410503&d39=&d65=idanTest4&d66=8.3.7&d73=&apppkg=&d9=1000&d37=realtime&pt=2&d66=8.3.7&d74=&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&cvid=&cpid=&str=viewable&AV_WIDTH=640&AV_HEIGHT=360&&ppid=631834db55e9564951409ee5&nid=5e7b9048180bd02ded4b0937&pcid=631aed0efe3b5c12d06b24f5&ncid=645205afa06e89bb2b02afd4&pasid=645205e561f2a4fabc04ffbd&e=request&cb=1684704289343&asid=6452038465268e052a03b3c4%2C64520358a935d53645057144%2C645202b965de16d17f00e638%2C645202e855b47aef1e0871b7%2C645203ee9ad535d8330efdd6&ofpr=%2C%2C%2C%2C&fpo=%2C%2C%2C%2C&ri=1%2C1%2C1%2C1%2C1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.16.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-16-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.khaleejtimes.com&rs=www.khaleejtimes.com&sid=56625&t=1684704289&cip=185.213.155.173&sn=&tgt=0&osv=10&bv=113.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=631834db55e9564951409ee5&test=&d64=cca847778f5e05041fa3e42bb8981150&d63=cca847778f5e05041fa3e42bb8981150&aafaid=&proto=https&uid=1684704289246-971398736648-001199-006-005516&cha=0.7&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&d35=&d36=6.2.101&cb=2127410503&d39=&d65=idanTest4&d66=8.3.7&d73=&apppkg=&d9=1000&d37=realtime&pt=2&d66=8.3.7&d74=&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&cvid=&cpid=&str=viewable&AV_WIDTH=640&AV_HEIGHT=360&&ppid=631834db55e9564951409ee5&nid=5e7b9048180bd02ded4b0937&pcid=631aed0efe3b5c12d06b24f5&ncid=64675fc5019e10e6010cb5c5&pasid=646768557cc3c5797f03f006&e=request&cb=1684704289343&asid=646766d4227f95554e088f64%2C646766b34cc56a7cf6089478&ofpr=%2C&fpo=%2C&ri=1%2C1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.16.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-16-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
truncated
/ Frame 22B3 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba3696345efc1aec76819aec686378226b83ff3d4f1a2e41afeadf48e2f6a074

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
sync.js
ads59.adtelligent.com/ Frame 22B3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/sync.js?aid=724993
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B600905D2981E72&aid=724993&cb=1950685034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
06cbf96f689ccd27c0b9b3e417da9279e92da87b6d7e4d2f37e9f36ddbdbb171

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
text/javascript
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1088
truncated
/ Frame AD36 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f81b95af0a8e88b17d69442b58bdd6f141b89aebdd7c79eb3e564e2fc8aaf001

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame AD36 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstA4u8xUt1BdDQLE2hWW_R9aOJXg3ygTC7ZNyTnYfeppl9PTlEhpvhLbALwlbrtJ0QZ9qjTcXFb3g0RFyPWJTV1ipLCSHhYYCI2Np31wtwl9k70UGlJHyaFkGKGpwQO83KJp46sHbEMJeamHc_-OAe9OofhpqDm_wGuzTxcaiONBImGqgoPdLGR9e8vkD-h14g90Bvtpef9sxb6_60kbQbUil6aetcd43AU5O6iH5TuZChU-0qcOxDAwP4KSXar0dfV3aFLZLDlP8vnn5wA2Ozexqau7inmpFGR9iw9QjiVu4ruPNoaK8dcNFHOEy35-n1FKAXCwuGUjopqI1ObnKjE&sai=AMfl-YTMol991dVyDMaudigtvePwRefgZR0knreZsyKbN2zBhyKYENeWnZfGuatROZ3pVKpN-n-104lzf0tBZHUxgSTMGClekuVUWuzoMgMQ_ohYWplrEbuF0mK4oIAJ6oU&sig=Cg0ArKJSzBBVJnzo7rwcEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:49 GMT
campaign
ads59.adtelligent.com/tracking/ Frame 22B3 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=2001&dae=false&cec=true&speedLog=true&adid=3B600905D2981E72&cmpId=538100&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B600905D2981E72&aid=724993&cb=1950685034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads59.adtelligent.com/tracking/ Frame 22B3 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/campaign?code=0&adid=3B600905D2981E72&cmpId=538100&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com&event=1
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B600905D2981E72&aid=724993&cb=1950685034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
container.html
ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 56CB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 May 2023 21:24:47 GMT
expires
Mon, 20 May 2024 21:24:47 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 6D2D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fbd313762cb3406cf59cfd0cb482fccf9b76f79ccbb80caf324ce80cf465eb8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
last-modified
Sun, 21 May 2023 04:27:12 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=25334
content-length
10085
expires
Mon, 22 May 2023 04:27:03 GMT
ab
fra1-ib.adnxs.com/ Frame 8201 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https://www.khaleejtimes.com/&e=wqT_3QKMGfBMjAwAAAMA1gAFAQigmKqjBhC13q7o8NHnmAoY8vKEhNyljLkOKjYJWYtPATCesT8RZhXbSek-rT8ZAAAAAClc7z8hZhXbSek-rT8pWYsJJMgxAAAAgD0Ktz8wkrL0CTiUXUAdSAhQl5C7tgFYlPyRAWAAaPvYuQF4AIABAYoBA1VTRJIFBvC2mAGgAaAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAvm_WuoCHWh0dHBzOi8vd3d3LmtoYWxlZWp0aW1lcy5jb20v8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNDEyMDAzODQzNTc4NTY1MTI5M_ICzAEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEq0BaHR0BYY0cGl4ZWwubWF0aHRhZy4Bg6BjbGljay9pbWc_ZXhjaF9haWQ9NTI2NDkyODc4NzI1MzQ2MjAxJm10XwEaSn0AARsgaWQ9NjYyMjM5BQ4oYWRpZD0yMTY1MzYBHShzaWQ9NDU2MjMxMgEPFGV4aWQ9MQUpGGluYXBwPTABFkRvcz0mcmVkaXJlY3Q98gIXChM5FjxnZHByX3N0cl0SAPICGQoUOhoARGZsYWddEgEw8gIeChRbQURfQSFLMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITSvUAkPICxgoKEltOT1RJRklDQVRJT05fVVJJXRKvCjxpbWcgc3JjPWgt-Qx0YWdzMnIBFG5vdGlmeTVzGD1hcG4mc18hfgULIYHAYVc5NXEyakx6SXpMeUF2VFZSRmQxcFVUVE5PYlVWMFRVUkJkMDFETUhkTlJFRjNURgUQEEVRWFJOBRAJIAhFUVgJIPCwTHpReE1qQXdNemcwTXpVM09EVTJOVEV5T1RNdk5qWXlNak01TXk4ME5UWXlNekV5THpFekwwdDRaak5vYUhWUE1HbFlZVFJwU0Rab2VWZDZOMHhMU2t4bVRWVndaeTF4UkZsc05TMVZiSEp6ZHpndk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRFcgMTXdkMAXIBE1WESAARQUQOugADGN2TUMJcAkIZvAALFlXMXpMekF2TlRjdyEYcEx6azVPUzh4TmpJdk1tRXdNem94WWpJd09qWTZaITSgRG82THpBdU1EQXdMekUyT0RRM01EUXlPRGd2TVRZNE5EY3hOamc0T0MF9PBGeE9USTVNVFl4THcvVHp4UTd2ekVsVzNXQlFBTlpLSzNFYjVBTjljJm5vZGVpZD00MDEzJmdyb3VwPWNkZyZhdWN0aW9uaWRSagMQcGJzX2FyIgAcc2hhcmRrZXlSPwAuiQMAY32zPGJwPWFfYWdpaWNhJm1pbl9B-SB3aW49JHtBVUNF2_CVTUlOX1RPX1dJTn0mbmZ5X2FjdD1MRDV3ZXcmYmZpcD0xODUuMjkuMTM1LjE0MyZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0PScxJyBzdHlsZT0nZGlzcGxheTpub25lOyBvdmVyZmxvdzpoaWRkZW4nBUNlbgkuNGxlZnQ6LTEwcHg7dG9wDQoQIHBvc2khVCQ6YWJzb2x1dGUnZZ4EJ2htnwBwQhIFEGV2ZW50ZZ8EbXSB2xgxMzY4ODc1gaeR2xQ3NjQmdjGBxwR2MlJsASx2Mz02NTE4NzEmdjSV_gR2NS4nBUhuc3luYz0xJm5vX2F0dHI9MScgUgwBAC9W6AAAORHnAQmC5gBChQQZ5SWuKG1tSW1wVHJhY2smlYkAYqG5CDEyMDpuBggmc3QV0sHKED1bSU1QqXUBDwBdLtsCctMAgC9kaXY-gAMAiAMBkAMAmAMUoAMBqgPTBgqLBmh0dHA6L0a2AABu_jsF_jsF7jsFrTt8aHJXVTk0WVU1bVRuRkdTVVIyTW1GQlptWnJOazB2TVOFRwB3gaMET1T-OwX-OwX-OwXiOwVoS2ZPdmtHcF9lVjRUSWc1b09tbnFDX2pqMkV3LmAC_jsFnjsFEHByaWNlvREYUFJJQ0V9Ji46BS4YBQhmM1VSGQVeggUOLwgMYXBpJmWLDG51cmyxOghzMnNSgAigGhI3MzQ1NDI1NTE0NzQ0ODI5OTciCTM4MjY1MDM5MSoGMTAxOTM2Ogca2wjw18ADrALIAwDYA6-wMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDM6MWIyMDo2OmYwMTE6OjVlqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBJeQu7YB-gQSCQAAAGBtDUlAEQAAAOBNQiFAiAUBmAUAoAWZ58mpvc-epweqBRAzQjYwMDkwNUQyOTgxRTcywAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGAA7dCzAA8D_QBvmrAdoGFgoQBREdAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapnRTIBwDSBw0VbAEtCNoHBgnpaOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAQ..&s=30c09b9c0820331e8b2bcd3e8e0ebeb5e0085c01&pp=0.0570
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B600905D2981E72&aid=724993&cb=1950685034
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6d64bf989a7e8772424a8b1fedfd0572bfa388e2bd30179525cbcd30a6f69c2d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Content-Encoding
gzip
X-Creative-ID
382650391
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
827ea600-2370-47dd-b108-cb9d558cc73d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fake_image.png
www.khaleejtimes.com/technology/ Frame 22B3 		285 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.khaleejtimes.com/technology/fake_image.png
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.76.234.ip.incapdns.net
Software
imio /
Resource Hash
29f14ae75a125be35d315f4f3d38ca7f398cbd52c1c32585f0d5585529889803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
via
1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
imio
x-cdn
Imperva
x-amz-cf-pop
FRA60-P4
x-cache
Error from cloudfront
content-type
text/html
x-iinfo
6-35838214-35838265 PNYN RT(1684704285438 3786) q(0 0 0 -1) r(0 0) U24
cache-control
max-age=60
x-amz-cf-id
ur20RbjAqjBwTe70hRj9Q-gph7JQdzfl2pq2Y8B7Qy1CU8JRmQm8GQ==
expires
60
truncated
/ Frame 3200 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09d34e16a75f2a0584a15576d4074747cc037d18db095a0087b2ec350b6b6487

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
index_0_250_00001.ts
stream.playstream.media/storage/videos/2dc152e2-61f0-498a-9671-672b6cd21f19/ 		573 KB
574 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.playstream.media/storage/videos/2dc152e2-61f0-498a-9671-672b6cd21f19/index_0_250_00001.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
9ca81a9f248b84e4e96cd41cf8f4a427a367e8647bc7eb7b2fb21bc00fb0b699

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:24:49 GMT
cdn-edgestorageid
1081
cdn-cachedat
05/03/2023 07:47:47
cdn-pullzone
1024237
content-length
586560
last-modified
Wed, 03 May 2023 07:33:16 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"64520e3c-8f340"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
1cd76203993ce58494b01da461073884
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
impression
ads59.adtelligent.com/tracking/ Frame 22B3 		43 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/impression?creativeType=&inViewEnabled=undefined&inViewEvent=undefined&inViewSec=undefined&width=0&height=0&cmpId=538100&nestedLevel=0&tti=167&ttiFromStart=50&isHeadless=false&adid=3B600905D2981E72&aid=724993&i_top_domain=https%3A%2F%2Fwww.khaleejtimes.com
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B600905D2981E72&aid=724993&cb=1950685034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
truncated
/ Frame 729E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
803e61d446f7505355f246b2c6b87b5d1d67946d0db9d92988c07939080d3f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3200 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5gy9XRCrBweB98ALqtcf-oittR55bIps-5uJMCAGyKu3z8PMoSFqeuX_4UT4lLoksQpTiFMEc7ZeoiINbxOSklwXEU9VhsCtDdCSU8PeQ5XFfdCoY_ezoc6rPWh24Tf8Mh_ixQ58dx4aSahS0rdpQX0qAOXuTMo3I_6dWsOkL5RUdITGay22zSJX2RVANll1Qpk8HfVd5JL4TjzOFblvqbBN-7mR6sZ661RUI5XkzT17SuwjBdKLRrSCHroSp5IISrr9byJHALCx5HBHrow3ru7o6ICKxGcT3gXvDdl4VaEwpZ49uT-lKjonjkSIhOeNO8UosTDBsO10HFMFZKoc3&sai=AMfl-YRjPYchN0RzlgFiL0x7u9R3ZGwbcF9tQYxT-g5zl0flRnXVCib-ehU5qXFzJDwB_lWgzqlIBsLbzETr3UJRuTE6r8vb7XAf2n2q8c-Py1fmSaSZA0FsPw71bg603qw&sig=Cg0ArKJSzOt5kCDE7skEEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5556 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP17QECVk_4W2htiaOkmLQNiwXuFks-V_u5TKbXjDSTKakV-W_9AXSBWA1TogDPjr_-7R9k_quV8vYi-kLXTPPp5vPFmHMSQa03oqDfd-XSaazK_vA6hg16TvCPepsuRmsMGUKebLYc0_GfKE6GZC1OOVZdwMDDcbtB_buab1h33YyKq-H508XQxgXIPvuKUpOQJtIOyo--TpasnSLelz7Zy1Q-GgEMbZOPBrgr8UEw0C0RPdtSOkcJhZL1U7sBPw6lqytax_-vlN8uIuMLcNxffiY-XLBrgNNrQ6HWNeMAOoY-ioiLs8gUoF8gfOSxkuLocPZXLJ3jJyCFy9JRXU&sai=AMfl-YSiLcyzLSrgeuM0FjxW6ox7WR8UvX9jT-DJHGzUQgOcF0rciMj7di0blZdnsfCB7lOLQuHzrEW2mBWh3Y06dF2bINZWVyI6cfnWgjurdxPdCfK1ppviItyXBRXpQGs&sig=Cg0ArKJSzL1UQ0e0HFWQEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
2733177347293647796
tpc.googlesyndication.com/simgad/ Frame 5556 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2733177347293647796
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
745a0cfd6511ebe10755631eba8e109555c7cbd60f3acc939575640ddd1f20d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:35:04 GMT
x-content-type-options
nosniff
age
82185
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32293
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:52:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 May 2024 22:35:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 5556 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
38902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 5556 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:27:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
3454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 20:27:15 GMT
l
www.google.com/ads/measurement/ Frame 5556 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTfgweL3VTjBq9DquKZ2A0HWbm9_Xv3xYf-Wi8W7LnVTfTrRtKlkXf2WH_QSoWMuTJpdKqgx5JyUOqo1A_0JDdTM-osKA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5556 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2023 21:24:49 GMT
/
onetag-sys.com/usync/ Frame 9846 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
ads.us.e-planning.net/uspd/1/ Frame 5D98
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
db0b8a74f7de410a331ad8b4b624fa32e38aa7880529c18b3b20d165f8e2c7a8

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Sun, 21 May 2023 21:24:49 GMT
expires
Sun, 21 May 2023 21:24:49 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Sun, 21 May 2023 21:24:49 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-928
d
ic.tynt.com/r/ Frame E053 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Sun, 21 May 2023 21:24:49 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
s.adtelligent.com/ Frame 7D26 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5161:0:225:90ff:fefb:20e3 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4d103aa6459418648cbe913c21965506dec88b052033c15ece5c5800e39f7e34

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
943
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 May 2023 21:24:49 GMT
Server
Adtelligent
X-Robots-Tag
noindex
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F5C5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=724993
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48776
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 21 May 2023 21:24:49 GMT
expires
Mon, 22 May 2023 10:57:45 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 956D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2436496733646849807
43 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2436496733646849807
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 21 May 2023 21:24:49 GMT
Etag
e0cb5ef3b15a5a54
Server
Adtelligent

Redirect headers

AN-X-Request-Uuid
225fb639-b07d-4d5b-a6ca-71ad8c2230b1
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 21 May 2023 21:24:49 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=2436496733646849807
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.23.2
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
sync.html
s.console.adtarget.com.tr/ Frame B8A1 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/sync.js?aid=724993
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6344c20f5e2a231f73e2f211e982630c32ea054347f57d2de05a175ea856837d

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
862
Content-Type
text/html; charset=UTF-8
Date
Sun, 21 May 2023 21:24:49 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync
vid.vidoomy.com/ Frame 22B3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 22B3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1684704289536
  • https://ad.turn.com/r/cs?pid=45&rndcb=824123797
  • https://sync.1rx.io/usersync/turn/7435423427955502766?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-71d0441c-488d-4c74-9981-98c0af1a5d92-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-71d0441c-488d-4c74-9981...
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-71d0441c-488d-4c74-9981-98c0af1a5d92-003
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-71d0441c-488d-4c74-9981-98c0af1a5d92-003
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Server
Adtelligent
Etag
e0cb5ef3b15a5a54
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-71d0441c-488d-4c74-9981-98c0af1a5d92-003
date
Sun, 21 May 2023 21:24:49 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX71d0441c488d4c74998198c0af1a5d92003
content-type
text/html
pixel
ap.lijit.com/ Frame 22B3 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 May 2023 21:24:49 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 22B3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2436496733646849807
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2436496733646849807
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Server
Adtelligent
Etag
e0cb5ef3b15a5a54
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 21 May 2023 21:24:49 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a98f541f-c695-4494-8c5a-6e0e962fb1c1
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=2436496733646849807
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 22B3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2436496733646849807
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2436496733646849807
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Server
Adtelligent
Etag
e0cb5ef3b15a5a54
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Sun, 21 May 2023 21:24:49 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
3f6cf09a-682b-48a3-9dba-f74b8d8f5e17
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=2436496733646849807
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 22B3
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D&ox_sc=1
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=cb8b4ec9-455e-4036-a028-b8109ceccf4e
43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=cb8b4ec9-455e-4036-a028-b8109ceccf4e
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Server
Adtelligent
Etag
e0cb5ef3b15a5a54
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=cb8b4ec9-455e-4036-a028-b8109ceccf4e
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 92BC 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.209.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-209-231.bcn50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
yHpogsakS7iCluwAmUa6Y9ccBYm32d5h
content-encoding
gzip
via
1.1 327c500723be5bbd35817bb5bf5e2cee.cloudfront.net (CloudFront)
date
Sun, 21 May 2023 21:24:47 GMT
x-amz-cf-pop
BCN50-P1
age
428
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 11 May 2023 21:16:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
xVHFZUw3nyZuJqZN72uJkDlnyYBwbBSIDptJUk44LIEWXBRjRIcWxg==
config
c.amazon-adsystem.com/cdn/prod/ Frame 92BC 		0
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.khaleejtimes.com&pubid=5d8ed25e-57cc-441a-b62a-127b34faae4e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.209.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-209-231.bcn50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 17:12:07 GMT
via
1.1 303d44788e5ef8d8a9f0811e1fdf733c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BCN50-P1
age
15161
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
zGVN8ZpsTijImxNY5LP04Hg-7x0OOmrKC32Y9v0itbWbuFrUy_t-PQ==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 92BC 		23 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&pid=pe7VKhUy1yLIG&cb=0&ws=1600x1200&v=23.505.1627&t=8000&slots=%5B%7B%22id%22%3A%22PS_Video_Instream_400x300_Web%22%2C%22mt%22%3A%22v%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!playstream.media%2C1205%2C1%2C%2C%2C!playstream.media%2C5d8ed25e-57cc-441a-b62a-127b34faae4e%2C1%2C%2C%2C&pubid=5d8ed25e-57cc-441a-b62a-127b34faae4e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.208.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-208-109.bcn50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 da8734ab8270f317b30b394eff192dc2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BCN50-P1
x-amz-rid
VKAJVVXGJ5VKYTYHW9FX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
6qOYGvQbmGOExte_obqi030rFZLvin48seZ31T-8vTG6WLVymz6Lbg==
view
securepubads.g.doubleclick.net/pcs/ Frame 729E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPZiipL1ev4h4J33YjnfNQtTkH_UHpJPhZnRHaSen0Ce5RtGgfVYqkMdBaattd6XLwEc7tIFZTnSbKvYQOZVMyOu9F0F2-UwlyaIOCXKg0Qm4FqQt4Q_b-hD6DWvm3OX9W2aBHCDGdh8FJX0veTymvOwt0900clIAhBO7M9Ve6xvEvXjd3pkkndDvf9oQsAz-EzSxKkmYVz7lA5f4-DCkUPIZwMfqqJige-m3f4QcRsY4B122TthPcP2fUM5PQhYgavX9nCz7VIco4ede_LwWfHv9yk_TBVBTi2X0kF94ZTNRYO77VYe5_xWZorBLHDJnUgGmhjTNgUItaz0vYkA5ixw&sai=AMfl-YTt92eVW5-W7SgdNZzAkNgdft7RPB52Qd1ZKjFLTwCV02aCa41tts2s3lXRHJcL-FiwBNqezAPNTyvhjpiyNPC0IQB47Lqh7anqOMs_1jL8orCsJoeesMgVWCZ6DKQ&sig=Cg0ArKJSzLMDmzOBI8QOEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:49 GMT
q
p.adlooxtracking.com/ 		185 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=gpt-92559af&c=532&t=1193&p=248&pn=%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&s=%2F78059622%2FResponsive-Article-Leaderboard%09div-gpt-ad-1613480627440-0&s=%2F78059622%2FResponsive-Article-Leaderboard-footer%09div-gpt-ad-1623646234024-0&s=%2F78059622%2FResponsive-Article-MPU-1%09div-gpt-ad-1613481060449-0&s=%2F78059622%2FResponsive-Article-MPU-2%09div-gpt-ad-1613481175484-0&s=%2F78059622%2FResponsive-Article-1x1%09div-gpt-ad-1613625644855-0&s=%2F78059622%2FResponsive-Desktop-Expandable-1x1%09div-gpt-ad-1624862944429-0&s=%2F78059622%2FResponsive-Article-2%09div-gpt-ad-1636113966289-0&s=%2F78059622%2FResponsive-Article-1x1-3%09div-gpt-ad-1637151091152-0&s=%2F78059622%2FResponsive-InfiniteArticle-1x1%09div-gpt-ad-1644479678407-0&s=%2F78059622%2FArticle-Ear-Pannel-Left%09div-gpt-ad-1652857412793-0&s=%2F78059622%2FArticle-Ear-Pannel-Right%09div-gpt-ad-1652857619498-0&s=%2F21751243814%2C78059622%2F537953_KT_Teads_Inread_1x1%09adunit1x1&s=%2F21751243814%2C78059622%2F537953-160-600-11%09andbeyond16011&s=%2F21751243814%2C78059622%2F537953-300-250-15%09andbeyond30015&s=%2F21751243814%2C78059622%2F537953-728-90-10%09andbeyond72810&s=%2F21751243814%2C78059622%2F537953-728-90-33%09andbeyond72833&s=%2F21751243814%2C78059622%2F698907-970-250-6%09andbeyond9702506&s=%2F21751243814%2C78059622%2F698907-300-250-16%09andbeyond30016&s=%2F21751243814%2C78059622%2F537953-300-250-9%09andbeyond3009
Requested by
Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
207249da364e8d3460a20d21b5caaebe150d559ef9241bd077882a9c68bce763
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-adloox-pubint-version
20230521064217
date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-real-ip
185.213.155.173
x-adloox-pubint-commit
80ca8d3
via
1.1 google
x-adloox-pubint-commit-db
028578e4-dirty
server-timing
conn;dur=0.007, ua;dur=0.036, segment_pipeline;dur=0.431, segment_ip;dur=0.005, segment_iab-valid;dur=0.017, segment_iab-spider;dur=0.793, segment_bs;dur=0.006, segment;dur=1.536
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
vary
Accept-Encoding, origin, user-agent
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age
600
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
speed
ads59.adtelligent.com/tracking/ Frame 22B3 		43 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads59.adtelligent.com/tracking/speed?network=111&queue=32
Requested by
Host: ads59.adtelligent.com
URL: https://ads59.adtelligent.com/display/?adid=3B600905D2981E72&aid=724993&cb=1950685034
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 Brent, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:48 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
adview
securepubads.g.doubleclick.net/pagead/ Frame 56CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cs9E5IYxqZL7ZCo-E3wOd-YeQBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODczMTIxMDc2NTIwMjIzN8gBCakCkmz4C7Mgsj7gAgCoAwGqBL4CT9CNT4kaZHazmWAcoM2wwx9BXMFzGeiikwqBhrVtY8-ceMM4z0bZYoxc08Kdi-qG3OcgwwM8Nl6Nh2nueUpUFtcNBMPHLXr1J-C1vnb_fj5maDpA2hBS3Mk3tcfmJIa_ApgqCavt_8Fwu7m0YzT2dxdER4BNo-wXkHLwVJXBlHnbmBABlVyda-7UC00o1RbalXy4Uar647H8p_Yck_WFJVI06YHDnuOBudokWWE9Yr8zv8wIDF4L53mBYxKh0_ZVNdvX2lG8hwihQwpoGoLOgNoRLHvV-UP28ZbnnrOyM4xXZ-db2qeLpqYG8zW48-v6rZy8mr2aOuvSi6wuhfN-AlI2FfnQ-RzoBqpHXjmMsENDSFt5ZkIT8fYeTtLzbD6z39LTPdNtcn_3HVtDWZ5tI2tTEZQxriQacs03EflG4AQBgAabsIrStMCSxaIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjI5NTg1MDUwNzI4NjA3MoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi04NzMxMjEwNzY1MjAyMjM3GIeubg&sigh=fTdFCIiMzRY&uach_m=[UACH]&cid=CAQSKQBygQiDI_G_dIVZYeWEaQC1P7073eanTWNCuXSlK_47UED83kiRP3qAGAE
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 56CB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k-nfFPWUWMoH-gGdg2ICAgAAAG40M-BhdgtEvQfQXwk5jtsQIYxqZEyX1aWNbJfipIMAABIAAAoKQVFVRER3RUJEdw&wp=ZGqMIQACrL4Kd8IPAAH8nYY6hdHvl4zb2X8O0Q
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
141715
server
Kestrel
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame A05D 		50 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGqMIQACrL4Kd8IPAAH8nYY6hdHvl4zb2X8O0Q&u=%7CmnVyqarO45%2F1O9XRKdgJ0iBTRTG7GZ5wp0MQUtnxjMw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9cTlJgqEZnthwGUqKNi4MkjlPejYi92vMYodVXZF_9yDqGpQAOgAZAYVGYTgLXAq-6I4AVCc78jNhssEm7sMRX3R1zMcLa33vxrkiop0IU3zQxEOpcYu3uuE19jSvhpIR0J6i2XFCazLwcKRUotSs1ERamCHGZ9eJ-GPAqxy5rrHJzb7ZBgg6tkDaU_1NdcdatMn_qDb27uY0MfGYuJunip1m6IG73g1f7MkWtXbBYZuR1UNqfKsL_-o-y2VDeHXQyfAhoulV_KYaYkz_d1e1Gd_oK6vnNC0RGGAyfFpPEMjqQNAj3d_h558x4JU_gpkcOiYqUn7r5BIbx-6qmry1whPh8LWIP-X6Q64ZPJiMa9TW3o3XF5i8_9pRiooPx6pNwW6Lh_izm3CELWYZrVwh6a2xSxlyXHQJzo2JsgKrw509bGrdXRLjCRAKVu2lPS6zZsdUBDQiQyKFPEUEDw-iLPORvOZfYhOYkjnZwJsmwX14t4uhEliY7NJ5QLAvnljMIBuyOISbXl8ozjGyqSlPv3pBlCF3iDzM5JqhiXY3TEnP-unvr260WyaHGxKd7l8TWWeQ8M5TdkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9RokIYxqZL7ZCo-E3wOd-YeQBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODczMTIxMDc2NTIwMjIzN8gBCakCkmz4C7Mgsj7gAgCoAwGqBMECT9CNT4kaZHazmWAcoM2wwx9BXMFzGeiikwqBhrVtY8-ceMM4z0bZYoxc08Kdi-qG3OcgwwM8Nl6Nh2nueUpUFtcNBMPHLXr1J-C1vnb_fj5maDpA2hBS3Mk3tcfmJIa_ApgqCavt_8Fwu7m0YzT2dxdER4BNo-wXkHLwVJXBlHnbmBABlVyda-7UC00o1RbalXy4Uar647H8p_Yck_WFJVI06YHDnuOBudokWWE9Yr8zv8wIDF4L53mBYxKh0_ZVNdvX2lG8hwihQwpoGoLOgNoRLHvV-UP28ZbnnrOyM4xXZ-db2qeLpqYG8zW48-v6rZy8mr2aOuvSi6wuhfN-AlI2FfnQ-RzoBqpHXjmMsENDSFt5ZkIT8bQcb0B046KgYE7HngNQ1If-CVH1U7B1od-bLDLDETo2akidler5ffTH4AQBgAabsIrStMCSxaIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjI5NTg1MDUwNzI4NjA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wFXevlAErLxuIdO1qigYmJNL-FQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Requested by
Host: ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
URL: https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8f00192d90c2968b8df1bd1ee882115512c26caffa1699852c41ef8854bff455
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 21 May 2023 21:24:48 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=9YJXEnKdeyMhyj2AtWbfvpbysoiN377nAZOSP5CYKafEjM1DvgcgrNUES-4YpxGgzMA3XLomtPPfLt55ljb2FgmlePj_lbdsxT3Kzh158jDkE49IA28oSDCwTTQoUzk1RkbqmtFIhwy2BN9wk8fk-JYEOQuIMvRzzG-Flgb2wZj92yNNG2DkPvdS4Y5ZhMNg8EbFlsXP39H10slfuKT4KUnjLu51j-p45w1UldOnO15bMl_TH3RdxPQXk0MDC6yKNJm82g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
3039519
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 56CB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
URL: https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:27:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
3454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 20:27:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D223 		1 KB
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
URL: https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
51409
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 21 May 2023 07:08:00 GMT
etag
48472445140208031
expires
Mon, 22 May 2023 07:08:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 56CB 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
URL: https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
38908
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7953
x-xss-protection
0
server
cafe
etag
16153819885643670827
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:21 GMT
l
www.google.com/ads/measurement/ Frame 56CB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8bxq0XRUtVW7hukZrEAaFO47pFYJtLTN3LQR5ud4ijt9b_D-QxHmh253LvyPveCyeajt6tuEm7az7vaLDqg9Ifw6UGw
Requested by
Host: ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
URL: https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 56CB 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
URL: https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 10:36:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
211709
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 May 2024 10:36:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 56CB 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
URL: https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2023 21:24:49 GMT
6cywgeu7gf0e
hal9000.redintelligence.net/zone/ Frame 8201 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/6cywgeu7gf0e?subid=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&rnd=4120038435785651293&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:apn&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4120038435785651293%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
44a7842568fd2d10ef3d2327f2029a8242f9eae569555ac8f280d1f3f5dc64e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
2800
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 8201
Redirect Chain
  • https://tags.mathtag.com/notify/img?exch=apn&s_exch=apn&id=5aW95q2jLzIzLyAvTVRFd1pUTTNObUV0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzQxMjAwMzg0MzU3ODU2NTEyOTMvNjYyMjM5My80NTYyMzEyLzEzL0t4Zj...
  • https://tags.mathtag.com/ck-confirm?bid_id=4120038435785651293&node_id=4013&exch_id=13
49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=4120038435785651293&node_id=4013&exch_id=13
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.388.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Server
MMBD/3.388.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x87, cdg-bidder-x152
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 21 May 2023 21:24:48 GMT

Redirect headers

Date
Sun, 21 May 2023 21:24:49 GMT
x-mm-nodeid
4013
x-mm-bid-request-time
1684704288
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
keep-alive
Content-Length
86
x-mm-handled-by-owner
true
Last-Modified
Sun, 21 May 2023 21:24:48 GMT
Server
MMBD/3.388.2
x-mm-latency
22 (0)
Content-Type
text/html; charset=utf-8
Location
https://tags.mathtag.com/ck-confirm?bid_id=4120038435785651293&node_id=4013&exch_id=13
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
zrh-router-x86, cdg-bidder-x152
Keep-Alive
timeout=360
x-mm-lag
1
Expires
Sun, 21 May 2023 21:24:48 GMT
img
pixel.mathtag.com/event/ Frame 8201 		43 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=13&v2=4120038435785651293&v3=651871&v4=4562312&v5=6622393&mt_nsync=1&no_attr=1
Requested by
Host: fra1-ib.adnxs.com
URL: https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https://www.khaleejtimes.com/&e=wqT_3QKMGfBMjAwAAAMA1gAFAQigmKqjBhC13q7o8NHnmAoY8vKEhNyljLkOKjYJWYtPATCesT8RZhXbSek-rT8ZAAAAAClc7z8hZhXbSek-rT8pWYsJJMgxAAAAgD0Ktz8wkrL0CTiUXUAdSAhQl5C7tgFYlPyRAWAAaPvYuQF4AIABAYoBA1VTRJIFBvC2mAGgAaAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAvm_WuoCHWh0dHBzOi8vd3d3LmtoYWxlZWp0aW1lcy5jb20v8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNDEyMDAzODQzNTc4NTY1MTI5M_ICzAEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEq0BaHR0BYY0cGl4ZWwubWF0aHRhZy4Bg6BjbGljay9pbWc_ZXhjaF9haWQ9NTI2NDkyODc4NzI1MzQ2MjAxJm10XwEaSn0AARsgaWQ9NjYyMjM5BQ4oYWRpZD0yMTY1MzYBHShzaWQ9NDU2MjMxMgEPFGV4aWQ9MQUpGGluYXBwPTABFkRvcz0mcmVkaXJlY3Q98gIXChM5FjxnZHByX3N0cl0SAPICGQoUOhoARGZsYWddEgEw8gIeChRbQURfQSFLMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITSvUAkPICxgoKEltOT1RJRklDQVRJT05fVVJJXRKvCjxpbWcgc3JjPWgt-Qx0YWdzMnIBFG5vdGlmeTVzGD1hcG4mc18hfgULIYHAYVc5NXEyakx6SXpMeUF2VFZSRmQxcFVUVE5PYlVWMFRVUkJkMDFETUhkTlJFRjNURgUQEEVRWFJOBRAJIAhFUVgJIPCwTHpReE1qQXdNemcwTXpVM09EVTJOVEV5T1RNdk5qWXlNak01TXk4ME5UWXlNekV5THpFekwwdDRaak5vYUhWUE1HbFlZVFJwU0Rab2VWZDZOMHhMU2t4bVRWVndaeTF4UkZsc05TMVZiSEp6ZHpndk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRFcgMTXdkMAXIBE1WESAARQUQOugADGN2TUMJcAkIZvAALFlXMXpMekF2TlRjdyEYcEx6azVPUzh4TmpJdk1tRXdNem94WWpJd09qWTZaITSgRG82THpBdU1EQXdMekUyT0RRM01EUXlPRGd2TVRZNE5EY3hOamc0T0MF9PBGeE9USTVNVFl4THcvVHp4UTd2ekVsVzNXQlFBTlpLSzNFYjVBTjljJm5vZGVpZD00MDEzJmdyb3VwPWNkZyZhdWN0aW9uaWRSagMQcGJzX2FyIgAcc2hhcmRrZXlSPwAuiQMAY32zPGJwPWFfYWdpaWNhJm1pbl9B-SB3aW49JHtBVUNF2_CVTUlOX1RPX1dJTn0mbmZ5X2FjdD1MRDV3ZXcmYmZpcD0xODUuMjkuMTM1LjE0MyZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0PScxJyBzdHlsZT0nZGlzcGxheTpub25lOyBvdmVyZmxvdzpoaWRkZW4nBUNlbgkuNGxlZnQ6LTEwcHg7dG9wDQoQIHBvc2khVCQ6YWJzb2x1dGUnZZ4EJ2htnwBwQhIFEGV2ZW50ZZ8EbXSB2xgxMzY4ODc1gaeR2xQ3NjQmdjGBxwR2MlJsASx2Mz02NTE4NzEmdjSV_gR2NS4nBUhuc3luYz0xJm5vX2F0dHI9MScgUgwBAC9W6AAAORHnAQmC5gBChQQZ5SWuKG1tSW1wVHJhY2smlYkAYqG5CDEyMDpuBggmc3QV0sHKED1bSU1QqXUBDwBdLtsCctMAgC9kaXY-gAMAiAMBkAMAmAMUoAMBqgPTBgqLBmh0dHA6L0a2AABu_jsF_jsF7jsFrTt8aHJXVTk0WVU1bVRuRkdTVVIyTW1GQlptWnJOazB2TVOFRwB3gaMET1T-OwX-OwX-OwXiOwVoS2ZPdmtHcF9lVjRUSWc1b09tbnFDX2pqMkV3LmAC_jsFnjsFEHByaWNlvREYUFJJQ0V9Ji46BS4YBQhmM1VSGQVeggUOLwgMYXBpJmWLDG51cmyxOghzMnNSgAigGhI3MzQ1NDI1NTE0NzQ0ODI5OTciCTM4MjY1MDM5MSoGMTAxOTM2Ogca2wjw18ADrALIAwDYA6-wMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDM6MWIyMDo2OmYwMTE6OjVlqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBJeQu7YB-gQSCQAAAGBtDUlAEQAAAOBNQiFAiAUBmAUAoAWZ58mpvc-epweqBRAzQjYwMDkwNUQyOTgxRTcywAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGAA7dCzAA8D_QBvmrAdoGFgoQBREdAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapnRTIBwDSBw0VbAEtCNoHBgnpaOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAQ..&s=30c09b9c0820331e8b2bcd3e8e0ebeb5e0085c01&pp=0.0570
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.148.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-198.deploy.static.akamaitechnologies.com
Software
MT3 851 9bd98ae master cdg-pixel-x15 config_version:"unknown" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x15 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Sun, 21 May 2023 21:24:48 GMT
img
tags.mathtag.com/event/ Frame 8201 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=apn&bid=4120038435785651293&st=4562312&time=[IMP_ATTR.time]&nodeid=4013
Requested by
Host: fra1-ib.adnxs.com
URL: https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https://www.khaleejtimes.com/&e=wqT_3QKMGfBMjAwAAAMA1gAFAQigmKqjBhC13q7o8NHnmAoY8vKEhNyljLkOKjYJWYtPATCesT8RZhXbSek-rT8ZAAAAAClc7z8hZhXbSek-rT8pWYsJJMgxAAAAgD0Ktz8wkrL0CTiUXUAdSAhQl5C7tgFYlPyRAWAAaPvYuQF4AIABAYoBA1VTRJIFBvC2mAGgAaAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAvm_WuoCHWh0dHBzOi8vd3d3LmtoYWxlZWp0aW1lcy5jb20v8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNDEyMDAzODQzNTc4NTY1MTI5M_ICzAEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEq0BaHR0BYY0cGl4ZWwubWF0aHRhZy4Bg6BjbGljay9pbWc_ZXhjaF9haWQ9NTI2NDkyODc4NzI1MzQ2MjAxJm10XwEaSn0AARsgaWQ9NjYyMjM5BQ4oYWRpZD0yMTY1MzYBHShzaWQ9NDU2MjMxMgEPFGV4aWQ9MQUpGGluYXBwPTABFkRvcz0mcmVkaXJlY3Q98gIXChM5FjxnZHByX3N0cl0SAPICGQoUOhoARGZsYWddEgEw8gIeChRbQURfQSFLMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITSvUAkPICxgoKEltOT1RJRklDQVRJT05fVVJJXRKvCjxpbWcgc3JjPWgt-Qx0YWdzMnIBFG5vdGlmeTVzGD1hcG4mc18hfgULIYHAYVc5NXEyakx6SXpMeUF2VFZSRmQxcFVUVE5PYlVWMFRVUkJkMDFETUhkTlJFRjNURgUQEEVRWFJOBRAJIAhFUVgJIPCwTHpReE1qQXdNemcwTXpVM09EVTJOVEV5T1RNdk5qWXlNak01TXk4ME5UWXlNekV5THpFekwwdDRaak5vYUhWUE1HbFlZVFJwU0Rab2VWZDZOMHhMU2t4bVRWVndaeTF4UkZsc05TMVZiSEp6ZHpndk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRFcgMTXdkMAXIBE1WESAARQUQOugADGN2TUMJcAkIZvAALFlXMXpMekF2TlRjdyEYcEx6azVPUzh4TmpJdk1tRXdNem94WWpJd09qWTZaITSgRG82THpBdU1EQXdMekUyT0RRM01EUXlPRGd2TVRZNE5EY3hOamc0T0MF9PBGeE9USTVNVFl4THcvVHp4UTd2ekVsVzNXQlFBTlpLSzNFYjVBTjljJm5vZGVpZD00MDEzJmdyb3VwPWNkZyZhdWN0aW9uaWRSagMQcGJzX2FyIgAcc2hhcmRrZXlSPwAuiQMAY32zPGJwPWFfYWdpaWNhJm1pbl9B-SB3aW49JHtBVUNF2_CVTUlOX1RPX1dJTn0mbmZ5X2FjdD1MRDV3ZXcmYmZpcD0xODUuMjkuMTM1LjE0MyZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0PScxJyBzdHlsZT0nZGlzcGxheTpub25lOyBvdmVyZmxvdzpoaWRkZW4nBUNlbgkuNGxlZnQ6LTEwcHg7dG9wDQoQIHBvc2khVCQ6YWJzb2x1dGUnZZ4EJ2htnwBwQhIFEGV2ZW50ZZ8EbXSB2xgxMzY4ODc1gaeR2xQ3NjQmdjGBxwR2MlJsASx2Mz02NTE4NzEmdjSV_gR2NS4nBUhuc3luYz0xJm5vX2F0dHI9MScgUgwBAC9W6AAAORHnAQmC5gBChQQZ5SWuKG1tSW1wVHJhY2smlYkAYqG5CDEyMDpuBggmc3QV0sHKED1bSU1QqXUBDwBdLtsCctMAgC9kaXY-gAMAiAMBkAMAmAMUoAMBqgPTBgqLBmh0dHA6L0a2AABu_jsF_jsF7jsFrTt8aHJXVTk0WVU1bVRuRkdTVVIyTW1GQlptWnJOazB2TVOFRwB3gaMET1T-OwX-OwX-OwXiOwVoS2ZPdmtHcF9lVjRUSWc1b09tbnFDX2pqMkV3LmAC_jsFnjsFEHByaWNlvREYUFJJQ0V9Ji46BS4YBQhmM1VSGQVeggUOLwgMYXBpJmWLDG51cmyxOghzMnNSgAigGhI3MzQ1NDI1NTE0NzQ0ODI5OTciCTM4MjY1MDM5MSoGMTAxOTM2Ogca2wjw18ADrALIAwDYA6-wMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDM6MWIyMDo2OmYwMTE6OjVlqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBJeQu7YB-gQSCQAAAGBtDUlAEQAAAOBNQiFAiAUBmAUAoAWZ58mpvc-epweqBRAzQjYwMDkwNUQyOTgxRTcywAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGAA7dCzAA8D_QBvmrAdoGFgoQBREdAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapnRTIBwDSBw0VbAEtCNoHBgnpaOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAQ..&s=30c09b9c0820331e8b2bcd3e8e0ebeb5e0085c01&pp=0.0570
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.388.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Server
MMBD/3.388.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x87, cdg-bidder-x152
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Sun, 21 May 2023 21:24:48 GMT
rd_log
fra1-ib.adnxs.com/ Frame 8201 		0
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2F&e=wqT_3QK2EvRTATYJAAADANYABQEIoJiqowYQtd6u6PDR55gKGPLyhITcpYy5Dio2CdBQY0GqlLE_Ecl2vp8aL60_GQAAAAApXO8_IWYV20npPq0_KVmLTwEwnrE_MQAAAIA9Crc_MJKy9Ak4lF1AHUgIUJeQu7YBWJT8kQFgAGj72LkBeACAAQGKAQNVU0SSAQNVU0SYAaABoAHYBKgBAbABALgBAsABBcgBAtABCdgBAOABAPABANgCAOAC-b9a6gIdaHR0cHM6Ly93d3cua2hhbGVlanRpbWVzLmNvbS_yAhoKE1tCSURfQVRUUi5leGNoYW5nZV0SA2FwbvICJgoPW1JBTkRPTV9OVU1CRVJdEhM0MTIwMDM4NDM1Nzg1NjUxMjkz8gLMAQoaW1VORU5DT0RFRF9DTElDS19SRURJUkVDVF0SrQFodHRwczovL3BpeGVsLm1hdGh0YWcFg6BjbGljay9pbWc_ZXhjaF9haWQ9NTI2NDkyODc4NzI1MzQ2MjAxJm10XwEaFDQxMjAwMzJ9AAEbIGlkPTY2MjIzOQUOKGFkaWQ9MjE2NTM2AR0oc2lkPTQ1NjIzMTIBDxRleGlkPTEFKRhpbmFwcD0wARZUb3M9JnJlZGlyZWN0PfICFwoTW0JJRCkWPGdkcHJfc3RyXRIA8gIZChQ6GgA4ZmxhZ10SATDyAh4KFFtBDTUwYWR2ZXJ0aXNlcl0SBgmNEPICHQoSFSEsY3JlYXRpdmVdEgc2CbwQ8gIoChEZXRRiaWRfaWRecgHwQMYKChJbTk9USUZJQ0FUSU9OX1VSSV0Srwo8aW1nIHNyYz1odHRwczovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5NXMYPWFwbiZzXyF-BQshgcBhVzk1cTJqTHpJekx5QXZUVlJGZDFwVVRUTk9iVVYwVFVSQmQwMURNSGROUkVGM1RGBRAQRVFYUk4FEAkgCEVRWAkg8LBMelF4TWpBd016ZzBNelUzT0RVMk5URXlPVE12TmpZeU1qTTVNeTgwTlRZeU16RXlMekV6TDB0NFpqTm9hSFZQTUdsWVlUUnBTRFpvZVZkNk4weExTa3htVFZWd1p5MXhSRmxzTlMxVmJISnpkemd2TVM4eE15OHdMekF2T1RVMk9EQXpMekF2TWpFMk5UTTJMelkxTVRnM01TOHhMekF2TUM5TlJFRjNUVVJCZDAxRVEVyAxNd2QwBcgETVYRIABFBRA66AAMY3ZNQwlwCQhm8AAsWVcxekx6QXZOVGN3IRhwTHprNU9TOHhOakl2TW1Fd016b3hZakl3T2pZNlohNKBEbzZMekF1TURBd0x6RTJPRFEzTURReU9EZ3ZNVFk0TkRjeE5qZzRPQwX08EZ4T1RJNU1UWXhMdy9UenhRN3Z6RWxXM1dCUUFOWktLM0ViNUFOOWMmbm9kZWlkPTQwMTMmZ3JvdXA9Y2RnJmF1Y3Rpb25pZFJqAxBwYnNfYXIiABxzaGFyZGtleVI_AC6JAwBjfbM8YnA9YV9hZ2lpY2EmbWluX0H5IHdpbj0ke0FVQ0Xb8JVNSU5fVE9fV0lOfSZuZnlfYWN0PUxENXdldyZiZmlwPTE4NS4yOS4xMzUuMTQzJnR5cGU9aW1wJmNsaWVudD1jMnMgd2lkdGg9MSBoZWlnaHQ9MT5ceDNDZGl2IHdpZHRoPScxJyBoZWlnaHQ9JzEnIHN0eWxlPSdkaXNwbGF5Om5vbmU7IG92ZXJmbG93OmhpZGRlbicFQ2VuCS40bGVmdDotMTBweDt0b3ANChAgcG9zaSFUJDphYnNvbHV0ZSdlngAnZhIFEGV2ZW50ZZ8EbXSB2xgxMzY4ODc1gaeR2xQ3NjQmdjGBxwR2MlJsASx2Mz02NTE4NzEmdjSV_gR2NS4nBUhuc3luYz0xJm5vX2F0dHI9MScgUgwBAC9W6AAAORHnAQmC5gAAdD6FBBnlJa4obW1JbXBUcmFjayaViQBioblK8QUEc3QV0iB0aW1lPVtJTVCpqgEPAF0u2wJy0wDwvC9kaXY-gAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDr7Aw4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQUMmEwMzoxYjIwOjY6ZjAxMTo6NWWoBACyBAwIABAAGAAgADAAOAK4BADABADIBADaBAIIAeAEAPAEl5C7tgH6BBIJAAAAYG0NSUARAAAA4E1CIUCIBQGYBQCgBZnnyam9z56nB6oFEDNCNjAwOTA1RDI5ODFFNzLABQDJBQ5XCBgAAPA_0gUJAUYFAXDYBQHgBQHwBYvrS_oFBAgAEACQBgCYBgC4BgDBBgUiMADwP9AG-asB2gYWChAJEhkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBklJFMgHANIHDRVsAS0I2gcGAWVoGADgBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgB&s=8c5f00be202bed033cbc718bdd010231b11ff8e6&bdref=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems,https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems,https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&
Requested by
Host: fra1-ib.adnxs.com
URL: https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https://www.khaleejtimes.com/&e=wqT_3QKMGfBMjAwAAAMA1gAFAQigmKqjBhC13q7o8NHnmAoY8vKEhNyljLkOKjYJWYtPATCesT8RZhXbSek-rT8ZAAAAAClc7z8hZhXbSek-rT8pWYsJJMgxAAAAgD0Ktz8wkrL0CTiUXUAdSAhQl5C7tgFYlPyRAWAAaPvYuQF4AIABAYoBA1VTRJIFBvC2mAGgAaAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAvm_WuoCHWh0dHBzOi8vd3d3LmtoYWxlZWp0aW1lcy5jb20v8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNDEyMDAzODQzNTc4NTY1MTI5M_ICzAEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEq0BaHR0BYY0cGl4ZWwubWF0aHRhZy4Bg6BjbGljay9pbWc_ZXhjaF9haWQ9NTI2NDkyODc4NzI1MzQ2MjAxJm10XwEaSn0AARsgaWQ9NjYyMjM5BQ4oYWRpZD0yMTY1MzYBHShzaWQ9NDU2MjMxMgEPFGV4aWQ9MQUpGGluYXBwPTABFkRvcz0mcmVkaXJlY3Q98gIXChM5FjxnZHByX3N0cl0SAPICGQoUOhoARGZsYWddEgEw8gIeChRbQURfQSFLMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITSvUAkPICxgoKEltOT1RJRklDQVRJT05fVVJJXRKvCjxpbWcgc3JjPWgt-Qx0YWdzMnIBFG5vdGlmeTVzGD1hcG4mc18hfgULIYHAYVc5NXEyakx6SXpMeUF2VFZSRmQxcFVUVE5PYlVWMFRVUkJkMDFETUhkTlJFRjNURgUQEEVRWFJOBRAJIAhFUVgJIPCwTHpReE1qQXdNemcwTXpVM09EVTJOVEV5T1RNdk5qWXlNak01TXk4ME5UWXlNekV5THpFekwwdDRaak5vYUhWUE1HbFlZVFJwU0Rab2VWZDZOMHhMU2t4bVRWVndaeTF4UkZsc05TMVZiSEp6ZHpndk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRFcgMTXdkMAXIBE1WESAARQUQOugADGN2TUMJcAkIZvAALFlXMXpMekF2TlRjdyEYcEx6azVPUzh4TmpJdk1tRXdNem94WWpJd09qWTZaITSgRG82THpBdU1EQXdMekUyT0RRM01EUXlPRGd2TVRZNE5EY3hOamc0T0MF9PBGeE9USTVNVFl4THcvVHp4UTd2ekVsVzNXQlFBTlpLSzNFYjVBTjljJm5vZGVpZD00MDEzJmdyb3VwPWNkZyZhdWN0aW9uaWRSagMQcGJzX2FyIgAcc2hhcmRrZXlSPwAuiQMAY32zPGJwPWFfYWdpaWNhJm1pbl9B-SB3aW49JHtBVUNF2_CVTUlOX1RPX1dJTn0mbmZ5X2FjdD1MRDV3ZXcmYmZpcD0xODUuMjkuMTM1LjE0MyZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0PScxJyBzdHlsZT0nZGlzcGxheTpub25lOyBvdmVyZmxvdzpoaWRkZW4nBUNlbgkuNGxlZnQ6LTEwcHg7dG9wDQoQIHBvc2khVCQ6YWJzb2x1dGUnZZ4EJ2htnwBwQhIFEGV2ZW50ZZ8EbXSB2xgxMzY4ODc1gaeR2xQ3NjQmdjGBxwR2MlJsASx2Mz02NTE4NzEmdjSV_gR2NS4nBUhuc3luYz0xJm5vX2F0dHI9MScgUgwBAC9W6AAAORHnAQmC5gBChQQZ5SWuKG1tSW1wVHJhY2smlYkAYqG5CDEyMDpuBggmc3QV0sHKED1bSU1QqXUBDwBdLtsCctMAgC9kaXY-gAMAiAMBkAMAmAMUoAMBqgPTBgqLBmh0dHA6L0a2AABu_jsF_jsF7jsFrTt8aHJXVTk0WVU1bVRuRkdTVVIyTW1GQlptWnJOazB2TVOFRwB3gaMET1T-OwX-OwX-OwXiOwVoS2ZPdmtHcF9lVjRUSWc1b09tbnFDX2pqMkV3LmAC_jsFnjsFEHByaWNlvREYUFJJQ0V9Ji46BS4YBQhmM1VSGQVeggUOLwgMYXBpJmWLDG51cmyxOghzMnNSgAigGhI3MzQ1NDI1NTE0NzQ0ODI5OTciCTM4MjY1MDM5MSoGMTAxOTM2Ogca2wjw18ADrALIAwDYA6-wMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDM6MWIyMDo2OmYwMTE6OjVlqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBJeQu7YB-gQSCQAAAGBtDUlAEQAAAOBNQiFAiAUBmAUAoAWZ58mpvc-epweqBRAzQjYwMDkwNUQyOTgxRTcywAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGAA7dCzAA8D_QBvmrAdoGFgoQBREdAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapnRTIBwDSBw0VbAEtCNoHBgnpaOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAQ..&s=30c09b9c0820331e8b2bcd3e8e0ebeb5e0085c01&pp=0.0570
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
AN-X-Request-Uuid
2848d342-0084-485f-9e0a-5e2c3d070c23
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
fra1-ib.adnxs.com/ Frame 8201 		0
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2F&e=wqT_3QKIC_QrBYgFAAADANYABQEIoJiqowYQtd6u6PDR55gKGPLyhITcpYy5Dio2CdBQY0GqlLE_Ecl2vp8aL60_GQAAAAApXO8_IWYV20npPq0_KVmLTwEwnrE_MQAAAIA9Crc_MJKy9Ak4lF1AHUgIUJeQu7YBWJT8kQFgAGj72LkBeACAAQGKAQNVU0SSAQNVU0SYAaABoAHYBKgBAbABALgBAsABBcgBAtABCdgBAOABAPABANgCAOAC-b9a6gIdaHR0cHM6Ly93d3cua2hhbGVlanRpbWVzLmNvbS-AAwCIAwGQAwCYAxSgAwGqA9MGCosGaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUVlJGZDFwVVRUTk9iVVYwVFVSQmQwMURNSGROUkVGM1RGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpReE1qQXdNemcwTXpVM09EVTJOVEV5T1RNdk5qWXlNak01TXk4ME5UWXlNekV5THpFekwwdDRaak5vYUhWUE1HbFlZVFJwU0Rab2VWZDZOMGhyV1U5NFlVNW1UbkZHU1VSMk1tRkJabVpyTmswdk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRjNUVVJCZEUxRVFYZE5SRUYzVFVSQmQwMUVRWGN2TUM4d0x6QXZNQzh3THpReE1qQXdNemcwTXpVM09EVTJOVEV5T1RNdllXMXpMekF2TlRjd0x6UXhMems1T1M4eE5qSXZNbUV3TXpveFlqSXdPalk2WmpBd01EbzZMekF1TURBd0x6RTJPRFEzTURReU9EZ3ZNVFk0TkRjeE5qZzRPQzh4TXk4eE9USTVNVFl4THcvS2ZPdmtHcF9lVjRUSWc1b09tbnFDX2pqMkV3Jm5vZGVpZD00MDEzJmdyb3VwPWNkZyZhdWN0aW9uaWQ9NDEyMDAzODQzNTc4NTY1MTI5MyZwYnNfYXVjdGlvbmlkPTQxMjAwMzg0MzU3ODU2NTEyOTMmc2hhcmRrZXk9NDEyMDAzODQzNTc4NTY1MTI5MyZwcmljZT0ke0FVQ1RJT05fUFJJQ0V9JmJwPWFfYWdpaWNhJm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTE4NS4yOS4xMzUuMTQzJnNpZD00NTYyMzEyJmNpZD02NjIyMzkzJnNyYz1hcGkmdHlwZT1udXJsJmNsaWVudD1zMnMSEzQxMjAwMzg0MzU3ODU2NTEyOTMaEjczNDU0MjU1MTQ3NDQ4Mjk5NyIJMzgyNjUwMzkxKgYxMDE5MzY6BzY2MjIzOTPAA6wCyAMA2AOvsDDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBQyYTAzOjFiMjA6NjpmMDExOjo1ZagEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8ASXkLu2AfoEEgkAAABgbQ1JQBEAAADgTUIhQIgFAZgFAKAFmefJqb3PnqcHqgUQM0I2MDA5MDVEMjk4MUU3MsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYvrS_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Ab5qwHaBhYKEAAAAAAAAACB8wUBkBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3McgHANIHDQkFKgQAAAUtDNoHBggFCWDgBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgB&s=49c3aa66438698e04991cec6b1125ae42f825976
Requested by
Host: fra1-ib.adnxs.com
URL: https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https://www.khaleejtimes.com/&e=wqT_3QKMGfBMjAwAAAMA1gAFAQigmKqjBhC13q7o8NHnmAoY8vKEhNyljLkOKjYJWYtPATCesT8RZhXbSek-rT8ZAAAAAClc7z8hZhXbSek-rT8pWYsJJMgxAAAAgD0Ktz8wkrL0CTiUXUAdSAhQl5C7tgFYlPyRAWAAaPvYuQF4AIABAYoBA1VTRJIFBvC2mAGgAaAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAvm_WuoCHWh0dHBzOi8vd3d3LmtoYWxlZWp0aW1lcy5jb20v8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNDEyMDAzODQzNTc4NTY1MTI5M_ICzAEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEq0BaHR0BYY0cGl4ZWwubWF0aHRhZy4Bg6BjbGljay9pbWc_ZXhjaF9haWQ9NTI2NDkyODc4NzI1MzQ2MjAxJm10XwEaSn0AARsgaWQ9NjYyMjM5BQ4oYWRpZD0yMTY1MzYBHShzaWQ9NDU2MjMxMgEPFGV4aWQ9MQUpGGluYXBwPTABFkRvcz0mcmVkaXJlY3Q98gIXChM5FjxnZHByX3N0cl0SAPICGQoUOhoARGZsYWddEgEw8gIeChRbQURfQSFLMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITSvUAkPICxgoKEltOT1RJRklDQVRJT05fVVJJXRKvCjxpbWcgc3JjPWgt-Qx0YWdzMnIBFG5vdGlmeTVzGD1hcG4mc18hfgULIYHAYVc5NXEyakx6SXpMeUF2VFZSRmQxcFVUVE5PYlVWMFRVUkJkMDFETUhkTlJFRjNURgUQEEVRWFJOBRAJIAhFUVgJIPCwTHpReE1qQXdNemcwTXpVM09EVTJOVEV5T1RNdk5qWXlNak01TXk4ME5UWXlNekV5THpFekwwdDRaak5vYUhWUE1HbFlZVFJwU0Rab2VWZDZOMHhMU2t4bVRWVndaeTF4UkZsc05TMVZiSEp6ZHpndk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRFcgMTXdkMAXIBE1WESAARQUQOugADGN2TUMJcAkIZvAALFlXMXpMekF2TlRjdyEYcEx6azVPUzh4TmpJdk1tRXdNem94WWpJd09qWTZaITSgRG82THpBdU1EQXdMekUyT0RRM01EUXlPRGd2TVRZNE5EY3hOamc0T0MF9PBGeE9USTVNVFl4THcvVHp4UTd2ekVsVzNXQlFBTlpLSzNFYjVBTjljJm5vZGVpZD00MDEzJmdyb3VwPWNkZyZhdWN0aW9uaWRSagMQcGJzX2FyIgAcc2hhcmRrZXlSPwAuiQMAY32zPGJwPWFfYWdpaWNhJm1pbl9B-SB3aW49JHtBVUNF2_CVTUlOX1RPX1dJTn0mbmZ5X2FjdD1MRDV3ZXcmYmZpcD0xODUuMjkuMTM1LjE0MyZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0PScxJyBzdHlsZT0nZGlzcGxheTpub25lOyBvdmVyZmxvdzpoaWRkZW4nBUNlbgkuNGxlZnQ6LTEwcHg7dG9wDQoQIHBvc2khVCQ6YWJzb2x1dGUnZZ4EJ2htnwBwQhIFEGV2ZW50ZZ8EbXSB2xgxMzY4ODc1gaeR2xQ3NjQmdjGBxwR2MlJsASx2Mz02NTE4NzEmdjSV_gR2NS4nBUhuc3luYz0xJm5vX2F0dHI9MScgUgwBAC9W6AAAORHnAQmC5gBChQQZ5SWuKG1tSW1wVHJhY2smlYkAYqG5CDEyMDpuBggmc3QV0sHKED1bSU1QqXUBDwBdLtsCctMAgC9kaXY-gAMAiAMBkAMAmAMUoAMBqgPTBgqLBmh0dHA6L0a2AABu_jsF_jsF7jsFrTt8aHJXVTk0WVU1bVRuRkdTVVIyTW1GQlptWnJOazB2TVOFRwB3gaMET1T-OwX-OwX-OwXiOwVoS2ZPdmtHcF9lVjRUSWc1b09tbnFDX2pqMkV3LmAC_jsFnjsFEHByaWNlvREYUFJJQ0V9Ji46BS4YBQhmM1VSGQVeggUOLwgMYXBpJmWLDG51cmyxOghzMnNSgAigGhI3MzQ1NDI1NTE0NzQ0ODI5OTciCTM4MjY1MDM5MSoGMTAxOTM2Ogca2wjw18ADrALIAwDYA6-wMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDM6MWIyMDo2OmYwMTE6OjVlqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBJeQu7YB-gQSCQAAAGBtDUlAEQAAAOBNQiFAiAUBmAUAoAWZ58mpvc-epweqBRAzQjYwMDkwNUQyOTgxRTcywAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGAA7dCzAA8D_QBvmrAdoGFgoQBREdAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapnRTIBwDSBw0VbAEtCNoHBgnpaOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAQ..&s=30c09b9c0820331e8b2bcd3e8e0ebeb5e0085c01&pp=0.0570
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
AN-X-Request-Uuid
bc6fbaea-dded-454f-8827-fc3872d76602
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/232/ Frame 8201 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/232/trk.js
Requested by
Host: fra1-ib.adnxs.com
URL: https://fra1-ib.adnxs.com/ab?an_audit=0&referrer=https://www.khaleejtimes.com/&e=wqT_3QKMGfBMjAwAAAMA1gAFAQigmKqjBhC13q7o8NHnmAoY8vKEhNyljLkOKjYJWYtPATCesT8RZhXbSek-rT8ZAAAAAClc7z8hZhXbSek-rT8pWYsJJMgxAAAAgD0Ktz8wkrL0CTiUXUAdSAhQl5C7tgFYlPyRAWAAaPvYuQF4AIABAYoBA1VTRJIFBvC2mAGgAaAB2ASoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQDYAgDgAvm_WuoCHWh0dHBzOi8vd3d3LmtoYWxlZWp0aW1lcy5jb20v8gIaChNbQklEX0FUVFIuZXhjaGFuZ2VdEgNhcG7yAiYKD1tSQU5ET01fTlVNQkVSXRITNDEyMDAzODQzNTc4NTY1MTI5M_ICzAEKGltVTkVOQ09ERURfQ0xJQ0tfUkVESVJFQ1RdEq0BaHR0BYY0cGl4ZWwubWF0aHRhZy4Bg6BjbGljay9pbWc_ZXhjaF9haWQ9NTI2NDkyODc4NzI1MzQ2MjAxJm10XwEaSn0AARsgaWQ9NjYyMjM5BQ4oYWRpZD0yMTY1MzYBHShzaWQ9NDU2MjMxMgEPFGV4aWQ9MQUpGGluYXBwPTABFkRvcz0mcmVkaXJlY3Q98gIXChM5FjxnZHByX3N0cl0SAPICGQoUOhoARGZsYWddEgEw8gIeChRbQURfQSFLMGFkdmVydGlzZXJdEgYJjRDyAh0KEhUhLGNyZWF0aXZlXRIHNgm8EPICKAoRGV0gYmlkX2lkXRITSvUAkPICxgoKEltOT1RJRklDQVRJT05fVVJJXRKvCjxpbWcgc3JjPWgt-Qx0YWdzMnIBFG5vdGlmeTVzGD1hcG4mc18hfgULIYHAYVc5NXEyakx6SXpMeUF2VFZSRmQxcFVUVE5PYlVWMFRVUkJkMDFETUhkTlJFRjNURgUQEEVRWFJOBRAJIAhFUVgJIPCwTHpReE1qQXdNemcwTXpVM09EVTJOVEV5T1RNdk5qWXlNak01TXk4ME5UWXlNekV5THpFekwwdDRaak5vYUhWUE1HbFlZVFJwU0Rab2VWZDZOMHhMU2t4bVRWVndaeTF4UkZsc05TMVZiSEp6ZHpndk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRFcgMTXdkMAXIBE1WESAARQUQOugADGN2TUMJcAkIZvAALFlXMXpMekF2TlRjdyEYcEx6azVPUzh4TmpJdk1tRXdNem94WWpJd09qWTZaITSgRG82THpBdU1EQXdMekUyT0RRM01EUXlPRGd2TVRZNE5EY3hOamc0T0MF9PBGeE9USTVNVFl4THcvVHp4UTd2ekVsVzNXQlFBTlpLSzNFYjVBTjljJm5vZGVpZD00MDEzJmdyb3VwPWNkZyZhdWN0aW9uaWRSagMQcGJzX2FyIgAcc2hhcmRrZXlSPwAuiQMAY32zPGJwPWFfYWdpaWNhJm1pbl9B-SB3aW49JHtBVUNF2_CVTUlOX1RPX1dJTn0mbmZ5X2FjdD1MRDV3ZXcmYmZpcD0xODUuMjkuMTM1LjE0MyZ0eXBlPWltcCZjbGllbnQ9YzJzIHdpZHRoPTEgaGVpZ2h0PTE-XHgzQ2RpdiB3aWR0aD0nMScgaGVpZ2h0PScxJyBzdHlsZT0nZGlzcGxheTpub25lOyBvdmVyZmxvdzpoaWRkZW4nBUNlbgkuNGxlZnQ6LTEwcHg7dG9wDQoQIHBvc2khVCQ6YWJzb2x1dGUnZZ4EJ2htnwBwQhIFEGV2ZW50ZZ8EbXSB2xgxMzY4ODc1gaeR2xQ3NjQmdjGBxwR2MlJsASx2Mz02NTE4NzEmdjSV_gR2NS4nBUhuc3luYz0xJm5vX2F0dHI9MScgUgwBAC9W6AAAORHnAQmC5gBChQQZ5SWuKG1tSW1wVHJhY2smlYkAYqG5CDEyMDpuBggmc3QV0sHKED1bSU1QqXUBDwBdLtsCctMAgC9kaXY-gAMAiAMBkAMAmAMUoAMBqgPTBgqLBmh0dHA6L0a2AABu_jsF_jsF7jsFrTt8aHJXVTk0WVU1bVRuRkdTVVIyTW1GQlptWnJOazB2TVOFRwB3gaMET1T-OwX-OwX-OwXiOwVoS2ZPdmtHcF9lVjRUSWc1b09tbnFDX2pqMkV3LmAC_jsFnjsFEHByaWNlvREYUFJJQ0V9Ji46BS4YBQhmM1VSGQVeggUOLwgMYXBpJmWLDG51cmyxOghzMnNSgAigGhI3MzQ1NDI1NTE0NzQ0ODI5OTciCTM4MjY1MDM5MSoGMTAxOTM2Ogca2wjw18ADrALIAwDYA6-wMOADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIEFDJhMDM6MWIyMDo2OmYwMTE6OjVlqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBJeQu7YB-gQSCQAAAGBtDUlAEQAAAOBNQiFAiAUBmAUAoAWZ58mpvc-epweqBRAzQjYwMDkwNUQyOTgxRTcywAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFi-tL-gUECAAQAJAGAJgGALgGAMEGAA7dCzAA8D_QBvmrAdoGFgoQBREdAVwQABgA4AYB8gYCCACABwGIBwCgBwGqBwapnRTIBwDSBw0VbAEtCNoHBgnpaOAHAOoHAggA8AeJ4wKKCAIQAJUIAACAP5gIAQ..&s=30c09b9c0820331e8b2bcd3e8e0ebeb5e0085c01&pp=0.0570
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Expires
Thu, 25 Apr 2024 08:42:19 GMT
Date
Sun, 21 May 2023 21:24:49 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
2205750
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27631
X-Served-By
cache-lga21975-LGA, cache-fra-eddf8230020-FRA
Last-Modified
Wed, 26 Apr 2023 08:42:13 GMT
Server
AkamaiNetStorage
X-Timer
S1684704290.621889,VS0,VE0
ETag
"c342094e8bdad308ac07817d751fb315:1682498533.672161"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
14, 1719742
activeview
pagead2.googlesyndication.com/pcs/ Frame D34B 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss27UsPWykAFGKwk64NpgWkTa7PK5KrScglpKWaYZ9HvjF4F_lpI5bWpch7CxRf15mglmOQvFc9FDiRgdkqWh_VyGCkZzMlMJsIMWk0vffQIz5NzMwm&sig=Cg0ArKJSzIaTlHcCf9dTEAE&id=lidar2&mcvt=1030&p=45,126,135,326&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2312031536&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684704288285&rpt=260&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 6D2D 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=aniview&us_privacy=1---&khaos=LHXXFOBQ-28-MCUH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a414d61fde5a538d1bc5c621aec59518
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
activeview
pagead2.googlesyndication.com/pcs/ Frame 1992 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUoLhqaAIszsDduI_YORvt7W4fsRngPLNrxyW3Ci0YQvkj8K3pXNbbVITZuDbTfhAbWT8v84Bqbir82Cv53DF9iCVAnlkuTIvIqDHGXrAjHGbMhWCG&sig=Cg0ArKJSzEfe_ioxlhZpEAE&id=lidar2&mcvt=1021&p=45,1274,135,1474&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=124803191&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684704288294&rpt=271&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixelSync
pixel.sitescout.com/dmp/ Frame 5D98 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D25db92053c080c79
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-ams03.e-planning.net/ Frame 5D98
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D25db92053c080c79%26uid%3D%5BUID%5D
  • https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=25db92053c080c79&uid=b4a77657-9fae-48df-962b-3e6b29bb7c16
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=25db92053c080c79&uid=b4a77657-9fae-48df-962b-3e6b29bb7c16
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

server
openresty
date
Sun, 21 May 2023 21:24:49 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://u-ams03.e-planning.net/um?dc=9937b3fd6e9a979a&fi=25db92053c080c79&uid=b4a77657-9fae-48df-962b-3e6b29bb7c16
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
lotame20230117.js
s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/ Frame 5D98 		676 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/876bf12ed75fef1e/lotame20230117.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
last-modified
Tue, 17 Jan 2023 20:00:05 GMT
server
openresty
etag
W/"63c6fe45-2a4"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Fri, 19 May 2028 21:24:49 GMT
um
u-ams03.e-planning.net/ Frame 5D98
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D25db92053c080c79%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=25db92053c080c79&uid=2436496733646849807
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=25db92053c080c79&uid=2436496733646849807
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

server
openresty
date
Sun, 21 May 2023 21:24:49 GMT
content-type
image/gif

Redirect headers

Date
Sun, 21 May 2023 21:24:49 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a3aaa3f0-9979-4347-b74f-eb1f29748157
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=25db92053c080c79&uid=2436496733646849807
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame 5D98
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D25db92053c080c79%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=25db92053c080c79&uid=ua-45d8e49a-f512-37ba-96df-f6d180718235
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=25db92053c080c79&uid=ua-45d8e49a-f512-37ba-96df-f6d180718235
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

server
openresty
date
Sun, 21 May 2023 21:24:50 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=25db92053c080c79&uid=ua-45d8e49a-f512-37ba-96df-f6d180718235
pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
cache-control
no-store
content-length
0
expires
0
us
sync.go.sonobi.com/ Frame 5D98 		0
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D25db92053c080c79%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-73
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid
rtb.openx.net/sync/ Frame 5D98 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D25db92053c080c79%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
truncated
/ Frame 5556 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a1621d6f0d451fc717709f45ee63ce30f6a54c75fd155f132e5e2823b08628e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
usync.html
eus.rubiconproject.com/ Frame 1FCD
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:49 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 21 May 2023 21:24:49 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
usermatch
ssum.casalemedia.com/ Frame 42C9
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
0c8d2a58b05248b94e354fac9895425a21cf4930bd3d5f9588c93b73e44cffc4

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1781
Content-Type
text/html
Date
Sun, 21 May 2023 21:24:49 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Sun, 21 May 2023 21:24:49 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 9947 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Cantonment, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
84227
cf4ttl
157680000.000
content-length
1525
content-type
text/html
date
Sun, 21 May 2023 21:24:49 GMT
etag
"61ddbb71-5f5"
expires
Mon, 24 Apr 2028 15:30:46 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
547e59c67c0d5b2097d98b8d9fa482bb
x-cf-tsc
1682607275
x-cf1
29080:fK.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame AECE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 4A5B 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b719fa966ff006497bd2a7fe171650bf68e2f72411ee57f0da845796c9b97201

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7cafe3723c281e1c-FRA
content-encoding
br
content-type
text/html
date
Sun, 21 May 2023 21:24:49 GMT
server
cloudflare
vary
Origin
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D060 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48776
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 21 May 2023 21:24:49 GMT
expires
Mon, 22 May 2023 10:57:45 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame C535 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync.php
pixel.rubiconproject.com/exchange/ Frame 7D26 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d&gdpr=0&gdpr_consent={gdpr_onsent}&us_privacy=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
csync
sync.adtelligent.com/ Frame 7D26 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Server
Adtelligent
Etag
e0cb5ef3b15a5a54
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 5556 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_K6snA97-SMWixYtwOmez6DJSWNzsaJrKXuMLAHzT7CeeIPdneB13KMEAjwVFkxAFlA-MF1xs9FXwzpfiJWRi_kcEaNGpozg5upBFbzPf1hs9Lh4brRiGmYLA5kx2FLjzLbgWGoyglPiTaQUZckgfj3WgLdSwpNb0L1cDSG-8C4KEiT3Snb4AV8Itlg5hKXeKxuZla7Trn0RIjjqjZGy62BFjtkGIHvgslq9XYXQDIZZHp442Ta_rp-12WHPVD9VzI00mr1E8dyzQbXRylyoU8r8LLP4dzXcMO10iyR8VtDfm9hYDBlqXiRAggnjhlAWEDM84SeWQTyJiU0IRKsWFVA&sai=AMfl-YQ6Oam45Cx_AOdpnu3rx88IKYGsn89SsruC56GfIpCc3ETkrTYyTd8G_xZprcIgQnLxySrXPvMFKmt3CpWpyuLnSiOvXhd3LjTSesa7zeNxyhtwHLXDWE4e6h1RV1U&sig=Cg0ArKJSzGtok2ld2LTHEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:49 GMT
usync.js
eus.rubiconproject.com/ Frame 1FCD 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fbd313762cb3406cf59cfd0cb482fccf9b76f79ccbb80caf324ce80cf465eb8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
last-modified
Sun, 21 May 2023 04:27:12 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=25334
content-length
10085
expires
Mon, 22 May 2023 04:27:03 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F5C5 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26222057&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr={gdpr]&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
7048c4d3ce53a0d8f55996b93069e39b27d933ed82b9a1c5917522722c757afa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
privacy_small.svg
static.criteo.net/flash/icon/ Frame A05D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGqMIQACrL4Kd8IPAAH8nYY6hdHvl4zb2X8O0Q&u=%7CmnVyqarO45%2F1O9XRKdgJ0iBTRTG7GZ5wp0MQUtnxjMw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9cTlJgqEZnthwGUqKNi4MkjlPejYi92vMYodVXZF_9yDqGpQAOgAZAYVGYTgLXAq-6I4AVCc78jNhssEm7sMRX3R1zMcLa33vxrkiop0IU3zQxEOpcYu3uuE19jSvhpIR0J6i2XFCazLwcKRUotSs1ERamCHGZ9eJ-GPAqxy5rrHJzb7ZBgg6tkDaU_1NdcdatMn_qDb27uY0MfGYuJunip1m6IG73g1f7MkWtXbBYZuR1UNqfKsL_-o-y2VDeHXQyfAhoulV_KYaYkz_d1e1Gd_oK6vnNC0RGGAyfFpPEMjqQNAj3d_h558x4JU_gpkcOiYqUn7r5BIbx-6qmry1whPh8LWIP-X6Q64ZPJiMa9TW3o3XF5i8_9pRiooPx6pNwW6Lh_izm3CELWYZrVwh6a2xSxlyXHQJzo2JsgKrw509bGrdXRLjCRAKVu2lPS6zZsdUBDQiQyKFPEUEDw-iLPORvOZfYhOYkjnZwJsmwX14t4uhEliY7NJ5QLAvnljMIBuyOISbXl8ozjGyqSlPv3pBlCF3iDzM5JqhiXY3TEnP-unvr260WyaHGxKd7l8TWWeQ8M5TdkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9RokIYxqZL7ZCo-E3wOd-YeQBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODczMTIxMDc2NTIwMjIzN8gBCakCkmz4C7Mgsj7gAgCoAwGqBMECT9CNT4kaZHazmWAcoM2wwx9BXMFzGeiikwqBhrVtY8-ceMM4z0bZYoxc08Kdi-qG3OcgwwM8Nl6Nh2nueUpUFtcNBMPHLXr1J-C1vnb_fj5maDpA2hBS3Mk3tcfmJIa_ApgqCavt_8Fwu7m0YzT2dxdER4BNo-wXkHLwVJXBlHnbmBABlVyda-7UC00o1RbalXy4Uar647H8p_Yck_WFJVI06YHDnuOBudokWWE9Yr8zv8wIDF4L53mBYxKh0_ZVNdvX2lG8hwihQwpoGoLOgNoRLHvV-UP28ZbnnrOyM4xXZ-db2qeLpqYG8zW48-v6rZy8mr2aOuvSi6wuhfN-AlI2FfnQ-RzoBqpHXjmMsENDSFt5ZkIT8bQcb0B046KgYE7HngNQ1If-CVH1U7B1od-bLDLDETo2akidler5ffTH4AQBgAabsIrStMCSxaIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjI5NTg1MDUwNzI4NjA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wFXevlAErLxuIdO1qigYmJNL-FQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 May 2024 21:24:49 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame A05D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGqMIQACrL4Kd8IPAAH8nYY6hdHvl4zb2X8O0Q&u=%7CmnVyqarO45%2F1O9XRKdgJ0iBTRTG7GZ5wp0MQUtnxjMw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9cTlJgqEZnthwGUqKNi4MkjlPejYi92vMYodVXZF_9yDqGpQAOgAZAYVGYTgLXAq-6I4AVCc78jNhssEm7sMRX3R1zMcLa33vxrkiop0IU3zQxEOpcYu3uuE19jSvhpIR0J6i2XFCazLwcKRUotSs1ERamCHGZ9eJ-GPAqxy5rrHJzb7ZBgg6tkDaU_1NdcdatMn_qDb27uY0MfGYuJunip1m6IG73g1f7MkWtXbBYZuR1UNqfKsL_-o-y2VDeHXQyfAhoulV_KYaYkz_d1e1Gd_oK6vnNC0RGGAyfFpPEMjqQNAj3d_h558x4JU_gpkcOiYqUn7r5BIbx-6qmry1whPh8LWIP-X6Q64ZPJiMa9TW3o3XF5i8_9pRiooPx6pNwW6Lh_izm3CELWYZrVwh6a2xSxlyXHQJzo2JsgKrw509bGrdXRLjCRAKVu2lPS6zZsdUBDQiQyKFPEUEDw-iLPORvOZfYhOYkjnZwJsmwX14t4uhEliY7NJ5QLAvnljMIBuyOISbXl8ozjGyqSlPv3pBlCF3iDzM5JqhiXY3TEnP-unvr260WyaHGxKd7l8TWWeQ8M5TdkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9RokIYxqZL7ZCo-E3wOd-YeQBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODczMTIxMDc2NTIwMjIzN8gBCakCkmz4C7Mgsj7gAgCoAwGqBMECT9CNT4kaZHazmWAcoM2wwx9BXMFzGeiikwqBhrVtY8-ceMM4z0bZYoxc08Kdi-qG3OcgwwM8Nl6Nh2nueUpUFtcNBMPHLXr1J-C1vnb_fj5maDpA2hBS3Mk3tcfmJIa_ApgqCavt_8Fwu7m0YzT2dxdER4BNo-wXkHLwVJXBlHnbmBABlVyda-7UC00o1RbalXy4Uar647H8p_Yck_WFJVI06YHDnuOBudokWWE9Yr8zv8wIDF4L53mBYxKh0_ZVNdvX2lG8hwihQwpoGoLOgNoRLHvV-UP28ZbnnrOyM4xXZ-db2qeLpqYG8zW48-v6rZy8mr2aOuvSi6wuhfN-AlI2FfnQ-RzoBqpHXjmMsENDSFt5ZkIT8bQcb0B046KgYE7HngNQ1If-CVH1U7B1od-bLDLDETo2akidler5ffTH4AQBgAabsIrStMCSxaIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjI5NTg1MDUwNzI4NjA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wFXevlAErLxuIdO1qigYmJNL-FQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 May 2024 21:24:49 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame A05D 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGqMIQACrL4Kd8IPAAH8nYY6hdHvl4zb2X8O0Q&u=%7CmnVyqarO45%2F1O9XRKdgJ0iBTRTG7GZ5wp0MQUtnxjMw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9cTlJgqEZnthwGUqKNi4MkjlPejYi92vMYodVXZF_9yDqGpQAOgAZAYVGYTgLXAq-6I4AVCc78jNhssEm7sMRX3R1zMcLa33vxrkiop0IU3zQxEOpcYu3uuE19jSvhpIR0J6i2XFCazLwcKRUotSs1ERamCHGZ9eJ-GPAqxy5rrHJzb7ZBgg6tkDaU_1NdcdatMn_qDb27uY0MfGYuJunip1m6IG73g1f7MkWtXbBYZuR1UNqfKsL_-o-y2VDeHXQyfAhoulV_KYaYkz_d1e1Gd_oK6vnNC0RGGAyfFpPEMjqQNAj3d_h558x4JU_gpkcOiYqUn7r5BIbx-6qmry1whPh8LWIP-X6Q64ZPJiMa9TW3o3XF5i8_9pRiooPx6pNwW6Lh_izm3CELWYZrVwh6a2xSxlyXHQJzo2JsgKrw509bGrdXRLjCRAKVu2lPS6zZsdUBDQiQyKFPEUEDw-iLPORvOZfYhOYkjnZwJsmwX14t4uhEliY7NJ5QLAvnljMIBuyOISbXl8ozjGyqSlPv3pBlCF3iDzM5JqhiXY3TEnP-unvr260WyaHGxKd7l8TWWeQ8M5TdkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9RokIYxqZL7ZCo-E3wOd-YeQBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODczMTIxMDc2NTIwMjIzN8gBCakCkmz4C7Mgsj7gAgCoAwGqBMECT9CNT4kaZHazmWAcoM2wwx9BXMFzGeiikwqBhrVtY8-ceMM4z0bZYoxc08Kdi-qG3OcgwwM8Nl6Nh2nueUpUFtcNBMPHLXr1J-C1vnb_fj5maDpA2hBS3Mk3tcfmJIa_ApgqCavt_8Fwu7m0YzT2dxdER4BNo-wXkHLwVJXBlHnbmBABlVyda-7UC00o1RbalXy4Uar647H8p_Yck_WFJVI06YHDnuOBudokWWE9Yr8zv8wIDF4L53mBYxKh0_ZVNdvX2lG8hwihQwpoGoLOgNoRLHvV-UP28ZbnnrOyM4xXZ-db2qeLpqYG8zW48-v6rZy8mr2aOuvSi6wuhfN-AlI2FfnQ-RzoBqpHXjmMsENDSFt5ZkIT8bQcb0B046KgYE7HngNQ1If-CVH1U7B1od-bLDLDETo2akidler5ffTH4AQBgAabsIrStMCSxaIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjI5NTg1MDUwNzI4NjA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wFXevlAErLxuIdO1qigYmJNL-FQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 15 May 2024 21:24:49 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame A05D 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGqMIQACrL4Kd8IPAAH8nYY6hdHvl4zb2X8O0Q&u=%7CmnVyqarO45%2F1O9XRKdgJ0iBTRTG7GZ5wp0MQUtnxjMw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9cTlJgqEZnthwGUqKNi4MkjlPejYi92vMYodVXZF_9yDqGpQAOgAZAYVGYTgLXAq-6I4AVCc78jNhssEm7sMRX3R1zMcLa33vxrkiop0IU3zQxEOpcYu3uuE19jSvhpIR0J6i2XFCazLwcKRUotSs1ERamCHGZ9eJ-GPAqxy5rrHJzb7ZBgg6tkDaU_1NdcdatMn_qDb27uY0MfGYuJunip1m6IG73g1f7MkWtXbBYZuR1UNqfKsL_-o-y2VDeHXQyfAhoulV_KYaYkz_d1e1Gd_oK6vnNC0RGGAyfFpPEMjqQNAj3d_h558x4JU_gpkcOiYqUn7r5BIbx-6qmry1whPh8LWIP-X6Q64ZPJiMa9TW3o3XF5i8_9pRiooPx6pNwW6Lh_izm3CELWYZrVwh6a2xSxlyXHQJzo2JsgKrw509bGrdXRLjCRAKVu2lPS6zZsdUBDQiQyKFPEUEDw-iLPORvOZfYhOYkjnZwJsmwX14t4uhEliY7NJ5QLAvnljMIBuyOISbXl8ozjGyqSlPv3pBlCF3iDzM5JqhiXY3TEnP-unvr260WyaHGxKd7l8TWWeQ8M5TdkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9RokIYxqZL7ZCo-E3wOd-YeQBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODczMTIxMDc2NTIwMjIzN8gBCakCkmz4C7Mgsj7gAgCoAwGqBMECT9CNT4kaZHazmWAcoM2wwx9BXMFzGeiikwqBhrVtY8-ceMM4z0bZYoxc08Kdi-qG3OcgwwM8Nl6Nh2nueUpUFtcNBMPHLXr1J-C1vnb_fj5maDpA2hBS3Mk3tcfmJIa_ApgqCavt_8Fwu7m0YzT2dxdER4BNo-wXkHLwVJXBlHnbmBABlVyda-7UC00o1RbalXy4Uar647H8p_Yck_WFJVI06YHDnuOBudokWWE9Yr8zv8wIDF4L53mBYxKh0_ZVNdvX2lG8hwihQwpoGoLOgNoRLHvV-UP28ZbnnrOyM4xXZ-db2qeLpqYG8zW48-v6rZy8mr2aOuvSi6wuhfN-AlI2FfnQ-RzoBqpHXjmMsENDSFt5ZkIT8bQcb0B046KgYE7HngNQ1If-CVH1U7B1od-bLDLDETo2akidler5ffTH4AQBgAabsIrStMCSxaIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjI5NTg1MDUwNzI4NjA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wFXevlAErLxuIdO1qigYmJNL-FQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 15 May 2024 21:24:49 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A05D 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=HKyT6FFlihzSVHrcahVOcB7ypan403Xxhoe9P2q6DCKwfxqFXkn06_u8hmqBQa9QnHcq-d2TnSzk7MhhFtw2w41B3R3h4g9qYJyHO-YO-as8cpywFmKW2GTDIb_Ug18sBAXNs4NWZOggg3cRU5REQvrFdaftZCiiRunfdC5gQ7_M_kVoaAyJy373ya-wgF5MHLw-W5udFIs4ICDHiUcCS0EbkOA5HHTT2tAwCJOXegB9zUwmRgKZzL6RShVxto2ZpgU5KoV6cov58GwhD4_dD_SNRGqyhUjuVrcHwSocDfLM_8fZK8Dn_PC184C_b47ICVtL_cXz3QfwZ-4QW2IEzIfhVPDER-dOL9eVUinQBstxno-y9xczC1xztUh254ECfbIYGgwmIB6mKtM3TlIH3xgguNnjq1zZ8vVhDLcu4B7_k22_WwPlv35h9sJgGnc7b6hMoA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGqMIQACrL4Kd8IPAAH8nYY6hdHvl4zb2X8O0Q&u=%7CmnVyqarO45%2F1O9XRKdgJ0iBTRTG7GZ5wp0MQUtnxjMw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9cTlJgqEZnthwGUqKNi4MkjlPejYi92vMYodVXZF_9yDqGpQAOgAZAYVGYTgLXAq-6I4AVCc78jNhssEm7sMRX3R1zMcLa33vxrkiop0IU3zQxEOpcYu3uuE19jSvhpIR0J6i2XFCazLwcKRUotSs1ERamCHGZ9eJ-GPAqxy5rrHJzb7ZBgg6tkDaU_1NdcdatMn_qDb27uY0MfGYuJunip1m6IG73g1f7MkWtXbBYZuR1UNqfKsL_-o-y2VDeHXQyfAhoulV_KYaYkz_d1e1Gd_oK6vnNC0RGGAyfFpPEMjqQNAj3d_h558x4JU_gpkcOiYqUn7r5BIbx-6qmry1whPh8LWIP-X6Q64ZPJiMa9TW3o3XF5i8_9pRiooPx6pNwW6Lh_izm3CELWYZrVwh6a2xSxlyXHQJzo2JsgKrw509bGrdXRLjCRAKVu2lPS6zZsdUBDQiQyKFPEUEDw-iLPORvOZfYhOYkjnZwJsmwX14t4uhEliY7NJ5QLAvnljMIBuyOISbXl8ozjGyqSlPv3pBlCF3iDzM5JqhiXY3TEnP-unvr260WyaHGxKd7l8TWWeQ8M5TdkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9RokIYxqZL7ZCo-E3wOd-YeQBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODczMTIxMDc2NTIwMjIzN8gBCakCkmz4C7Mgsj7gAgCoAwGqBMECT9CNT4kaZHazmWAcoM2wwx9BXMFzGeiikwqBhrVtY8-ceMM4z0bZYoxc08Kdi-qG3OcgwwM8Nl6Nh2nueUpUFtcNBMPHLXr1J-C1vnb_fj5maDpA2hBS3Mk3tcfmJIa_ApgqCavt_8Fwu7m0YzT2dxdER4BNo-wXkHLwVJXBlHnbmBABlVyda-7UC00o1RbalXy4Uar647H8p_Yck_WFJVI06YHDnuOBudokWWE9Yr8zv8wIDF4L53mBYxKh0_ZVNdvX2lG8hwihQwpoGoLOgNoRLHvV-UP28ZbnnrOyM4xXZ-db2qeLpqYG8zW48-v6rZy8mr2aOuvSi6wuhfN-AlI2FfnQ-RzoBqpHXjmMsENDSFt5ZkIT8bQcb0B046KgYE7HngNQ1If-CVH1U7B1od-bLDLDETo2akidler5ffTH4AQBgAabsIrStMCSxaIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjI5NTg1MDUwNzI4NjA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wFXevlAErLxuIdO1qigYmJNL-FQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2808292
expires
Mon, 26 Jul 1997 05:00:00 GMT
3144c3fb526843248d0dd4b593100810_image_ad_970x250.png
static.criteo.net/design/dt/70777/230504/ Frame A05D 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/70777/230504/3144c3fb526843248d0dd4b593100810_image_ad_970x250.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGqMIQACrL4Kd8IPAAH8nYY6hdHvl4zb2X8O0Q&u=%7CmnVyqarO45%2F1O9XRKdgJ0iBTRTG7GZ5wp0MQUtnxjMw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9cTlJgqEZnthwGUqKNi4MkjlPejYi92vMYodVXZF_9yDqGpQAOgAZAYVGYTgLXAq-6I4AVCc78jNhssEm7sMRX3R1zMcLa33vxrkiop0IU3zQxEOpcYu3uuE19jSvhpIR0J6i2XFCazLwcKRUotSs1ERamCHGZ9eJ-GPAqxy5rrHJzb7ZBgg6tkDaU_1NdcdatMn_qDb27uY0MfGYuJunip1m6IG73g1f7MkWtXbBYZuR1UNqfKsL_-o-y2VDeHXQyfAhoulV_KYaYkz_d1e1Gd_oK6vnNC0RGGAyfFpPEMjqQNAj3d_h558x4JU_gpkcOiYqUn7r5BIbx-6qmry1whPh8LWIP-X6Q64ZPJiMa9TW3o3XF5i8_9pRiooPx6pNwW6Lh_izm3CELWYZrVwh6a2xSxlyXHQJzo2JsgKrw509bGrdXRLjCRAKVu2lPS6zZsdUBDQiQyKFPEUEDw-iLPORvOZfYhOYkjnZwJsmwX14t4uhEliY7NJ5QLAvnljMIBuyOISbXl8ozjGyqSlPv3pBlCF3iDzM5JqhiXY3TEnP-unvr260WyaHGxKd7l8TWWeQ8M5TdkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9RokIYxqZL7ZCo-E3wOd-YeQBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODczMTIxMDc2NTIwMjIzN8gBCakCkmz4C7Mgsj7gAgCoAwGqBMECT9CNT4kaZHazmWAcoM2wwx9BXMFzGeiikwqBhrVtY8-ceMM4z0bZYoxc08Kdi-qG3OcgwwM8Nl6Nh2nueUpUFtcNBMPHLXr1J-C1vnb_fj5maDpA2hBS3Mk3tcfmJIa_ApgqCavt_8Fwu7m0YzT2dxdER4BNo-wXkHLwVJXBlHnbmBABlVyda-7UC00o1RbalXy4Uar647H8p_Yck_WFJVI06YHDnuOBudokWWE9Yr8zv8wIDF4L53mBYxKh0_ZVNdvX2lG8hwihQwpoGoLOgNoRLHvV-UP28ZbnnrOyM4xXZ-db2qeLpqYG8zW48-v6rZy8mr2aOuvSi6wuhfN-AlI2FfnQ-RzoBqpHXjmMsENDSFt5ZkIT8bQcb0B046KgYE7HngNQ1If-CVH1U7B1od-bLDLDETo2akidler5ffTH4AQBgAabsIrStMCSxaIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjI5NTg1MDUwNzI4NjA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wFXevlAErLxuIdO1qigYmJNL-FQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a79790111c363007e103b6b7fa0bd7a5cae4280e08874ab787c2173ead611b52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 04 May 2023 14:22:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6453bf93-a665"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
42597
expires
Wed, 15 May 2024 21:24:49 GMT
request.php
hal90005.redintelligence.net/ Frame 8201
Redirect Chain
  • https://hal90005.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=f98e71f86b&subid=&uid=cd6e10bfdd9eb145&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90005.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=f98e71f86b&subid=&uid=cd6e10bfdd9eb145&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=f98e71f86b&subid=&uid=cd6e10bfdd9eb145&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4120038435785651293%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ancestorOrigins=https%3A%2F%2Fwww.khaleejtimes.com%2Chttps%3A%2F%2Fwww.khaleejtimes.com&random=2607334094740&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
138.201.63.165 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
48454abc6fd64af1c77b5ca1f183b773a3fd7d270ba8d050c5d9b9768df3ecb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
38088700128374800951427012331005
Connection
close
Content-Length
1037
Expires
Sun, 21 May 2023 22:24:49 +0200

Redirect headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=f98e71f86b&subid=&uid=cd6e10bfdd9eb145&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4120038435785651293%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ancestorOrigins=https%3A%2F%2Fwww.khaleejtimes.com%2Chttps%3A%2F%2Fwww.khaleejtimes.com&random=2607334094740&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sun, 21 May 2023 22:24:49 +0200
ads
fundingchoicesmessages.google.com/f/AGSKWxWkv8a5slWWuPC_SbG064JFXcIUBulCAmymHE3QnLEqKGsVHf3MZYY9gw8cTRbsXhWukjiRQwlCzc1DeHUzXwIcZYijyxXjBemXi3ULWWp-bST_bEFVarmO5JfVnES4aJuKd4pDvMyg4orWhdn3nZ34WAQEe... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWkv8a5slWWuPC_SbG064JFXcIUBulCAmymHE3QnLEqKGsVHf3MZYY9gw8cTRbsXhWukjiRQwlCzc1DeHUzXwIcZYijyxXjBemXi3ULWWp-bST_bEFVarmO5JfVnES4aJuKd4pDvMyg4orWhdn3nZ34WAQEeurJRJ2dcWWvknUvGB_OiCwyFy_3HOWs/_/csp/ads?_160x550./globalAdTag./adtadd1._ad_position_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jySHY8fsPw4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwtoSPxx6HDqAquT_ru_CMqGzXMxw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c9e20c9a442686c44d538035a0909bd2d4bac5c25347fcbad727d410b841942
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uGjfLYQuY_QzSvXqvbbCtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-uGjfLYQuY_QzSvXqvbbCtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jySHY8fsPw4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMwtoSPxx6HDqAquT_ru_CMqGzXMxw/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:45:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
38385
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:45:04 GMT
AGSKWxWCe_Hdjgd49BrsmQHy6hnW8gtk7hZlQnBIDC74dzTUNDpdd4buj3GNcitLL2Ql1u-7LS4TkTSjsZC6fjw9_xYRB2X3bffWgXjS8B6Dy0tL5L8dZ_Z8AwMLAmqW6ZXH8xjfqZbVXw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCe_Hdjgd49BrsmQHy6hnW8gtk7hZlQnBIDC74dzTUNDpdd4buj3GNcitLL2Ql1u-7LS4TkTSjsZC6fjw9_xYRB2X3bffWgXjS8B6Dy0tL5L8dZ_Z8AwMLAmqW6ZXH8xjfqZbVXw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jySHY8fsPw4.es5.O/d=1/rs=AJlcJMwtoSPxx6HDqAquT_ru_CMqGzXMxw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VKyCC9b81co0udZAaMpnug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-VKyCC9b81co0udZAaMpnug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 56CB 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f76b904844d3bf811ec3755473b409e2cdf9fa4c8320a82d707efe30001cbe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
csync
sync.console.adtarget.com.tr/ Frame E98C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=JZDFbgINDlnL4b3EFNuO&pi=admatic&tc=1
43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=JZDFbgINDlnL4b3EFNuO&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 21 May 2023 21:24:49 GMT
Etag
643771586a11b1af
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 21 May 2023 21:24:49 GMT Sun, 21 May 2023 21:24:49 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=JZDFbgINDlnL4b3EFNuO&pi=admatic&tc=1
pragma
no-cache
cookie
cm.adform.net/ Frame 1024 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Sun, 21 May 2023 21:24:49 GMT
server
nginx
cookie
cm.adform.net/ Frame 893E 		43 B
105 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D743845%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Sun, 21 May 2023 21:24:49 GMT
server
nginx
csync
sync.adtelligent.com/ Frame B8A1
Redirect Chain
  • https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
  • https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=643771586a11b1af
43 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=643771586a11b1af
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:49 GMT
Server
Adtelligent
Etag
e0cb5ef3b15a5a54
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=643771586a11b1af
Date
Sun, 21 May 2023 21:24:49 GMT
Server
Adtelligent
Etag
643771586a11b1af
Content-Length
0
getuid
ib.adnxs.com/ Frame 4A5B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 4A5B 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4A5B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=3607a55c-0d68-4607-a60c-08adbb8446e7&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=3607a55c-0d68-4607-a60c-08adbb8446e7&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe373fdd71e1c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=3607a55c-0d68-4607-a60c-08adbb8446e7&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame 4A5B 		0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 4A5B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame 4A5B 		0
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-vcl-time-ms
10
date
Sun, 21 May 2023 21:24:49 GMT
via
1.1 varnish
x-cache-hits
0
server
nginx
x-timer
S1684704290.784940,VS0,VE10
x-cache
MISS
accept-ranges
bytes
content-length
0
x-served-by
cache-fra-eddf8230076-FRA
u
dmp.v.fwmrm.net/ad/ Frame 4A5B 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f600:4cde:8aa:915a:85c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:50 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4A5B 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df432d651-438d-4a12-488a-5d0bab32aa0a%26reqId%3D5b64489e-2e64-4489-5546-b41e2e7e84d0%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 21 May 2023 21:24:48 GMT
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 4A5B
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=72995de4-ae21-4bba-a0c1-fef04bfcbddc&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=72995de4-ae21-4bba-a0c1-fef04bfcbddc&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe3753f1c1e1c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=72995de4-ae21-4bba-a0c1-fef04bfcbddc&zpartnerid=317&gdpr=1&gdpr_consent=
pragma
no-cache
date
Sun, 21 May 2023 21:24:50 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 4A5B
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f432d651-438d-4a12-488a-5d0bab32aa0a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f432d651-438d-4a12-488a-5d0bab32aa0a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=78074799062161329934217329638359355741&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=78074799062161329934217329638359355741&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe374debf1e1c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v048-0629ebd29.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
7wC/fPhGRD4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=78074799062161329934217329638359355741&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 4A5B 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 4A5B
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=f432d651-438d-4a12-488a-5d0bab32aa0a&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023052123-30700-0.850364001684704289-1b47aac5c7ecd94c2a70b8c80bd70d6d&zdid=533&env=mWeb
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2023052123-30700-0.850364001684704289-1b47aac5c7ecd94c2a70b8c80bd70d6d&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe373ddca1e1c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2023052123-30700-0.850364001684704289-1b47aac5c7ecd94c2a70b8c80bd70d6d&zdid=533&env=mWeb
Date
Sun, 21 May 2023 21:24:49 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 4A5B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7235749824706050196&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7235749824706050196&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe373ad951e1c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7235749824706050196&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Date
Sun, 21 May 2023 21:24:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 4A5B
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=f432d651-438d-4a12-488a-5d0bab32aa0a
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f432d651-438d-4a12-488a-5d0bab32aa0a
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f432d651-438d-4a12-488a-5d0bab32aa0a
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f432d651-438d-4a12-488a-5d0bab32aa0a
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
mw
mwzeom.zeotap.com/ Frame 4A5B
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f432d651-438d-4a12-488a-5d0bab32aa0a&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f432d651-438d-4a12-488a-5d0bab32aa0a&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=ugt9GWzEfU0HBqIJf0HDee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-44...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=ugt9GWzEfU0HBqIJf0HDee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe374deba1e1c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
via
1.1 google
last-modified
Sun, 21 May 2023 21:24:49 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=ugt9GWzEfU0HBqIJf0HDee&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 4A5B 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=f432d651-438d-4a12-488a-5d0bab32aa0a&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 4A5B
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f432d651-438d-4a12-488a-5d0bab32aa0a?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
95 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe3739d801e1c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
cache-control
no-cache
x-server
10.45.22.161
content-length
0
expires
0
cms
ups.analytics.yahoo.com/ups/58697/ Frame 4A5B
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000
via
http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
content-language
en
location
https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
content-type
text/html
cache-control
no-store
content-length
343
mw
mwzeom.zeotap.com/ Frame 4A5B
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CZnoZ%2BZikE7UAKqThdVI4MRQU5aHTKyN%2BS41iYitP1U%3D
95 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CZnoZ%2BZikE7UAKqThdVI4MRQU5aHTKyN%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe374debb1e1c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=CZnoZ%2BZikE7UAKqThdVI4MRQU5aHTKyN%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame 4A5B 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=f432d651-438d-4a12-488a-5d0bab32aa0a&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame 4A5B 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.48.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-48-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by
beacon-n002-dub-prod.krxd.net
date
Sun, 21 May 2023 21:24:50 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1684704290
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 4A5B 		95 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=f432d651-438d-4a12-488a-5d0bab32aa0a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/png
date
Sun, 21 May 2023 21:24:52 GMT
server
nginx
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame 4A5B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZGqMIgALyP6p8gBL&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41...
95 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZGqMIgALyP6p8gBL&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:59 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe3b14d9a1e1c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-eddf8230086-FRA
pragma
no-cache
date
Sun, 21 May 2023 21:24:59 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1684704290.135115,VS0,VE9586
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZGqMIgALyP6p8gBL&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 4A5B
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=4dce646a-8c21-4700-bc3b-6d10e335bd91&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=4dce646a-8c21-4700-bc3b-6d10e335bd91&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe3750ef71e1c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Sun, 21 May 2023 21:24:50 GMT
Server
MT3 851 9bd98ae master cdg-pixel-x34 config_version:"unknown"
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Location
https://mwzeom.zeotap.com/mw?cid=4dce646a-8c21-4700-bc3b-6d10e335bd91&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Expires
Sun, 21 May 2023 21:24:49 GMT
usermatch.gif
beacon.krxd.net/ Frame 4A5B
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=PkYDmSyN&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=f432d651-438d-4a12-488a-5d0bab32aa0a
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=f432d651-438d-4a12-488a-5d0bab32aa0a
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
34.243.48.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-48-125.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-served-by
beacon-n007-dub-prod.krxd.net
date
Sun, 21 May 2023 21:24:50 GMT
cache-control
private, no-cache, no-store
x-request-time
D=35 t=1684704290
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 21 May 2023 21:24:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=f432d651-438d-4a12-488a-5d0bab32aa0a
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe376e9011e1c-FRA
access-control-allow-headers
*
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4A5B
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f432d651-438d-4a12-488a-5d0bab32aa0a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f432d651-438d-4a12-488a-5d0bab32aa0a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f432d651-438d-4a12-488a-5d0bab32aa0a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D0DZ4K1J2ACJQKR9V37X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YF8JC0369W8C1ETQF1G7
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f432d651-438d-4a12-488a-5d0bab32aa0a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame 4A5B 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=f432d651-438d-4a12-488a-5d0bab32aa0a&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.14 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-14.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 4A5B
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df43...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361&puid=eb31...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361&puid=eb317360-f81d-11ed-8f69-d1554a111ef4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe375dfc71e1c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361&puid=eb317360-f81d-11ed-8f69-d1554a111ef4
date
Sun, 21 May 2023 21:24:50 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame 4A5B
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=f432d651-438d-4a12-488a-5d0bab32aa0a&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32...
  • https://mwzeom.zeotap.com/mw?cid=LHXXFOBQ-28-MCUH&env=mWeb&zpartnerid=1770&gdpr=1
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=LHXXFOBQ-28-MCUH&env=mWeb&zpartnerid=1770&gdpr=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe3755f3c1e1c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LHXXFOBQ-28-MCUH&env=mWeb&zpartnerid=1770&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mw
mwzeom.zeotap.com/ Frame 4A5B
Redirect Chain
  • https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=f432d651-438d-4a12-488a-5d0bab32aa0a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpart...
  • https://mwzeom.zeotap.com/mw?cid=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438...
95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe3755f3e1e1c-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&env=mWeb&zpartnerid=1771&gdpr=1&gdpr_consent={consent_string}&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
date
Sun, 21 May 2023 21:24:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
mw
mwzeom.zeotap.com/ Frame 4A5B 		95 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe3754f261e1c-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame 4A5B 		557 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b517eef1757fc9965e1d7747bd6c42aa2b31a9a7c08093e92d4fd90a20a1e9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7cafe372fce91e1c-FRA
access-control-allow-headers
*
all
csm.eu.criteo.net/ Frame A05D 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=9YJXEnKdeyMhyj2AtWbfvpbysoiN377nAZOSP5CYKafEjM1DvgcgrNUES-4YpxGgzMA3XLomtPPfLt55ljb2FgmlePj_lbdsxT3Kzh158jDkE49IA28oSDCwTTQoUzk1RkbqmtFIhwy2BN9wk8fk-JYEOQuIMvRzzG-Flgb2wZj92yNNG2DkPvdS4Y5ZhMNg8EbFlsXP39H10slfuKT4KUnjLu51j-p45w1UldOnO15bMl_TH3RdxPQXk0MDC6yKNJm82g&sds=2&rev=86437&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGqMIQACrL4Kd8IPAAH8nYY6hdHvl4zb2X8O0Q&u=%7CmnVyqarO45%2F1O9XRKdgJ0iBTRTG7GZ5wp0MQUtnxjMw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9cTlJgqEZnthwGUqKNi4MkjlPejYi92vMYodVXZF_9yDqGpQAOgAZAYVGYTgLXAq-6I4AVCc78jNhssEm7sMRX3R1zMcLa33vxrkiop0IU3zQxEOpcYu3uuE19jSvhpIR0J6i2XFCazLwcKRUotSs1ERamCHGZ9eJ-GPAqxy5rrHJzb7ZBgg6tkDaU_1NdcdatMn_qDb27uY0MfGYuJunip1m6IG73g1f7MkWtXbBYZuR1UNqfKsL_-o-y2VDeHXQyfAhoulV_KYaYkz_d1e1Gd_oK6vnNC0RGGAyfFpPEMjqQNAj3d_h558x4JU_gpkcOiYqUn7r5BIbx-6qmry1whPh8LWIP-X6Q64ZPJiMa9TW3o3XF5i8_9pRiooPx6pNwW6Lh_izm3CELWYZrVwh6a2xSxlyXHQJzo2JsgKrw509bGrdXRLjCRAKVu2lPS6zZsdUBDQiQyKFPEUEDw-iLPORvOZfYhOYkjnZwJsmwX14t4uhEliY7NJ5QLAvnljMIBuyOISbXl8ozjGyqSlPv3pBlCF3iDzM5JqhiXY3TEnP-unvr260WyaHGxKd7l8TWWeQ8M5TdkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9RokIYxqZL7ZCo-E3wOd-YeQBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODczMTIxMDc2NTIwMjIzN8gBCakCkmz4C7Mgsj7gAgCoAwGqBMECT9CNT4kaZHazmWAcoM2wwx9BXMFzGeiikwqBhrVtY8-ceMM4z0bZYoxc08Kdi-qG3OcgwwM8Nl6Nh2nueUpUFtcNBMPHLXr1J-C1vnb_fj5maDpA2hBS3Mk3tcfmJIa_ApgqCavt_8Fwu7m0YzT2dxdER4BNo-wXkHLwVJXBlHnbmBABlVyda-7UC00o1RbalXy4Uar647H8p_Yck_WFJVI06YHDnuOBudokWWE9Yr8zv8wIDF4L53mBYxKh0_ZVNdvX2lG8hwihQwpoGoLOgNoRLHvV-UP28ZbnnrOyM4xXZ-db2qeLpqYG8zW48-v6rZy8mr2aOuvSi6wuhfN-AlI2FfnQ-RzoBqpHXjmMsENDSFt5ZkIT8bQcb0B046KgYE7HngNQ1If-CVH1U7B1od-bLDLDETo2akidler5ffTH4AQBgAabsIrStMCSxaIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjI5NTg1MDUwNzI4NjA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wFXevlAErLxuIdO1qigYmJNL-FQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A05D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGqMIQACrL4Kd8IPAAH8nYY6hdHvl4zb2X8O0Q&u=%7CmnVyqarO45%2F1O9XRKdgJ0iBTRTG7GZ5wp0MQUtnxjMw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9cTlJgqEZnthwGUqKNi4MkjlPejYi92vMYodVXZF_9yDqGpQAOgAZAYVGYTgLXAq-6I4AVCc78jNhssEm7sMRX3R1zMcLa33vxrkiop0IU3zQxEOpcYu3uuE19jSvhpIR0J6i2XFCazLwcKRUotSs1ERamCHGZ9eJ-GPAqxy5rrHJzb7ZBgg6tkDaU_1NdcdatMn_qDb27uY0MfGYuJunip1m6IG73g1f7MkWtXbBYZuR1UNqfKsL_-o-y2VDeHXQyfAhoulV_KYaYkz_d1e1Gd_oK6vnNC0RGGAyfFpPEMjqQNAj3d_h558x4JU_gpkcOiYqUn7r5BIbx-6qmry1whPh8LWIP-X6Q64ZPJiMa9TW3o3XF5i8_9pRiooPx6pNwW6Lh_izm3CELWYZrVwh6a2xSxlyXHQJzo2JsgKrw509bGrdXRLjCRAKVu2lPS6zZsdUBDQiQyKFPEUEDw-iLPORvOZfYhOYkjnZwJsmwX14t4uhEliY7NJ5QLAvnljMIBuyOISbXl8ozjGyqSlPv3pBlCF3iDzM5JqhiXY3TEnP-unvr260WyaHGxKd7l8TWWeQ8M5TdkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9RokIYxqZL7ZCo-E3wOd-YeQBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODczMTIxMDc2NTIwMjIzN8gBCakCkmz4C7Mgsj7gAgCoAwGqBMECT9CNT4kaZHazmWAcoM2wwx9BXMFzGeiikwqBhrVtY8-ceMM4z0bZYoxc08Kdi-qG3OcgwwM8Nl6Nh2nueUpUFtcNBMPHLXr1J-C1vnb_fj5maDpA2hBS3Mk3tcfmJIa_ApgqCavt_8Fwu7m0YzT2dxdER4BNo-wXkHLwVJXBlHnbmBABlVyda-7UC00o1RbalXy4Uar647H8p_Yck_WFJVI06YHDnuOBudokWWE9Yr8zv8wIDF4L53mBYxKh0_ZVNdvX2lG8hwihQwpoGoLOgNoRLHvV-UP28ZbnnrOyM4xXZ-db2qeLpqYG8zW48-v6rZy8mr2aOuvSi6wuhfN-AlI2FfnQ-RzoBqpHXjmMsENDSFt5ZkIT8bQcb0B046KgYE7HngNQ1If-CVH1U7B1od-bLDLDETo2akidler5ffTH4AQBgAabsIrStMCSxaIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjI5NTg1MDUwNzI4NjA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wFXevlAErLxuIdO1qigYmJNL-FQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 May 2024 21:24:49 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame A05D 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGqMIQACrL4Kd8IPAAH8nYY6hdHvl4zb2X8O0Q&u=%7CmnVyqarO45%2F1O9XRKdgJ0iBTRTG7GZ5wp0MQUtnxjMw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9cTlJgqEZnthwGUqKNi4MkjlPejYi92vMYodVXZF_9yDqGpQAOgAZAYVGYTgLXAq-6I4AVCc78jNhssEm7sMRX3R1zMcLa33vxrkiop0IU3zQxEOpcYu3uuE19jSvhpIR0J6i2XFCazLwcKRUotSs1ERamCHGZ9eJ-GPAqxy5rrHJzb7ZBgg6tkDaU_1NdcdatMn_qDb27uY0MfGYuJunip1m6IG73g1f7MkWtXbBYZuR1UNqfKsL_-o-y2VDeHXQyfAhoulV_KYaYkz_d1e1Gd_oK6vnNC0RGGAyfFpPEMjqQNAj3d_h558x4JU_gpkcOiYqUn7r5BIbx-6qmry1whPh8LWIP-X6Q64ZPJiMa9TW3o3XF5i8_9pRiooPx6pNwW6Lh_izm3CELWYZrVwh6a2xSxlyXHQJzo2JsgKrw509bGrdXRLjCRAKVu2lPS6zZsdUBDQiQyKFPEUEDw-iLPORvOZfYhOYkjnZwJsmwX14t4uhEliY7NJ5QLAvnljMIBuyOISbXl8ozjGyqSlPv3pBlCF3iDzM5JqhiXY3TEnP-unvr260WyaHGxKd7l8TWWeQ8M5TdkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9RokIYxqZL7ZCo-E3wOd-YeQBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODczMTIxMDc2NTIwMjIzN8gBCakCkmz4C7Mgsj7gAgCoAwGqBMECT9CNT4kaZHazmWAcoM2wwx9BXMFzGeiikwqBhrVtY8-ceMM4z0bZYoxc08Kdi-qG3OcgwwM8Nl6Nh2nueUpUFtcNBMPHLXr1J-C1vnb_fj5maDpA2hBS3Mk3tcfmJIa_ApgqCavt_8Fwu7m0YzT2dxdER4BNo-wXkHLwVJXBlHnbmBABlVyda-7UC00o1RbalXy4Uar647H8p_Yck_WFJVI06YHDnuOBudokWWE9Yr8zv8wIDF4L53mBYxKh0_ZVNdvX2lG8hwihQwpoGoLOgNoRLHvV-UP28ZbnnrOyM4xXZ-db2qeLpqYG8zW48-v6rZy8mr2aOuvSi6wuhfN-AlI2FfnQ-RzoBqpHXjmMsENDSFt5ZkIT8bQcb0B046KgYE7HngNQ1If-CVH1U7B1od-bLDLDETo2akidler5ffTH4AQBgAabsIrStMCSxaIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjI5NTg1MDUwNzI4NjA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wFXevlAErLxuIdO1qigYmJNL-FQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 15 May 2024 21:24:49 GMT
crum
dsum-sec.casalemedia.com/ Frame 42C9
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZGqMIafnr1JaVOFSog4XFwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFlrA4vWfo8IdVcz6eZ_8ww&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFlrA4vWfo8IdVcz6eZ_8ww&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFlrA4vWfo8IdVcz6eZ_8ww&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 42C9 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 42C9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZGqMIafnr1JaVOFSog4XFwAACJkAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPwFbIaafzhQ-qNQQRMZDsM&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPwFbIaafzhQ-qNQQRMZDsM&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPwFbIaafzhQ-qNQQRMZDsM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 42C9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGqMIafnr1JaVOFSog4XFwAACJkAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGqMIafnr1JaVOFSog4XFwAACJkAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGqMIafnr1JaVOFSog4XFwAACJkAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
HG045CAN1X9YYXNACYKY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YWG97MY1GS0CHVR1ZYZP
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZGqMIafnr1JaVOFSog4XFwAACJkAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 42C9
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZGqMIafnr1JaVOFSog4XFwAA%262201&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=c9f31d2d-fedb-4cd1-9b9d-4f4d8d58bef6-tuctb6411a1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=c9f31d2d-fedb-4cd1-9b9d-4f4d8d58bef6-tuctb6411a1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=c9f31d2d-fedb-4cd1-9b9d-4f4d8d58bef6-tuctb6411a1
date
Sun, 21 May 2023 21:24:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13473
crum
dsum-sec.casalemedia.com/ Frame 42C9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3826047752475214887&expiration=1685913889
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3826047752475214887&expiration=1685913889
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3826047752475214887&expiration=1685913889
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 42C9
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=214002DBEB96486A800EB4C15C0CF2EC
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=214002DBEB96486A800EB4C15C0CF2EC
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=214002DBEB96486A800EB4C15C0CF2EC
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 20 May 2023 21:24:49 GMT
rum
dsum-sec.casalemedia.com/ Frame 42C9
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Qc9XfE-YUyxamFQuRJpMfkOfUXlay1kpQss_20Zp
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Qc9XfE-YUyxamFQuRJpMfkOfUXlay1kpQss_20Zp
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:49 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=Qc9XfE-YUyxamFQuRJpMfkOfUXlay1kpQss_20Zp
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
um
u-ams03.e-planning.net/ Frame 42C9 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=25db92053c080c79&uid=ZGqMIafnr1JaVOFSog4XFwAA%262201
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D25db92053c080c79%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

server
openresty
date
Sun, 21 May 2023 21:24:49 GMT
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 6D2D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTQ1Y2I5NzkyOThlNzc0ZWY4ZDNjZTE2M2U2MTU3YmU5NDRkZjU0MQ&us_privacy=1---
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTQ1Y2I5NzkyOThlNzc0ZWY4ZDNjZTE2M2U2MTU3YmU5NDRkZjU0MQ&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTQ1Y2I5NzkyOThlNzc0ZWY4ZDNjZTE2M2U2MTU3YmU5NDRkZjU0MQ&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6D2D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEETdKFEIAmKh_YKca4bnrro&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEETdKFEIAmKh_YKca4bnrro&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEETdKFEIAmKh_YKca4bnrro&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 6D2D 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 6D2D
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Vh8bC1ZdQAaJr-F7QJIcTg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Vh8bC1ZdQAaJr-F7QJIcTg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Vh8bC1ZdQAaJr-F7QJIcTg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JJ3EHAKZ6KBCN6PNNVG7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Vh8bC1ZdQAaJr-F7QJIcTg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 6D2D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHXXFOBQ-28-MCUH&us_privacy=1---
0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHXXFOBQ-28-MCUH&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 86B697C4DFD6428EB3407BFF8139B8E4 Ref B: FRAEDGE1121 Ref C: 2023-05-21T21:24:49Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX8OsjBFXxQbHngUsrguA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LHXXFOBQ-28-MCUH&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6D2D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEhYWEZPQlEtMjgtTUNVSA==&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJlIbqP_Ezzv495IgCh5CjE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhYWEZPQlEtMjgtTUNVSA==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhYWEZPQlEtMjgtTUNVSA==&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhYWEZPQlEtMjgtTUNVSA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6D2D
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=JNSe4Hu6Tky_wvZ6_AH8Dw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=JNSe4Hu6Tky_wvZ6_AH8Dw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=JNSe4Hu6Tky_wvZ6_AH8Dw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MRSCE2B166QH27KD2TDS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=JNSe4Hu6Tky_wvZ6_AH8Dw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6D2D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/5zIMxTt6l3Cyi2-mrzd3fsn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eS2srIJE2oKYh2DfDNFV.3SjDnBS4O8qSVjIng--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eS2srIJE2oKYh2DfDNFV.3SjDnBS4O8qSVjIng--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=aniview&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-eS2srIJE2oKYh2DfDNFV.3SjDnBS4O8qSVjIng--~A
content-length
0
sync
eb2.3lift.com/ Frame EC06 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 21 May 2023 21:24:49 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 48CE 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D25db92053c080c79%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48776
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 21 May 2023 21:24:49 GMT
expires
Mon, 22 May 2023 10:57:45 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 19B8 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AKVN5nn693WGyx1B
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 21 May 2023 21:24:49 GMT
Etag
e0cb5ef3b15a5a54
Server
Adtelligent
i.match
s.tribalfusion.com/z/ Frame D223
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESELeMhgop7sH_P2QALzQcePc&google_cver=1&google_push=ATf1kGP3LdB5wvqUbkdvPtbe1UzX0e6Zc5DAdb2eW64887xS3A5XoU8bw-Kivx9YqDI-8zpLdAQmMqebRDr-D-EZf84dlFC3FEk&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELeMhgop7sH_P2QALzQcePc&google_cver=1&google_push=ATf1kGP3LdB5wvqUbkdvPtbe1UzX0e6Zc5DAdb2eW64887xS3A5XoU8bw-Kivx9YqDI-8zpLdAQmMqebRDr-D-EZf84dlFC3FEk...
43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELeMhgop7sH_P2QALzQcePc&google_cver=1&google_push=ATf1kGP3LdB5wvqUbkdvPtbe1UzX0e6Zc5DAdb2eW64887xS3A5XoU8bw-Kivx9YqDI-8zpLdAQmMqebRDr-D-EZf84dlFC3FEk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP3LdB5wvqUbkdvPtbe1UzX0e6Zc5DAdb2eW64887xS3A5XoU8bw-Kivx9YqDI-8zpLdAQmMqebRDr-D-EZf84dlFC3FEk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:50 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7cafe375397b1905-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:50 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
11
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESELeMhgop7sH_P2QALzQcePc&google_cver=1&google_push=ATf1kGP3LdB5wvqUbkdvPtbe1UzX0e6Zc5DAdb2eW64887xS3A5XoU8bw-Kivx9YqDI-8zpLdAQmMqebRDr-D-EZf84dlFC3FEk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DATf1kGP3LdB5wvqUbkdvPtbe1UzX0e6Zc5DAdb2eW64887xS3A5XoU8bw-Kivx9YqDI-8zpLdAQmMqebRDr-D-EZf84dlFC3FEk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7cafe373c8491905-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D223
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEBnGJyBHVz0vvcfStF4Cf0U&google_cver=1&google_push=ATf1kGOFj7Wa1B1Z-xb5hEToSCJkK8DQFRn_Np5PRSnF63G7qVm4v1V2vAc1IwmDR37WenK1WyUCW6tqyR8gwiRX...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xKUCIZfGSV2tHUtTTcAaVQ2&google_push=ATf1kGOFj7Wa1B1Z-xb5hEToSCJkK8DQFRn_Np5PRSnF63G7qVm4v1V2vAc1IwmDR37WenK1WyUCW6tqyR8gwiRXzRsUdrCPtTs
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xKUCIZfGSV2tHUtTTcAaVQ2&google_push=ATf1kGOFj7Wa1B1Z-xb5hEToSCJkK8DQFRn_Np5PRSnF63G7qVm4v1V2vAc1IwmDR37WenK1WyUCW6tqyR8gwiRXzRsUdrCPtTs
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 21 May 2023 21:24:49 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=xKUCIZfGSV2tHUtTTcAaVQ2&google_push=ATf1kGOFj7Wa1B1Z-xb5hEToSCJkK8DQFRn_Np5PRSnF63G7qVm4v1V2vAc1IwmDR37WenK1WyUCW6tqyR8gwiRXzRsUdrCPtTs
x-host
tde-deliveryengine-production-68bf66644b-6nlhk
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame D223
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DPUSH_DATA&...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-GtTerFplICB2eHOKNSZmSewl32wvq81k5PPbiw&google_push=PUSH_DATA
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
43 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
91802
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
274
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame D223 		43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESECW1GPLgzFT3upB_l3XM8WU&google_cver=1&google_push=ATf1kGPPWvDO3MDk-uLqH8jce_x_s-i95413l5LnjVTnKh-c-Tv_zJXrr9EYnF4yaMVIHZEzjvn_S529Zu-ytnH7H2ESA6kMkg
Requested by
Host: ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
URL: https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
/
onetag-sys.com/match/ Frame D223
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGU0Eyg6ulD1MFBsI_6lEGw&google_cver=1&google_push=ATf1kGNjAlIxFRd6hl2_p1boozuRM5PoWnCegnmnhnAW3u0Gr4N58RVJ0u6DskgfJ4TDQFk26c2knPtCiKI...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ATf1kGNjAlIxFRd6hl2_p1boozuRM5PoWnCegnmnhnAW3u0Gr4N58RVJ0u6DskgfJ4TDQFk26c2knPtCiKIrwhvgTqcVPb-P6Qg
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame D223
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELNTKECd0iRDVpNBVPI84Eg&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=ATf1kGOQFwcwMEZnZodpLW8ZMBFUm9NADGWMjESgZ4mseF0lo4jiLohbXc4EGh3fYHBO07IWe5o2eaad40UAj1ebDDCUxXk-apOK
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

expires
Sun, 21 May 2023 21:24:50 GMT
pragma
no-cache
date
Sun, 21 May 2023 21:24:50 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D223
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJhrusEXJ...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJh...
  • https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&%%GOOGLE_PUSH_PAIR%%
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&%%GOOGLE_PUSH_PAIR%%
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&%%GOOGLE_PUSH_PAIR%%
date
Sun, 21 May 2023 21:24:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame D223 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ly2H8Putt5ZJtV9kduAPIru4PeBqHY02Le16L_IqPvaIfGB3QPF9phPatqDscvkEL_Bunsm4Gz
Requested by
Host: ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
URL: https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1FCD 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&us_privacy=1---&khaos=LHXXFOBQ-28-MCUH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
AGSKWxWCe_Hdjgd49BrsmQHy6hnW8gtk7hZlQnBIDC74dzTUNDpdd4buj3GNcitLL2Ql1u-7LS4TkTSjsZC6fjw9_xYRB2X3bffWgXjS8B6Dy0tL5L8dZ_Z8AwMLAmqW6ZXH8xjfqZbVXw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCe_Hdjgd49BrsmQHy6hnW8gtk7hZlQnBIDC74dzTUNDpdd4buj3GNcitLL2Ql1u-7LS4TkTSjsZC6fjw9_xYRB2X3bffWgXjS8B6Dy0tL5L8dZ_Z8AwMLAmqW6ZXH8xjfqZbVXw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jySHY8fsPw4.es5.O/d=1/rs=AJlcJMwtoSPxx6HDqAquT_ru_CMqGzXMxw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1-MGkwZS5jI38HgdwJiaiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-1-MGkwZS5jI38HgdwJiaiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 970F 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6oy9-K5WT1dikRF0KzizcXCs3fcz2jTdin9LNTmPI0hNApmRdwsQQoEGa2K_Q4wPnYXPEhrqhCZCZ3BJsmUGI1dn3Sfv8Qd9ks97cjHDlsnk7hMlp&sig=Cg0ArKJSzANqbFxWiA7BEAE&id=lidar2&mcvt=1049&p=26,0,27,1&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3176091703&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684704288277&rpt=537&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E1DB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=-1&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4dce646a-8c21-4700-bc3b-6d10e335bd91&gdpr=-1&gdpr_consent=
42 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4dce646a-8c21-4700-bc3b-6d10e335bd91&gdpr=-1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 21 May 2023 21:24:49 GMT
Expires
Sun, 21 May 2023 21:24:48 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 851 9bd98ae master zrh-pixel-x4 config_version:"unknown"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4dce646a-8c21-4700-bc3b-6d10e335bd91&gdpr=-1&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame 8C4E
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D-1%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588524873530900
42 B
194 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588524873530900
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sun, 21 May 2023 21:24:49 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588524873530900
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
Pug
simage2.pubmatic.com/AdServer/ Frame CE8B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=-1&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCook...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sun, 21 May 2023 21:24:49 GMT
expires
Sun, 21 May 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
706370
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 8D36
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=6036709849711314043
42 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=6036709849711314043
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=6036709849711314043
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
dcm
aax-eu.amazon-adsystem.com/s/ Frame DC7A 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=227EFB13-0300-4E8A-A54E-65179FF0E58E&redir=true&gdpr=-1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 May 2023 21:24:50 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JM20BJM71S30Z7QV9FEE
csync
sync.adtelligent.com/ Frame BA26 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=227EFB13-0300-4E8A-A54E-65179FF0E58E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 21 May 2023 21:24:49 GMT
Etag
e0cb5ef3b15a5a54
Server
Adtelligent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F5C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=In77EwMAToqlTmUXn_Dljg%3D%3D&gdpr=-1&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=-1&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=-1&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=48775
accept-ranges
bytes
content-length
5554
expires
Mon, 22 May 2023 10:57:45 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=-1&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame F5C5 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=227EFB13-0300-4E8A-A54E-65179FF0E58E&gdpr=-1&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.125.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-125-132.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.12.206
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame F5C5
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=-1&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=-1&gdpr_consent=&bounce=1&random=2441904610
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=227EFB13-0300-4E8A-A54E-65179FF0E58E
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=227EFB13-0300-4E8A-A54E-65179FF0E58E
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:50 GMT
via
1.1 google
last-modified
Sun, 21 May 2023 21:24:50 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=227EFB13-0300-4E8A-A54E-65179FF0E58E
date
Sun, 21 May 2023 21:24:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame F5C5
Redirect Chain
  • https://a.audrte.com/match?gdpr=-1&gdpr_consent=&p=M1717054901&uid=227EFB13-0300-4E8A-A54E-65179FF0E58E
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aGEyU3U0NDY3Z0hTSlN3am12OTAtdzl2UQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3743094787952999567&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
52.5.106.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-106-217.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:50 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sun, 21 May 2023 21:24:50 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame F5C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MjI3RUZCMTMtMDMwMC00RThBLUE1NEUtNjUxNzlGRjBFNThF&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F5C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=CAESELTnZlzusHko7Y3kVtljyK8&google_cver=1
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=CAESELTnZlzusHko7Y3kVtljyK8&google_cver=1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:50 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=-1&gdpr_consent=&piggybackCookie=CAESELTnZlzusHko7Y3kVtljyK8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
380
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame F5C5 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=-1&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 20 May 2023 21:24:49 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F5C5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=&piggybackCookie=3743094787952999567
42 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=&piggybackCookie=3743094787952999567
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=-1&gdpr_consent=&piggybackCookie=3743094787952999567
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame F5C5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=-1&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 21 May 2023 21:24:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cmp
spl.zeotap.com/ Frame 4A5B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
cf-cache-status
DYNAMIC
cf-ray
7cafe373cdb61e1c-FRA
date
Sun, 21 May 2023 21:24:49 GMT
server
cloudflare
vary
Origin
via
1.1 google
AGSKWxWCe_Hdjgd49BrsmQHy6hnW8gtk7hZlQnBIDC74dzTUNDpdd4buj3GNcitLL2Ql1u-7LS4TkTSjsZC6fjw9_xYRB2X3bffWgXjS8B6Dy0tL5L8dZ_Z8AwMLAmqW6ZXH8xjfqZbVXw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCe_Hdjgd49BrsmQHy6hnW8gtk7hZlQnBIDC74dzTUNDpdd4buj3GNcitLL2Ql1u-7LS4TkTSjsZC6fjw9_xYRB2X3bffWgXjS8B6Dy0tL5L8dZ_Z8AwMLAmqW6ZXH8xjfqZbVXw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jySHY8fsPw4.es5.O/d=1/rs=AJlcJMwtoSPxx6HDqAquT_ru_CMqGzXMxw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ku0dXz01tR1SCghg1hvfbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ku0dXz01tR1SCghg1hvfbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWCe_Hdjgd49BrsmQHy6hnW8gtk7hZlQnBIDC74dzTUNDpdd4buj3GNcitLL2Ql1u-7LS4TkTSjsZC6fjw9_xYRB2X3bffWgXjS8B6Dy0tL5L8dZ_Z8AwMLAmqW6ZXH8xjfqZbVXw==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWCe_Hdjgd49BrsmQHy6hnW8gtk7hZlQnBIDC74dzTUNDpdd4buj3GNcitLL2Ql1u-7LS4TkTSjsZC6fjw9_xYRB2X3bffWgXjS8B6Dy0tL5L8dZ_Z8AwMLAmqW6ZXH8xjfqZbVXw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jySHY8fsPw4.es5.O/d=1/rs=AJlcJMwtoSPxx6HDqAquT_ru_CMqGzXMxw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3jSiqW555VVdt7cxjbkEUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-3jSiqW555VVdt7cxjbkEUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXF8zf67jRBrBJ3o4Mr5uPKVaLi0dZBEmTXsXrs4EAluhXn4LzVS70fzqm0Ghy-z3aAtrcZPYSlM6c_LWzBtsdrSSAToxZMDQWGJQt-URJmp0oIGINPpZcD_ZEZYItu1x2Q6A1-_g==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXF8zf67jRBrBJ3o4Mr5uPKVaLi0dZBEmTXsXrs4EAluhXn4LzVS70fzqm0Ghy-z3aAtrcZPYSlM6c_LWzBtsdrSSAToxZMDQWGJQt-URJmp0oIGINPpZcD_ZEZYItu1x2Q6A1-_g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0NzA0Mjg5LDkwMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vd3d3LmtoYWxlZWp0aW1lcy5jb20vdGVjaG5vbG9neS9taWNyb3NvZnQtc2F5cy1pdC1mb3VuZC1tYWxpY2lvdXMtc29mdHdhcmUtaW4taXRzLXN5c3RlbXMiLG51bGwsW1s4LCJqeVNIWThmc1B3NCJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jySHY8fsPw4.es5.O/d=1/rs=AJlcJMwtoSPxx6HDqAquT_ru_CMqGzXMxw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
15218e89f0b11eb5924431e649ffb9cd18be2a7285ad39229d04a0c1f16407df
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p1_4jCLAsnXaWg1Q6AYSHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:49 GMT
content-security-policy
script-src 'report-sample' 'nonce-p1_4jCLAsnXaWg1Q6AYSHQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
adv.office-partner.de/ Frame 11E7 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=f98e71f86b&subid=&uid=cd6e10bfdd9eb145&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4120038435785651293%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ancestorOrigins=https%3A%2F%2Fwww.khaleejtimes.com%2Chttps%3A%2F%2Fwww.khaleejtimes.com&random=2607334094740&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Sun, 21 May 2023 21:24:49 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Sun, 28 May 2023 21:24:49 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
ht.html
www.more-and-more.de/alvine/tools/track/ Frame F475
Redirect Chain
  • https://www.awin1.com/cshow.php?s=3004312&v=11842&q=424689&r=296283&pref1=38088700128374800951427012331005&pv=1
  • https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=f98e71f86b&subid=&uid=cd6e10bfdd9eb145&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4120038435785651293%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ancestorOrigins=https%3A%2F%2Fwww.khaleejtimes.com%2Chttps%3A%2F%2Fwww.khaleejtimes.com&random=2607334094740&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
194.97.158.1 Coburg, Germany, ASN5539 (SPACENET SpaceNET AG, DE),
Reverse DNS
sammelfrontend.pl2.spacenet.de
Software
Apache /
Resource Hash
014bdd8933f62e8a78fb2b79c514bf540092e441a6f1c0ab21c29c552a43df22

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
private
content-encoding
gzip
content-length
993
content-type
text/html
date
Sun, 21 May 2023 21:24:50 GMT
last-modified
Fri, 19 May 2023 06:44:57 GMT
server
Apache
vary
Accept-Encoding

Redirect headers

Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Date
Sun, 21 May 2023 21:24:50 GMT
Location
https://www.more-and-more.de/alvine/tools/track/ht.html?sxx_partner=zanox_de
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security
max-age=86400
link.html
track.webgains.com/ Frame 8201 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=38088700128374800951427012331005&nw=1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.62.161 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-62-161.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
864f3d118a23a83d04203242e0d8cf7cc42838853b4d04ff9d3b3a2e8b7e181c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
last-modified
Sun, 21 May 2023 21:24:49 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Sun, 21 May 2023 21:25:49 GMT
request_content.php
hal90005.redintelligence.net/ Frame 4338 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request_content.php?s=38088700128374800951427012331005&a=6110ddfe
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=6cywgeu7gf0e&nw=20&renderingType=javascript&namespace=f98e71f86b&subid=&uid=cd6e10bfdd9eb145&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aapn&envData=&gdpr=%5BBID_ATTR.gdpr_flag%5D&gdpr_consent=%5BBID_ATTR.gdpr_str%5D&ud=&redirectClick=http%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D4120038435785651293%26mt_id%3D6622393%26mt_adid%3D216536%26redirect%3D&documentReferer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ancestorOrigins=https%3A%2F%2Fwww.khaleejtimes.com%2Chttps%3A%2F%2Fwww.khaleejtimes.com&random=2607334094740&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
58c639a92b85ada4b667efe491a84309562bb6dead5227baabdf1528481231eb

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2034
Content-Type
text/html; charset=utf-8
Date
Sun, 21 May 2023 21:24:49 GMT
Expires
Sun, 21 May 2023 22:24:49 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame 8201 		43 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=38088700128374800951427012331005&pv=1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.103.93.163 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-93-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:50 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6773 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11924&pub_id=1929161
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
54139
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 21 May 2023 21:24:49 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 May 2023 06:21:12 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
4303, 328721
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230035-FRA
X-Timer
S1684704290.953039,VS0,VE0
vevent
fra1-ib.adnxs.com/ Frame 8201 		0
962 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2F&e=wqT_3QKIC_QrBYgFAAADANYABQEIoJiqowYQtd6u6PDR55gKGPLyhITcpYy5Dio2CdBQY0GqlLE_Ecl2vp8aL60_GQAAAAApXO8_IWYV20npPq0_KVmLTwEwnrE_MQAAAIA9Crc_MJKy9Ak4lF1AHUgIUJeQu7YBWJT8kQFgAGj72LkBeACAAQGKAQNVU0SSAQNVU0SYAaABoAHYBKgBAbABALgBAsABBcgBAtABCdgBAOABAPABANgCAOAC-b9a6gIdaHR0cHM6Ly93d3cua2hhbGVlanRpbWVzLmNvbS-AAwCIAwGQAwCYAxSgAwGqA9MGCosGaHR0cDovL3RhZ3MubWF0aHRhZy5jb20vbm90aWZ5L2ltZz9leGNoPWFwbiZzX2V4Y2g9YXBuJmlkPTVhVzk1cTJqTHpJekx5QXZUVlJGZDFwVVRUTk9iVVYwVFVSQmQwMURNSGROUkVGM1RGUkJkMDFFUVhSTlJFRjNUVVJCZDAxRVFYZE5SRUYzTHpReE1qQXdNemcwTXpVM09EVTJOVEV5T1RNdk5qWXlNak01TXk4ME5UWXlNekV5THpFekwwdDRaak5vYUhWUE1HbFlZVFJwU0Rab2VWZDZOMGhyV1U5NFlVNW1UbkZHU1VSMk1tRkJabVpyTmswdk1TOHhNeTh3THpBdk9UVTJPREF6THpBdk1qRTJOVE0yTHpZMU1UZzNNUzh4THpBdk1DOU5SRUYzVFVSQmQwMUVRWFJOUkVGM1RVTXdkMDFFUVhkTVZFRjNUVVJCZEUxRVFYZE5SRUYzVFVSQmQwMUVRWGN2TUM4d0x6QXZNQzh3THpReE1qQXdNemcwTXpVM09EVTJOVEV5T1RNdllXMXpMekF2TlRjd0x6UXhMems1T1M4eE5qSXZNbUV3TXpveFlqSXdPalk2WmpBd01EbzZMekF1TURBd0x6RTJPRFEzTURReU9EZ3ZNVFk0TkRjeE5qZzRPQzh4TXk4eE9USTVNVFl4THcvS2ZPdmtHcF9lVjRUSWc1b09tbnFDX2pqMkV3Jm5vZGVpZD00MDEzJmdyb3VwPWNkZyZhdWN0aW9uaWQ9NDEyMDAzODQzNTc4NTY1MTI5MyZwYnNfYXVjdGlvbmlkPTQxMjAwMzg0MzU3ODU2NTEyOTMmc2hhcmRrZXk9NDEyMDAzODQzNTc4NTY1MTI5MyZwcmljZT0ke0FVQ1RJT05fUFJJQ0V9JmJwPWFfYWdpaWNhJm5meV9hY3Q9TEQ1d2YzVSZiZmlwPTE4NS4yOS4xMzUuMTQzJnNpZD00NTYyMzEyJmNpZD02NjIyMzkzJnNyYz1hcGkmdHlwZT1udXJsJmNsaWVudD1zMnMSEzQxMjAwMzg0MzU3ODU2NTEyOTMaEjczNDU0MjU1MTQ3NDQ4Mjk5NyIJMzgyNjUwMzkxKgYxMDE5MzY6BzY2MjIzOTPAA6wCyAMA2AOvsDDgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBBQyYTAzOjFiMjA6NjpmMDExOjo1ZagEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANoEAggB4AQA8ASXkLu2AfoEEgkAAABgbQ1JQBEAAADgTUIhQIgFAZgFAKAFmefJqb3PnqcHqgUQM0I2MDA5MDVEMjk4MUU3MsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYvrS_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0Ab5qwHaBhYKEAAAAAAAAACB8wUBkBAAGADgBgHyBgIIAIAHAYgHAKAHAaoHBjY1MTg3McgHANIHDQkFKgQAAAUtDNoHBggFCWDgBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgB&s=49c3aa66438698e04991cec6b1125ae42f825976&type=nv&nvt=5&jm=1003&px=111&py=970&bw=160&bh=600&sid=7423135931064370572&vd=ct~0|rr~0&sv=232&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=20781330&sw=1600&sh=1200&pw=1600&ph=5350&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/232/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:50 GMT
AN-X-Request-Uuid
e35b576f-b4ae-4adc-95cb-db6675c34be3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
css
fonts.googleapis.com/ Frame 4338 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=38088700128374800951427012331005&a=6110ddfe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 21 May 2023 21:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 21 May 2023 19:58:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 21 May 2023 21:24:50 GMT
/
hal9000.redintelligence.net/scale/ Frame 4338 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=38088700128374800951427012331005&a=6110ddfe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
6271955542703658eb7457cc778220494fde5f068fd51c0fcdccf420f5e6edcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:50 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
26363
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 4338 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=38088700128374800951427012331005&a=6110ddfe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
0606a32d040555e704c6ebb9876ea9cd081d9a2560e625d5ccc3ec9a53475a7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:50 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
25832
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 4338 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/14477/creativesup/1200x627-Single.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=38088700128374800951427012331005&a=6110ddfe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.238.90.46.78.clients.your-server.de
Software
Apache /
Resource Hash
4437aff5a485ceb332fbae83eeeee66bbd976a838afb7c06b0e38634e31331d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:50 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
15353
Vary
Accept-Encoding
Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame 6773 		0
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11924&pub_id=1929161&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11924&pub_id=1929161
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:50 GMT
AN-X-Request-Uuid
61db2bfb-8c0b-445a-8761-a0ac9010254b
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame 11E7 		110 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4f49730d60a5f49626af0d8e4f07b7e5fd60b9e1dc9116b8f5ab00e9923a305f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43032
x-xss-protection
0
last-modified
Sun, 21 May 2023 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 May 2023 21:24:50 GMT
AGSKWxVWvpSH3Af1H2f7dLzyANvfBQrrRhim4gltgNcoSDVjOWn2glxYBfcSHX04HioOC6rZm52XuNT_MKC4txfeRgUHJMerQg2XY6_-EIzHCWirw6GO-A6QHzwDsmvViKO-20eK4v7H3g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVWvpSH3Af1H2f7dLzyANvfBQrrRhim4gltgNcoSDVjOWn2glxYBfcSHX04HioOC6rZm52XuNT_MKC4txfeRgUHJMerQg2XY6_-EIzHCWirw6GO-A6QHzwDsmvViKO-20eK4v7H3g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.jySHY8fsPw4.es5.O/d=1/rs=AJlcJMwtoSPxx6HDqAquT_ru_CMqGzXMxw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-267oE9Z8Ydx9ehYZTIG6gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-267oE9Z8Ydx9ehYZTIG6gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 8201 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=38088700128374800951427012331005&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-129.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 18:47:55 GMT
content-encoding
gzip
via
1.1 c0e5f870deac34f99f746174f65a2880.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C2
age
9416
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
ps3h1I4jizqtD4749MVQE1kIAm1GRdv9A4KN1qITWQ-emG6a_o245g==
1x1.png
cdn.track.production.webgains.team/7121/ Frame 8201 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1684704590&Signature=qY9t2VCSv4ziClQ-XGQHgJdAT19zRVcGP7OrHKAXyrF11gZPK7XyAPsAiEd2pJ3LfPPnFEh8FHkdo8oD3QKXhdlYEhORL0djgDQod2WJWl9eXeagrvOWAgZjQ6Qy~jwJwRKJuOSEtwVBHmgXOZ~upLys7YMiZxkwdRf~BeQzdXZYbIISU9M9GhBJYfuoESRfgnM8FDiZFmtmh5RcPv9I9S-AujS3UKmdAiMYwm~FvfzpTVB2wx3x8kz1J~TF5vuvUtS~OrVTg36nMXC-MmAiLz~6lSoPh8GAHYn8WE8iX-XyrRMJQDZGkXXg0eqYaoI1I8ge1DO7Ou3G49RtNnsAGg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.226.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-226-105.bcn50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id
null
date
Sun, 21 May 2023 08:59:01 GMT
via
1.1 e409c264b1c6b5f19b464ccd27f6f0f4.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
BCN50-P2
age
44750
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
qNkGETQdOaqr4ESscv0FynftcV7aI0RdUeIFV2A1Bj34Yr1J3apE-w==
publishertag.prebid.130.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 22 May 2023 21:24:50 GMT
viewability
hal90005.redintelligence.net/ Frame 4338 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/viewability?s=38088700128374800951427012331005&a=f8dba155&vb=m
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=38088700128374800951427012331005&a=6110ddfe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 Esslingen am Neckar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/request_content.php?s=38088700128374800951427012331005&a=6110ddfe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Sun, 21 May 2023 21:24:50 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 4338 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90005.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 03:23:58 GMT
x-content-type-options
nosniff
age
237652
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 18 May 2024 03:23:58 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 4338 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90005.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 17:12:56 GMT
x-content-type-options
nosniff
age
274314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 May 2024 17:12:56 GMT
publishertag.prebid.130.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.130.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:30 GMT
server
nginx
etag
W/"642e8db2-16124"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 22 May 2023 21:24:50 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.khaleejtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		58 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4500757940506256&correlator=188056821829801&eid=31074723%2C31074767%2C31074770%2C21065724&output=ldjh&gdfp_req=1&vrg=202305150101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21751243814%3A78059622%2C537953-300-250-9&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=19&adks=2424930324&didk=4118059826&sfv=1-0-40&prev_scp=adunit%3D9%26prebidtrue%3D0%26refresh1%3D0%26adl_dis%3D-1&eri=1&cust_params=KT_SectionName%3D%26KT_SubSectionName%3DTech%26KT_ArtTarget%3Dcb6fb1ec-4377-494d-ac0f-e5e1c9edd684%26amznbid%3D0%26amznp%3D0%26prebidtrue%3D0%26adl_ok%3D1&ppid=0188403359540015a4db97394a3d03074006106c00b08&sc=1&cookie=ID%3Dff43b30b6b4172dc%3AT%3D1684704288%3AS%3DALNI_MYpz3mEm-ctRPcFstSdz5R9DDrF1Q&gpic=UID%3D00000c19e495ae9f%3AT%3D1684704288%3ART%3D1684704288%3AS%3DALNI_MYSFLEA9UfQk8o1h4bauwISk_nLOg&abxe=1&dt=1684704290269&lmt=1684704290&dlt=1684704286874&idt=405&adxs=478&adys=2140&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&frm=20&vis=1&psz=325x-1&msz=300x-1&fws=4&ohw=325&psts=ABHeCvgIZ3uH-L7IVnoG_r3ZIv_NjeoUCPY_kJEj4LzwSecgH96zNVhvYM_glYjnndCOuxh7YlM3m4ZlaiktTSNPligovkOw5LE%2CABHeCvgYKJBng6D125kkEv76bblaFgh4OzUkEurrkdWwKjD_izCph0PrlFSB8kJLuT4xS6uiczRgn-ZDmtyCMgVVWs_fCS_fIxo%2CABHeCvjydybGEOPTlQLvISDdBGAtbkcfAeqdbVe5uICD0lW0tPFQLeY6L2MkwpmxBh4zRmehVULnyBR5x6cQUAeXaHYotQvkQLk%2CABHeCvjILL5qUfqYrp6iwXioU4jKloOaB6pfMaZDEul0u2NA86zts5h9WF9BvvQ0fZhFRJlAccfmquDoxVxEaGcT_PQf7SMksJA%2CABHeCvhRRq3V5KhfOlRzRelEC5mI7mSmacmk7cCcCQE1p1lnPUbkCXgXJ4PKamVZrfG4vAGNshtBT_Du_avVkD3dw8pTi7Af0cE%2CABHeCvgTCfUDvcozI5bOy-wyApzZb6SXDnMdrbzumuNhiYSLh7bC_yhnF5Rva2a7osspjZsli_d6CB5tX_p0wLsz4OZezRuMGkM&ga_vid=190675365.1684704288&ga_sid=1684704288&ga_hid=62371786&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY47bNgYQxSABSAghkEhkKCnB1YmNpZC5vcmcYgLfNgYQxSABSAghqEoICCghydGJob3VzZRLsAVZVU01jeUU0SEVEOGordmZiNGNtN1lSWFFiNWZBZTJlMG14enB4T3FTWVY1Qzl3WURDMmc3Y0xXN1l4WjZmSXBUM0hTZXQzaSs1ekdRZjQ2cWNRVlFLZlk2d2lIY1lDZDRYeVl2bWg3STZOb0hiNEdBbndrSThqL1pMSHRvR2VEeUJXS3NXbW9aMUtZK0lCM3hlQjRmM3RUbTl6THIwbVR6SjhPSzdQd0FrS2t3OTVkYUJGNE5hV0pEV3MyQ25xSzZHY3VaWFlSR09lZjFXSWN4VDlDQ0NXSnRqRlZTVUZXS3kxb2VQbTR5RG89GK64zYGEMUgAEh0KDmVzcC5jcml0ZW8uY29tGOO2zYGEMUgAUgIIZBIUCgVvcGVueBjNuM2BhDFIAFICCG8SGQoKdWlkYXBpLmNvbRjjts2BhDFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGKO3zYGEMUgAUgIIag..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f74d1b3ee234d6e62c5613e9054535c438c26c8ff61e7b71c61b5a306e5478d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22237
x-xss-protection
0
google-lineitem-id
6095641153
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138402261927
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 41E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF8JwgLaYTD1nEfi9R7EuCe09IOiXfecuv6OFHF29NVqRTcoMPEpjIZEBQlFzkT0Nr5nc6MEDJkXsnqFnzZfjCM1nf4PCzuz7b5qNxHqRZb51OIIqo84Wh1qArOuTz7X0rFP3tFg3eRH4MnL38RriyBnS6peu5bkunvw5ZHqcRNHyegm-3Jz74MHtso13ZGNcy6cA8MZzzue7rHCarrVca3OCnpNCWs_pSfBLrsLEuetWPo9TAk3kwWSX_wPT2gK54RkcW8nWbqfMCzh8da4hnwD1yn6H42y4mIxb779S3OI2Nn9rBnJlzFzUw3pJpIdyHKycW7Gti_UrTLB_IoQ&sai=AMfl-YRjR49b-M_Nwr7VPfw3x7ce99qfBvz4nevcp9kgsUyuK8Cu48oShfpNcvHPehgP7bk_rWxjj5MXDUDtk2o4D_tchYixYxcNm10mKgytGxFnb227dN2mria2oS4PmcQ&sig=Cg0ArKJSzE6-gKAOp5BDEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
2733177347293647796
tpc.googlesyndication.com/simgad/ Frame 41E0 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2733177347293647796
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
745a0cfd6511ebe10755631eba8e109555c7cbd60f3acc939575640ddd1f20d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 22:35:04 GMT
x-content-type-options
nosniff
age
82186
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32293
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 09:52:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 19 May 2024 22:35:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/ Frame 41E0 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 10:36:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
38903
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8780
x-xss-protection
0
server
cafe
etag
16540081610679671253
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 10:36:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 41E0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 20:27:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
3455
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 04 Jun 2023 20:27:15 GMT
l
www.google.com/ads/measurement/ Frame 41E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaST4l9xZM7KHpL151Q7k38RtGZbgcxLAdPf7UwC2Tt_8qrhmgTQNNY7_M2HnaJhR3CiD4GLhCUDuxD5kRK-5D9Sfwzksw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 41E0 		170 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53893
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1684322484769956"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 21 May 2023 21:24:50 GMT
truncated
/ Frame 41E0 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4379cf79df8232487024c20ac47d9858aeb857f2390efed18d240d27b6102c5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 5556 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHit-sWOb-Tm6jr9t9woiytXv50m8witR9hnrmyHx2sMeZUUZJJ6M0lHDDafKr6MHGnzvPaacw0mL0paBoGaY-oPOGiI4fg0wulJX77Qlwlcrq7G3o&sig=Cg0ArKJSzHB7rqd_yG0sEAE&id=lidar2&mcvt=1000&p=567,1167,817,1467&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1887997246&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684704289479&rpt=159&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 41E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstnMXeqr8p7Nam8mV5MxURXiQhpCCvF3NA3wueWNs9GjZLiNqi8obCLluXN_0v1QJkTLI82LosyYag7SLX4uHlU-5P2U5mSbEnjCeOp_KR2OQsQLOnveRVBBljTRQwFRikL_QwgpWw0m9AeNa2tzZ9s9I3RNUxCoxQOmQ2v1Yg3ijRtOMwerkmA8ohOmdSpqL5dyyMEHAfyZ2nEkYwtKv_U3c59ehApOGC8dlMTv4i1Dkr8T44yLwvSXKRPJGJ6K4SDHxGHDJaWHbVoapvGe0qxZ59GzegihHcCrNsDm5umdak4xzPazZFWA5QWhCTRZx-VGsmLBZGFnvjvvwcPe3S9&sai=AMfl-YQkyTiei_pUna4wZfe_aUF9EoLZxrIArSzx2vbfXxovlvqqyqBgZP1Vlsx-XojJdvguLxtlby0OKvF9ViaE5suX3z5jVU5dYkVvJskOGiwmj_81GKJ6gElMbiCOk-I&sig=Cg0ArKJSzB1yk9Z03lXlEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:50 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 56CB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8GBzwba6VaZ7ya8V7ne5Qo74H71QL_lqy1EbJKCGjnu3QZbicMNTiYoAU1fKFC7nFoJRUp4vcT4Yuqj_bjUsrbls&sig=Cg0ArKJSzNyHmR5SzlUnEAE&id=lidar2&mcvt=1004&p=240,315,490,1285&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4184082431&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684704289430&rpt=274&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame A05D 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=9YJXEnKdeyMhyj2AtWbfvpbysoiN377nAZOSP5CYKafEjM1DvgcgrNUES-4YpxGgzMA3XLomtPPfLt55ljb2FgmlePj_lbdsxT3Kzh158jDkE49IA28oSDCwTTQoUzk1RkbqmtFIhwy2BN9wk8fk-JYEOQuIMvRzzG-Flgb2wZj92yNNG2DkPvdS4Y5ZhMNg8EbFlsXP39H10slfuKT4KUnjLu51j-p45w1UldOnO15bMl_TH3RdxPQXk0MDC6yKNJm82g&sds=2&rev=86437&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGqMIQACrL4Kd8IPAAH8nYY6hdHvl4zb2X8O0Q&u=%7CmnVyqarO45%2F1O9XRKdgJ0iBTRTG7GZ5wp0MQUtnxjMw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzm4RCiJiIGT5xwGwpq72AA9cTlJgqEZnthwGUqKNi4MkjlPejYi92vMYodVXZF_9yDqGpQAOgAZAYVGYTgLXAq-6I4AVCc78jNhssEm7sMRX3R1zMcLa33vxrkiop0IU3zQxEOpcYu3uuE19jSvhpIR0J6i2XFCazLwcKRUotSs1ERamCHGZ9eJ-GPAqxy5rrHJzb7ZBgg6tkDaU_1NdcdatMn_qDb27uY0MfGYuJunip1m6IG73g1f7MkWtXbBYZuR1UNqfKsL_-o-y2VDeHXQyfAhoulV_KYaYkz_d1e1Gd_oK6vnNC0RGGAyfFpPEMjqQNAj3d_h558x4JU_gpkcOiYqUn7r5BIbx-6qmry1whPh8LWIP-X6Q64ZPJiMa9TW3o3XF5i8_9pRiooPx6pNwW6Lh_izm3CELWYZrVwh6a2xSxlyXHQJzo2JsgKrw509bGrdXRLjCRAKVu2lPS6zZsdUBDQiQyKFPEUEDw-iLPORvOZfYhOYkjnZwJsmwX14t4uhEliY7NJ5QLAvnljMIBuyOISbXl8ozjGyqSlPv3pBlCF3iDzM5JqhiXY3TEnP-unvr260WyaHGxKd7l8TWWeQ8M5TdkM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9RokIYxqZL7ZCo-E3wOd-YeQBMme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODczMTIxMDc2NTIwMjIzN8gBCakCkmz4C7Mgsj7gAgCoAwGqBMECT9CNT4kaZHazmWAcoM2wwx9BXMFzGeiikwqBhrVtY8-ceMM4z0bZYoxc08Kdi-qG3OcgwwM8Nl6Nh2nueUpUFtcNBMPHLXr1J-C1vnb_fj5maDpA2hBS3Mk3tcfmJIa_ApgqCavt_8Fwu7m0YzT2dxdER4BNo-wXkHLwVJXBlHnbmBABlVyda-7UC00o1RbalXy4Uar647H8p_Yck_WFJVI06YHDnuOBudokWWE9Yr8zv8wIDF4L53mBYxKh0_ZVNdvX2lG8hwihQwpoGoLOgNoRLHvV-UP28ZbnnrOyM4xXZ-db2qeLpqYG8zW48-v6rZy8mr2aOuvSi6wuhfN-AlI2FfnQ-RzoBqpHXjmMsENDSFt5ZkIT8bQcb0B046KgYE7HngNQ1If-CVH1U7B1od-bLDLDETo2akidler5ffTH4AQBgAabsIrStMCSxaIBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPIIG2FkeC1zdWJzeW4tNjI5NTg1MDUwNzI4NjA3MvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wFXevlAErLxuIdO1qigYmJNL-FQ%26client%3Dca-pub-8731210765202237%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 May 2023 21:24:50 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.54.180 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-54-180.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.khaleejtimes.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sun, 21 May 2023 21:24:51 GMT
server
nginx
tracking-event
api.webgains.io/ Frame 8201 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.54.180 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-54-180.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 May 2023 21:24:51 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
async_usersync
ib.adnxs.com/ Frame 6773 		0
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11924&pub_id=1929161&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11924&pub_id=1929161
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:51 GMT
AN-X-Request-Uuid
35ad761e-7ef6-4e6c-97af-1953c7ae9610
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame F5C5 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr={gdpr]&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
avw.gif
c.4dex.io/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=andbeyond72810&evt=start&pv_id=227d8ad8-fd46-4628-9500-a9b22639afe8&adu_el_id=andbeyond72810&v=0&tz_off=0&js_late=1&js_ts=1684704288330&size=728x90&pbjs_sizes=728x90%2C468x60%2C600x100%2C640x100&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=0&pg_paused=0&pg_exp=0&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1684704285603&trgr_ts=1684704289309&init_ts=1684704289309&start_ts=1684704289310&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=2af5836b-229d-4824-aa0c-e365ca3dbb2b&featv=_&pg_dims=1600x4065&vp_dims=1600x1200&u_ts=1684704288&dom_l=1271&pn=1&adu_pos=313x3739&dvc=2&os=windows&brwsr=chrome&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=desktop&org_id=1056&pgtyp=&plcmt=andbeyond72810&site=khaleejtimes-com&subcat=&adsrv=dfp&adsrv_advrt_id=5067246141&adsrv_cmpgn_id=2906230027&adsrv_crea_id=138402261900&adsrv_empty=0&adsrv_lnitem_id=6095641153&adsrv_size=728x90&adgjsv=1.16.2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:52 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=andbeyond30015&evt=start&pv_id=227d8ad8-fd46-4628-9500-a9b22639afe8&adu_el_id=andbeyond30015&v=0&tz_off=0&js_late=1&js_ts=1684704288330&size=300x250&pbjs_sizes=300x250%2C200x200%2C250x250%2C200x200&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=0&pg_paused=0&pg_exp=0&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1684704285603&trgr_ts=1684704289324&init_ts=1684704289324&start_ts=1684704289324&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=e912b65a-cf32-4e0a-b35d-36964a239d97&featv=_&pg_dims=1600x4065&vp_dims=1600x1200&u_ts=1684704288&dom_l=1271&pn=1&adu_pos=478x1098&dvc=2&os=windows&brwsr=chrome&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=responsive&org_id=1056&pgtyp=&plcmt=andbeyond30015&site=khaleejtimes-com&subcat=&adsrv=dfp&adsrv_advrt_id=5067246141&adsrv_cmpgn_id=2906230027&adsrv_crea_id=138402703060&adsrv_empty=0&adsrv_lnitem_id=6095641153&adsrv_size=300x250&adgjsv=1.16.2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:52 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
avw.gif
c.4dex.io/ 		0
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=andbeyond30016&evt=vsbl&pv_id=227d8ad8-fd46-4628-9500-a9b22639afe8&adu_el_id=andbeyond30016&v=0&tz_off=0&js_late=1&js_ts=1684704288330&size=300x250&pbjs_sizes=300x250%2C200x200%2C250x250%2C200x200&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=2867&pg_durat=0&pg_paused=0&pg_exp=0&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-34&clk_time=&reset=0&adsrv_adu_exp=2868&navs_ts=1684704285603&trgr_ts=1684704289487&init_ts=1684704289488&start_ts=1684704289488&reset_ts=&vsbl_ts=1684704290644&adsrv_vsbl_ts=1684704290590&auct_id=3cfe0474-3c5f-48fa-a052-e39e9c87d584&featv=_&pg_dims=1600x4065&vp_dims=1600x1200&u_ts=1684704288&dom_l=1271&pn=1&adu_pos=1167x586&dvc=2&os=windows&brwsr=chrome&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=responsive&org_id=1056&pgtyp=&plcmt=andbeyond30016&site=khaleejtimes-com&subcat=&adsrv=dfp&adsrv_advrt_id=5067246141&adsrv_cmpgn_id=2906230027&adsrv_crea_id=138402262257&adsrv_empty=0&adsrv_lnitem_id=6096372437&adsrv_size=300x250&adgjsv=1.16.2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:52 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
PugMaster
image6.pubmatic.com/AdServer/ Frame D060 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22097669&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b266a3330f4fc2073eaaee2c489db68b41b79207e418a22f091886f3983049e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame B1C1 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=227EFB13-0300-4E8A-A54E-65179FF0E58E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 21 May 2023 21:24:52 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 054F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=k6NJ3530TY-I9EqNlvZS3ZHzT9qIp0eKkKe5aQsB
42 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=k6NJ3530TY-I9EqNlvZS3ZHzT9qIp0eKkKe5aQsB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 21 May 2023 21:24:52 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=k6NJ3530TY-I9EqNlvZS3ZHzT9qIp0eKkKe5aQsB
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame D44F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2436496733646849807&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2436496733646849807&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
efa7d55e-fb96-4484-9881-8cd71d171e84
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 21 May 2023 21:24:52 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2436496733646849807&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.23.2
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame F4AC
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7235749824706050196&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7235749824706050196&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sun, 21 May 2023 21:24:52 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7235749824706050196&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame C00E 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sun, 21 May 2023 21:24:52 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230086-FRA
x-timer
S1684704293.832464,VS0,VE89
Pug
image2.pubmatic.com/AdServer/ Frame 0DA8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDWWVFN0kxUmdBQUItNUdjNjREdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACYeE7I1RgAAB-5Gc64Dw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7681514413390398551&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AACYeE7I1RgAAB-5Gc64Dw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7681514413390398551%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7681514413390398551&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AACYeE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACYeE7I1RgAAB-5Gc64Dw&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACYeE7I1RgAAB-5Gc64Dw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sun, 21 May 2023 21:24:53 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACYeE7I1RgAAB-5Gc64Dw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0F51
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pFSVi-rqWzFhSoaoUjFz6rnVm60&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pFSVi-rqWzFhSoaoUjFz6rnVm60&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sun, 21 May 2023 21:24:53 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=pFSVi-rqWzFhSoaoUjFz6rnVm60&gdpr=0&gdpr_consent=
cm
ipac.ctnsnet.com/int/ Frame 0545 		43 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sun, 21 May 2023 21:24:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
simage2.pubmatic.com/AdServer/ Frame 5444
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 21 May 2023 21:24:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Sun, 21 May 2023 21:24:52 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
cookiesync
core.iprom.net/ Frame 6E8D 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 21 May 2023 21:24:52 GMT
Vary
Accept-Encoding
X-adserver-worker
komodo-9f735f4a55e7@version_1.551
X-core-time
0ms
X-server-arch
v2
bridge
cm.adgrx.com/ Frame B8CB 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sun, 21 May 2023 21:24:52 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-4
Pug
simage2.pubmatic.com/AdServer/ Frame A8E6
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=227EFB13-0300-4E8A-A54E-65179FF0E58E&gdpr=0&gdpr_consent=
42 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=227EFB13-0300-4E8A-A54E-65179FF0E58E&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:51 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=227EFB13-0300-4E8A-A54E-65179FF0E58E&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
i.match
a.tribalfusion.com/ Frame 0310 		43 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7cafe3864b341905-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:53 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
image2.pubmatic.com/AdServer/ Frame 4CC2
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1qemlcnb07vw
42 B
309 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1qemlcnb07vw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:53 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Sun, 21 May 2023 21:24:53 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1qemlcnb07vw
lws
90
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame D662
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=41b420c4d09502a1/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9y7pfzHtWbhWXajWQaRVaXgb&gdpr=0&gdpr_consent=
42 B
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9y7pfzHtWbhWXajWQaRVaXgb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:52 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=9y7pfzHtWbhWXajWQaRVaXgb&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame 976C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Sun, 21 May 2023 21:24:52 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
generic
match.adsrvr.org/track/cmf/ Frame EE2F
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5894146621
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5894146621
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 21 May 2023 21:24:52 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 21 May 2023 21:24:52 GMT
etag
RX71d0441c488d4c74998198c0af1a5d92003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5894146621
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
Pug
simage2.pubmatic.com/AdServer/ Frame 80B5
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:214002DBEB96486A800EB4C15C0CF2EC&gdpr=0&gdpr_consent=
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:214002DBEB96486A800EB4C15C0CF2EC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 21 May 2023 21:24:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Sun, 21 May 2023 21:24:52 GMT
expires
Sat, 20 May 2023 21:24:52 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:214002DBEB96486A800EB4C15C0CF2EC&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
csync
sync.adtelligent.com/ Frame 8B34 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=227EFB13-0300-4E8A-A54E-65179FF0E58E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 21 May 2023 21:24:52 GMT
Etag
e0cb5ef3b15a5a54
Server
Adtelligent
mw
mwzeom.zeotap.com/ Frame D060 		95 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=227EFB13-0300-4E8A-A54E-65179FF0E58E
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:52 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7cafe3865c691e1c-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame D060
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=227EFB13-0300-4E8A-A54E-65179FF0E58E&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=227EFB13-0300-4E8A-A54E-65179FF0E58E&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=227EFB13-0300-4E8A-A54E-65179FF0E58E&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:59 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:59 GMT
frontend-id
10
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=227EFB13-0300-4E8A-A54E-65179FF0E58E&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame D060
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=227EFB13-0300-4E8A-A54E-65179FF0E58E&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 21 May 2023 21:24:52 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
sync
ups.analytics.yahoo.com/ups/58292/ Frame D060 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=227EFB13-0300-4E8A-A54E-65179FF0E58E&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:52 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
227EFB13-0300-4E8A-A54E-65179FF0E58E
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D060 		0
529 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/227EFB13-0300-4E8A-A54E-65179FF0E58E?gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f6c9:c47f:7f05:2962 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:52 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame D060
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_5e613b7e-092c-4995-9532-b79d840f4c93&bsw_param=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 21 May 2023 21:24:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&gdpr=0&gdpr_consent=&gdpr_pd=
date
Sun, 21 May 2023 21:24:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame D060 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=227EFB13-0300-4E8A-A54E-65179FF0E58E&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:52 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D060 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sun, 21 May 2023 21:24:52 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D060
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2436496733646849807
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2436496733646849807
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 21 May 2023 21:24:52 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
433d3bf7-1fdd-47ed-a4ec-7f2d12526a2b
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2436496733646849807
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D060
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7435423427955502766&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7435423427955502766&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sun, 21 May 2023 21:24:52 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7435423427955502766&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 21 May 2023 21:24:52 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame D060
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c2506c40-e6fc-457f-a1bd-710d19cdf3a1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c2506c40-e6fc-457f-a1bd-710d19cdf3a1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 21 May 2023 21:24:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c2506c40-e6fc-457f-a1bd-710d19cdf3a1&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sun, 21 May 2023 21:24:52 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame 48CE 		47 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38525178&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D25db92053c080c79%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Sun, 21 May 2023 21:24:52 GMT
content-length
47
content-type
text/html; charset=UTF-8
um
u-ams03.e-planning.net/ Frame 28C1 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=25db92053c080c79&uid=227EFB13-0300-4E8A-A54E-65179FF0E58E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D25db92053c080c79%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Sun, 21 May 2023 21:24:52 GMT
server
openresty
avw.gif
c.4dex.io/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=andbeyond3009&evt=start&pv_id=227d8ad8-fd46-4628-9500-a9b22639afe8&adu_el_id=andbeyond3009&v=0&tz_off=0&js_late=1&js_ts=1684704288330&size=300x250&pbjs_sizes=300x250%2C200x200%2C250x250%2C200x200&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=0&pg_durat=0&pg_paused=0&pg_exp=0&vsbl=0&adsrv_vsbl=0&adsrv_att_delta=0&clk_time=&reset=0&adsrv_adu_exp=0&navs_ts=1684704285603&trgr_ts=1684704290588&init_ts=1684704290588&start_ts=1684704290589&reset_ts=&vsbl_ts=&adsrv_vsbl_ts=&auct_id=18c00a82-545c-4693-b981-d19028724c09&featv=_&pg_dims=1600x4065&vp_dims=1600x1200&u_ts=1684704288&dom_l=1271&pn=1&adu_pos=478x2140&dvc=2&os=windows&brwsr=chrome&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=responsive&org_id=1056&pgtyp=&plcmt=andbeyond3009&site=khaleejtimes-com&subcat=&adsrv=dfp&adsrv_advrt_id=5067246141&adsrv_cmpgn_id=2906230027&adsrv_crea_id=138402261927&adsrv_empty=0&adsrv_lnitem_id=6095641153&adsrv_size=300x250&adgjsv=1.16.2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:53 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
ctrack
track1.avplayer.com/ 		0
121 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.avplayer.com/ctrack?pt=2&d66=8.3.7&d74=&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&pid=631834db55e9564951409ee5&cid=631aed0efe3b5c12d06b24f5&r=www.khaleejtimes.com&sn=&cd1=&app=&test=&cb=1684704289111
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.214.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-214-156.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 May 2023 21:24:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
prebid
id5-sync.com/api/config/ 		135 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8223c5d16d0bb9382590bb01f07d02c9f3a9806167f3415bb75d81439a587987

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:53 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Tue, 20 Jun 2023 21:24:53 GMT
pd
u.openx.net/w/1.0/ Frame 7379 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 21 May 2023 21:24:53 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sspmatch-iframe
ads.betweendigital.com/ Frame 10D5 		604 B
774 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
5a056768b6de033823f354d292987be0efcde2c68fb35ca524c8d6cd7d4e1ef0

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
604
content-type
text/html
beacon
ap.lijit.com/ Frame A91B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13413210
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 21 May 2023 21:24:53 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
sspmatch-iframe
ads.betweendigital.com/ Frame A86B 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
checksync.php
contextual.media.net/ Frame 834C 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
40aee081c093e749a7df384cd8938a1a1d8dac799a2404f259ff68aa4211ed72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
7973
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:53 GMT
expires
Tue, 23 May 2023 21:24:53 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sspmatch-iframe
ads.betweendigital.com/ Frame EDF7 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
content-type
text/html
sync
eb2.3lift.com/ Frame EC57 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 21 May 2023 21:24:53 GMT
pd
u.openx.net/w/1.0/ Frame 7338 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 21 May 2023 21:24:53 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame A427 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 21 May 2023 21:24:53 GMT
sync
eb2.3lift.com/ Frame 7001 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 21 May 2023 21:24:53 GMT
beacon
ap.lijit.com/ Frame 593D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13413210
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 21 May 2023 21:24:53 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
/
csync.smilewanted.com/ Frame 9EB0 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42869601ae87a83476b74dbfb615c3acde329931afc04beea4bd387f3703c7e

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38d3e5c30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:53 GMT
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 2BA6 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 21 May 2023 21:24:53 GMT
beacon
ap.lijit.com/ Frame D175 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13413210
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 21 May 2023 21:24:53 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 03D8 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156181
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48772
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 21 May 2023 21:24:53 GMT
expires
Mon, 22 May 2023 10:57:45 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame E577 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 21 May 2023 21:24:53 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 9132 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1684704289312
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
csync.smilewanted.com/ Frame B454 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42869601ae87a83476b74dbfb615c3acde329931afc04beea4bd387f3703c7e

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38d3e5e30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:53 GMT
server
cloudflare
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame 7AEA 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42869601ae87a83476b74dbfb615c3acde329931afc04beea4bd387f3703c7e

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38d3e5730f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:53 GMT
server
cloudflare
vary
Accept-Encoding
beacon
ap.lijit.com/ Frame 5083 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13413210
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sun, 21 May 2023 21:24:53 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
sync
eb2.3lift.com/ Frame 146E 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 21 May 2023 21:24:53 GMT
pd
u.openx.net/w/1.0/ Frame 942D 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 21 May 2023 21:24:53 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
u.openx.net/w/1.0/ Frame 6616 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 21 May 2023 21:24:53 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
u.openx.net/w/1.0/ Frame 37BB 		0
80 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sun, 21 May 2023 21:24:53 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame C094 		281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:53 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
sync-all.html
adxbid.info/ Frame 3E61 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:23e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cafe38d7a1f929b-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 21 May 2023 21:24:54 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUXf2gE%2Bp9k1ms3s%2FxYdS5UrwcgoM%2F2846bI4CjAHLEpaw1ALQluMefrt6z%2FBR1mhmmth05WAfv00MCwEUSwiZ5grBNh%2BQrnAzJOdooCGCkAJReayKMwOTb9y3aMlLLex%2BgTMkMoiCuo6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
csync.smilewanted.com/ Frame 1A0E 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42869601ae87a83476b74dbfb615c3acde329931afc04beea4bd387f3703c7e

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38d4e6c30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:53 GMT
server
cloudflare
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D528 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48772
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 21 May 2023 21:24:53 GMT
expires
Mon, 22 May 2023 10:57:45 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
csync.smilewanted.com/ Frame E7DB 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42869601ae87a83476b74dbfb615c3acde329931afc04beea4bd387f3703c7e

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38d4e7330f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 06B5 		37 B
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Sun, 21 May 2023 21:24:53 GMT
/
csync.smilewanted.com/ Frame 7D11 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42869601ae87a83476b74dbfb615c3acde329931afc04beea4bd387f3703c7e

Request headers

Referer
https://www.khaleejtimes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38d4e7530f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:53 GMT
server
cloudflare
vary
Accept-Encoding
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
b54ccb6daa7b61513f2fa7b8bb4a11bb6b18e1fc60356298093a678e150194cb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
track
track1.aniview.com/ Frame D29E 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=www.khaleejtimes.com&rs=www.khaleejtimes.com&sid=56625&t=1684704289&cip=185.213.155.173&sn=&tgt=0&osv=10&bv=113.0&brn=Chrome&wi=640&he=360&app=&AV_PUBLISHERID=631834db55e9564951409ee5&test=&d64=cca847778f5e05041fa3e42bb8981150&d63=cca847778f5e05041fa3e42bb8981150&aafaid=&proto=https&uid=1684704289246-971398736648-001199-006-005516&cha=0.7&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&d35=&d36=6.2.101&cb=2127410503&d39=&d65=idanTest4&d66=8.3.7&d73=&apppkg=&d9=1000&d37=realtime&pt=2&d66=8.3.7&d74=&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&cvid=&cpid=&str=viewable&AV_WIDTH=640&AV_HEIGHT=360
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=631834db55e9564951409ee5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.203.16.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-203-16-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 May 2023 21:24:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
match
ads.betweendigital.com/ Frame 10D5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3D0bc226ec-00c9-4392-8f4c-1f7a26a8640...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=4dce646a-8c21-4700-bc3b-6d10e335bd91&expires=30&ssp=between&bsw_param=0bc226ec-00c9-4392-8f4c-1f7a26a8640e&gdpr=&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
date
Sun, 21 May 2023 21:24:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
match
ads.betweendigital.com/ Frame 10D5
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=xLEZUR6J6Jg.AikABlGIQDN01g
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=xLEZUR6J6Jg.AikABlGIQDN01g
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:54 GMT
server
nginx
x-backend-id
f10-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=xLEZUR6J6Jg.AikABlGIQDN01g
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58665/ Frame 10D5 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58665/occ?gdpr=0&gdpr_consent=
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.57 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.57
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
btw
sync.dmp.otm-r.com/match/ Frame 10D5 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/btw?id=215e4620-cedb-528e-a1f0-42f0c59aced0
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.59.100 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.100.59.69.159.clients.your-server.de
Software
nginx/1.17.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 May 2023 21:24:54 GMT
server
nginx/1.17.10
bidder_18.html
cache.betweendigital.com/code/ Frame 6898 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=215e4620-cedb-528e-a1f0-42f0c59aced0&CACHEBUSTER=950092
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.118.210 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sun, 21 May 2023 21:24:54 GMT
etag
W/"638623e5-e7e"
last-modified
Tue, 29 Nov 2022 15:23:17 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
311
x-cdn-request-id
745e005654ead63007db68c2f1c934a0
usync.js
eus.rubiconproject.com/ Frame C094 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fbd313762cb3406cf59cfd0cb482fccf9b76f79ccbb80caf324ce80cf465eb8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
content-encoding
gzip
last-modified
Sun, 21 May 2023 04:27:12 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=25329
content-length
10085
expires
Mon, 22 May 2023 04:27:03 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 9EB0 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
223559
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7cafe38e0f4930f4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame B454 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
223559
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7cafe38e0f4a30f4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
csync
sync.adtelligent.com/ Frame CBB1 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=227EFB13-0300-4E8A-A54E-65179FF0E58E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent={gdpr_consent}&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 21 May 2023 21:24:53 GMT
Etag
e0cb5ef3b15a5a54
Server
Adtelligent
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 7AEA 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
223559
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7cafe38e0f5730f4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
984.json
id5-sync.com/g/v2/ 		241 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
878c16e05427aa7894dce4ed4f1026a33399e4309163b0c0b2231e20ad5030cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:24:53 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 7D11 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
223559
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7cafe38e2f7030f4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 1A0E 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
223559
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7cafe38e2f7230f4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
getuid
eb2.3lift.com/ Frame 3E61 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame E7DB 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
223559
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7cafe38e4f8430f4-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
setuid
user-sync.adxpremium.services/ Frame 3E61
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=068c319a644dcf8f49620c02b133461608e3497c2a250dec18a459f192666475
86 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=068c319a644dcf8f49620c02b133461608e3497c2a250dec18a459f192666475
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=068c319a644dcf8f49620c02b133461608e3497c2a250dec18a459f192666475
Pragma
no-cache
Date
Sun, 21 May 2023 21:24:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame D5A1 		0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38e6fa630f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame 6A57 		0
517 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38e6fac30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding
drop_cookie_sw.php
csync.smilewanted.com/ Frame 9CC1 		0
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38e6fae30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 3A34 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 21 May 2023 21:24:54 GMT
X-Sovrn-Pod
ad_ap7ams1
drop_cookie_sw.php
csync.smilewanted.com/ Frame 664C 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38e6fb330f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 40FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 21 May 2023 21:24:54 GMT
X-Sovrn-Pod
ad_ap7ams1
drop_cookie_sw.php
csync.smilewanted.com/ Frame DACD 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38e6fb430f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame D693 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 21 May 2023 21:24:54 GMT
X-Sovrn-Pod
ad_ap7ams1
pixel
ap.lijit.com/ Frame 76F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 21 May 2023 21:24:54 GMT
X-Sovrn-Pod
ad_ap7ams1
pixel
ap.lijit.com/ Frame FB3A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 21 May 2023 21:24:54 GMT
X-Sovrn-Pod
ad_ap7ams1
drop_cookie_sw.php
csync.smilewanted.com/ Frame CABF 		0
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38e8fcd30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 76EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Sun, 21 May 2023 21:24:54 GMT
X-Sovrn-Pod
ad_ap7ams1
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame EA83
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Sun, 21 May 2023 21:24:52 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:52 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx
x-powered-by
PHP/8.2.4
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 19CF
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Sun, 21 May 2023 21:24:52 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:52 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx
x-powered-by
PHP/8.2.4
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 8A99
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Sun, 21 May 2023 21:24:52 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:52 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx
x-powered-by
PHP/8.2.4
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 9FB9
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Sun, 21 May 2023 21:24:52 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:52 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx
x-powered-by
PHP/8.2.4
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 173E
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Sun, 21 May 2023 21:24:52 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:52 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx
x-powered-by
PHP/8.2.4
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 7C2C
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
95 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.236.224 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.236.55.162.clients.your-server.de
Software
nginx / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/png
date
Sun, 21 May 2023 21:24:52 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:52 GMT
location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcsync.smilewanted.com%2F
server
nginx
x-powered-by
PHP/8.2.4
match
ads.betweendigital.com/ Frame 6898
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=c3419085-38d9-44fe-a469-0f6b8b9ee694&user_group=1&ssp=between&bsw_param=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
date
Sun, 21 May 2023 21:24:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame D741
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8607225507
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8607225507
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 21 May 2023 21:24:54 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 21 May 2023 21:24:54 GMT
etag
RX71d0441c488d4c74998198c0af1a5d92003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8607225507
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
generic
match.adsrvr.org/track/cmf/ Frame DE0A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8702170863
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8702170863
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 21 May 2023 21:24:54 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 21 May 2023 21:24:54 GMT
etag
RX71d0441c488d4c74998198c0af1a5d92003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8702170863
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
generic
match.adsrvr.org/track/cmf/ Frame 4C70
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6880188574
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6880188574
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 21 May 2023 21:24:54 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 21 May 2023 21:24:54 GMT
etag
RX71d0441c488d4c74998198c0af1a5d92003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6880188574
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
generic
match.adsrvr.org/track/cmf/ Frame 45A9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3568982113
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3568982113
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 21 May 2023 21:24:54 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 21 May 2023 21:24:54 GMT
etag
RX71d0441c488d4c74998198c0af1a5d92003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3568982113
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
generic
match.adsrvr.org/track/cmf/ Frame FCDF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5711190541
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5711190541
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 21 May 2023 21:24:54 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 21 May 2023 21:24:54 GMT
etag
RX71d0441c488d4c74998198c0af1a5d92003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5711190541
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
generic
match.adsrvr.org/track/cmf/ Frame 0DFD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4010052887
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4010052887
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sun, 21 May 2023 21:24:54 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Sun, 21 May 2023 21:24:54 GMT
etag
RX71d0441c488d4c74998198c0af1a5d92003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4010052887
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
215e4620-cedb-528e-a1f0-42f0c59aced0
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 9C9F
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38f98ad30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
215e4620-cedb-528e-a1f0-42f0c59aced0
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame FEAE
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
0
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38f98ae30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
215e4620-cedb-528e-a1f0-42f0c59aced0
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame D7E6
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
0
90 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38f98b230f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
215e4620-cedb-528e-a1f0-42f0c59aced0
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 409C
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38f98b630f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
215e4620-cedb-528e-a1f0-42f0c59aced0
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame B5B3
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38fa8ba30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
215e4620-cedb-528e-a1f0-42f0c59aced0
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame 5D3F
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
0
90 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe38fa8be30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/215e4620-cedb-528e-a1f0-42f0c59aced0
smwt256.gif
us.ck-ie.com/ Frame B7D3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 21 May 2023 21:24:54 GMT
Server
nginx
smwt256.gif
us.ck-ie.com/ Frame 3570 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 21 May 2023 21:24:54 GMT
Server
nginx
smwt256.gif
us.ck-ie.com/ Frame E950 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 21 May 2023 21:24:54 GMT
Server
nginx
smwt256.gif
us.ck-ie.com/ Frame A28E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 21 May 2023 21:24:54 GMT
Server
nginx
smwt256.gif
us.ck-ie.com/ Frame 5DB3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 21 May 2023 21:24:54 GMT
Server
nginx
smwt256.gif
us.ck-ie.com/ Frame 59B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 21 May 2023 21:24:54 GMT
Server
nginx
3743094787952999567
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 3087
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
0
90 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe390191930f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 21 May 2023 21:24:54 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
server
nginx
3743094787952999567
csync.smilewanted.com/set_partner_userid_get/adform/ Frame E761
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
0
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe390191d30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 21 May 2023 21:24:54 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
server
nginx
3743094787952999567
csync.smilewanted.com/set_partner_userid_get/adform/ Frame D5C4
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
0
90 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe390191f30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 21 May 2023 21:24:54 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
server
nginx
3743094787952999567
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 5287
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe390192130f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 21 May 2023 21:24:54 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
server
nginx
3743094787952999567
csync.smilewanted.com/set_partner_userid_get/adform/ Frame F893
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe390192330f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 21 May 2023 21:24:54 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
server
nginx
3743094787952999567
csync.smilewanted.com/set_partner_userid_get/adform/ Frame D21B
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
0
90 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe390393430f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Sun, 21 May 2023 21:24:54 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/3743094787952999567
server
nginx
c935c1a7db325e43432d1c329359734
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 8827
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/c935c1a7db325e43432d1c329359734?gdpr_consent=&gdpr=0
0
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/c935c1a7db325e43432d1c329359734?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe390d9d830f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 21 May 2023 21:24:54 GMT
Expires
Sun, 21 May 2023 21:24:54 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/c935c1a7db325e43432d1c329359734?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1684704294452067-511
d9e4644cd1689f309df9c01a7e7ddb73
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 1A80
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/d9e4644cd1689f309df9c01a7e7ddb73?gdpr_consent=&gdpr=0
0
455 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/d9e4644cd1689f309df9c01a7e7ddb73?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe390e9e830f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 21 May 2023 21:24:54 GMT
Expires
Sun, 21 May 2023 21:24:54 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/d9e4644cd1689f309df9c01a7e7ddb73?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1684704294500020-412
a41166c89599a6ea2f1ba9a78bb7da
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame A1DE
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
0
104 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe390d9de30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 21 May 2023 21:24:54 GMT
Expires
Sun, 21 May 2023 21:24:54 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1684704294514016-592
a41166c89599a6ea2f1ba9a78bb7da
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame BC2E
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
0
116 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe390d9dc30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 21 May 2023 21:24:54 GMT
Expires
Sun, 21 May 2023 21:24:54 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1684704294420088-573
a41166c89599a6ea2f1ba9a78bb7da
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 336B
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
0
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe390d9da30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 21 May 2023 21:24:54 GMT
Expires
Sun, 21 May 2023 21:24:54 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/a41166c89599a6ea2f1ba9a78bb7da?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1684704294486032-553
aff71cc6722b2e370c7c4e856133e
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame F6BC
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/aff71cc6722b2e370c7c4e856133e?gdpr_consent=&gdpr=0
0
684 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/aff71cc6722b2e370c7c4e856133e?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe390d9dd30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 21 May 2023 21:24:54 GMT
Expires
Sun, 21 May 2023 21:24:54 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/aff71cc6722b2e370c7c4e856133e?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1684704294525008-588
v1
match.sharethrough.com/universal/ Frame 41D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.149.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-149-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
v1
match.sharethrough.com/universal/ Frame 854F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.149.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-149-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
v1
match.sharethrough.com/universal/ Frame 4A55 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.149.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-149-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
v1
match.sharethrough.com/universal/ Frame F05E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.149.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-149-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
v1
match.sharethrough.com/universal/ Frame CA8E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.149.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-149-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
v1
match.sharethrough.com/universal/ Frame B049 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.149.75 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-149-75.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
smw888.gif
us.ck-ie.com/ Frame 406D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 21 May 2023 21:24:54 GMT
Server
nginx
smw888.gif
us.ck-ie.com/ Frame 60D8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 21 May 2023 21:24:54 GMT
Server
nginx
smw888.gif
us.ck-ie.com/ Frame 910F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 21 May 2023 21:24:54 GMT
Server
nginx
smw888.gif
us.ck-ie.com/ Frame 59A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 21 May 2023 21:24:54 GMT
Server
nginx
smw888.gif
us.ck-ie.com/ Frame 50F4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 21 May 2023 21:24:54 GMT
Server
nginx
smw888.gif
us.ck-ie.com/ Frame 79C5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.110.114 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sun, 21 May 2023 21:24:54 GMT
Server
nginx
sync
vid.vidoomy.com/ Frame EDF6 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Sun, 21 May 2023 21:24:54 GMT
etag
W/"64243ed7-c28e"
last-modified
Wed, 29 Mar 2023 13:36:23 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
HIT
x-77-nzt
AZySIYjEClv/lgMHAA
x-77-nzt-ray
f6587a1dbe712937268c6a648e150a22
x-77-pop
frankfurtDE
x-accel-date
1684244624
x-accel-expires
@1685281424
x-age
459670
x-cache
HIT
setuid
user-sync.adxpremium.services/ Frame 3E61
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZGqMIafnr1JaVOFSog4XFwAA%262201
86 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZGqMIafnr1JaVOFSog4XFwAA%262201
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
content-length
86
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZGqMIafnr1JaVOFSog4XFwAA%262201
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
JZDFbgINDlnL4b3EFNuO
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 7C1B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
0
90 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe3915a4930f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 21 May 2023 21:24:54 GMT Sun, 21 May 2023 21:24:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
pragma
no-cache
JZDFbgINDlnL4b3EFNuO
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame BEBF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe3915a4b30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 21 May 2023 21:24:54 GMT Sun, 21 May 2023 21:24:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
pragma
no-cache
JZDFbgINDlnL4b3EFNuO
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 0CA7
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe3915a4d30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 21 May 2023 21:24:54 GMT Sun, 21 May 2023 21:24:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
pragma
no-cache
JZDFbgINDlnL4b3EFNuO
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame D3AE
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
0
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe3915a4c30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 21 May 2023 21:24:54 GMT Sun, 21 May 2023 21:24:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
pragma
no-cache
JZDFbgINDlnL4b3EFNuO
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 8E81
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe3915a4e30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 21 May 2023 21:24:54 GMT Sun, 21 May 2023 21:24:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
pragma
no-cache
urlsvid.json
vpaid.vidoomy.com/sync/ Frame EDF6 		1 KB
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::11 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Sun, 21 May 2023 21:24:54 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
470644
x-accel-date
1684233650
x-77-nzt
AcO1rydErh7/dC4HAA
x-accel-expires
@1685270450
last-modified
Wed, 29 Mar 2023 10:31:18 GMT
server
CDN77-Turbo
etag
W/"64241376-446"
x-77-nzt-ray
25b02131a738e6a0268c6a645f1d8f27
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
JZDFbgINDlnL4b3EFNuO
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 594E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7cafe3918a8d30f4-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:54 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 21 May 2023 21:24:54 GMT Sun, 21 May 2023 21:24:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/JZDFbgINDlnL4b3EFNuO?pi=smilewanted
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6348 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=48771
content-encoding
gzip
content-length
5554
content-type
text/html
date
Sun, 21 May 2023 21:24:54 GMT
expires
Mon, 22 May 2023 10:57:45 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 3E61 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 May 2023 21:24:54 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
user-sync.adxpremium.services/ Frame 4D1E 		86 B
836 B 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=227EFB13-0300-4E8A-A54E-65179FF0E58E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Sun, 21 May 2023 21:24:54 GMT
ee09c4fc-f81d-11ed-a1c4-002590c82437
an.yandex.ru/mapuid/adsniperis/ Frame 6898
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARimmKqjBqIBEO4JxPz4HRHtocQAJZDIJDc*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=ee09c4fc-f81d-11ed-a1c4-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=ee09c4fc-f81d-11ed-a1c4-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=8Ric515DVCyrfg%2Bl%2FYWApQ&
  • https://an.yandex.ru/mapuid/adsniperis/ee09c4fc-f81d-11ed-a1c4-002590c82437
  • https://an.yandex.ru/mapuid/adsniperis/ee09c4fc-f81d-11ed-a1c4-002590c82437?redir-setuniq=1
43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adsniperis/ee09c4fc-f81d-11ed-a1c4-002590c82437?redir-setuniq=1
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 21 May 2023 21:24:55 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 21 May 2023 21:24:55 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sun, 21 May 2023 21:24:55 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/adsniperis/ee09c4fc-f81d-11ed-a1c4-002590c82437?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 21 May 2023 21:24:55 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 3E61 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
user-sync.adxpremium.services/ Frame 3E61
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=3743094787952999567
86 B
952 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=3743094787952999567
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=3743094787952999567
date
Sun, 21 May 2023 21:24:54 GMT
server
nginx
content-length
0
content-type
text/plain
SPug
simage4.pubmatic.com/AdServer/ Frame D060 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 48CE 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D25db92053c080c79%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.html
eus.rubiconproject.com/ Frame 65F1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=215e4620-cedb-528e-a1f0-42f0c59aced0&CACHEBUSTER=950092
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Sun, 21 May 2023 21:24:55 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 21 May 2023 21:24:55 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 65F1 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.201.255.110 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-255-110.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
fbd313762cb3406cf59cfd0cb482fccf9b76f79ccbb80caf324ce80cf465eb8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:55 GMT
content-encoding
gzip
last-modified
Sun, 21 May 2023 04:27:12 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=25328
content-length
10085
expires
Mon, 22 May 2023 04:27:03 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 65F1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=btwnex&us_privacy=1---&khaos=LHXXFOBQ-28-MCUH
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
950092
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 6898
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/950092
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/950092
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/950092
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software
ms-counter-4.0.4/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:55 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-4.0.4/1.22.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:55 GMT
strict-transport-security
max-age=2678400
server
ms-counter-4.0.4/1.22.1
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/950092
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
avw.gif
c.4dex.io/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=andbeyond30016&evt=exp_chg&pv_id=227d8ad8-fd46-4628-9500-a9b22639afe8&adu_el_id=andbeyond30016&v=1&tz_off=0&js_late=1&js_ts=1684704288330&size=300x250&pbjs_sizes=300x250%2C200x200%2C250x250%2C200x200&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=6016&pg_durat=0&pg_paused=0&pg_exp=0&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-34&clk_time=&reset=0&adsrv_adu_exp=6017&navs_ts=1684704285603&trgr_ts=1684704289487&init_ts=1684704289488&start_ts=1684704289488&reset_ts=&vsbl_ts=1684704290644&adsrv_vsbl_ts=1684704290590&auct_id=3cfe0474-3c5f-48fa-a052-e39e9c87d584&featv=_&pg_dims=1600x4065&vp_dims=1600x1200&u_ts=1684704288&dom_l=1271&pn=1&adu_pos=1167x586&dvc=2&os=windows&brwsr=chrome&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=responsive&org_id=1056&pgtyp=&plcmt=andbeyond30016&site=khaleejtimes-com&subcat=&adsrv=dfp&adsrv_advrt_id=5067246141&adsrv_cmpgn_id=2906230027&adsrv_crea_id=138402262257&adsrv_empty=0&adsrv_lnitem_id=6096372437&adsrv_size=300x250&adgjsv=1.16.2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:55 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
user-sync
sync.adkernel.com/ Frame 6898
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=215e4620-cedb-528e-a1f0-42f0c59aced0&expires=60
  • https://sync.adkernel.com/user-sync?dsp=336050&t=image&uid=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
42 B
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=336050&t=image&uid=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:24:55 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

location
//sync.adkernel.com/user-sync?dsp=336050&t=image&uid=0bc226ec-00c9-4392-8f4c-1f7a26a8640e
date
Sun, 21 May 2023 21:24:55 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
onetag-sys.com/usync/ Frame 1066 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=215e4620-cedb-528e-a1f0-42f0c59aced0&CACHEBUSTER=950092
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
pbscookie
a.vidoomy.com/api/rtbserver/ Frame EDF6
Redirect Chain
  • https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%24UID%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dadf
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=3743094787952999567&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
0
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=3743094787952999567&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
18.192.19.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-19-216.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 May 2023 21:24:56 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

Redirect headers

location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=3743094787952999567&vid=a6f37f0123013099a595be2217fc435a&dspid=adf
date
Sun, 21 May 2023 21:24:56 GMT
server
nginx
content-length
0
content-type
text/plain
pbscookie
a.vidoomy.com/api/rtbserver/ Frame EDF6
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3Da6f37f0123013099a595be2217fc435a%26dspid%3Dopenx
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=cb8b4ec9-455e-4036-a028-b8109ceccf4e&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
0
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=cb8b4ec9-455e-4036-a028-b8109ceccf4e&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H2
Server
18.192.19.216 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-19-216.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 May 2023 21:24:56 GMT
access-control-expose-headers
X-VD-C
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS

Redirect headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:56 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=cb8b4ec9-455e-4036-a028-b8109ceccf4e&vid=a6f37f0123013099a595be2217fc435a&dspid=openx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
sync.php
pixel.rubiconproject.com/exchange/ Frame EDF6 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
collect
www.google-analytics.com/j/ Frame 1F1C 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1412663305&t=event&_s=1&dl=https%3A%2F%2Fio.jogo.studio%2Frender%2F889ab751-64e1-48d1-b311-5e03be70a349%3Fgame_id%3D8d47f80f-e65a-4571-95db-6d9e11238e90&dr=https%3A%2F%2Fwww.khaleejtimes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x340&je=0&ec=JOGO%20-%207dbe53bf-68cd-414e-B300-672a99a7eb9d&ea=JOGO_PLAYER_INTERVAL%20-%20889ab751-64e1-48d1-B311-5e03be70a349%20-%207dbe53bf-68cd-414e-B300-672a99a7eb9d&el=Teasers%20-%208d47f80f-E65a-4571-95db-6d9e11238e90&_u=KEDAAAABAAAAACAAAC~&jid=156645608&gjid=1251379156&cid=1971273063.1684704288&tid=UA-228403240-1&_gid=632581338.1684704288&_r=1&_slc=1&z=1423174645
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://io.jogo.studio/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:24:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://io.jogo.studio
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame 1F1C 		1 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-228403240-1&cid=1971273063.1684704288&jid=156645608&gjid=1251379156&_gid=632581338.1684704288&_u=KEDAAAAAAAAAACAAAC~&z=286223525
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://io.jogo.studio/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 21 May 2023 21:24:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://io.jogo.studio
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
user-sync.adxpremium.services/ Frame EDF6 		86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=a6f37f0123013099a595be2217fc435a
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.163.79 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3190286.ip-135-125-163.eu
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
86
content-type
image/png
date
Sun, 21 May 2023 21:24:58 GMT
NRJS-004eae0ecd9d1313a6a
bam.nr-data.net/events/1/ Frame CC17 		24 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/NRJS-004eae0ecd9d1313a6a?a=1771017370&v=1.232.0&to=YgdWZxRWW0NVW0JfDFtNYUEPGEFCVVtdUxEaD11dDxlFWEQ%3D&rst=11345&ck=0&s=0&ref=https://coronaliveupdates.khaleejtimes.com/tracker/mini.php
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.ad3273bd-1.232.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://coronaliveupdates.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
text/plain

Response headers

date
Sun, 21 May 2023 21:24:59 GMT
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
content-type
image/gif
access-control-allow-origin
https://coronaliveupdates.khaleejtimes.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
x-served-by
cache-fra-eddf8230138-FRA
view
securepubads.g.doubleclick.net/pcs/ Frame 22B3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4HOvv-8bckiK_K20mTAFwJG7M7K5JnwAHoqdR7U83wqm5Xj3WETuEjhQKKlo-94PZnDvm_9BGeN0CCT_swFj4xK3bAapw5OrUX17-ZDJ1mR5Pzmh1fMZ3pLzLXcdyWI6msS6w3n2dOTT_-LChHdDGT1M2hJfuyJ-VP2_YjSzKG8bipaCD6Ax6SlfexmV9miwdOfNj5DeB3pt5TFtqKScW9q4TGeckw20jwL5CjoNDdcVzU2nPwconRZR8VXWILOaQw_xEcT049feh_iG8oRaYtZdAsAa78BorAybWv2Lf5hraIiepXuR2eDAg7yek0utHwpq7LKzH_CLhwnOwwSPkoA&sai=AMfl-YQAmR_ETGklqaCZZdD4ceda1WQr-C-51LUDMKkr0aKR3KHSja3IN-hA6NKj02ymmce3g05qnX9r6xQbYLFmZOAy2SifxpLcHpINNu_rR2mg-7IUE1r46RhcSA5cCJM&sig=Cg0ArKJSzLqYOkHNaIKyEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:24:59 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 21 May 2023 21:24:59 GMT
avw.gif
c.4dex.io/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=andbeyond30016&evt=exp_chg&pv_id=227d8ad8-fd46-4628-9500-a9b22639afe8&adu_el_id=andbeyond30016&v=2&tz_off=0&js_late=1&js_ts=1684704288330&size=300x250&pbjs_sizes=300x250%2C200x200%2C250x250%2C200x200&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=11067&pg_durat=0&pg_paused=0&pg_exp=0&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-34&clk_time=&reset=0&adsrv_adu_exp=11068&navs_ts=1684704285603&trgr_ts=1684704289487&init_ts=1684704289488&start_ts=1684704289488&reset_ts=&vsbl_ts=1684704290644&adsrv_vsbl_ts=1684704290590&auct_id=3cfe0474-3c5f-48fa-a052-e39e9c87d584&featv=_&pg_dims=1600x4065&vp_dims=1600x1200&u_ts=1684704288&dom_l=1271&pn=1&adu_pos=1167x586&dvc=2&os=windows&brwsr=chrome&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=responsive&org_id=1056&pgtyp=&plcmt=andbeyond30016&site=khaleejtimes-com&subcat=&adsrv=dfp&adsrv_advrt_id=5067246141&adsrv_cmpgn_id=2906230027&adsrv_crea_id=138402262257&adsrv_empty=0&adsrv_lnitem_id=6096372437&adsrv_size=300x250&adgjsv=1.16.2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:25:00 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
index_0_250_00002.ts
stream.playstream.media/storage/videos/2dc152e2-61f0-498a-9671-672b6cd21f19/ 		537 KB
538 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.playstream.media/storage/videos/2dc152e2-61f0-498a-9671-672b6cd21f19/index_0_250_00002.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
e67c6d1c9388b13b787802bb67c2370cbc64049881f1882ea3489ffd917ceac6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:25:00 GMT
cdn-edgestorageid
1053
cdn-cachedat
05/03/2023 07:47:48
cdn-pullzone
1024237
content-length
549712
last-modified
Wed, 03 May 2023 07:33:18 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"64520e3e-86350"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
3a1c543121d3b8cb434150d08acbdedc
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
ctrack
track1.avplayer.com/ 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.avplayer.com/ctrack?pt=2&d66=8.3.7&d74=&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&pid=631834db55e9564951409ee5&cid=631aed0efe3b5c12d06b24f5&r=www.khaleejtimes.com&sn=&cd1=&app=&test=&cb=1684704299320
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.214.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-214-156.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 May 2023 21:25:03 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
index.m3u8
streaming.playstream.media/storage/videos/a7b44d91-81b7-4413-97c9-bf0cb5988b28/ 		111 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/a7b44d91-81b7-4413-97c9-bf0cb5988b28/index.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
3df260f4102e83ae69e3bd6e0f028bebb46b4cefd8a64276593b650934037f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:25:04 GMT
cdn-edgestorageid
874
cdn-cachedat
05/03/2023 07:46:57
cdn-pullzone
1024237
content-length
111
last-modified
Wed, 03 May 2023 07:33:15 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"64520e3b-6f"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
1c9b9aee32320ff2d1e7f04fecbe4727
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
index_0_250.m3u8
streaming.playstream.media/storage/videos/a7b44d91-81b7-4413-97c9-bf0cb5988b28/ 		709 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/a7b44d91-81b7-4413-97c9-bf0cb5988b28/index_0_250.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
546d8b0057fd1b0d05d29654e6d424748e7a1cceb38edb1e059a6c00b1e2c766

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:25:04 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-cachedat
05/03/2023 07:47:07
cdn-pullzone
1024237
last-modified
Wed, 03 May 2023 07:33:15 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"64520e3b-2c5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
feac477399b8027bce4f391dd03491ce
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
index_0_250_00000.ts
streaming.playstream.media/storage/videos/a7b44d91-81b7-4413-97c9-bf0cb5988b28/ 		577 KB
578 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/a7b44d91-81b7-4413-97c9-bf0cb5988b28/index_0_250_00000.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
1b0cddecc0dce425a4f092c07fbda34eb5a0b649529eb7ae9a97f7c09f8e7fba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:25:04 GMT
cdn-edgestorageid
863
cdn-cachedat
05/03/2023 07:47:46
cdn-pullzone
1024237
content-length
591072
last-modified
Wed, 03 May 2023 07:32:56 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"64520e28-904e0"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
354770f0b532dad0729df40870b6059b
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
b0a1c1fa-bec4-4723-ab6a-9c75100b1843
https://www.khaleejtimes.com/ 		94 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.khaleejtimes.com/b0a1c1fa-bec4-4723-ab6a-9c75100b1843
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd2df0fff950bce978c27cee54ed6e14e5e90d9e7f1829ab56da3fb21025ec48

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
96496
Content-Type
text/javascript
avw.gif
c.4dex.io/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=andbeyond30016&evt=exp_chg&pv_id=227d8ad8-fd46-4628-9500-a9b22639afe8&adu_el_id=andbeyond30016&v=3&tz_off=0&js_late=1&js_ts=1684704288330&size=300x250&pbjs_sizes=300x250%2C200x200%2C250x250%2C200x200&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=16116&pg_durat=0&pg_paused=0&pg_exp=0&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-34&clk_time=&reset=0&adsrv_adu_exp=16117&navs_ts=1684704285603&trgr_ts=1684704289487&init_ts=1684704289488&start_ts=1684704289488&reset_ts=&vsbl_ts=1684704290644&adsrv_vsbl_ts=1684704290590&auct_id=3cfe0474-3c5f-48fa-a052-e39e9c87d584&featv=_&pg_dims=1600x4065&vp_dims=1600x1200&u_ts=1684704288&dom_l=1271&pn=1&adu_pos=1167x586&dvc=2&os=windows&brwsr=chrome&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=responsive&org_id=1056&pgtyp=&plcmt=andbeyond30016&site=khaleejtimes-com&subcat=&adsrv=dfp&adsrv_advrt_id=5067246141&adsrv_cmpgn_id=2906230027&adsrv_crea_id=138402262257&adsrv_empty=0&adsrv_lnitem_id=6096372437&adsrv_size=300x250&adgjsv=1.16.2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:25:05 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
index_0_250_00001.ts
streaming.playstream.media/storage/videos/a7b44d91-81b7-4413-97c9-bf0cb5988b28/ 		541 KB
542 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/a7b44d91-81b7-4413-97c9-bf0cb5988b28/index_0_250_00001.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
6a384986c342e61a197f612594a55ebeafb67528a2532990aa8133564bc61af6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:25:06 GMT
cdn-edgestorageid
1079
cdn-cachedat
05/03/2023 07:47:58
cdn-pullzone
1024237
content-length
554224
last-modified
Wed, 03 May 2023 07:32:57 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"64520e29-874f0"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
ac02f35a4b9ab7a9a7cc6832c60638a3
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
collect
www.google-analytics.com/ Frame 1F1C 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1412663305&t=event&_s=2&dl=https%3A%2F%2Fio.jogo.studio%2Frender%2F889ab751-64e1-48d1-b311-5e03be70a349%3Fgame_id%3D8d47f80f-e65a-4571-95db-6d9e11238e90&dr=https%3A%2F%2Fwww.khaleejtimes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x340&je=0&ec=JOGO%20-%207dbe53bf-68cd-414e-B300-672a99a7eb9d&ea=JOGO_PLAYER_INTERVAL%20-%20889ab751-64e1-48d1-B311-5e03be70a349%20-%207dbe53bf-68cd-414e-B300-672a99a7eb9d&el=Teasers%20-%208d47f80f-E65a-4571-95db-6d9e11238e90&_u=KEDAAAABAAAAACAAAC~&jid=&gjid=&cid=1971273063.1684704288&tid=UA-228403240-1&_gid=632581338.1684704288&z=1389887582
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 03:55:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62949
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ctrack
track1.avplayer.com/ 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.avplayer.com/ctrack?pt=2&d66=8.3.7&d74=&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&pid=631834db55e9564951409ee5&cid=631aed0efe3b5c12d06b24f5&r=www.khaleejtimes.com&sn=&cd1=&app=&test=&cb=1684704308738
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.214.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-214-156.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 May 2023 21:25:09 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
avw.gif
c.4dex.io/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=andbeyond30016&evt=exp_chg&pv_id=227d8ad8-fd46-4628-9500-a9b22639afe8&adu_el_id=andbeyond30016&v=4&tz_off=0&js_late=1&js_ts=1684704288330&size=300x250&pbjs_sizes=300x250%2C200x200%2C250x250%2C200x200&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=21166&pg_durat=0&pg_paused=0&pg_exp=0&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-34&clk_time=&reset=0&adsrv_adu_exp=21167&navs_ts=1684704285603&trgr_ts=1684704289487&init_ts=1684704289488&start_ts=1684704289488&reset_ts=&vsbl_ts=1684704290644&adsrv_vsbl_ts=1684704290590&auct_id=3cfe0474-3c5f-48fa-a052-e39e9c87d584&featv=_&pg_dims=1600x4065&vp_dims=1600x1200&u_ts=1684704288&dom_l=1271&pn=1&adu_pos=1167x586&dvc=2&os=windows&brwsr=chrome&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=responsive&org_id=1056&pgtyp=&plcmt=andbeyond30016&site=khaleejtimes-com&subcat=&adsrv=dfp&adsrv_advrt_id=5067246141&adsrv_cmpgn_id=2906230027&adsrv_crea_id=138402262257&adsrv_empty=0&adsrv_lnitem_id=6096372437&adsrv_size=300x250&adgjsv=1.16.2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:25:10 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
ctrack
track1.avplayer.com/ 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.avplayer.com/ctrack?pt=2&d66=8.3.7&d74=&stagid=631aee2ff1cefe19794600a6&stplid=631b0172f36a5539bb36a6c9&pid=631834db55e9564951409ee5&cid=631aed0efe3b5c12d06b24f5&r=www.khaleejtimes.com&sn=&cd1=&app=&test=&cb=1684704309630
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.214.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-214-156.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 21 May 2023 21:25:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
index_0_250_00002.ts
streaming.playstream.media/storage/videos/a7b44d91-81b7-4413-97c9-bf0cb5988b28/ 		529 KB
530 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/a7b44d91-81b7-4413-97c9-bf0cb5988b28/index_0_250_00002.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
90045a507d558e8e0c704f6fb12d937eaacb250122743b5903388e474103971e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:25:15 GMT
cdn-edgestorageid
1075
cdn-cachedat
05/03/2023 07:47:59
cdn-pullzone
1024237
content-length
542004
last-modified
Wed, 03 May 2023 07:32:58 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"64520e2a-84534"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
8c314b3ad7722150fc9f315c5875fb02
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
avw.gif
c.4dex.io/ 		0
16 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/avw.gif?adu_code=andbeyond30016&evt=exp_chg&pv_id=227d8ad8-fd46-4628-9500-a9b22639afe8&adu_el_id=andbeyond30016&v=5&tz_off=0&js_late=1&js_ts=1684704288330&size=300x250&pbjs_sizes=300x250%2C200x200%2C250x250%2C200x200&is_pbjs_size=1&is_iab_size=1&msrbl=1&adu_exp=26216&pg_durat=0&pg_paused=0&pg_exp=0&vsbl=1&adsrv_vsbl=1&adsrv_att_delta=-34&clk_time=&reset=0&adsrv_adu_exp=26217&navs_ts=1684704285603&trgr_ts=1684704289487&init_ts=1684704289488&start_ts=1684704289488&reset_ts=&vsbl_ts=1684704290644&adsrv_vsbl_ts=1684704290590&auct_id=3cfe0474-3c5f-48fa-a052-e39e9c87d584&featv=_&pg_dims=1600x4065&vp_dims=1600x1200&u_ts=1684704288&dom_l=1271&pn=1&adu_pos=1167x586&dvc=2&os=windows&brwsr=chrome&url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&sess_lngth=1&avg_sess_lngth=1&sess_cnt=1&rfr_fqdn=&prv_pgtyp=null&cat=&env=responsive&org_id=1056&pgtyp=&plcmt=andbeyond30016&site=khaleejtimes-com&subcat=&adsrv=dfp&adsrv_advrt_id=5067246141&adsrv_cmpgn_id=2906230027&adsrv_crea_id=138402262257&adsrv_empty=0&adsrv_lnitem_id=6096372437&adsrv_size=300x250&adgjsv=1.16.2
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:25:15 GMT
via
1.1 google
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
-1
collect
www.google-analytics.com/ Frame 1F1C 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1412663305&t=event&_s=3&dl=https%3A%2F%2Fio.jogo.studio%2Frender%2F889ab751-64e1-48d1-b311-5e03be70a349%3Fgame_id%3D8d47f80f-e65a-4571-95db-6d9e11238e90&dr=https%3A%2F%2Fwww.khaleejtimes.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x340&je=0&ec=JOGO%20-%207dbe53bf-68cd-414e-B300-672a99a7eb9d&ea=JOGO_PLAYER_INTERVAL%20-%20889ab751-64e1-48d1-B311-5e03be70a349%20-%207dbe53bf-68cd-414e-B300-672a99a7eb9d&el=Teasers%20-%208d47f80f-E65a-4571-95db-6d9e11238e90&_u=KEDAAAABAAAAACAAAC~&jid=&gjid=&cid=1971273063.1684704288&tid=UA-228403240-1&_gid=632581338.1684704288&z=1466351450
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://io.jogo.studio/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 May 2023 03:55:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62959
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
index.m3u8
streaming.playstream.media/storage/videos/aff53eb5-9b33-4956-94e6-71071e5f1290/ 		114 B
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/aff53eb5-9b33-4956-94e6-71071e5f1290/index.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
5fdb0298d0bdeeabd83e69ec84301892f631596878cfb91da4a19f3cc1db1a39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:25:19 GMT
cdn-edgestorageid
1053
cdn-cachedat
05/03/2023 07:46:48
cdn-pullzone
1024237
content-length
114
last-modified
Wed, 03 May 2023 07:33:35 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"64520e4f-72"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
3e25d2b21fedc2132bbabcb3ce781d88
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
index_0_250.m3u8
streaming.playstream.media/storage/videos/aff53eb5-9b33-4956-94e6-71071e5f1290/ 		866 B
913 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/aff53eb5-9b33-4956-94e6-71071e5f1290/index_0_250.m3u8
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
721c395f361ccac04ea0faa6d747cd7dfc31e002b87bd40281f8abd2f6e4ce9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:25:19 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-cachedat
05/03/2023 07:46:49
cdn-pullzone
1024237
last-modified
Wed, 03 May 2023 07:33:35 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
W/"64520e4f-362"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
739f6dca23823cb21f1095d717758fad
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
index_0_250_00000.ts
streaming.playstream.media/storage/videos/aff53eb5-9b33-4956-94e6-71071e5f1290/ 		552 KB
553 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/aff53eb5-9b33-4956-94e6-71071e5f1290/index_0_250_00000.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
5b04395b2ea6978c0408aa21f0ae2e839f0998277fc6132280ce5d8c0ca10048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:25:19 GMT
cdn-edgestorageid
863
cdn-cachedat
05/03/2023 07:47:39
cdn-pullzone
1024237
content-length
565128
last-modified
Wed, 03 May 2023 07:33:04 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"64520e30-89f88"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
2a01ca05c0f7a15888d2aca5989663b6
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
4d3dfc95-b40a-4456-bd9c-247340697b4d
https://www.khaleejtimes.com/ 		94 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.khaleejtimes.com/4d3dfc95-b40a-4456-bd9c-247340697b4d
Requested by
Host: www.khaleejtimes.com
URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd2df0fff950bce978c27cee54ed6e14e5e90d9e7f1829ab56da3fb21025ec48

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Length
96496
Content-Type
text/javascript
csync
sync.adtelligent.com/ Frame 13D4 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=227EFB13-0300-4E8A-A54E-65179FF0E58E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr={gdpr]&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Sun, 21 May 2023 21:25:19 GMT
Etag
e0cb5ef3b15a5a54
Server
Adtelligent
index_0_250_00001.ts
streaming.playstream.media/storage/videos/aff53eb5-9b33-4956-94e6-71071e5f1290/ 		483 KB
484 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.playstream.media/storage/videos/aff53eb5-9b33-4956-94e6-71071e5f1290/index_0_250_00001.ts
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
303993a36d0ea4e23a789c07d0d88096946be6ed9e488a7497031bc38f05991f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 May 2023 21:25:19 GMT
cdn-edgestorageid
874
cdn-cachedat
05/03/2023 07:48:05
cdn-pullzone
1024237
content-length
494252
last-modified
Wed, 03 May 2023 07:33:05 GMT
server
BunnyCDN-DE1-1053
cdn-proxyver
1.03
cdn-requestpullcode
200
etag
"64520e31-78aac"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
6740a699-531f-4e34-81bd-7039b1357022
cache-control
max-age=315360000
cdn-requestid
422e718d4102ac871faf5d9b8333326a
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Authorization, Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
cdn-status
200
expires
Thu, 31 Dec 2037 23:55:55 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 56CB 		0
0
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&pid=pEHe0pRRQ2csw&cb=0&ws=1600x1200&v=23.505.1627&t=4000&slots=%5B%7B%22sd%22%3A%22andbeyond9702506%22%2C%22s%22%3A%5B%22970x250%22%2C%22300x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F21751243814%2C78059622%2F537953-970-250-6%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!andbeyond.media%2C11200%2C1%2C%2C%2C&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.208.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-208-109.bcn50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:25:20 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 da8734ab8270f317b30b394eff192dc2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BCN50-P1
x-amz-rid
65WJD06ZS9GWGWV7PQNF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
bSpkfL8GPKjJWP9_HG0VznAet8SuKKB9uHYIeuGm2w-gCCibEcaNfQ==
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:25:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cafe431f9aa30f4-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:25:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cafe431f9ae30f4-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:25:19 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=4000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.70.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-70-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:25:20 GMT
accept-ch
sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version
x-auction-status
29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb1.adtelligent.com/v2/auction/ 		0
0
v1
prg-apac.smartadserver.com/prebid/ 		297 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
fa2910f1c2bf0682e4a1364d92d1c025db7640b0f640c60b88e71b3fbac7f3c4

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:25:20 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		297 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
fa2910f1c2bf0682e4a1364d92d1c025db7640b0f640c60b88e71b3fbac7f3c4

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:25:20 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		120 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacea6a925ae57f35053fcd83d6a5921e4872081f340864c004642cfec535c3

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 21 May 2023 21:25:20 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Duplicate adUnitCode: andbeyond9702506, Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cafe431f9815caa-FRA
expires
0
bid-request
a.teads.tv/hb/ 		16 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:25:20 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 21 May 2023 21:25:20 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=411704&zone_id=2315204&size_id=57&rp_schain=1.0,1!andbeyond.media,11200,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tk_flint=rtbpbjs_lite_v7.19.0&x_source.tid=67c6d812-7a4d-41bc-ad63-d8a55edc5f1c&l_pb_bid_id=296286badf102802&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.02816738710262512
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0cd0682315a4a3e9e8eb36324c7a5073ad1fb7945b24bb13159c7ecf2e449494

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:25:20 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=411704&zone_id=2315204&size_id=57&rp_schain=1.0,1!andbeyond.media,11200,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tk_flint=rtbpbjs_lite_v7.19.0&x_source.tid=defae54f-3ef9-487f-93e9-e1ba98bb52ac&l_pb_bid_id=2976f61b1dd26a82&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9626434663303676
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e4b549c1007cb2dc4b48e0e62338ba27d272c99417ceac113b63043d5690af79

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:25:20 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:25:20 GMT
AN-X-Request-Uuid
d61c3fa2-0d34-4efc-b15e-574027817441
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		73 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=67c6d812-7a4d-41bc-ad63-d8a55edc5f1c%2Cdefae54f-3ef9-487f-93e9-e1ba98bb52ac&nocache=1684704320321&id5id=0&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=970x250%7C970x250&divids=andbeyond9702506%2Candbeyond9702506&aucs=%2C&auid=556673179%2C556673179&aumfs=10%2C10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2da0a375b2c041e595af23f3ffd657368aca9a5c8750994c46108da080870067

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:25:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:25:20 GMT
AN-X-Request-Uuid
8176dea3-fe9c-4ad5-9aaa-75e51e79a94a
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:25:20 GMT
AN-X-Request-Uuid
5a6a245f-2041-4f47-a9b9-1f012280d22e
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
prebid.media.net/rtb/ 		338 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
854516174a5fbe4be4946391fafe41ba180e691e3d2f47b4285b9a63834a3670

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:25:20 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sun, 21 May 2023 21:25:20 GMT
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
d49c7bd624fb9885d1cc61bfbabd7e7d7a2a833c764baeca10cda5167f522f5b

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:25:20 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1984
Expires
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
0
hbjson
grid.bidswitch.net/ 		25 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.203.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-203-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
daf2c1dc6baed2b1956e43aa386452a2ad5185072c3b8d1794bf82918c4b5b45

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:25:20 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-length
50
content-type
application/json
cdb
bidder.criteo.com/ 		18 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=185&av=34&wv=7.19.0&bundle=-7RiQ185NE1tdFZla2l3RTlxdVZvdWIzanlQbXNIUWwyQ0JrNnZ1YiUyQjl0YVdYNW02R3BQUTA1Q3RxNjl5bjRMbkV1YVU3JTJGNzNTclhYa1ZobG9pYUw4eEp1Sk9VdVNLZ0U3Z2hLYktBMlhTRGJKNHV3MzhOVTFiRGhmZ0NxV2s3SzRTWCUyQmliTUk2bVdYMmRXOTVDWThPQTdmakdmWHZ2RnhOYVk0U1J1bTY3Uk1IdkElM0Q&cb=50538816600
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:25:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid-request
onetag-sys.com/ 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:25:20 GMT
AN-X-Request-Uuid
88643312-88f2-461b-88b1-c94c6976a58f
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5556 		0
0
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&pid=pEHe0pRRQ2csw&cb=1&ws=1600x1200&v=23.505.1627&t=4000&slots=%5B%7B%22sd%22%3A%22andbeyond30016%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21751243814%2C78059622%2F537953-300-250-16%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&schain=1.0%2C1!andbeyond.media%2C11200%2C1%2C%2C%2C&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.208.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-208-109.bcn50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.khaleejtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sun, 21 May 2023 21:25:20 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 da8734ab8270f317b30b394eff192dc2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
BCN50-P1
x-amz-rid
T203TCF9MEG2AT0FPAZH
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
OW7iN8x2xsm2xS_EQ566YvUzxG-DnuYLTetJBWYTmh3kdQQCXsEalA==
events
bidder.criteo.com/csm/ 		0
221 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 21 May 2023 21:25:20 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		0
0
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:25:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cafe432ba5130f4-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:25:20 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7cafe432ba5430f4-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 North Holland, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:25:20 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.19.0&referrer=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tmax=4000
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.70.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-70-167.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:25:20 GMT
accept-ch
sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme
x-auction-status
29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb2.adtelligent.com/v2/auction/ 		0
0
v1
prg-apac.smartadserver.com/prebid/ 		297 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
fa2910f1c2bf0682e4a1364d92d1c025db7640b0f640c60b88e71b3fbac7f3c4

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:25:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg-apac.smartadserver.com/prebid/ 		297 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.64 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
fa2910f1c2bf0682e4a1364d92d1c025db7640b0f640c60b88e71b3fbac7f3c4

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:25:19 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		120 B
253 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef05066aab8f0beabb4a3d108d25fb490bbb700466c03c68f903dcff876840af

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Sun, 21 May 2023 21:25:20 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Duplicate adUnitCode: andbeyond30016, Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: andbeyond30016, Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7cafe432ba405caa-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:25:20 GMT
AN-X-Request-Uuid
e0a5d5e6-1354-47b6-94b1-ee342611d529
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		73 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c4bf625b-c104-4572-8b7b-f6e088719948%2Cabf7ba44-fb3d-4756-865d-deedaa4c9ba5&nocache=1684704320436&id5id=0&schain=1.0%2C1!rtbdemand.com%2C22018%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C200x200%7C300x250%2C200x200%2C250x250%2C200x200&divids=andbeyond30016%2Candbeyond30016&aucs=%2C&auid=556673179%2C556673179&aumfs=10%2C10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
0b9c90deb886fcb8d82ad9547e5d1f79523d10992dbe9220dcef45e51a514dfd

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:25:20 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:25:20 GMT
AN-X-Request-Uuid
c9b9b240-c118-480b-8787-3388e4a619ff
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:25:20 GMT
AN-X-Request-Uuid
2782bd77-7ceb-48e8-b4bc-9e5712c00ce6
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
prebid
prebid.media.net/rtb/ 		338 B
319 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
58ff7b27e54579ad931f12657811868573c1e330c93007e49d898017da175797

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 May 2023 21:25:20 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.khaleejtimes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sun, 21 May 2023 21:25:20 GMT
cdb
bidder.criteo.com/ 		18 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=130&profileId=185&av=34&wv=7.19.0&bundle=-7RiQ185NE1tdFZla2l3RTlxdVZvdWIzanlQbXNIUWwyQ0JrNnZ1YiUyQjl0YVdYNW02R3BQUTA1Q3RxNjl5bjRMbkV1YVU3JTJGNzNTclhYa1ZobG9pYUw4eEp1Sk9VdVNLZ0U3Z2hLYktBMlhTRGJKNHV3MzhOVTFiRGhmZ0NxV2s3SzRTWCUyQmliTUk2bVdYMmRXOTVDWThPQTdmakdmWHZ2RnhOYVk0U1J1bTY3Uk1IdkElM0Q&cb=62899024602
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 May 2023 21:25:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
auction
rtb.adxpremium.services/openrtb2/ 		0
0
bid
ap.lijit.com/rtb/ 		0
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ 		0
0
hbjson
grid.bidswitch.net/ 		25 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.203.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-203-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
1923cc88fd045d592dfb6405cda3a728033bd4a76dd25c0551f9e41b7df8cc72

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.khaleejtimes.com
date
Sun, 21 May 2023 21:25:20 GMT
content-encoding
gzip
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
content-length
50
content-type
application/json
prebid-request
onetag-sys.com/ 		15 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.khaleejtimes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		19 B
990 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid_KT_7.19.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.2 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 21 May 2023 21:25:20 GMT
AN-X-Request-Uuid
d6071400-09ab-4002-bbad-16af61e3a903
Server
nginx/1.23.2
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.khaleejtimes.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.213.155.173; 185.213.155.173; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
events
bidder.criteo.com/csm/ 		0
221 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.130.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.khaleejtimes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 21 May 2023 21:25:19 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.khaleejtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.playstream.media
URL
https://app.playstream.media/js/vod.js?fluid=false&height=250&id=39a202cd-b451-40ea-861c-74fa4cca20f3&width=300&powered_by=&powered_by_url=
Domain
oajs.openx.net
URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&rid=esp
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8GBzwba6VaZ7ya8V7ne5Qo74H71QL_lqy1EbJKCGjnu3QZbicMNTiYoAU1fKFC7nFoJRUp4vcT4Yuqj_bjUsrbls&sig=Cg0ArKJSzNyHmR5SzlUnEAE&id=lidartos&mcvt=30533&p=240,315,490,1285&mtos=30533,30533,30533,30533,30533&tos=30533,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4184082431&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=b&rst=1684704289430&rpt=274&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Domain
ghb1.adtelligent.com
URL
https://ghb1.adtelligent.com/v2/auction/
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
prebid-asia.creativecdn.com
URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHit-sWOb-Tm6jr9t9woiytXv50m8witR9hnrmyHx2sMeZUUZJJ6M0lHDDafKr6MHGnzvPaacw0mL0paBoGaY-oPOGiI4fg0wulJX77Qlwlcrq7G3o&sig=Cg0ArKJSzHB7rqd_yG0sEAE&id=lidartos&mcvt=30684&p=567,1167,817,1467&mtos=30684,30684,30684,30684,30684&tos=30684,0,0,0,0&v=20230517&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1887997246&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=b&rst=1684704289479&rpt=159&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Domain
ssp-sync.criteo.com
URL
https://ssp-sync.criteo.com/user-sync/pixels
Domain
ghb2.adtelligent.com
URL
https://ghb2.adtelligent.com/v2/auction/
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=411704&zone_id=2315196&size_id=15&alt_size_ids=13%2C13%2C14&rp_schain=1.0,1!andbeyond.media,11200,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tk_flint=rtbpbjs_lite_v7.19.0&x_source.tid=c4bf625b-c104-4572-8b7b-f6e088719948&l_pb_bid_id=35642ddd73542c54&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8471073541183891
Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=411704&zone_id=2315196&size_id=15&alt_size_ids=13%2C13%2C14&rp_schain=1.0,1!andbeyond.media,11200,1,,,&eid_id5-sync.com=0%5E1%5E&rf=https%3A%2F%2Fwww.khaleejtimes.com%2Ftech%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&tk_flint=rtbpbjs_lite_v7.19.0&x_source.tid=abf7ba44-fb3d-4756-865d-deedaa4c9ba5&l_pb_bid_id=357e40c990d7821&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&slots=1&rand=0.13451595186078635
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
rtb.adxpremium.services
URL
https://rtb.adxpremium.services/openrtb2/auction
Domain
ap.lijit.com
URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.19.0
Domain
prebid-asia.creativecdn.com
URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Domain
ssp-sync.criteo.com
URL
https://ssp-sync.criteo.com/user-sync/pixels

Verdicts & Comments Add Verdict or Comment

674 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| 51 object| 52 object| 53 object| 54 object| 55 object| 56 boolean| credentialless object| NREUM object| webpackChunkNRBA object| newrelic object| NRBA function| RunClientPrayerTimes undefined| $ function| jQuery object| smartechclient string| SmartechObject function| smartech object| monetateQ undefined| valuez object| VUUKLE_CONFIG string| breadcrumbsection string| breadcrumbsubsection string| articleuuid number| init object| googletag string| adgh_p1 string| adgh_p2 string| adgh_p3 object| adgHdSc string| adgHscParam object| utag_data function| gallerySlideEvent number| NSC_pt_cy number| NSC_pt_cm number| NSC_pt_cd number| NSC_pt_cs object| NCS_fajar_time object| NCS_duhar_time object| NCS_asr_time object| NCS_maghrib_time object| NCS_isha_time function| loadVuukleWidgets object| xdLocalStorage object| XdUtils function| generateUUID function| setCookie function| $lvpl function| vuukleLogin function| newVuukleWidgets object| webpackChunk function| changeVuukleWidgetsTheme number| VUUKLE_PLATFORM function| removeVuukleWidgets function| generateVuukleAds boolean| utag_condload object| utag boolean| __tealium_twc_switch object| utag_cfg_ovrd object| smartech_wnconfig undefined| spaData object| STAPI function| smtReloader object| rtbpbjs string| url22 function| getQueryString_val_new object| lineitemidcode number| adslot88 string| checkdomainurl string| urlbidder number| windowwidthbidder object| activeadunit2 function| refreshBid3 function| refreshBid1x1rtb function| refreshBid1rtb1 function| refreshBid1rtb number| randomvaldatatest2 number| unfillgoogle number| randomvaldatatestand number| smailetest1 number| windowwidth1 function| getPos object| anddebug object| newadunitandbeyond object| seedtag object| newtest1 object| anddebugtest number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| residual number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network string| sitemainurlandbyeond undefined| andbeyondhttp object| myElementrtbtracker object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult number| newunitcallback number| netacuitycpde object| block_url object| and_geo_block number| width number| height number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size1601status number| size1602status number| size1603status number| size1604status number| size1201status number| size1202status number| size1203status number| size1204status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size4681status number| size4682status number| size4683status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 object| activeadunit number| PREBID_TIMEOUT_NEW number| floor number| ref object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| lineitemidtest number| checkdomainrefresh function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| callback0 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| newtagtest object| _vuukleGeo object| ggeac object| google_tag_data object| google_js_reporting_queue string| timezonename object| apstag string| anddevice number| current_time object| adloox_pubint object| ignore object| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| invibes object| mnet undefined| google_measure_js_timing number| intval boolean| apstagLOADED object| apscustom object| _aps function| setImmediate function| clearImmediate object| ID5 object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| MzI0YWQ4Nzc3YWIyYWE3NmxvYWRlcl9qcw== string| MzI0YWQ4Nzc3YWIyYWE3NmNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| pbjs object| __uid2SecureSignalProvider object| __uid2 function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| regeneratorRuntime object| ox_esp object| signal_decrypted object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 function| getAfpadgCurrentDayId string| adgsrvrUrl object| scr object| header object| stickyElem object| mega number| stickyElemBottom number| stickyElemPos number| currStickyPos boolean| afphChildLogger boolean| adg_comscore_flag string| crtg_nid string| crtg_cookiename string| crtg_varname function| crtg_getCookie string| adg_crtg_content number| crtg_rnd object| pubads string| PECGCookie undefined| pbsExp undefined| segmentJson object| targetData string| pbsCookie undefined| pbsjson undefined| segmentsObj undefined| campaigns boolean| tag object| adg_imagedetails object| xhr string| siteScript object| rfphr string| Domainscript string| sitename number| size object| adunit1x1 object| id1 object| andbeyond16011 number| adunit2andbeyond16011 object| andbeyond30015 number| adunit2andbeyond30015 object| andbeyond72810 number| adunit2andbeyond72810 object| andbeyond72833 number| adunit2andbeyond72833 number| diff number| flag2 string| timezone number| hoursssss number| current_hour1 number| d number| current_hour2 number| flaglineitem number| refreshval number| number5 number| factor_session object| adunittest object| andbeyondtemp number| custome_axt string| adunit2 number| iframe1 string| iframeid number| pos number| len string| pos123 string| temp number| sizeunfill300px number| sizeunfill336px number| sizeunfill250px number| sizeunfill0px number| sizeunfill600px number| sizeunfill728px number| sizeunfill90px number| sizeunfill970px number| sizeunfill320px number| sizeunfill50px number| sizeunfill120px number| sizeunfill160px number| sizeunfill240px number| sizeunfill468px number| sizeunfillleader number| sizeunfillleader2 number| sizeunfillgoogle number| sizeunfillinterstitial number| sizeunfillcom5 number| flag string| id string| pos1 number| sponsorandbeyond970250 string| test number| status_bad number| aff number| width1 number| height1 number| width2 string| text object| andbeyond9702506 string| adunit2andbeyond9702506 number| sponsorandbeyond300 object| andbeyond30016 string| adunit2andbeyond30016 object| sas object| apntag object| _ADAGIO number| cpm1 string| mediaType object| teadsscript object| aniplayerPos object| teads object| webpackChunk_aniview_player object| avContentPlayer string| idnew12 object| storageAni number| success number| timeflag string| idnew2 number| knew number| j number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| passivedivgptad16136256448550 number| activedivgptad16136256448550 number| time_refreshunitdivgptad16136256448550 number| nextnumberdivgptad16136256448550 number| newflag number| flagnewone number| passivedivgptad16361139662890 number| activedivgptad16361139662890 number| time_refreshunitdivgptad16361139662890 number| nextnumberdivgptad16361139662890 number| passivedivgptad16371510911520 number| activedivgptad16371510911520 number| time_refreshunitdivgptad16371510911520 number| nextnumberdivgptad16371510911520 number| passivedivgptad16248629444290 number| activedivgptad16248629444290 number| time_refreshunitdivgptad16248629444290 number| nextnumberdivgptad16248629444290 number| passivedivgptad16528574127930 number| activedivgptad16528574127930 number| time_refreshunitdivgptad16528574127930 number| nextnumberdivgptad16528574127930 number| passivedivgptad16528576194980 number| activedivgptad16528576194980 number| time_refreshunitdivgptad16528576194980 number| nextnumberdivgptad16528576194980 number| passivedivgptad16134806274400 number| activedivgptad16134806274400 number| time_refreshunitdivgptad16134806274400 number| nextnumberdivgptad16134806274400 number| passiveandbeyond9702506 number| activeandbeyond9702506 number| time_refreshunitandbeyond9702506 number| nextnumberandbeyond9702506 string| m1html number| passiveandbeyond30015 number| activeandbeyond30015 number| time_refreshunitandbeyond30015 number| nextnumberandbeyond30015 number| passiveandbeyond72833 number| activeandbeyond72833 number| time_refreshunitandbeyond72833 number| nextnumberandbeyond72833 number| passiveandbeyond72810 number| activeandbeyond72810 number| time_refreshunitandbeyond72810 number| nextnumberandbeyond72810 number| passiveandbeyond16011 number| activeandbeyond16011 number| time_refreshunitandbeyond16011 number| nextnumberandbeyond16011 number| passivedivgptad16134810604490 number| activedivgptad16134810604490 number| time_refreshunitdivgptad16134810604490 number| nextnumberdivgptad16134810604490 number| passiveandbeyond30016 number| activeandbeyond30016 number| time_refreshunitandbeyond30016 number| nextnumberandbeyond30016 number| flag56 number| flag34 object| andbeyond3009 number| flag_active number| visible string| zonename object| labelnew string| device object| restrict_bidder object| temp_ar undefined| temp_ar_new object| temp_ar_new1 string| keyname_new string| label_temp object| keyname_temp number| m string| temp_val number| adunit2andbeyond3009 number| widthidandbeyond3009 number| heightidandbeyond3009 string| adunit3 string| temp_caps number| flagvideo number| VIDEOFLAGandbeyond3009 number| flag33 object| ONFOCUS number| videoflag boolean| 00016e22-2a9e-4d5a-a925-3f09efcbf222 boolean| google_empty_script_included number| lnt_z object| criteo_pubtag_prebid_130 object| Criteo_prebid_130 number| passiveandbeyond3009 number| activeandbeyond3009 number| time_refreshunitandbeyond3009 number| nextnumberandbeyond3009 string| context object| videocode number| videounit string| contextvideounit

161 Cookies

Domain/Path Name / Value
.khaleejtimes.com/ Name: visid_incap_1773870
Value: zqJvnu+yQUmV2xymfA013R2MamQAAAAAQUIPAAAAAAC8wTApSKpKVsvghBQtAPho
.khaleejtimes.com/ Name: nlbi_1773870
Value: i3jUazgpPFpH8pziVzlQLAAAAABz5AFpje5t/RxbOHy+AhLh
.khaleejtimes.com/ Name: incap_ses_534_1773870
Value: Xa/qZt8gTiWdP2ScFCdpBx6MamQAAAAA8jOPwKK2ejUyZHozubp7yQ==
www.khaleejtimes.com/ Name: user_sessions
Value: 1
.khaleejtimes.com/ Name: utag_main
Value: v_id:0188403359540015a4db97394a3d03074006106c00b08$_sn:1$_se:1$_ss:1$_st:1684706087062$ses_id:1684704287062%3Bexp-session$_pn:1%3Bexp-session$dcsyncran:1%3Bexp-session
www.khaleejtimes.com/ Name: __sts
Value: eyJzaWQiOjE2ODQ3MDQyODcwOTcsInR4IjoxNjg0NzA0Mjg3MDk3LCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5raGFsZWVqdGltZXMuY29tJTJGdGVjaG5vbG9neSUyRm1pY3Jvc29mdC1zYXlzLWl0LWZvdW5kLW1hbGljaW91cy1zb2Z0d2FyZS1pbi1pdHMtc3lzdGVtcyIsInBldCI6MTY4NDcwNDI4NzA5Nywic2V0IjoxNjg0NzA0Mjg3MDk3fQ==
www.khaleejtimes.com/ Name: __stp
Value: eyJ2aXNpdCI6Im5ldyIsInV1aWQiOiJhOGFhYzA5My1hYzY0LTQ2ZDUtYWNlNS0xMjIwNjk0ZmZhOTQifQ==
www.khaleejtimes.com/ Name: _rtbpbjs_userid_consent_data
Value: 3524755945110770
io.jogo.studio/ Name: _jui
Value: fbd6d458-49bd-4675-1ca8-90927b33b181
www.khaleejtimes.com/ Name: __stdf
Value: MA==
.io.jogo.studio/ Name: _ga
Value: GA1.3.1971273063.1684704288
.io.jogo.studio/ Name: _gid
Value: GA1.3.632581338.1684704288
.criteo.com/ Name: uid
Value: 14ba4d28-1c79-490a-b3eb-42a7b7747006
.khaleejtimes.com/ Name: cto_bundle
Value: -7RiQ185NE1tdFZla2l3RTlxdVZvdWIzanlQbXNIUWwyQ0JrNnZ1YiUyQjl0YVdYNW02R3BQUTA1Q3RxNjl5bjRMbkV1YVU3JTJGNzNTclhYa1ZobG9pYUw4eEp1Sk9VdVNLZ0U3Z2hLYktBMlhTRGJKNHV3MzhOVTFiRGhmZ0NxV2s3SzRTWCUyQmliTUk2bVdYMmRXOTVDWThPQTdmakdmWHZ2RnhOYVk0U1J1bTY3Uk1IdkElM0Q
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.betweendigital.com/ Name: tuuid
Value: 215e4620-cedb-528e-a1f0-42f0c59aced0
.khaleejtimes.com/ Name: __gads
Value: ID=ff43b30b6b4172dc:T=1684704288:S=ALNI_MYpz3mEm-ctRPcFstSdz5R9DDrF1Q
.khaleejtimes.com/ Name: __gpi
Value: UID=00000c19e495ae9f:T=1684704288:RT=1684704288:S=ALNI_MYSFLEA9UfQk8o1h4bauwISk_nLOg
.doubleclick.net/ Name: IDE
Value: AHWqTUm9gTlyvp6pBpRYqfdvmYI1p5HowiF9c1iyoEsgBUnYEzeeikS2LiywwdDdzWo
.rubiconproject.com/ Name: khaos
Value: LHXXFOBQ-28-MCUH
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qrVl5Kj7KaSij5APvdogVCbaTd6KyMQnau+SmvwaNDOnpnncMx4C0PQixkj8gWey35KvDeIdHH6Y3KY++jymV4/EsFpRVO/kNWsETYBZix3Tw==
.adnxs.com/ Name: icu
Value: ChkIiOiFARAKGAEgASgBMKCYqqMGOAFAAUgBEKCYqqMGGAA.
.adnxs.com/ Name: uuid2
Value: 2436496733646849807
.prebid.a-mo.net/ Name: __amc
Value: 5_1684704288_1684704289
.aniview.com/ Name: aniC
Value:
.adtelligent.com/ Name: vmuid
Value: e0cb5ef3b15a5a54
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2E>8do.ct!]tbP6j2F-XstGt!@DdJ$nK`d
ads.us.e-planning.net/ Name: CT
Value: 1
.openx.net/ Name: i
Value: 21f9fe5f-5546-4c28-9172-b0ed79903e3e%7C1684704289
.e-planning.net/ Name: E
Value: AKVN5nn693WGyx1B
.mathtag.com/ Name: uuid
Value: 4dce646a-8c21-4700-bc3b-6d10e335bd91
.zeotap.com/ Name: zc
Value: f432d651-438d-4a12-488a-5d0bab32aa0a
.zeotap.com/ Name: zsc
Value: %2Fa%ABmo%9F%93%A8i%93%845%C4%E8r%AA%E3%C31H%E8%3A%266%1BE%FA%3A%90%EC%09%93y%3D%17%9C%27%EAj%E7%26Js%D4OZ%81%19%83%AB%06%E7%AB%B1%A0%40%AE%10%10%9A%BE%FA%D6%DB%15%FA%1CM6%C10%DCW%11%B1%E3A%B3E%C5X%3B%CC%C7%E4%26%AA%93%F1%22%F9p4%D8%3D%BA%AE%11%EA%074%9C%0F4a%19%B8%28%ED%BA5%D5%DE%B1%1B%9E%A7%3A%E8%7C%04%40t%B4E%FD%B2%8Aw%1C%9D%13%F7%FA%FD%03%11%28%8A%88%B3%A1%1At%BFV2%EE%5D%8E%2C%C7%2B%1Fy7%7BR%7FK%A7%2C%3E%A6%11%10%A49%DDoW
.turn.com/ Name: uid
Value: 7435423427955502766
.casalemedia.com/ Name: CMID
Value: ZGqMIafnr1JaVOFSog4XFwAA
.casalemedia.com/ Name: CMPS
Value: 2201
.casalemedia.com/ Name: CMPRO
Value: 2201
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: b59ac9d5497f7374
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 227EFB13-0300-4E8A-A54E-65179FF0E58E
.adtelligent.com/ Name: a733849
Value: 2436496733646849807
.adtelligent.com/ Name: a584890
Value: 2436496733646849807
.adtelligent.com/ Name: a297253
Value: 2436496733646849807
.creativecdn.com/ Name: u
Value: JZDFbgINDlnL4b3EFNuO
.creativecdn.com/ Name: ts
Value: 1684704289
.adtelligent.com/ Name: a309255
Value: cb8b4ec9-455e-4036-a028-b8109ceccf4e
.quantserve.com/ Name: mc
Value: 646a8c21-c533a-c4d0d-08450
.tapad.com/ Name: TapAd_TS
Value: 1684704289812
.tapad.com/ Name: TapAd_DID
Value: 3607a55c-0d68-4607-a60c-08adbb8446e7
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-71d0441c-488d-4c74-9981-98c0af1a5d92-003%22%7D
.adfarm1.adition.com/ Name: UserID1
Value: 7235749824706050196
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: 214002DBEB96486A800EB4C15C0CF2EC
.console.adtarget.com.tr/ Name: vmuid
Value: 643771586a11b1af
.admanmedia.com/ Name: admtr
Value: b4a77657-9fae-48df-962b-3e6b29bb7c16
.adtelligent.com/ Name: a307971
Value: AKVN5nn693WGyx1B
.console.adtarget.com.tr/ Name: a307080
Value: JZDFbgINDlnL4b3EFNuO
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.adtelligent.com/ Name: a318342
Value: 643771586a11b1af
.demdex.net/ Name: demdex
Value: 78074799062161329934217329638359355741
.adform.net/ Name: uid
Value: 3743094787952999567
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22C4A50221-97C6-495D-AD1D-4B534DC01A55%22%7D
.tidaltv.com/ Name: tidal_ttid
Value: 72995de4-ae21-4bba-a0c1-fef04bfcbddc
.agkn.com/ Name: ab
Value: 0001%3AQrgWQ3Z%2B%2FaE2zv%2FhiLIgricGFflBereC
.weborama.fr/ Name: AFFICHE_W
Value: 1twUJqtDpnrW10
.bidswitch.net/ Name: tuuid
Value: 0bc226ec-00c9-4392-8f4c-1f7a26a8640e
.bidswitch.net/ Name: c
Value: 1684704289
.dpm.demdex.net/ Name: dpm
Value: 78074799062161329934217329638359355741
.adtelligent.com/ Name: a541630
Value: RX-71d0441c-488d-4c74-9981-98c0af1a5d92-003
.de17a.com/ Name: guid
Value: 1.6036709849711314043
.adtelligent.com/ Name: a558003
Value: 227EFB13-0300-4E8A-A54E-65179FF0E58E
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-45d8e49a-f512-37ba-96df-f6d180718235
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmFibmBiZGFpaW4EAIHwrq8QAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MrEwNzY1NrA0MBDiM9TNzS3Mj0r3jsrKjogEAF_GsFQlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1MrEwNzY1NrA0MBDiM9TNzS3Mj0r3jsrKjogEAF_GsFQlAAAA
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:4dce646a-8c21-4700-bc3b-6d10e335bd91&KRTB&16736-uid:4dce646a-8c21-4700-bc3b-6d10e335bd91&KRTB&23019-uid:4dce646a-8c21-4700-bc3b-6d10e335bd91&KRTB&23114-uid:4dce646a-8c21-4700-bc3b-6d10e335bd91
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3743094787952999567&KRTB&23263-3743094787952999567&KRTB&23481-3743094787952999567
.linkedin.com/ Name: bcookie
Value: "v=2&e137c680-3d28-4aae-8d7f-8846327381ca"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODQ3MDQyODk7MjswMjF3Cm05wvK6ptHp9+5a9cyvcKk/SoV2p1O+ebkTJw8pRw==
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2777:u=1:x=1:i=1684704289:t=1684790689:v=2:sig=AQEeDPhRFdLjkn_4vxLpfg1gq-SAhWWl"
.go.sonobi.com/ Name: HAPLB8S
Value: s8753|ZGqMJ
.krxd.net/ Name: _kuid_
Value: PkYDmSyN
.awin1.com/ Name: awpv11842
Value: 296283|1684704290|eb170d90-f81d-11ed-89a2-223974343f8d
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6036709849711314043
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5144588524873530900
.bidswitch.net/ Name: tuuid_lu
Value: 1684704290
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESELTnZlzusHko7Y3kVtljyK8&KRTB&22987-CAESELTnZlzusHko7Y3kVtljyK8&KRTB&23025-CAESELTnZlzusHko7Y3kVtljyK8&KRTB&23386-CAESELTnZlzusHko7Y3kVtljyK8
.awin1.com/ Name: awpv14098
Value: 296283|1684704290|eb18bb41-f81d-11ed-9d45-2261c3620022
.awin1.com/ Name: AWSESS
Value: 429086:2519595
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NrGwtDK0MAIAzjBCqQkAAAA="
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZGqMIgALyP6p8gBL
.khaleejtimes.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_pkJiDlpZPoaaEoeP83s50kHBp7wmoltkO8_wq7q5qnU-6IWqvhG4grVFPTwQHo4911srmtxIaRrPTZVbbbGyVb-m2Iz9mZNdCR6iBMvL07Kix-zAin0CcLwUHBzVjLyEc5V6znHb6xqH6hij67Kck5b0N0A%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1684704290202,"clickCookie":false}}
.fwmrm.net/ Name: _uid
Value: "e5c37_7235749828981065461"
.audrte.com/ Name: arcki2
Value: ha2Su4467gHSJSwjmv90-w9vQ!20220908!1684704290248!ip#185.213.155.173
.audrte.com/ Name: arcki2_pubmatic
Value: 227EFB13-0300-4E8A-A54E-65179FF0E58E!20220908!1684704290252
.amazon-adsystem.com/ Name: ad-id
Value: A_QJZW6jBU2Gnxemj1nlo3w
.audrte.com/ Name: arcki2_ddp2
Value: ha2Su4467gHSJSwjmv90-w9vQ!20220908!1684704290416
.audrte.com/ Name: arcki2_adform
Value: 3743094787952999567!20220908!1684704290550
.pubmatic.com/ Name: DPSync3
Value: 1685836800%3A241_235_227_226_219_197_201_245
.pubmatic.com/ Name: SyncRTB3
Value: 1685836800%3A161_220_204_21_81_214_238_13_54_165_99_251_8_22_234_249_254_56_55_166_233_88_176_243_46_3_7_71%7C1685232000%3A223_2_15%7C1687219200%3A203%7C1685923200%3A35%7C1689811200%3A69%7C1685491200%3A63
.quantserve.com/ Name: d
Value: EN4BEgGFKfijC_vLEA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-k6NJ3530TY-I9EqNlvZS3ZHzT9qIp0eKkKe5aQsB&KRTB&19420-k6NJ3530TY-I9EqNlvZS3ZHzT9qIp0eKkKe5aQsB&KRTB&22979-k6NJ3530TY-I9EqNlvZS3ZHzT9qIp0eKkKe5aQsB&KRTB&23462-k6NJ3530TY-I9EqNlvZS3ZHzT9qIp0eKkKe5aQsB
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2436496733646849807&KRTB&23339-2436496733646849807
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7235749824706050196&KRTB&23369-7235749824706050196
.yahoo.com/ Name: A3
Value: d=AQABBCGMamQCEP8Umue01yKdBL8wBwLslJUFEv__AP8AAAAAAOANyiMAAMAAgA&S=AQAAAn1ZOfcNazxgfvnt0IVic-c
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7435423427955502766&KRTB&23150-7435423427955502766
.ctnsnet.com/ Name: cid_017cdbf9f7df428bb938fd3dc6f50905
Value: 1
.onaudience.com/ Name: cookie
Value: 41b420c4d09502a1
.onaudience.com/ Name: done_redirects147
Value: 1
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_5e613b7e-092c-4995-9532-b79d840f4c93
.csync.loopme.me/ Name: viewer_token
Value: 607aacfc-bd4f-4c73-a835-706006c0de7f
.adsby.bidtheatre.com/ Name: __kuid
Value: c2506c40-e6fc-457f-a1bd-710d19cdf3a1.453918292
ads.playground.xyz/ Name: connect.sid
Value: s%3ATIHmnxfrZHCpvT3DUOXo7zYr7G_30DVo.crwylwPCIRtHl2eyIF0507kHJA4vTfMzZHEODl3xcUU
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-0bc226ec-00c9-4392-8f4c-1f7a26a8640e
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 156631:4
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1684725892947
.adtelligent.com/ Name: a281178
Value: 227EFB13-0300-4E8A-A54E-65179FF0E58E
.onaudience.com/ Name: done_redirects104
Value: 1
.bidr.io/ Name: bito
Value: AACYeE7I1RgAAB-5Gc64Dw
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-227EFB13-0300-4E8A-A54E-65179FF0E58E&KRTB&23413-227EFB13-0300-4E8A-A54E-65179FF0E58E&KRTB&23479-227EFB13-0300-4E8A-A54E-65179FF0E58E
.tribalfusion.com/ Name: ANON_ID
Value: aSnvBNN3IdaSIdwFUwVI8fDbjV3YtIcTLeGtibRVRH4Qfk16MyOgHZcTsYZdcoYnnc7LFj0RVLYwmn9UsNnZbU7bdHZdrkcf1IZarMQ9RCBd9aruVZb1uTjEXE
.semasio.net/ Name: SEUNCY
Value: 2282B82505DC7DDF
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-9y7pfzHtWbhWXajWQaRVaXgb
.smartadserver.com/ Name: pid
Value: 7681514413390398551
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AACYeE7I1RgAAB-5Gc64Dw
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a454958b-eaea-5b31-614a-86a8523173ea.P72Gej1dqppOyqKrO%2FhNyJQWTWKpfY8WI1KwmscYDD0
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ApFSVi-rqWzFhSoaoUjFz6rnVm60.qxTbnP6jetOzqVjcUG2EfQpMiGQsJQB39CAFnPaR4%2FI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ApFSVi-rqWzFhSoaoUjFz6rnVm60.qxTbnP6jetOzqVjcUG2EfQpMiGQsJQB39CAFnPaR4%2FI
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-pFSVi-rqWzFhSoaoUjFz6rnVm60&KRTB&23334-pFSVi-rqWzFhSoaoUjFz6rnVm60&KRTB&23417-pFSVi-rqWzFhSoaoUjFz6rnVm60&KRTB&23426-pFSVi-rqWzFhSoaoUjFz6rnVm60
.gammaplatform.com/ Name: _aGeoIp
Value: ES|Cordoba
.gammaplatform.com/ Name: _aUID
Value: 1qemlcnb07vw
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-1qemlcnb07vw&KRTB&23446-1qemlcnb07vw&KRTB&23465-1qemlcnb07vw
.pubmatic.com/ Name: PugT
Value: 1684704293
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4865269f0423389e
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACYeE7I1RgAAB-5Gc64Dw
.adhigh.net/ Name: gi_u
Value: xLEZUR6J6Jg.AikABlGIQDN01g
.adhigh.net/ Name: btw_sync
Value: LKQe
.richaudience.com/ Name: avcid-zeo-uid
Value: f432d651-438d-4a12-488a-5d0bab32aa0a
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-71d0441c-488d-4c74-9981-98c0af1a5d92-003%22%2C%22nxtrdr%22%3Afalse%2C%22zdxidn%22%3A%222069.66%22%7D
.as.ck-ie.com/ Name: CID
Value: 18f2496b39cc84ae9b158fa5dfa3edd3db80ed47
match.sharethrough.com/ Name: AWSALBCORS
Value: zfrpxAz1B/kHtH6s1wYsqIReRpDD/FUx3aeP34VGQydArkKiDQEFtWdOdn91xZGh7yNiJewJFdoh6ly41RqXUouTnPixf6DUH843UrqKDHprnwL6Q9NIl608QkcY
pool.admedo.com/ Name: tuuid
Value: c3419085-38d9-44fe-a469-0f6b8b9ee694
pool.admedo.com/ Name: c
Value: 1684704294
pool.admedo.com/ Name: tuuid_lu
Value: 1684704294
.smilewanted.com/ Name: sw_user_params_infos
Value: %2BJu%2F0joOBqSSdHfVRVRWuAxUxfL2tnhGG0AAbyMoFGSMnu2xW%2B4rrFkbCmiqtCcCTfJeQgTtHSTSa9axgKt3kd31mBPs98uElTzoxHWD7A%2BOoWPUA6uIAEO5i21IUYh2vDOyypslHSDDwFDWJ9nM9jEvGNKUTtCo%2F2D0ojXwttITzwMfma%2BkKqENwHGQV%2B6Y48lbz%2BcRLqL0NHI5NjeE2OfFYwr7IqPub%2F4H4T2QrBLnZ7vaLbzoJqhkc0OZ9MncpmJU0VUbR%2BESURhwWwVCWsoGDuopaParCYIDrO%2FYyxZ6KaXP%2Bh%2BM68%2F%2F%2FlIfYBI0GZQh68ML64cU0UTZo%2FH1ZP4xA%2Be0lon71reGQgGIXMq0iKcStnBk7BsY5je7%2F3ue
.betweendigital.com/ Name: ut
Value: ZGqMJgAKDjg_4UUZBo884-vzTOrBHe0Kmr4q9w==
.pubmatic.com/ Name: SPugT
Value: 1684704294
.bumlam.com/ Name: suuid3
Value: IiRlZTA5YzRmYy1mODFkLTExZWQtYTFjNC0wMDI1OTBjODI0Mzc*
.aidata.io/ Name: __upin
Value: 8Ric515DVCyrfg+l/YWApQ
.aidata.io/ Name: __upints
Value: 1684704295
.yandex.ru/ Name: yuidss
Value: 5554836171684704295
.yandex.ru/ Name: yandexuid
Value: 5554836171684704295
.tns-counter.ru/ Name: guid
Value: 4B950904646A8C27X1684704295
.io.jogo.studio/ Name: _gat_tracker0
Value: 1
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiMzc0MzA5NDc4Nzk1Mjk5OTU2NyIsImV4cGlyZXMiOiIyMDIzLTA2LTA0VDIzOjI0OjU0LjcxNTYyODUyMSswMjowMCJ9LCJpeCI6eyJ1aWQiOiJaR3FNSWFmbnIxSmFWT0ZTb2c0WEZ3QUFcdTAwMjYyMjAxIiwiZXhwaXJlcyI6IjIwMjMtMDYtMDRUMjM6MjQ6NTQuNjM5MzIxNjI0KzAyOjAwIn0sInB1Ym1hdGljIjp7InVpZCI6IjIyN0VGQjEzLTAzMDAtNEU4QS1BNTRFLTY1MTc5RkYwRTU4RSIsImV4cGlyZXMiOiIyMDIzLTA2LTA0VDIzOjI0OjU0LjY3MjAxNDYwMSswMjowMCJ9LCJzbWFydHlhZHMiOnsidWlkIjoiMDY4YzMxOWE2NDRkY2Y4ZjQ5NjIwYzAyYjEzMzQ2MTYwOGUzNDk3YzJhMjUwZGVjMThhNDU5ZjE5MjY2NjQ3NSIsImV4cGlyZXMiOiIyMDIzLTA2LTA0VDIzOjI0OjU0LjU2MDA0NDE0MiswMjowMCJ9LCJ2aWRvb215Ijp7InVpZCI6ImE2ZjM3ZjAxMjMwMTMwOTlhNTk1YmUyMjE3ZmM0MzVhIiwiZXhwaXJlcyI6IjIwMjMtMDYtMDRUMjM6MjQ6NTguMjA3Mjk3MTM3KzAyOjAwIn19LCJiZGF5IjoiMjAyMy0wNS0yMVQyMzoyNDo1NC41NjAwNDM3MTMrMDI6MDAifQ==

9 Console Messages

Source Level URL
Text
javascript error URL: https://www.khaleejtimes.com/technology/microsoft-says-it-found-malicious-software-in-its-systems
Message:
Access to fetch at 'https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&rid=esp' from origin 'https://www.khaleejtimes.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.khaleejtimes.com%2Ftechnology%2Fmicrosoft-says-it-found-malicious-software-in-its-systems&rid=esp
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://www.khaleejtimes.com/technology/fake_image.png
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=f432d651-438d-4a12-488a-5d0bab32aa0a&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=227EFB13-0300-4E8A-A54E-65179FF0E58E&gdpr=-1&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://tags.bluekai.com/site/87734?id=f432d651-438d-4a12-488a-5d0bab32aa0a&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f432d651-438d-4a12-488a-5d0bab32aa0a&reqId=5b64489e-2e64-4489-5546-b41e2e7e84d0&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.teads.tv
a.tribalfusion.com
a.vidoomy.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
adgebra.co.in
ads.betweendigital.com
ads.eu.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.travelaudience.com
ads.us.e-planning.net
ads59.adtelligent.com
adservice.google.com
adservice.google.de
adv.office-partner.de
adxbid.info
akamai.tiqcdn.com
an.yandex.ru
analytics.webgains.io
ap.lijit.com
api.webgains.io
app.playstream.media
as.ck-ie.com
bam.nr-data.net
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bn01.er.bemail.it
c.4dex.io
c.amazon-adsystem.com
c1.adform.net
cache.betweendigital.com
cat.nl3.eu.criteo.com
ccce0b4044e69ea0ab7aeed1d431c651.safeframe.googlesyndication.com
cdn.adnxs.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.track.production.webgains.team
cdn.vuukle.com
cdnjs.cloudflare.com
cdnt.netcoresmartech.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
contextual.media.net
core.iprom.net
coronaliveupdates.khaleejtimes.com
cr.frontend.weborama.fr
creativecdn.com
csm.eu.criteo.net
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
fundingchoicesmessages.google.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
go1.aniview.com
google-bidout-d.openx.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hal9000.redintelligence.net
hal90005.redintelligence.net
hbopenbid.pubmatic.com
i.e-planning.net
ib.adnxs.com
ic.tynt.com
id5-sync.com
idsync.frontend.weborama.fr
image.khaleejtimes.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
io.jogo.studio
ipac.ctnsnet.com
jogo-assets.s3.amazonaws.com
js-agent.newrelic.com
lb.eu-1-id5-sync.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
osjs.netcoresmartech.com
p.adlooxtracking.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.onaudience.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
play.jogo.studio
player.aniview.com
player.avplayer.com
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.a-mo.net
prebid.andbeyond.media
prebid.media.net
prebid.smilewanted.com
prg-apac.smartadserver.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
pubmatic-match.dotomi.com
px.adhigh.net
px.ads.linkedin.com
rkbzwluhocwgxhhuwvjq.supabase.co
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.fr3.eu.criteo.com
rtb.openx.net
rtbcdn.andbeyond.media
rtbdemand-d.openx.net
rtbpass-us.andbeyond.media
s.adtelligent.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s.tribalfusion.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssbsync.smartadserver.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
stream.playstream.media
streaming.playstream.media
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.adtelligent.com
sync.bumlam.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.go.sonobi.com
sync.mathtag.com
sync.richaudience.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
tags.mathtag.com
tags.tiqcdn.com
tg1.playstream.media
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
track1.aniview.com
track1.avplayer.com
trc.taboola.com
twa.netcoresmartech.com
u-ams03.e-planning.net
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us.ck-ie.com
user-sync.adxpremium.services
usermatch.krxd.net
vid.vidoomy.com
vpaid.vidoomy.com
vuukle.com
wrappers.geoedge.be
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.khaleejtimes.com
www.more-and-more.de
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
ap.lijit.com
app.playstream.media
fastlane.rubiconproject.com
ghb1.adtelligent.com
ghb2.adtelligent.com
hbopenbid.pubmatic.com
oajs.openx.net
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
rtb.adxpremium.services
ssp-sync.criteo.com
103.132.192.30
104.103.93.163
104.111.217.14
104.111.217.42
104.18.27.135
107.154.76.234
13.228.87.248
13.234.23.58
13.32.145.129
135.125.163.79
138.201.63.165
141.226.228.48
141.94.170.64
141.94.171.214
141.94.240.143
141.95.98.64
142.250.186.130
147.75.84.158
15.197.193.217
151.1.205.165
151.101.1.108
151.101.129.108
151.101.2.49
151.101.66.137
151.236.118.210
159.69.59.100
161.35.36.20
162.19.138.116
162.247.243.29
162.55.120.196
162.55.236.224
172.67.10.198
178.250.1.6
178.250.1.9
178.250.7.13
18.132.54.180
18.132.62.161
18.155.129.21
18.158.141.138
18.172.208.109
18.172.209.231
18.172.226.105
18.172.226.23
18.192.19.216
18.195.70.167
18.211.132.19
185.106.140.18
185.15.245.83
185.184.8.90
185.239.172.77
185.29.132.241
185.29.132.246
185.64.189.110
185.64.189.112
185.64.190.80
185.80.39.216
185.86.138.155
185.86.139.94
188.42.191.196
193.0.160.130
193.3.178.2
193.3.178.3
193.3.178.4
194.190.76.38
194.97.158.1
195.5.165.20
198.148.27.139
198.47.127.19
198.47.127.20
2.16.202.104
2.18.232.7
2001:678:cb4:bbbb::11
2001:6d0:4001::226
205.234.175.175
212.82.100.182
213.155.156.166
213.19.147.44
216.52.2.39
23.201.255.110
23.35.236.201
23.45.104.216
2400:52e0:1e00::1053:1
2600:1f18:6593:f600:4cde:8aa:915a:85c4
2600:9000:2117:9200:7:2bfb:7c00:93a1
2600:9000:2250:c400:a:e047:753:be1
2600:9000:256f:c400:2:d490:4d80:93a1
2602:803:c003:200::51
2606:4700:10::6816:3456
2606:4700:10::6816:3ca8
2606:4700:10::6816:3da8
2606:4700:10::ac43:db6
2606:4700:20::681a:9a9
2606:4700:3035::6815:23e9
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700::6812:272
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:801::200a
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:d::2
2a02:2638:d::a
2a02:2638:d::c
2a02:2638:d::d
2a02:26f0:480:25::1726:6211
2a02:26f0:480:794::2c79
2a02:26f0:480:f::213:7ed4
2a02:6b8::90
2a02:6ea0:c700::11
2a02:6ea0:c700::17
2a02:fa8:8806:13::1400
2a04:4e42::300
2a04:4e42::485
2a05:d018:24:b001:6b31:92d5:e6c3:c9bd
2a05:d018:d29:3602:f6c9:c47f:7f05:2962
2a0b:4d07:101::1
2a0c:5c81:5142::2
2a0c:5c81:5150:0:8a51:fbff:fe39:aff0
2a0c:5c81:5161:0:225:90ff:fefb:20e3
3.225.9.20
3.65.236.207
3.70.117.93
3.71.149.231
31.172.81.159
34.102.146.192
34.102.163.6
34.102.253.54
34.107.148.139
34.107.231.31
34.111.113.62
34.111.129.221
34.111.131.239
34.160.236.64
34.196.26.133
34.201.214.156
34.203.16.225
34.243.48.125
34.246.243.171
34.254.125.132
34.96.70.87
34.98.64.218
35.186.193.173
35.190.0.66
35.190.39.111
35.204.74.118
35.207.221.200
35.210.53.219
35.214.153.92
35.227.252.103
35.241.34.106
35.244.159.8
37.157.4.29
37.157.6.233
37.252.171.149
37.252.171.84
37.252.173.215
44.195.241.23
51.89.9.252
52.18.203.230
52.217.234.33
52.220.229.2
52.23.144.17
52.46.130.91
52.5.106.217
52.57.203.214
52.58.149.75
52.94.223.167
54.220.255.219
54.78.254.47
64.227.64.62
67.202.105.31
69.16.175.10
69.16.175.42
69.166.1.10
69.173.144.138
72.251.241.206
76.223.111.18
76.76.21.142
76.76.21.61
77.243.51.122
77.245.57.72
78.46.90.238
8.2.110.113
8.2.110.114
8.2.110.24
8.43.72.98
85.114.159.93
89.108.120.68
89.149.192.64
95.101.148.198
95.101.148.20
95.101.54.217
98.98.134.242
98.98.134.243
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
014bdd8933f62e8a78fb2b79c514bf540092e441a6f1c0ab21c29c552a43df22
0325b6c9e68ae3f6ec25f6817b4daef364bd99c2ff5f04588fd6f956bf983b97
0385b1c02d10237ca62f17611df60ff00e9a25544a4740b2fe476542a4e414a7
04c3e27b4e50b05e753624b18d153a73a64bd66f8544d04d73278b9cca80b643
0514cea519259a90ef195e663ef8f544520a3b08a3e3986179e7e43a56cfba1a
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0606a32d040555e704c6ebb9876ea9cd081d9a2560e625d5ccc3ec9a53475a7d
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06cbf96f689ccd27c0b9b3e417da9279e92da87b6d7e4d2f37e9f36ddbdbb171
06d1b3964e194f89543606f078e05c53d6b15e4dd2ba177b03c2d01fc3485012
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
085d5d4ebefe1127eb2556b5d8feda6e703357b5a930a31f2df882be9ea15f14
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09d34e16a75f2a0584a15576d4074747cc037d18db095a0087b2ec350b6b6487
0a099afdb6576b9fbb6114a71584b71b51e9eaf3a3a364dcadbb39bada884954
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9c90deb886fcb8d82ad9547e5d1f79523d10992dbe9220dcef45e51a514dfd
0bb085d6347230042868f7144f787f8bb42d3a6cc4f2a2bd3581b866a5b1e570
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c3895563e0d6ac7eee8c3e63104a88e94362940db038dcd798e57216b8a65d8
0c52ce3f1cba1378ca4ed711d3da9b4f0330bd928b482ce0de0b81d93d273850
0c8d2a58b05248b94e354fac9895425a21cf4930bd3d5f9588c93b73e44cffc4
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cd0682315a4a3e9e8eb36324c7a5073ad1fb7945b24bb13159c7ecf2e449494
0d7ed7cd3c4c3f4a8a7ad540a14feaa919c09922ccf31dfd7b6d24f1ed54acd3
0f0c93d61ddacd2a463e26c48388b266af9ba29ac8350a93da8e2e8a34897dc9
0f415a865638ea539dda8b006a7d0a66cd015d3ef230d3f291ce5be917ced7ab
1215453532c8277607195fd7583b94417cf70354434f243aae86fec1ec275046
1227f39117252b4cc7cde1d26eb66b8f5988e3eee43bc90840a486389e5799c3
12a69d3e1e6b9ed7b511c34f52616efdfc2fc4c71d869d3508aaedff7e2ebacb
13486084978086d1741399d998d31623ede7dea6e995ff068432eb2ee8a7472e
15218e89f0b11eb5924431e649ffb9cd18be2a7285ad39229d04a0c1f16407df
18238305f99afdd3aa635ba5700763f46f8a220a5cdee2a341e6e751bdd95557
1845c289c582dd2b58a3ab7f8eadb695ebabbfe7a2685e5f9012ae16e0541580
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1923cc88fd045d592dfb6405cda3a728033bd4a76dd25c0551f9e41b7df8cc72
1b0cddecc0dce425a4f092c07fbda34eb5a0b649529eb7ae9a97f7c09f8e7fba
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d8dc4cd22c0f8597011b86b15694f0d6c6d593526934116305ea0587f328954
1ddff8b731c76509264e6b48900f281a39b0e3aeb3e4df3a69fda9cc4ca437aa
1deed0f64c455d72ee8dc287ab7c57babec224e5da09332343fcbe1e49d74c0f
1f3f3c7a291fd5b55f7c2c28d69447c45bfd2d3854f83d619914a4362f925344
207249da364e8d3460a20d21b5caaebe150d559ef9241bd077882a9c68bce763
218fa52eecc6f4bdc7fb2cf552d03e927747080b7a3618268efca457d8d65f5b
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
236768803f6d8708c2e38ce3528b8f816b680fc91eca167bb99fc79067499335
247e3962eaea826932f71f2c28687a45361c108bb322911000e39e81c5c0e9b8
24966832331ab59451484a7d052077a5714e977f1453866b4d2ec0fee35d043e
24b5fa9227e2539d460d47bb58bc2cfd5ab7b460b10ed08f5f237a1c4227fa30
25266ef2a4c7863e3b54e363bd504de20685023d568bbb11bbe9eda693c75d76
266795985aff5653c2b183ca7d74dfe729870a4c3703eee99ea0b0429fa3ab2e
28e8ab9f67173c4206fc1232333fc189c04c06ef0f992e136418d75cac4d0185
29084f5a42362de97014ca7735be826d9b6b875cf1579555fd7230a4a158bd10
29f14ae75a125be35d315f4f3d38ca7f398cbd52c1c32585f0d5585529889803
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2da0a375b2c041e595af23f3ffd657368aca9a5c8750994c46108da080870067
2dedbeae823e515580ff0f09eb46a4142d77d96ed9f13b22303c4a1cd630b1fd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
303993a36d0ea4e23a789c07d0d88096946be6ed9e488a7497031bc38f05991f
30ece5ac4e330eb0d7d2f0ff3096f914def5a156abfd9f6f0352d03bcf40311b
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
336297a422404f9343c75e4fa26dbfdc22a9628de7ac268724d37e48de2f64a6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
372b7de5f1b5de379c6a80e0f2b9209b672550c6ffa9abf11d39b98e06ef5551
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3869f14c73e1f0e3ad0b1ca4576193c67aa668224e66727e0441403d71d94304
38bdcd9c400544acb68abceb45a5f7b3af7d791f7f90262fed22fca5151bfa1e
393077388c411f863ac4b3edef836f4c46c03c7a54c7e6b04dbf51be1515d788
3b83170de46f2a101235baa70a3d7247f1e7f1d5a4fecb78ab1bbc925dc21f01
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3ba702043ac26644d0046b531417c7dfd1651410568f0169b896d47445391676
3bbcb66dfb82f4e9fa92d126e3895f1fbcdd7377c745702bb8160eb5e674fa08
3cb5b7ae5053d743996378c35733560214d3d896ade5c0de0d8b13a97f43039e
3cf4950f7ab40fad2232c6a84ae20cba639b79aa6a47ef82465e08466e7eca1f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3df260f4102e83ae69e3bd6e0f028bebb46b4cefd8a64276593b650934037f3f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fabc653cd5bb12da9e77bb24188ec2933cee18eeb535c747329100df4bb651a
3fdb7e26e4ae6e08554a76bd91c694600b1732fbcd577229abd25eeb26c9406e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40aee081c093e749a7df384cd8938a1a1d8dac799a2404f259ff68aa4211ed72
42cdcdb769ea227cf6f8f431e83bf096848f20d824d57e3e0c1435a04f8a8943
42cee2e27defcb69a0a9fb3c5a924941832f377bd43b4911c1715ae8d08b0b80
4379cf79df8232487024c20ac47d9858aeb857f2390efed18d240d27b6102c5a
4437aff5a485ceb332fbae83eeeee66bbd976a838afb7c06b0e38634e31331d1
44a7842568fd2d10ef3d2327f2029a8242f9eae569555ac8f280d1f3f5dc64e1
44faf0e7b6d8f01cee052dbe498101504b689c4994046facfecf95303d7874ab
4578d75a057e082ecae9ea9f2a90258999c97515975f4757ec1287736c8fec86
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b301120322150cd15540a4f62e4ef4a8c35efb7ba9a8a963e92a0d0c267d01
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
48057ce15d71e4fca4e37f5fd751f992bef87b6fcf527c4731556cf65652864e
48454abc6fd64af1c77b5ca1f183b773a3fd7d270ba8d050c5d9b9768df3ecb2
48b8498b15716ab0b4ca2b3e6b7a8acc89b3eeb3f6058c45d9fd43329b7a8af1
4c495153f7453aba9f3c1a2b2e703f7677ae9f8aeeed225d21e55d8600ea9006
4c5fb719afdaf24db59c2a13c89d1de70d58da336d8adcec0e3862ff8f5ca58b
4d103aa6459418648cbe913c21965506dec88b052033c15ece5c5800e39f7e34
4da98a6add41fa59e22e486e788a9b33e343f53909c1e75d7ccdc18357a063ae
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49730d60a5f49626af0d8e4f07b7e5fd60b9e1dc9116b8f5ab00e9923a305f
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50e0bbfec5c43e7d2ad553603e5001c98ad6404041ce9bc9288566a606a725b0
52e933f3e16543bf2d538de2c76a0a0dc2bce2c269298cee53c5f0790d43694d
53ae96025c322ab2412350573203e61b5515c310b9cb50ee55f02a448bfd2275
53f98bb0b288d162a288ce2caf8406c00c1fd474f0c73a58b5893098271621a9
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
545c4415392682b1efe8c657768a3c8448fa9a86ffce07cca8354a820ff233c0
546d8b0057fd1b0d05d29654e6d424748e7a1cceb38edb1e059a6c00b1e2c766
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54dd6beabd97e49e418326139ad5133d33f894a96d7eb8a0a801103629918ced
54f1223587f76b8ec455590fb65770a1b2e1c4a03cf06c376662c87d622950ab
55ae2bb63b3739d001918259bb945000b092bfa1a7347ba9330239ce0c96de4d
58c639a92b85ada4b667efe491a84309562bb6dead5227baabdf1528481231eb
58ff7b27e54579ad931f12657811868573c1e330c93007e49d898017da175797
592b697407a55d555db9ca976647f48cbc1db21d2a6e91d1b7eac3dc97ef98a4
599f45a18de02b55e6232b832d95ff9c82089aad4c4cc155f653e59e9a84dc85
5a056768b6de033823f354d292987be0efcde2c68fb35ca524c8d6cd7d4e1ef0
5a4df945707077b2311159554c1c2e9b35284a3046e2801e78537c5219a0a9f3
5a8333d51ff3aeb5d41a60b039ffcad5f85ff61fff6115bbdaf658595b0c3eba
5a8ac6c57b7e119e8096c440cf6d07db5e58c5dbf22c1ed0d365b63a934fa612
5b04395b2ea6978c0408aa21f0ae2e839f0998277fc6132280ce5d8c0ca10048
5b0f3b579513d9db8f002b025e8052f0bd429edef0e8d327abeaafb804b01eac
5b327186720d13b25a4cc421af86f32847f5b41a9935f64a89fef4656026141b
5da1b7de6689ca5f3bd142b9810450d30f13ff29781ae85e91dc34603762d34c
5e28191f04b40f71e4b6dfd01eb3c060412ec05ce34f00cfa9a19ea08396d148
5f76b904844d3bf811ec3755473b409e2cdf9fa4c8320a82d707efe30001cbe8
5fdb0298d0bdeeabd83e69ec84301892f631596878cfb91da4a19f3cc1db1a39
60b755dec036b63178a5f98d57a943c735fd07044365b6991f3ad7c18f7ffd0b
6145c3f2f37fd6ce0582974bb1428eb8641921e188060367a08ae218865097cb
6271955542703658eb7457cc778220494fde5f068fd51c0fcdccf420f5e6edcb
630e69f10d18ce82e983d65970ba458cea03873c828288c11b51722279825a13
630f2c32737f299f4fb2d92f4a739cf70a82ba38805ee48474f1aef3275f3919
631e4c0cb82e03a77dbf7111e8303534d183747050352701d0483b4bdbd3ec81
6344c20f5e2a231f73e2f211e982630c32ea054347f57d2de05a175ea856837d
63a3f1e4ab1e9be9fe5b9de73da34ca3ec20143a256e208675e7184f1f34ded0
63c4d9f07defa3ae60b43104ce4a7c297ddb803f3ded208e2921a5edfa33e3c6
64052d75c8ecd5b79757c5f04ec0c37fb9af5c924fbb156a2a59a6066d150d33
64629436ad861896b613ad520973cc32a6cd96e3fcf77264408d0b8493b92db2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
664839fae0b46d6ae74a6823fd6ddbc01b3b48eb70f127adb9b88913962af37e
66995f751bc32c701e5a0959c05ad928020d0d2ce1c3fd1a21470c129052cfdf
6a08c41bdde65acc280ba9a11728b159b413ff8eb8c0d1d055c0569148b6b2a7
6a1621d6f0d451fc717709f45ee63ce30f6a54c75fd155f132e5e2823b08628e
6a384986c342e61a197f612594a55ebeafb67528a2532990aa8133564bc61af6
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b4ac5140df0933d993e169cc4cf9d80288628af1e78d4c4eba13d951074194e
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d64bf989a7e8772424a8b1fedfd0572bfa388e2bd30179525cbcd30a6f69c2d
6eefc13f4d9832e74173dea423bca495ceb7f4cbb888a19434d71a9bc0f69cb7
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
6f6b9d913bd2f8037f3532e5b0b96a40de775af5eb2630b9657cf6630aa0405a
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
7048c4d3ce53a0d8f55996b93069e39b27d933ed82b9a1c5917522722c757afa
71d2abaaf1a53f29cd98be194600a95a2d23a98ee7c54710112d01777d494fcf
721c395f361ccac04ea0faa6d747cd7dfc31e002b87bd40281f8abd2f6e4ce9e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
745a0cfd6511ebe10755631eba8e109555c7cbd60f3acc939575640ddd1f20d4
745be6a9dfd6ab6f635d5c7f274ba06d4fd585a2e9826a3d3dfbb80ed86833ef
756997924e97f09793e32520f153591ff455188cf2fd5e2f8d95b6d427b9e87b
77851be5afb51840c7809b09bcaf75d2220513c2d5a3ac5fb66b173cd3032c34
7a100bdec68db10959adc9160f48f444085fab4beb0405e052de2a7959e74566
7baf7cf2143a1207d050c9703c84f21c569532124537094951ba10c77f1527c2
7bbb45c861f27816c52989a1e248d3310b9695fa67f138c13ce9f83a65968000
7c4514ee1b4d1222477d7f5310c0f048f14407d40fb76379f8dc71f46061b4d8
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7cb60ba2dca27f07f3a69364b2f08081e9c4be2daff3989c945a2bdd7c84df6e
7dacea6a925ae57f35053fcd83d6a5921e4872081f340864c004642cfec535c3
7ea12d1bb8dcc5fa967d9e66da4f6ecf46989d8c2b2e6a3d8bb6fafce2bddddf
7f74d1b3ee234d6e62c5613e9054535c438c26c8ff61e7b71c61b5a306e5478d
803e61d446f7505355f246b2c6b87b5d1d67946d0db9d92988c07939080d3f27
81a4bd27e957576653d3059ac699bf25e16698b98a98e26a6a84cf1d6d9660b5
8223c5d16d0bb9382590bb01f07d02c9f3a9806167f3415bb75d81439a587987
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84fc470f579998df8b2fa9738e0e107917b427f159bd56ee6f33e9b4455a3fb0
854516174a5fbe4be4946391fafe41ba180e691e3d2f47b4285b9a63834a3670
85cc5f4c151a72239700ae6445649fa0188d91a652829f39fb6fb84a85a9d1cf
864f3d118a23a83d04203242e0d8cf7cc42838853b4d04ff9d3b3a2e8b7e181c
878c16e05427aa7894dce4ed4f1026a33399e4309163b0c0b2231e20ad5030cd
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89b7e674780e99d0cc3f790f13d84570f0a87c64b4b9f4f9d414e2f667c77883
8b517eef1757fc9965e1d7747bd6c42aa2b31a9a7c08093e92d4fd90a20a1e9d
8bd592492aef00df3edb07d2c90d63d7ed56ab15bbd1cf40479764a9b249767a
8c9a01989ab359ae49fd2cc6d88fa19573ca9d821c406d7f609798ec385184c9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e6c018d0a23bfb940bb0dbe871dbb4d9064bbabb25b1ccc9543a74e6b4fddc2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f00192d90c2968b8df1bd1ee882115512c26caffa1699852c41ef8854bff455
8ff6d5296b4dc804338b03bd16513a52fd290819e810d9661b00a6f5b8206e64
8ffd7a1a980c9042363af0f2ace2cd50ad742e62f5357e4b57da1606e57e85a0
90045a507d558e8e0c704f6fb12d937eaacb250122743b5903388e474103971e
925a5f0e63e0e04865bcbd9fa3753eee68e78bcf4e61263e076ba50b3e0f2b8e
92fa2c5c66416bd03074738627fa68c7760f2490ed3cfc06333fea315c39ab3d
938402cc9e0fd0c5d8f813c2c3a328952bb78b86b8556a4b7678ff6c053e6bbb
945f49c4c0138839c121abb3a2c06f831b1fb3aa53cfd06c8c3e2ce29aeca950
94c9f2122880fde270b44d4bba545263bc7def5525addea1eed2a90311e4c10f
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96abaf5dff457b64837aa49703a7e7de26aa2295e8c98bfa6d22e90df5c42942
9720cecf20062f51f9fc3932187b2ce6e3e5273d9cb5e76262add46b294d3071
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
98068c616a32d668c09de8b1b000b024804f914a44f3b467d790eeafcafcc88b
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a88e807420c2f67221f88191656528e006780c45b3b3385b6ae03057dee04c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c5374e90ba00460d960ab5fc3dec9d1127a771bf1c39d6f977ba69bc75ca715
9c6cbd78925cea1166fabf67fa2caa278ee8e4b1ac78fad7d0f5641cc0bf1ab8
9c9e20c9a442686c44d538035a0909bd2d4bac5c25347fcbad727d410b841942
9ca81a9f248b84e4e96cd41cf8f4a427a367e8647bc7eb7b2fb21bc00fb0b699
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
9f2fb59b64b281efcc410e321802f2cc16b377e594882efca16e81b79123f87c
9f878be7310ae8c9cb0334970d5a3ae14b0b4418374b8e73316756fc6abd1feb
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2320609fa96b411b62c766bbe32c1d7badb2c63035790fd5881d6990fd017a7
a49f8584d52903e5a375bf01bad3f17e645664d979bd85d459fb6f5bd04da01a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6795b787bb257267d31c355a51d4bf54b5fbcde4d021523f8362f8b0f314750
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a745a6b4cbef6176b15bd0553b45a0f975ea4553149c589918b8bd67a8f95ed9
a79790111c363007e103b6b7fa0bd7a5cae4280e08874ab787c2173ead611b52
a88ba17ef2dba59fbd83de0a0c2e4cc9943f59a4aa02697aa1b7b63d8de576cd
a8b24eb9adb77960444c3ce362e8a7b3e90991bc75972fa3797414333e731b5c
a9a0ec309855e6c4eedbc0860050693ffc2bfbee82abb8444210fb6d653b6dce
a9cea7e92a9aaae8c3e42e6f69d902afbfe6780097d12dd44749884a3f13b65b
aa43a53b8356156377ad8f6805d9724793592b9f69b232a68449db95f122002a
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad8a9b3cef87914f33f7b56763743b9757e9a00f4ef51d07b40adb32e3272e7a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee3dc918f6914bd1be017931fe4c92c4e0c0f250732412c67ee56fd9e1cb166
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fb38c0d2cba4bf9f4dfd88d9a580c95073a541138099db7b2287f7c498e25e
b266a3330f4fc2073eaaee2c489db68b41b79207e418a22f091886f3983049e7
b456bc8a4c5bcd3530b11f6c0c7a768275e7576fa357bba54dbe52d997c9cc07
b5063549b71f73f872548f84830c018d25376fecdca4bcd842a4b16e2294fa51
b54ccb6daa7b61513f2fa7b8bb4a11bb6b18e1fc60356298093a678e150194cb
b6c65444bd5b5ca70d3fc832022b2a1645bf52a8beefd3ef95bada3862b01825
b719fa966ff006497bd2a7fe171650bf68e2f72411ee57f0da845796c9b97201
b759dcb812df0caaa1b5a8d4b4d86a8f6f41f4b4f4c53589f54cf4d15bc82124
b86560f085f830750ceb8fc15fed79bcfd1ad6fffd62442fe393eba49cb96c4e
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
ba3696345efc1aec76819aec686378226b83ff3d4f1a2e41afeadf48e2f6a074
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb72cf9c29ae62c1145975ceebd315a18bc83fccb4e39adbfc44bc71e28efe55
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd2df0fff950bce978c27cee54ed6e14e5e90d9e7f1829ab56da3fb21025ec48
bd84d3b448dfa1f7ded33de1848cb5f06946f8d86058e9c8d183ae3dddea4ff3
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1f228412a5062bbd02fbc3e54727820e0dbbdbc1bdc4aa7563ddceb36b4c43c
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2617dc197a762d85e81cd8ddb7565f82ab8bb0258edc7299497a5c9474ee977
c2ad3b2ad1c100ebb196165df8a0bfad3941024d991dcbef5c92437283e17b57
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c545b18b28243dcdab260a9ea339ee9bc14dc1a6ef7f80403e1aed341cb6bfaa
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c84f5c94fec8629693e4bbb5d8c6810bdeee0f88ae60703782c583d3dbcf6469
c93c88a9b0ecf4b158610988b79ffdc52501b1e995f14eb4dfc09c7eb9c3f6de
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc3513d258074fbe7209d263fe3acdd0a05ed0bee513af79907f6f4e00b8074e
cc76e8d9def9ded50761a877750bab9afab8d4873351a0088e44811c8a4f54e3
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ce33815b4c0f7c15686c773ff8b0e5092b36696a6c758ef499dc32e5a8f01e9a
ce359e122e7f286581b95cb9254d522cf283970d06196fb69c8a1b844fb8d0d6
ce4de014bac6272a0141ca4fd6330ed1394b6841599767fe73d396c659754e46
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa01769d544975c07f1898af69500e3fe96550cda2ca585691410fbda435e63
d0b516970f3856be4ffdcecab31460e16739338bb8f45ce453cbdccfcb992c6c
d16927d37f8e26f8565d8f37936c1cac3ae49299c69cfe76f84baf43677c3ec4
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d3f21eb23d62f9c0388b1705d1da5e34703037a1714b50e23e5a78f46c7db550
d49c7bd624fb9885d1cc61bfbabd7e7d7a2a833c764baeca10cda5167f522f5b
d4fa6191cc6b0b2e1f00efde5834f37557df2f242dda4e4c81b75350abf33784
d4faa882ab3b54fa5846433de78887ec5890283ecc525ffdb2b86fe9659ea612
d57624e2142c095ed2f3a272993bba05c78f5dd74d506df528c531d063ee38a8
d753f8ee126736431a1cd8170dbfcf94f553eeb1d24f2baa7c66474a80d0e559
d856729773804572ae4ff08581b1a3f4915e719100a524d8cfdab5a94a286f38
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
daf2c1dc6baed2b1956e43aa386452a2ad5185072c3b8d1794bf82918c4b5b45
db0b8a74f7de410a331ad8b4b624fa32e38aa7880529c18b3b20d165f8e2c7a8
db824f39669af4e202874506b9aaffc7203367b927a0e8ad01d79f14be5877c0
db95337620b6cdf5ab3ccdb781f4129a4eb8a541f58a5105d96a77de986c279e
dc31daa98edc405e29b229ee42a96b7b4ecf94dbfa654e3a0ca451c64f5437b3
dd86dcaa939981748de2cd61d9016882fc0c9358e3e887cb3701cd2171d8df9a
ddac7c0056a1d640bc539434eff300aae8e8e667165c26f4dc6e404832993e71
de1b63b04b142bb4eef4fd7311fc5b56fe61563db26d21bc69b2f7c42fcdd994
dee87b4a75183197a54a48a0a995f89e2e44ae20f33b2e2d245c2a3deefcda03
e38c6ad3fc07cba395a8bdc1705465609660d2386f33a9778d6931e79bea7192
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b345dc6a6472b02c4d8c4590ddd8cbf3100bf251b314b1380329b79d01ef61
e42869601ae87a83476b74dbfb615c3acde329931afc04beea4bd387f3703c7e
e4b549c1007cb2dc4b48e0e62338ba27d272c99417ceac113b63043d5690af79
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e67c6d1c9388b13b787802bb67c2370cbc64049881f1882ea3489ffd917ceac6
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e81ac04c60ab7220aa9cd87532645df3973ce19485be6a013e3b6d937a5683bb
e83997559675f6551113312d77202b517d94f21f94498432d32b6c420f9e7bdb
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9e3652349e81228cb2c0309b3e6a9f23da99f571017f01a984da348ddb4a257
ea107fb35814d42810150e6cf3fd033292e4b043068cde833d583608288ae6bd
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
ec89ad1bca7d220be2de7fab9f9c45727bc317db17ea831a31f056b68c222cbd
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef05066aab8f0beabb4a3d108d25fb490bbb700466c03c68f903dcff876840af
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef80eda708c15b582d12df476df5d766c2662ea16fd402809e1ed2e975851b3d
f0a0cffde73e8eec390fd35e2224d17a1be1db827afa4839d1869e07ed78af2d
f164954f6574227054040a4e5b681bbafc9f96ed3b990b8386a60668eabe3722
f1bf716d0aab2ca3bf086e288d33db5b10bc1d1ad808145f445a9f829277b3ba
f357ef703004e5535dadf76db6b5c638bef199b8457ab75b7009ba8e48b4c1e2
f57ccbf05a395a79cc4d9e89cc6dd51c25f9eefaddf7f3a30acfe0b00b49c2c3
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
f81b95af0a8e88b17d69442b58bdd6f141b89aebdd7c79eb3e564e2fc8aaf001
f9773eb5c89a03f79cd489b64a2950d9cc28ec6e967685c2778a1c1b3bc7bca9
fa2910f1c2bf0682e4a1364d92d1c025db7640b0f640c60b88e71b3fbac7f3c4
fb3149acc1a470e383c61bd190d7bf4035b374715887d3be2776a5b13cd9cd88
fb537badda1a1e8a1486124a463f351371f8bf1835ac092c289c7cc88ae23938
fbd313762cb3406cf59cfd0cb482fccf9b76f79ccbb80caf324ce80cf465eb8f
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fe3c3b1171caf3a6409c5ba815652abc11e28c83e363c40adfa2dcccb2c1b08c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3ec62c559412e89c50177f99a719acb9822512af32b775e72081931c622d71