urlscan.io logo urlscan.io
SecurityTrails logo

www.themoscowtimes.com Open in urlscan Pro
95.215.189.12  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.themoscowtimes.com/
Submission: On July 22 via manual from GR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 124 IPs in 11 countries across 110 domains to perform 633 HTTP transactions. The main IP is 95.215.189.12, located in Netherlands and belongs to PROCOLIX, NL. The main domain is www.themoscowtimes.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 21st 2021. Valid for: a year.
This is the only time www.themoscowtimes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 95.215.189.12 51758 (PROCOLIX)
45 95.215.189.11 51758 (PROCOLIX)
1 13.225.74.97 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
4 13.226.145.116 16509 (AMAZON-02)
1 13.226.145.82 16509 (AMAZON-02)
21 216.58.212.162 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 23.32.243.206 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
24 13.225.74.72 16509 (AMAZON-02)
24 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
1 7 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:10:... 13335 (CLOUDFLAR...)
9 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 24 216.52.2.39 30282 (AS-INAPCD...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
5 52.34.145.6 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
11 23 185.33.221.50 29990 (ASN-APPNEX)
3 185.86.138.16 201081 (SMARTADSE...)
5 185.64.189.112 62713 (AS-PUBMATIC)
3 213.19.162.61 26667 (RUBICONPR...)
20 72.251.249.13 29791 (VOXEL-DOT...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 34.252.243.79 16509 (AMAZON-02)
3 104.111.233.227 16625 (AKAMAI-AS)
1 3.122.214.165 16509 (AMAZON-02)
6 8 52.48.248.240 16509 (AMAZON-02)
1 142.250.110.157 15169 (GOOGLE)
11 14 52.58.55.232 16509 (AMAZON-02)
3 9 76.223.111.131 16509 (AMAZON-02)
3 3 185.184.8.65 204995 (RTB-HOUSE...)
3 3 213.19.147.45 3356 (LEVEL3)
1 69.173.144.165 26667 (RUBICONPR...)
5 5 54.246.13.173 16509 (AMAZON-02)
1 2 52.95.123.167 16509 (AMAZON-02)
1 1 54.163.239.172 14618 (AMAZON-AES)
20 36 142.250.186.66 15169 (GOOGLE)
1 5 34.199.13.197 14618 (AMAZON-AES)
3 5 159.253.128.183 36351 (SOFTLAYER)
4 4 66.155.71.150 13768 (COGECO-PEER1)
2 2 193.0.160.129 54312 (ROCKETFUEL)
3 5 104.111.242.53 16625 (AKAMAI-AS)
1 8.43.72.97 26667 (RUBICONPR...)
5 5 18.196.123.190 16509 (AMAZON-02)
7 10 198.148.27.139 19189 (PULSEPOINT)
3 3 91.228.74.133 16509 (AMAZON-02)
6 6 185.29.132.144 30419 (MEDIAMATH...)
8 2.18.233.180 16625 (AKAMAI-AS)
1 1 2001:678:cb4:... 56396 (TURN)
3 12 35.244.159.8 15169 (GOOGLE)
2 16 52.208.210.171 16509 (AMAZON-02)
1 60 151.101.13.44 54113 (FASTLY)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 44.232.41.179 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 5 2.18.234.21 16625 (AKAMAI-AS)
1 2600:9000:21f... 16509 (AMAZON-02)
2 4 37.157.4.29 198622 (ADFORM)
1 2 54.209.16.83 14618 (AMAZON-AES)
4 4 64.202.112.159 23352 (SERVERCEN...)
5 18.195.155.181 16509 (AMAZON-02)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 52.205.83.58 14618 (AMAZON-AES)
1 193.122.128.135 31898 (ORACLE-BM...)
2 38.91.45.7 398989 (DEEPINTENT)
8 8 52.58.57.174 16509 (AMAZON-02)
2 2 185.86.139.104 201081 (SMARTADSE...)
1 1 2.19.35.65 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
3 4 151.101.14.49 54113 (FASTLY)
1 67.202.110.21 32748 (STEADFAST)
1 1 202.241.208.54 4694 (IDCF IDC ...)
2 6 2a02:2638::1c 44788 (ASN-CRITE...)
4 178.250.0.157 44788 (ASN-CRITE...)
2 142.250.185.226 15169 (GOOGLE)
2 185.64.190.78 62713 (AS-PUBMATIC)
1 178.250.0.165 44788 (ASN-CRITE...)
2 104.111.242.245 16625 (AKAMAI-AS)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 4 52.57.110.162 16509 (AMAZON-02)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 3.120.83.159 16509 (AMAZON-02)
6 34.240.165.104 16509 (AMAZON-02)
4 2a02:2638:1::3 44788 (ASN-CRITE...)
1 213.254.244.23 36062 (DOUBLE-VE...)
1 54.154.31.58 16509 (AMAZON-02)
1 2 142.250.186.70 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 185.86.138.114 201081 (SMARTADSE...)
3 4 178.250.0.163 44788 (ASN-CRITE...)
4 27 185.64.189.110 62713 (AS-PUBMATIC)
1 72.251.241.206 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 38.27.122.158 174 (COGENT-174)
1 35.244.174.68 15169 (GOOGLE)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 1 2001:678:cb4:... 56396 (TURN)
1 18.156.0.31 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 52.3.173.52 14618 (AMAZON-AES)
1 2 4.78.226.233 3356 (LEVEL3)
4 5 185.64.190.79 62713 (AS-PUBMATIC)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 1 45.35.192.162 40676 (AS40676)
9 14 51.89.21.20 16276 (OVH)
3 3 34.98.107.212 15169 (GOOGLE)
1 2600:9000:218... 16509 (AMAZON-02)
3 69.173.144.139 26667 (RUBICONPR...)
6 29 141.226.228.48 200478 (TABOOLA-AS)
12 12 51.83.111.34 16276 (OVH)
3 3 139.162.117.143 63949 (LINODE-AP...)
3 192.132.33.46 18568 (BIDTELLECT)
2 2 47.252.78.131 45102 (CNNIC-ALI...)
5 5 88.212.252.2 7979 (SERVERS-COM)
3 6 13.248.245.213 16509 (AMAZON-02)
4 2600:9000:20e... 16509 (AMAZON-02)
3 2a04:4e42:3::300 54113 (FASTLY)
3 141.226.224.32 200478 (TABOOLA-AS)
2 185.64.189.114 62713 (AS-PUBMATIC)
1 1 35.210.239.72 19527 (GOOGLE-2)
2 2.18.232.130 16625 (AKAMAI-AS)
1 1 172.104.105.5 63949 (LINODE-AP...)
1 1 162.55.6.212 24940 (HETZNER-AS)
1 2 35.227.248.159 15169 (GOOGLE)
1 2 51.79.83.225 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 3.8.243.222 16509 (AMAZON-02)
1 2 52.212.225.58 16509 (AMAZON-02)
2 99.83.181.31 16509 (AMAZON-02)
1 142.250.185.98 15169 (GOOGLE)
1 69.173.144.138 26667 (RUBICONPR...)
633 124
1    95.215.189.12 (Netherlands)

ASN51758 (PROCOLIX, NL)
PTR: host880.procolix.com
www.themoscowtimes.com
45    95.215.189.11 (Netherlands)

ASN51758 (PROCOLIX, NL)
PTR: host879.procolix.com
static.themoscowtimes.com
1    13.225.74.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-97.fra2.r.cloudfront.net
get.s-onetag.com
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
12    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
4    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    13.226.145.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-116.dus51.r.cloudfront.net
onetag-geo.s-onetag.com
1    13.226.145.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-82.dus51.r.cloudfront.net
signal-beacon.s-onetag.com
21    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
4    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
ampcid.google.de
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    23.32.243.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-243-206.deploy.static.akamaitechnologies.com
chimpstatic.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
24    13.225.74.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-72.fra2.r.cloudfront.net
likevertising.com
24    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
28    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
12    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
7    2606:4700:10::6816:3181 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.adtrue.com
9    2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.adpone.com
3    2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.projectagoraservices.com
24    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
vap7ams1.lijit.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
6    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com
3    2606:4700:3032::ac43:9028 (United States)

ASN13335 (CLOUDFLARENET, US)
projectagora.net
5    52.34.145.6 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-145-6.us-west-2.compute.amazonaws.com
exchange.adtrue.com
8    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.nl
googleads.g.doubleclick.net
1    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
23    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
secure.adnxs.com
3    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
5    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    213.19.162.61 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
20    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
gslbeacon.lijit.com
ce.lijit.com
3    2606:4700:3032::6815:356b (United States)

ASN13335 (CLOUDFLARENET, US)
projectagoralibs.com
3    34.252.243.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-243-79.eu-west-1.compute.amazonaws.com
projectagora-483829-hdb.adomik.com
3    104.111.233.227 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-227.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
1    3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
ps.eyeota.net
8    52.48.248.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-248-240.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
1    142.250.110.157 (United States)

ASN15169 (GOOGLE, US)
bid.g.doubleclick.net
14    52.58.55.232 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-55-232.eu-central-1.compute.amazonaws.com
x.bidswitch.net
9    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
data.adsrvr.org
match.adsrvr.org
3    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
creativecdn.com
3    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
5    54.246.13.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
2    52.95.123.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    54.163.239.172 (United States)

ASN14618 (AMAZON-AES, US)
aorta.clickagy.com
36    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
5    34.199.13.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-13-197.compute-1.amazonaws.com
jadserve.postrelease.com
5    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
4    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    193.0.160.129 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
5    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
5    18.196.123.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
rtb.mfadsrvr.com
10    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    91.228.74.133 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
6    185.29.132.144 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
8    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
eu-u.openx.net
u.openx.net
16    52.208.210.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
60    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
match.taboola.com
4    2606:4700:3038::6815:ead7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-adtrue.com
1    44.232.41.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-232-41-179.us-west-2.compute.amazonaws.com
track.adtruedsp.com
1    2606:4700:3038::6815:ea60 (United States)

ASN13335 (CLOUDFLARENET, US)
static.adtruedsp.com
5    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    2600:9000:21f3:1e00:11:b35a:f1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.greenhousegroup.com
4    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    54.209.16.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-16-83.compute-1.amazonaws.com
sync.srv.stackadapt.com
4    64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
sync.outbrain.com
5    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
cs.emxdgt.com
e1.emxdgt.com
2    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    52.205.83.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
8    52.58.57.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
ice.360yield.com
2    185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    67.202.110.21 (Crown Point, United States)

ASN32748 (STEADFAST, US)
ssc-cms.33across.com
1    202.241.208.54 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
6    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
googleads4.g.doubleclick.net
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2600:9000:21f3:6c00:5:98ca:e7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
creative-libraries.lemonpi.io
2    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    52.57.110.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pm.w55c.net
1    85.114.159.118 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dsp.adfarm1.adition.com
2    3.120.83.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.creative-serving.com
6    34.240.165.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
content.lemonpi.io
log.lemonpi.io
4    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    213.254.244.23 (United States)

ASN36062 (DOUBLE-VERIFY, US)
tps.doubleverify.com
1    54.154.31.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
ad.doubleclick.net
1    2606:4700::6811:71bc (United States)

ASN13335 (CLOUDFLARENET, US)
www.who.int
4    185.86.138.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
4    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
27    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    38.27.122.158 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a02:fa8:8806:13::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    52.3.173.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-173-52.compute-1.amazonaws.com
rtb.adentifi.com
2    4.78.226.233 (Dallas, United States)

ASN3356 (LEVEL3, US)
pmp.mxptint.net
5    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    45.35.192.162 (United States)

ASN40676 (AS40676, US)
sync.resetdigital.co
14    51.89.21.20 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p14.id5-sync.com
id5-sync.com
3    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    2600:9000:2182:a400:1f:ac51:e400:93a1 (United States)

ASN16509 (AMAZON-02, US)
creative-content.lemonpi.io
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
29    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
sync-t1.taboola.com
am-trc-events.taboola.com
12    51.83.111.34 (France)

ASN16276 (OVH, FR)
cookie-matching.mediarithmics.com
3    139.162.117.143 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
s.c.appier.net
3    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
5    88.212.252.2 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
6    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    2600:9000:20eb:e800:f:7bbd:36c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.lemonpi.io
3    2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
3    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    35.210.239.72 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
u.ipw.metadsp.co.uk
2    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    172.104.105.5 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
gocm.c.appier.net
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
csync.loopme.me
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
pixel.tapad.com
2    51.79.83.225 (Beauharnois, Canada)

ASN16276 (OVH, FR)
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
loada.exelator.com
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    3.8.243.222 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
aa.agkn.com
2    52.212.225.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
io.narrative.io
2    99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
ade.googlesyndication.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
Apex Domain
Subdomains		 Transfer
95 taboola.com
cdn.taboola.com
trc.taboola.com
images.taboola.com
sync.taboola.com
sync-t1.taboola.com
match.taboola.com
pips.taboola.com
cds.taboola.com
am-trc-events.taboola.com
561 KB
69 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
bid.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
ad.doubleclick.net
642 KB
61 googlesyndication.com
adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com
ade.googlesyndication.com
459 KB
51 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
image2.pubmatic.com
image8.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
231 KB
47 lijit.com
ap.lijit.com
gslbeacon.lijit.com
vap7ams1.lijit.com
pxdrop.lijit.com
ce.lijit.com
145 KB
46 themoscowtimes.com
www.themoscowtimes.com
static.themoscowtimes.com
3 MB
25 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
54 KB
24 likevertising.com
likevertising.com
155 KB
16 gumgum.com
rtb.gumgum.com
5 KB
15 criteo.com
bidder.criteo.com Failed
gum.criteo.com
mug.criteo.com
dis.criteo.com
6 KB
14 id5-sync.com
id5-sync.com
19 KB
14 bidswitch.net
x.bidswitch.net
5 KB
13 google.com
ampcid.google.com
adservice.google.com
www.google.com
4 KB
12 mediarithmics.com
cookie-matching.mediarithmics.com
6 KB
12 lemonpi.io
creative-libraries.lemonpi.io
content.lemonpi.io
log.lemonpi.io
creative-content.lemonpi.io
assets.lemonpi.io
667 KB
12 openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
3 KB
12 rubiconproject.com
fastlane.rubiconproject.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
17 KB
12 adtrue.com
cdn.adtrue.com
exchange.adtrue.com
186 KB
12 2mdn.net
s0.2mdn.net
190 KB
12 googletagservices.com
www.googletagservices.com
395 KB
10 contextweb.com
bh.contextweb.com
4 KB
9 adsrvr.org
data.adsrvr.org
match.adsrvr.org
4 KB
9 smartadserver.com
prg.smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
8 KB
9 adpone.com
hb.adpone.com
837 KB
8 360yield.com
ad.360yield.com
ice.360yield.com
4 KB
8 crwdcntrl.net
bcp.crwdcntrl.net
id.crwdcntrl.net
sync.crwdcntrl.net
4 KB
8 gstatic.com
fonts.gstatic.com
120 KB
8 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
25 KB
6 3lift.com
eb2.3lift.com
2 KB
6 mathtag.com
sync.mathtag.com
3 KB
5 betweendigital.com
ads.betweendigital.com
2 KB
5 emxdgt.com
cs.emxdgt.com
e1.emxdgt.com
111 B
5 casalemedia.com
dsum-sec.casalemedia.com
4 KB
5 mfadsrvr.com
rtb.mfadsrvr.com
3 KB
5 owneriq.net
px.owneriq.net
2 KB
5 simpli.fi
um.simpli.fi
2 KB
5 postrelease.com
jadserve.postrelease.com
2 KB
5 bidr.io
match.prod.bidr.io
2 KB
4 appier.net
s.c.appier.net
gocm.c.appier.net
1 KB
4 criteo.net
static.criteo.net
107 KB
4 w55c.net
pm.w55c.net
4 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 adform.net
c1.adform.net
2 KB
4 cdn-adtrue.com
cdn-adtrue.com
29 KB
4 sitescout.com
pixel-sync.sitescout.com
2 KB
4 fontawesome.com
use.fontawesome.com
172 KB
3 bttrack.com
bttrack.com
1 KB
3 playground.xyz
ads.playground.xyz
967 B
3 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
1 KB
3 outbrain.com
sync.outbrain.com
1 KB
3 quantserve.com
pixel.quantserve.com
1 KB
3 1rx.io
sync.1rx.io
598 B
3 creativecdn.com
creativecdn.com
990 B
3 adomik.com
projectagora-483829-hdb.adomik.com
309 B
3 projectagoralibs.com
projectagoralibs.com
5 KB
3 projectagora.net
projectagora.net
331 KB
3 google.nl
adservice.google.nl
1 KB
3 projectagoraservices.com
ads.projectagoraservices.com
14 KB
3 google.de
ampcid.google.de
adservice.google.de
www.google.de
1 KB
3 google-analytics.com
www.google-analytics.com
39 KB
3 googletagmanager.com
www.googletagmanager.com
125 KB
2 narrative.io
io.narrative.io
643 B
2 fiftyt.com
visitor.fiftyt.com
1 KB
2 exelator.com
loada.exelator.com
4 KB
2 onaudience.com
pixel.onaudience.com
736 B
2 tapad.com
pixel.tapad.com
595 B
2 clientgear.com
event.clientgear.com
523 B
2 mxptint.net
pmp.mxptint.net
967 B
2 bnmla.com
match.bnmla.com
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 cloudflare.com
cdnjs.cloudflare.com
62 KB
2 teads.tv
sync.teads.tv
344 B
2 deepintent.com
match.deepintent.com
83 B
2 ipredictive.com
sync.ipredictive.com
950 B
2 stackadapt.com
sync.srv.stackadapt.com
816 B
2 adtruedsp.com
track.adtruedsp.com
static.adtruedsp.com
68 KB
2 turn.com
d.turn.com
ad.turn.com
936 B
2 rfihub.com
p.rfihub.com
1 KB
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com
474 B
2 facebook.com
www.facebook.com
245 B
2 facebook.net
connect.facebook.net
99 KB
1 agkn.com
aa.agkn.com
348 B
1 loopme.me
csync.loopme.me
212 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk
189 B
1 resetdigital.co
sync.resetdigital.co
485 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 adentifi.com
rtb.adentifi.com
88 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 rlcdn.com
idsync.rlcdn.com
66 B
1 adgrx.com
cm.adgrx.com
408 B
1 who.int
www.who.int
86 KB
1 krxd.net
beacon.krxd.net
338 B
1 doubleverify.com
tps.doubleverify.com
395 B
1 adition.com
dsp.adfarm1.adition.com
584 B
1 socdm.com
tg.socdm.com
697 B
1 33across.com
ssc-cms.33across.com
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 zemanta.com
b1sync.zemanta.com
288 B
1 greenhousegroup.com
cdn.greenhousegroup.com
4 KB
1 clickagy.com
aorta.clickagy.com
658 B
1 eyeota.net
ps.eyeota.net
344 B
1 createjs.com
code.createjs.com
63 KB
1 chimpstatic.com
chimpstatic.com
579 B
1 googleapis.com
fonts.googleapis.com
1 KB
1 jquery.com
code.jquery.com
29 KB
1 onesignal.com
cdn.onesignal.com
3 KB
0 kubient.net Failed
sync.dmp.kubient.net Failed
0 redintelligence.net Failed
hal9000.redintelligence.net Failed
0 acuityplatform.com Failed
ums.acuityplatform.com Failed
633 110
Domain Requested by
45 static.themoscowtimes.com www.themoscowtimes.com
static.themoscowtimes.com
36 cm.g.doubleclick.net 20 redirects gslbeacon.lijit.com
googleads.g.doubleclick.net
us-u.openx.net
rtb.gumgum.com
www.themoscowtimes.com
f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
28 tpc.googlesyndication.com securepubads.g.doubleclick.net
adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
tpc.googlesyndication.com
f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.themoscowtimes.com
89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com
27 cdn.taboola.com likevertising.com
cdn.taboola.com
24 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
www.googletagservices.com
bid.g.doubleclick.net
89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.themoscowtimes.com
24 likevertising.com www.themoscowtimes.com
likevertising.com
22 simage2.pubmatic.com 3 redirects ads.pubmatic.com
21 sync.taboola.com 6 redirects
21 ap.lijit.com 2 redirects likevertising.com
ap.lijit.com
gslbeacon.lijit.com
21 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.themoscowtimes.com
likevertising.com
adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
19 ce.lijit.com likevertising.com
gslbeacon.lijit.com
us-u.openx.net
rtb.gumgum.com
ads.pubmatic.com
18 ib.adnxs.com 7 redirects projectagora.net
googleads.g.doubleclick.net
cdn.adtrue.com
ads.pubmatic.com
acdn.adnxs.com
16 rtb.gumgum.com 2 redirects gslbeacon.lijit.com
rtb.gumgum.com
15 trc.taboola.com 1 redirects cdn.taboola.com
14 id5-sync.com 9 redirects ads.pubmatic.com
14 images.taboola.com likevertising.com
14 x.bidswitch.net 11 redirects gslbeacon.lijit.com
rtb.gumgum.com
ads.pubmatic.com
12 cookie-matching.mediarithmics.com 12 redirects
12 s0.2mdn.net adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
s0.2mdn.net
www.themoscowtimes.com
12 www.googletagservices.com www.themoscowtimes.com
securepubads.g.doubleclick.net
adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
10 bh.contextweb.com 7 redirects
9 hb.adpone.com likevertising.com
8 match.adsrvr.org 3 redirects us-u.openx.net
rtb.gumgum.com
ads.pubmatic.com
8 ads.pubmatic.com gslbeacon.lijit.com
www.themoscowtimes.com
rtb.gumgum.com
ads.pubmatic.com
cdn.adtrue.com
8 www.google.com 1 redirects www.themoscowtimes.com
tpc.googlesyndication.com
f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
8 fonts.gstatic.com fonts.googleapis.com
7 us-u.openx.net 3 redirects gslbeacon.lijit.com
us-u.openx.net
googleads.g.doubleclick.net
7 cdn.adtrue.com likevertising.com
exchange.adtrue.com
www.themoscowtimes.com
6 eb2.3lift.com 3 redirects
6 ice.360yield.com 6 redirects
6 sync-t1.taboola.com
6 gum.criteo.com 2 redirects static.criteo.net
6 sync.mathtag.com 6 redirects
6 googleads.g.doubleclick.net f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
www.themoscowtimes.com
89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com
5 ads.betweendigital.com 5 redirects
5 image8.pubmatic.com 4 redirects
5 image2.pubmatic.com 1 redirects ads.pubmatic.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 secure.adnxs.com 4 redirects gslbeacon.lijit.com
5 rtb.mfadsrvr.com 5 redirects
5 px.owneriq.net 3 redirects gslbeacon.lijit.com
ads.pubmatic.com
5 um.simpli.fi 3 redirects gslbeacon.lijit.com
ads.pubmatic.com
5 jadserve.postrelease.com 1 redirects cdn.taboola.com
ads.pubmatic.com
5 match.prod.bidr.io 5 redirects
5 hbopenbid.pubmatic.com projectagora.net
cdn.adtrue.com
5 exchange.adtrue.com www.themoscowtimes.com
cdn.adtrue.com
4 assets.lemonpi.io s0.2mdn.net
4 match.taboola.com ads.pubmatic.com
4 sync.crwdcntrl.net 4 redirects
4 dis.criteo.com 3 redirects ads.pubmatic.com
4 rtb-csync.smartadserver.com ads.pubmatic.com
4 static.criteo.net cdn.adtrue.com
static.criteo.net
4 content.lemonpi.io creative-libraries.lemonpi.io
www.themoscowtimes.com
4 pm.w55c.net 4 redirects
4 mug.criteo.com
4 sync-tm.everesttech.net 3 redirects rtb.gumgum.com
4 c1.adform.net 2 redirects ads.pubmatic.com
4 cdn-adtrue.com exchange.adtrue.com
likevertising.com
4 pixel-sync.sitescout.com 4 redirects
4 adservice.google.com securepubads.g.doubleclick.net
4 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
4 use.fontawesome.com static.themoscowtimes.com
use.fontawesome.com
3 cds.taboola.com cdn.taboola.com
3 pips.taboola.com cdn.taboola.com
3 u.openx.net
3 bttrack.com cdn.taboola.com
3 s.c.appier.net 3 redirects
3 e1.emxdgt.com
3 pixel.rubiconproject.com cdn.taboola.com
3 ads.playground.xyz 3 redirects
3 sync.outbrain.com 3 redirects
3 pixel.quantserve.com 3 redirects
3 sync.1rx.io 3 redirects
3 creativecdn.com 3 redirects
3 pxdrop.lijit.com www.themoscowtimes.com
3 projectagora-483829-hdb.adomik.com
3 projectagoralibs.com ads.projectagoraservices.com
3 vap7ams1.lijit.com likevertising.com
3 fastlane.rubiconproject.com projectagora.net
3 prg.smartadserver.com projectagora.net
3 projectagora.net ads.projectagoraservices.com
3 adservice.google.nl securepubads.g.doubleclick.net
3 ads.projectagoraservices.com likevertising.com
3 www.google-analytics.com www.googletagmanager.com
www.themoscowtimes.com
3 www.googletagmanager.com www.themoscowtimes.com
track.adtruedsp.com
www.googletagmanager.com
2 am-trc-events.taboola.com cdn.taboola.com
2 io.narrative.io 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 loada.exelator.com 2 redirects
2 pixel.onaudience.com 1 redirects ads.pubmatic.com
2 pixel.tapad.com 1 redirects ads.pubmatic.com
2 acdn.adnxs.com cdn.adtrue.com
2 simage4.pubmatic.com ads.pubmatic.com
2 event.clientgear.com 2 redirects
2 id.crwdcntrl.net ads.pubmatic.com
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 match.bnmla.com 2 redirects
2 ad.doubleclick.net 1 redirects
2 log.lemonpi.io creative-libraries.lemonpi.io
2 ads.creative-serving.com 2 redirects
2 cdnjs.cloudflare.com s0.2mdn.net
2 sync.teads.tv googleads.g.doubleclick.net
2 image6.pubmatic.com ads.pubmatic.com
2 googleads4.g.doubleclick.net www.themoscowtimes.com
2 eus.rubiconproject.com rtb.gumgum.com
eus.rubiconproject.com
2 ssbsync.smartadserver.com 2 redirects
2 ad.360yield.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
ads.pubmatic.com
2 sync.ipredictive.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 cs.emxdgt.com rtb.gumgum.com
2 sync.srv.stackadapt.com 1 redirects rtb.gumgum.com
2 eu-u.openx.net us-u.openx.net
2 p.rfihub.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects gslbeacon.lijit.com
2 bcp.crwdcntrl.net 2 redirects
2 021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.facebook.com connect.facebook.net
2 connect.facebook.net www.themoscowtimes.com
connect.facebook.net
1 token.rubiconproject.com eus.rubiconproject.com
1 ade.googlesyndication.com www.themoscowtimes.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 aa.agkn.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 csync.loopme.me 1 redirects
1 gocm.c.appier.net 1 redirects
1 u.ipw.metadsp.co.uk 1 redirects
1 creative-content.lemonpi.io creative-libraries.lemonpi.io
1 sync.resetdigital.co 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 rtb.adentifi.com ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ups.analytics.yahoo.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 idsync.rlcdn.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 www.who.int likevertising.com
1 beacon.krxd.net
1 tps.doubleverify.com
1 dsp.adfarm1.adition.com 1 redirects
1 creative-libraries.lemonpi.io s0.2mdn.net
1 tg.socdm.com 1 redirects
1 ssc-cms.33across.com rtb.gumgum.com
1 secure-assets.rubiconproject.com 1 redirects
1 sync.technoratimedia.com rtb.gumgum.com
1 b1sync.zemanta.com 1 redirects
1 bidder.criteo.com cdn.adtrue.com
1 cdn.greenhousegroup.com f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
1 static.adtruedsp.com likevertising.com
1 track.adtruedsp.com exchange.adtrue.com
1 d.turn.com 1 redirects
1 pixel-us-east.rubiconproject.com gslbeacon.lijit.com
1 aorta.clickagy.com 1 redirects
1 pixel-eu.rubiconproject.com gslbeacon.lijit.com
1 data.adsrvr.org gslbeacon.lijit.com
1 bid.g.doubleclick.net f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
1 ps.eyeota.net likevertising.com
1 gslbeacon.lijit.com ap.lijit.com
1 code.createjs.com s0.2mdn.net
1 www.google.de www.themoscowtimes.com
1 adservice.google.de securepubads.g.doubleclick.net
1 stats.g.doubleclick.net www.google-analytics.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 chimpstatic.com www.themoscowtimes.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 fonts.googleapis.com static.themoscowtimes.com
1 code.jquery.com www.themoscowtimes.com
1 cdn.onesignal.com www.themoscowtimes.com
1 get.s-onetag.com www.themoscowtimes.com
1 www.themoscowtimes.com
0 sync.dmp.kubient.net Failed ads.pubmatic.com
0 hal9000.redintelligence.net Failed 89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
0 ums.acuityplatform.com Failed gslbeacon.lijit.com
ads.pubmatic.com
633 181

This site contains no links.

Subject Issuer Validity Valid
themoscowtimes.com
Sectigo RSA Domain Validation Secure Server CA		 2021-01-21 -
2022-02-11		 a year crt.sh
static.themoscowtimes.com
R3		 2021-05-31 -
2021-08-29		 3 months crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert SHA2 Secure Server CA		 2021-01-11 -
2022-01-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
likevertising.com
Amazon		 2020-09-24 -
2021-10-26		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.adtrue.com
Sectigo RSA Domain Validation Secure Server CA		 2020-08-14 -
2022-08-14		 2 years crt.sh
paadserver.projectagora.info
R3		 2021-07-15 -
2021-10-13		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.google.nl
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
tls.adobe.com
DigiCert SHA2 Secure Server CA		 2020-06-01 -
2022-06-06		 2 years crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.adomik.com
Amazon		 2021-03-03 -
2022-04-01		 a year crt.sh
cert1.a2.atm.aqfer.net
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.eyeota.net
R3		 2021-06-28 -
2021-09-26		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.adtruedsp.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
cdn.greenhousegroup.com
Amazon		 2021-03-26 -
2022-04-24		 a year crt.sh
*.srv.stackadapt.com
Amazon		 2020-12-09 -
2022-01-07		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
teads.tv
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
*.lemonpi.io
Amazon		 2020-09-13 -
2021-10-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.doubleverify.com
Network Solutions OV Server CA 2		 2019-11-05 -
2021-12-13		 2 years crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
adentifi.com
Amazon		 2020-10-02 -
2021-11-02		 a year crt.sh
*.mxptint.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-29 -
2022-07-07		 a year crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-25		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.onaudience.com
Certyfikat SSL		 2021-05-28 -
2022-05-28		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.narrative.io
Amazon		 2021-04-07 -
2022-05-06		 a year crt.sh

This page contains 107 frames:

Primary Page: https://www.themoscowtimes.com/
Frame ID: 431DC017CD8CEBABFBFB30EC41623532
Requests: 92 HTTP requests in this frame

Frame: https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 833F01EECB90C76FE17F4072D872A8B4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4L27glK2dFEsUnlMttudNkONIOE7FPbUwJkecTT0ZTbiKloIlOGkhj-krASl7696urfEi_KaPSOa6ZhFC01B7HijoprsAK-l0XvwhtSOtEJRWM5Va2Ucb2MlB2z3ePgsX_5QUPlktde2vussHF93FAGMz0xnkNo73Nv7gadT6ZWWPqTeEp3CPj1jl6yHBL5rD0RySH0TxFTRU9_NIYAFGjikyd9b8pZ8joA6Y9OZF88gMXO-JsRz3qEtZcYGzmlHTKiZlrYZ_cbqVR0Ok-jjAMAK_JLeIxyAKrfK5dqcS6FxOBZ7RG9kSw3n6F94ImUM8fFi8Y9rf&sai=AMfl-YSNFh5x3RVYZ2Kwlpj5r_Q5Dr9fSbTN3pt2d-Z7LxkLZ0RBcNiyNd6_9zj8-SfOkuyUUHSDqCAaUkiewbTS7g_84k4HiujG2BNKrVaOMgDVYj4llVP2fVQ1nrQSc4g&sig=Cg0ArKJSzI7EsC8EvKysEAE&urlfix=1&adurl=
Frame ID: F63015DFE77F52CE2CF33220CC86DCF2
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstekWgH_ophOkgpLlxUJeBAPR3NGd7kQIHY62e8jEyA3FMEB4PAEP6zyEyJ4xwqBKtwwGvo24H7I3ug28X6nOWL1s-L1fE5-vS41N7d5BV5UxdsF-1YkjBGX_4KtZ7AMjt4Rn8CO0a1tytQonJknjp_0obpTSxi087Mklws3xbdLFp4jdyvPyweuPKoGdmH7OXDOyB_a1pzBtqU7ebOH3Vl-9WmDnXhvPtJCN9SMnbmCfPuOF96GLG-rq9NueMPPMKTpm9jXsCTH_xcT2UgJRe4xd_vB2RDH4t6geTEYI01GMTohz1fxH2is2PsvT-GZVixT3uW5ienJK6&sai=AMfl-YQ78pyokMUXlCcUEPD-dImlpEyZnF8u9NgDFmtPkdznHn0j8hRMIM1g3x-nk1SvExTicYtKJ9Abx0kr2EI9vF0JzSn1eU-uQV_itkfSDcaNy0vYugj0y6BRhiL8cO8&sig=Cg0ArKJSzDL2W2E6cHxJEAE&urlfix=1&adurl=
Frame ID: C84FEF5608631A1F01EC87CBACC2E4EF
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyw6xr8bPPHhgPvvSU_zsBaosWqcWkcpNChU45kpiKwznsY5uVucNuB8ZOQKzlOtBlobaFneMyJhfWJ6Tz9OZafll9WvuAYmvyTYUEMU0eezPVJxraQWn1HiY_SJ9wFfRo0Nn1s4C6Kq-q2J5NwDPYq3IAxpGLk7nQvocDBUI1lY250_SG5x39AXLSO4cJcrN2yEXuhBiUnG0K_SL8wgI725DlHpZ7P2btBgqHoFsAn6hD4Ts8_cCqicKtcWZnAfiwn3iOGu4K9ReDmdpvmwsGRCDBe7iLNV_8lfAfI8CvvWe9NmmLoujCgas2Q3EBykZ6cyhLBuHAnYqZYmQX&sai=AMfl-YQtnIlKa90ieFgx14vCd0rA232dFHq3yHlnbpG14Blhw9O9mOXTbrzxhAErpeOJ-WAhNHqMyFUf4_jL9BaSaGsLa3Lcexh3SwRP_SzR7yL0zu_RY7qLovSGiOzs43s&sig=Cg0ArKJSzHexpAQ1o4Z-EAE&urlfix=1&adurl=
Frame ID: 364A8E0492A419E0F0B8FEA08D9BBBC3
Requests: 6 HTTP requests in this frame

Frame: https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 43BA633AC2C23C0794D97D7982BFA4AA
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4CCBDEA44D429781A5DD42E35C81DCD6
Requests: 9 HTTP requests in this frame

Frame: https://likevertising.com/syncro?i=ozq8lklz3e1znpqig3c&a=4f4a4c72e5d91df7438c43d8a6ef40cd5&cb=9518151626937709520
Frame ID: 540471AC85AE84C54E5BCF6AD48DB4BC
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/syncro?i=ozq8lklz3e1znpqig3c&a=6edc5c89447c574ef4cea93f1f2f891a3&cb=6671621626937709523
Frame ID: 9697015BD35B876D3E8D2DE747B4B1A5
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/stats?i=ozq8lklz3e1znpqig3c&a=3f438269c50c900a489ac681b8b2a85d5&cb=0667781626937709524
Frame ID: 9ECA0749B4DD87A7806ACA8EB345DFEF
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/stats?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=0371801626937709525
Frame ID: E470862F1A8B823F87C9797E619B6C42
Requests: 9 HTTP requests in this frame

Frame: https://likevertising.com/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=5089751626937709526
Frame ID: BA68722C1FAABD4C4D2DDFFF22222C0E
Requests: 9 HTTP requests in this frame

Frame: https://likevertising.com/count?i=ozq8lklz3e1znpqig3c&a=0663c4e8643197170d2aea8d47191c273&cb=8887861626937709527
Frame ID: 2608200FD3D72A28D2EE3D89666EFDE6
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 85C9EE335C2E0BFFE0A145D2E8EFB65F
Requests: 9 HTTP requests in this frame

Frame: https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b1&cb=1850571626937709536
Frame ID: 50F1C40A028C8BE334453D325B277B8E
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/syncro?i=b2q9ssvr0rctu7elxrne&a=71fe11d01084140e99d087fe51ae4cfc5&cb=4862661626937709537
Frame ID: 2048CF78D42D56EF5B263115F10AB65A
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2535&cb=7071071626937709538
Frame ID: 4E781D2E023A94AFD24292C801E180FA
Requests: 11 HTTP requests in this frame

Frame: https://likevertising.com/user?i=b2q9ssvr0rctu7elxrne&a=381b3593439a32d7eb976a934b5655d65&cb=7042991626937709539
Frame ID: 1F8AD4FDBC4805791CD229BD203D1666
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=8275681626937709540
Frame ID: D8B5EDEA7A6CD5A58B2487B30CF3D56B
Requests: 9 HTTP requests in this frame

Frame: https://likevertising.com/syncro?i=b2q9ssvr0rctu7elxrne&a=56a2b13f3aa682806e16e152c8c768697&cb=9247031626937709541
Frame ID: 24966F97362992A70E4983499AE2F9FC
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 50DD041A3D3CA6CD04F8F528938D0E74
Requests: 9 HTTP requests in this frame

Frame: https://likevertising.com/syncro?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b5&cb=0553241626937709562
Frame ID: E1BAE6BB226AB3A722A68E0AC155BEE2
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/stat?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=1059091626937709564
Frame ID: 6078CD682A20916537797D418AB7902F
Requests: 9 HTTP requests in this frame

Frame: https://likevertising.com/usync?i=b2q9ssvr0rctu7elxrne&a=56a2b13f3aa682806e16e152c8c768693&cb=3808101626937709565
Frame ID: 75B2A4625C2CA4BC51B3C17D32FC2995
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=381b3593439a32d7eb976a934b5655d61&cb=8808011626937709567
Frame ID: 8E1EBC8D7C1936E0860A97025C40AFA3
Requests: 2 HTTP requests in this frame

Frame: https://likevertising.com/send?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=3876291626937709568
Frame ID: CA295BA69B60D4339EFF3EB395CD001A
Requests: 9 HTTP requests in this frame

Frame: https://likevertising.com/syncro?i=b2q9ssvr0rctu7elxrne&a=71fe11d01084140e99d087fe51ae4cfc7&cb=0834071626937709569
Frame ID: 3A0933F08187C31122D67D1FD5C1B723
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C97A87D96C82B8DCAEB6114BDDD5161A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4D92BFF723D370665C1481DECDF68A78
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/1776344/4911503909/1620363419657/970_250.html
Frame ID: 2745191917CA5DE1D1C6D32906ADF0A1
Requests: 3 HTTP requests in this frame

Frame: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 243E63D74027A07F28A5DC2BF09CCA9B
Requests: 1 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=17495&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=492262664&timeZone=2&adWidth=300&adHeight=250&loc=https://www.themoscowtimes.com/
Frame ID: 3AB2CAA89018330B1C585304F10FAF39
Requests: 13 HTTP requests in this frame

Frame: https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: C6053FCF74E14D40C910F3ACCB86A0A0
Requests: 1 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=17496&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=3666695480&timeZone=2&adWidth=728&adHeight=90&loc=https://www.themoscowtimes.com/
Frame ID: A3EA27B9E7D9B9D43ADDF3DB21D080BD
Requests: 3 HTTP requests in this frame

Frame: https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: E0122E1ED5E51C3B5CC87AA73F9C6F0F
Requests: 1 HTTP requests in this frame

Frame: https://exchange.adtrue.com/delivery/impress?pzoneid=17496&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=955274615&timeZone=2&adWidth=728&adHeight=90&loc=https://www.themoscowtimes.com/
Frame ID: 05959B3C6E1629C62FCE25E4C42FE3D2
Requests: 13 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Frame ID: D4B76E5CEA6FBEB9439CDB317964B0A4
Requests: 23 HTTP requests in this frame

Frame: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: A2EC0D322B5060C68354755D374DC4A1
Requests: 18 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 28EB859C14503680138EEDC46D0B5F11
Requests: 21 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 68B9153860866F5C91D46CE57E5E120D
Requests: 21 HTTP requests in this frame

Frame: https://projectagoralibs.com/libs/pa_backupads_lib.js
Frame ID: 7CE12DE9764358D65C0504D24CD94AEB
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COPJBxCc80UYmezwrAEwAQ&v=APEucNVMqsCvoKvyfy7Be0iJTzhbTDquhd4A3ErRR3Pu0h4_j3LDyNH6AFLbINlaLa-WNXkq38IOww3I4oaW9xrCHC3zjBCL-Uvu9uorxP7CvBFTRJqHNX8bNOeXZjjx2GIIaoMu9xQkrLTC2Rpf1_bMGqJ2ULr220oxWZV-if_hpO5-mYKNiJg
Frame ID: A33A00C86255C708E0F16E84CD20F4E0
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 76084011602F66A7167247A6363CD279
Requests: 26 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=1&3pid=4511887567113342455&gdpr=1&gdpr_consent=
Frame ID: B2342C3E29B408A831B6ED372C1C788F
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Frame ID: 7A168D9F8289244D3A041EE97383003D
Requests: 8 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Frame ID: 8A3CB04F9E0B543E6A3EAE5E89CD9EBB
Requests: 16 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Frame ID: 2C9AE47021359314846852B6A2B6FF1E
Requests: 1 HTTP requests in this frame

Frame: https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: E887B323C11049EC27856397EE8689AD
Requests: 1 HTTP requests in this frame

Frame: https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: C3C67EEF4091B7B0EA242712995031A2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1DDEEE27902DADD833EE5166422C78E2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BF201A774F74EBCDC73214C517244FE8
Requests: 1 HTTP requests in this frame

Frame: https://track.adtruedsp.com/delivery/impression?i=aa9ac0c8e405a655245aee869180b962f2f51a66e84947078807b963ec5e85187eb3cb9d6e3182c38ca45282fb92c12fdb5ca238f8b753fba92304f127a0e049ff337b1c663720b321efd90d6b5640d44ad77ee3882b6f97116c4c3e9e684955b5dd11e03dc69f409d7ba72f6f3ba96fb5c86d82cf29a37fbc6ba8f0980ef36b08c3ce2aafbdbcf3ec974f0db805a74717e56e2469ee9c2ae335dba667c409449beb5c5bc9e2cc15f71da6650bc8bdcb852f95f33cad6ea96e75a11571de85e69ba0d7721ff8980330987933186db8c8dfd4f25e6925a63de549673eee824c6b91bd834a139cb105cd0745ca50992e88bad7b95609b40e7e80adb6079cff5cf1d34869e04ffa17581d294adc984232b60d0dd8da00e3efad067c62779934cac99d99c59c9936a9fd43515715c242fac051f40e8f91919af3dc6ecc7d7a54c132278dbd1fc38b193de6952938d4bd116681b9f657507dbb814587bddfb45eb4d0527fd52419bdf2668e55201e00f7522c218016bd34e039392029141832e66f90&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&domain=themoscowtimes.com&c_id=25327
Frame ID: BEB0EC167DEA517BAD082A6CD8D434BC
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/CC_Display_VoiceVideo_728x90.html
Frame ID: 46685670BB4F36C60145D84AF9C65464
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=C326SbRn5YOOXO8-o7gP96Z6wAaqV5uVj8Jafw9AN0aKb4pcOEAEg1ubFWGCRhICA_BegAfmbtuECyAEJ4AIAqAMByAMIqgSMAk_QmIYAOFZak-lOAPFMWNhB4GdHcc-aa52bPetKJddLeH-NMZKCNU80gJ3Y8C-4zdEaUPWjQgoUpmswebg3sthHsnxSLXLqbGD6VQZkFb34OZ9bBiU0qdgZVfyFTxrDXLfsab0N7Gqfo8ik8eaLV8-XG-lRxrAhvd0-9xq5Hk1mE5GgL-wLt5vmCK6817YWwNMr94e8I9MtwMApan-f9R2j8mc9R6uCDRJk986Q97LQVF9tw8a5Ba3_zrsomZhlUEZuX2ntBPFcu40e2IVJ-QP3v2CwfFEdKSq4r9pVXRH1uhLioEL0R0n3CLWKJmBSRsesIPYE6kPmDao5CxBFHRwa_qSM5w0EVbMQMpfABJXrpp-2A-AEAZIFBAgEGAGSBQQIBRgEoAYugAfv48meAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDExgjSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTg3NjQ4ODM1MzQzNjY4ODeACgPICwHYEwyIFAHQFQGYFgGAFwGyFxoKGAgAEhRwdWItMjEyODc1NzE2NzgxMjY2Mw&sigh=W6FcA1qmAkE&template_id=419
Frame ID: 15ED6F1ED48F9812778F2407B459F64B
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 31CE1BBF9B1A120EAECB7520FFEBEF64
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D324E91FDEB1A6A9A334D465BFF672C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY3czZlQEwAQ&v=APEucNWYmmOYh2vcCAbAExMf1OPnwG9YwlEh8L9eq89h3jAve_8TiPiDggif0rOl6gFKpM1TYJsHgjQw1MBKC_UnVR0-JGYYanvv9LVa2oIHa5oVirCynB81XrjzLyXAuAwuXFxvcxmejAneAq0ueJJ0cSr6QYwHZQM7Rfx-FAwrrAqwQHn6CSs
Frame ID: EC62E4A2E0B4B1653E57EF852ABE9832
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7ED8BDBA02F6A2E1B9C47C847ACCFE75
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8B234D8D16D9656E417D29AF3C4111DF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 60562240CD6E3A8729BC6833DCB74E50
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Frame ID: FDE0F64EBF2A3FC54B25B5372CB803CF
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Frame ID: 31C3820D710933C6454363B1F585E5AA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: CAA55B6C9BC4258A9DA440A61B1FF37D
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=05b960f9-196e-4400-b728-b9fce4eafa30&gdpr=1&gdpr_consent=
Frame ID: 6F2A198B35B3C996FCEF9AAE452676F4
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YPkZcAAC1ozDQABg
Frame ID: 9E219AF407F3E9CDED7356B0DD7780F8
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xOTNhOGY2Ny01NGM5LTQ3ZmItYjhkYi1lNWQxOGNlMjVmZTE=&gdpr=1&gdpr_consent=
Frame ID: 21E5F97D0E674C1F2EF26993391F6499
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Frame ID: 951DF09EB8CA9CFB47F2358C95C587CB
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: BDBFDE2C8AC139A3182A8E633DEAA3EE
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YPkZfsCo5soAAM0M1boAAAAA
Frame ID: CAC851E5A07E2C41174ED0B3AB4C09B2
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=1870471596879379729
Frame ID: 89B48C807BD75154E90202A4D49A2DF9
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=MNFi2M4LtkapmZKGXJzj&pi=gumgum
Frame ID: 5782CCEA9D144D5358B95F662EDA16DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 31B4254A22633F66603741204B381501
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/4470817/1623242751524/index.html
Frame ID: 0E9E537EB61D1D57813AA798E3EDE679
Requests: 21 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 49452CC1EB0E3F3A4712CEA29A2CCDD3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6710623F1A8009F6734AC533B4BCFA5A
Requests: 3 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: A6772910056CAE5A86CD3420C9089028
Requests: 3 HTTP requests in this frame

Frame: https://cdn.adtrue.com/rtb/passback.js
Frame ID: 2017B57B37397E979772D6913961AC3F
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.themoscowtimes.com
Frame ID: 4E7E021FEC3867FD2BC019ED6788BA9B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.themoscowtimes.com
Frame ID: 667BE14E604688E7529A8FDE790A523D
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6
Frame ID: AABC39FE3572C67A4CDE98B7560DE17C
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB0IE7B8jMAADcKfo2eqA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: B2D93184DF80DC348362F70C22A7FD82
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 105EE9F41408023FBF1EDAA4064567BA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Frame ID: F5BF69E94B3ABC4B9475578720C73BA3
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=1&gdpr_consent=
Frame ID: 668AE064137667CBF46054AA0CD21C0E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=1&gdpr_consent=
Frame ID: 3C685393ED3513A392636C1BBE6D80DB
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/noop?ct=image%2Fgif
Frame ID: 5A74CEE6075877CEBEB0FDFC6AC9787C
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 56C095AF41C8BC8E91AE55DD8632ACA7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=720384d4-d4e4-4f38-9e87-cc6344de5291
Frame ID: 6E9A36665C677254C99CC5A933EC62B9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Dt2PdUBwSPRofFGXN3eb5Z8wNz8
Frame ID: F027EE8D16BE104933C07D5D41436B51
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UcERfDds1M6sOS5&gdpr=1&gdpr_consent=
Frame ID: 0DDBF82FF8BB42B2264A0E5D8D7611F0
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/merge?pid=58&3pid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6
Frame ID: A55EB91C4397690D0B74E3F599F9EE2F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Frame ID: C61C73D417D106B2BC025C53C2985F98
Requests: 22 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Frame ID: 7A820A22AC8F7E67C26DA74A790A6314
Requests: 22 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Frame ID: 98C5A7633E108FC65BA54AC81CB16240
Requests: 22 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 1A4C4A093D81B1BF71043B6D1EDB2F88
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 09935839568944CC1E68335FD7095886
Requests: 7 HTTP requests in this frame

Frame: https://ums.acuityplatform.com/tum?umid=6
Frame ID: A732E11BE4A4B88ACB4FC442CCF7FBAC
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 26C361F2E88707873ECEBDA3668D6DD7
Requests: 1 HTTP requests in this frame

Frame: https://sync.dmp.kubient.net/match/pubmatic?consent=&gdpr=
Frame ID: 52E026466C5E6080C93CE4DCA530C345
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=obOL_fUPD02bBG3ydhn5YA
Frame ID: 942AEE9837F2ED69B4226902421EC237
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: DB85164829DA665C1C1A108EFFDB59FB
Requests: 1 HTTP requests in this frame

Frame: https://jadserve.postrelease.com/suid/101790?vk=${PUBMATIC_UID}&ntv_r=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjUmdGw9MTI5NjAw&piggybackCookie=NTV_USER_ID
Frame ID: 7A86FCA9EED7DDCFE85D6EDEA072D9F0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=6YbkqIXhpJXe&pid=557219
Frame ID: A982A18CBA24C39C3AC99E0A7E20DE4D
Requests: 1 HTTP requests in this frame

Frame: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Frame ID: B207D505BD8A095F3A5D8D8841D57C26
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F27B8664615F43BF999E7F597B6068FB
Frame ID: 18BC182B755298587FD625F20076A4BC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 674BB862EBB74FF4DFC55CDC5A12671B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A6C15B689A1E53DD0D1914381371839A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

633
Requests

98 %
HTTPS

29 %
IPv6

110
Domains

181
Subdomains

124
IPs

11
Countries

8593 kB
Transfer

17954 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 218
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=a7614e7bcdf0eedd8e91233c/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=a7614e7bcdf0eedd8e91233c/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=5e429828c691e81e20c3012106c53070&gdpr=1&gdpr_consent=
Request Chain 232
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=MNFi2M4LtkapmZKGXJzj&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Request Chain 233
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Request Chain 236
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAB0IE7B8jMAADcKfo2eqA&gdpr=1
Request Chain 237
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Request Chain 238
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a7614e7bcdf0eedd8e91233c&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:5110a8311c0697a7160cda10a4039983
Request Chain 239
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YWU4ZDZkZGU4NDIwZTk0ODg4ZTI3MTU3&gdpr=1
Request Chain 240
  • https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
Request Chain 241
  • https://um.simpli.fi/lj_match?r=1626937710291&gdpr=1&gdpr_consent= HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 242
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Request Chain 243
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=1870471596879379729
Request Chain 244
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YWU4ZDZkZGU4NDIwZTk0ODg4ZTI3MTU3&gdpr=1 HTTP 302
  • https://ap.lijit.com/dsp/google/reporting?gdpr=1
Request Chain 245
  • https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent= HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6802241101764390927&ref=%2Feucm%2Fp%2Fsv HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 247
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=87&3pid=f9433a83-181d-40ba-b28d-5d437a6691d2
Request Chain 248
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=49&3pid=SoBoVed4Debs&ev=1&pid=558511&gdpr_consent=&gdpr=1
Request Chain 249
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=8Dinavcx9zXrPPQ2_zjsMPcw8mfrO_Jj9TimzMu9
Request Chain 251
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=a7614e7bcdf0eedd8e91233c&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=3&3pid=160260f9-196e-4e00-8100-cd03167c1cd2&gdpr=1&gdpr_consent=
Request Chain 253
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=1&3pid=4511887567113342455&gdpr=1&gdpr_consent=
Request Chain 254
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrcLr_6gMc0_z8gUrXJ6ms&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrcLr_6gMc0_z8gUrXJ6ms&google_cver=1&C=1
Request Chain 280
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPkZb58refuy92rPeEBxDQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrcLr_6gMc0_z8gUrXJ6ms&google_cver=1
Request Chain 281
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPSseXGzCb8q7bRygAbVAvg&google_cver=1
Request Chain 282
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzNzY2NDg5MDY1MTQzOTA1Nw%3D%3D
Request Chain 309
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b88e60f9-196e-4700-8a0b-e8ed8f33e4d8
Request Chain 310
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=vbAWMLq5Rm-mtEY57-RdOLuwSTym5RI96uIncjY0
Request Chain 311
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=286919147265762957
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPGo0Hyqz6NhW2RlZB5_Jjo&google_cver=1
Request Chain 322
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=4237664890651439057
Request Chain 325
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1&gdpr=1&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Request Chain 326
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 327
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=0eZ20hsQWdE6&ev=1&pid=558355
Request Chain 328
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28bn4CWn7FMgVF6c6lx2bBCB809gNCa-_M0HIXPjWOwtBhsC9SBouGOX6y6Ea00NuX%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28bn4CWn7FMgVF6c6lx2bBCB809gNCa-_M0HIXPjWOwtBhsC9SBouGOX6y6Ea00NuX%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1&obuid=ENC(bn4CWn7FMgVF6c6lx2bBCB809gNCa-_M0HIXPjWOwtBhsC9SBouGOX6y6Ea00NuX) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24%7BUID%7D%26obUid%3Dbn4CWn7FMgVF6c6lx2bBCB809gNCa-_M0HIXPjWOwtBhsC9SBouGOX6y6Ea00NuX%0A%0A
Request Chain 329
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=e458ef1a-a85b-0555-1f8c-f3fb3382be39
Request Chain 330
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-08mGCX5E2pcC2M4gx_sufEElwFFb_ZRzJ.KL~A
Request Chain 331
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=a8147900-eabb-11eb-9cc7-0d125e564534
Request Chain 334
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=d138651a-a164-465b-83c3-95e7b5161e4d
Request Chain 335
  • https://ssbsync.smartadserver.com/api/sync?callerId=15 HTTP 302
  • https://rtb.gumgum.com/usersync?b=sad&i=891245554246134967&gdpr=1&gdpr_consent=
Request Chain 339
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 340
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=05b960f9-196e-4400-b728-b9fce4eafa30&gdpr=1&gdpr_consent=
Request Chain 341
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YPkZcAAC1ozDQABg
Request Chain 345
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YPkZfsCo5soAAM0M1boAAAAA
Request Chain 346
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=1870471596879379729
Request Chain 347
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=MNFi2M4LtkapmZKGXJzj&pi=gumgum
Request Chain 351
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themoscowtimes.com%2F&domain=likevertising.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Sjeq_3xnRmp2QVBzZHJXUlFvY1JvU0Y2VFA3dGswZ0p0R2xLaHNNOXlZU2RZdk5pNm1GcTBOQW55OGwzTTNBc1JIeERFZWhCTlA3cXhYZEgzWkdIUk9ObmxWUk04SVNOaGJBcjFlZWRxUCtYSkZKR3k3S0xhY1hSL29sZEI1ZjJaZ2lRdXNGdEpkcDN1VWdQdmxDS2U0eno4RnF6UTNKWHFLeUVKVWtzM0RBZVpEeEVCZ0NWQllZVUYwSnIwL3NQUUxURTVLNVRNNENTSnVYU05udkw3OCtmejdJVnVUSHVFb01FcWMrZUNObzc5Zk4zYlZyZkdpc1RLMVdpK0N2bmVoekZkfA&cppv=2
Request Chain 365
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themoscowtimes.com%2F&domain=likevertising.com&cw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=u4vMnnw5QmJtaXFXUWZVbkY5Z0JOQ1hlRDAzOG9UTHg1V2szZFI3eTgrbldTZjQyRFNTamxoNWxFd3BiZkI4clVtQ1hLNWNwNVNKazcxTEQvQkJoT2hzNVF5L2RybDZRRnJZT2MyeVFFS2hLYndid3NvNkw3c0tlcHZIMFBUZWo5T0taT1c1Q3dnYlQwYm4vL1ZUaVpVQjdEemJFZ0tYQ1pMSWNQTVNWck5RQUhWYmZJZk5WWHgwMnhDTGk2WUI0V3lrbjFkRlczNm0zd1Z3czlHcXgweTRBYjIreHdKRVhwaUpUS1hLVDhsTlZLczZnb0tNb2xueUp6YkhCUkdFSEtpc0h3fA&cppv=2
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPGo0Hyqz6NhW2RlZB5_Jjo&google_cver=1
Request Chain 370
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2YwYTk4YTAtNDkzOS02M2E3LTZkMTctYjlhZjMxMzA3MTFm
Request Chain 371
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOfHnGQf8r2MjZ8eW1ZG8ug&google_cver=1
Request Chain 385
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 386
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOroudG8awVUBnAywSqXMjI&google_cver=1&google_push=AYg5qPKmAPkgtbv_Bl7R23DBvPQ8vDq37uooz-_V7rWKyT92j_Sto2sAANAf237twJzuQEh4TWj5dD5Tvl_sQD6G8n4ucOF0WCjY HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOroudG8awVUBnAywSqXMjI&google_cver=1&google_push=AYg5qPKmAPkgtbv_Bl7R23DBvPQ8vDq37uooz-_V7rWKyT92j_Sto2sAANAf237twJzuQEh4TWj5dD5Tvl_sQD6G8n4ucOF0WCjY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NEtoN05DQWUxTTZzT1M1&google_gid=CAESEOroudG8awVUBnAywSqXMjI&google_cver=1&google_push=AYg5qPKmAPkgtbv_Bl7R23DBvPQ8vDq37uooz-_V7rWKyT92j_Sto2sAANAf237twJzuQEh4TWj5dD5Tvl_sQD6G8n4ucOF0WCjY
Request Chain 387
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKTxkLLyA3D61v9oPQyYtEM&google_cver=1&google_push=AYg5qPKjljGWrZotphSwdhPV6Wf3fS0T7ZlFXX--vT0D2p1K8YmEVsLOHXbpZI5TB0O2R5br3UF4m8nKG4R0OrD8XVzQg586Q0SD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKjljGWrZotphSwdhPV6Wf3fS0T7ZlFXX--vT0D2p1K8YmEVsLOHXbpZI5TB0O2R5br3UF4m8nKG4R0OrD8XVzQg586Q0SD
Request Chain 388
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENaCyrJpTQ_DFU7Od7aLN2E&google_cver=1&google_push=AYg5qPK86pQC4dpc6J1ErBm7HXb8ErgJhRZhxEaWg5yvKogLsQSU-NDGNdMawLi99BouzMNUUi7ffKJVKYwo8fE9FQLj_NoZUYtS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENaCyrJpTQ_DFU7Od7aLN2E&google_push=AYg5qPK86pQC4dpc6J1ErBm7HXb8ErgJhRZhxEaWg5yvKogLsQSU-NDGNdMawLi99BouzMNUUi7ffKJVKYwo8fE9FQLj_NoZUYtS
Request Chain 389
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEH6IjVsPKiI64bR3hWqqTcs&google_cver=1&google_push=AYg5qPKg4BWUUWE2FD7bFvJIV1dghMU6MHj5hfx4brmwsyM1JJ-AyIX2D-gRQz7qKja5jMGeYJgM-J8-eSH5369Wz4H3-_nmaLPi HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEH6IjVsPKiI64bR3hWqqTcs&google_cver=1&google_push=AYg5qPKg4BWUUWE2FD7bFvJIV1dghMU6MHj5hfx4brmwsyM1JJ-AyIX2D-gRQz7qKja5jMGeYJgM-J8-eSH5369Wz4H3-_nmaLPi HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=KadYnQLSRuKxf5YmkAp8zWD5GXE
Request Chain 390
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFl09iTxGI637ihWgGZWMMQ&google_cver=1&google_push=AYg5qPI75kCNGqHZ-0MypgrtTS0cNau56fe4xtKKqGWmOP4kAYeeFo4n8LTNoU4o9l0QjSHQKvuRFtUfksFPmgUzMt-vmnL5be65 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NzY0NDI2NTY3ODMwNTQyMw%3D%3D&google_push=AYg5qPI75kCNGqHZ-0MypgrtTS0cNau56fe4xtKKqGWmOP4kAYeeFo4n8LTNoU4o9l0QjSHQKvuRFtUfksFPmgUzMt-vmnL5be65
Request Chain 391
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIYt2K3XwdxxfvBF4vW-c54&google_cver=1&google_push=AYg5qPJof14lVBlCFIzTYc3J4-8ddrh9kjB5OaFTXO_pRuv-1H9ziury2bIgSAHsWGYOp8Dxu_KNvWm05eiwUPXcNSMnuqsKS1DN HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIYt2K3XwdxxfvBF4vW-c54&google_cver=1&google_push=AYg5qPJof14lVBlCFIzTYc3J4-8ddrh9kjB5OaFTXO_pRuv-1H9ziury2bIgSAHsWGYOp8Dxu_KNvWm05eiwUPXcNSMnuqsKS1DN HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=f435ba45-2d6f-4e1d-aa81-d80af7752577 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=f435ba45-2d6f-4e1d-aa81-d80af7752577 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=8406805f-176e-4342-a99e-e0b8938e08ab&ssp=google&expires=30&user_group=5&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJof14lVBlCFIzTYc3J4-8ddrh9kjB5OaFTXO_pRuv-1H9ziury2bIgSAHsWGYOp8Dxu_KNvWm05eiwUPXcNSMnuqsKS1DN&google_hm=9DW6RS1vTh2qgdgK93Uldw==
Request Chain 392
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKeQzKqtGGfUwXDt8Fsi5dQ&google_cver=1&google_push=AYg5qPIDY01nj9TZtfljJK-wXFZTrMB_bKnAcrtsBRDJYiHVIAe-2WtfT2VgADXZaVSohcxGPJQ_jMbFWtJCrIClS6S8CXNJSaOH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIDY01nj9TZtfljJK-wXFZTrMB_bKnAcrtsBRDJYiHVIAe-2WtfT2VgADXZaVSohcxGPJQ_jMbFWtJCrIClS6S8CXNJSaOH&google_hm=MjYyOTUxNDQ2MzU2NDA0OTYyOQ%3D%3D
Request Chain 431
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25811397.302180065;dc_trk_aid=494966431;dc_trk_cid=149894632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=likevertising.com HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25811397.302180065;dc_pre=CPmnxaqP9vECFcjuuwgdgosAug;dc_trk_aid=494966431;dc_trk_cid=149894632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=likevertising.com
Request Chain 439
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=1&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCMElFN0I4ak1BQURjS2ZvMmVxQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB0IE7B8jMAADcKfo2eqA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAB0IE7B8jMAADcKfo2eqA&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB0IE7B8jMAADcKfo2eqA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 441
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Request Chain 444
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 445
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 446
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=F27B8664615F43BF999E7F597B6068FB HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=720384d4-d4e4-4f38-9e87-cc6344de5291
Request Chain 447
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Dt2PdUBwSPRofFGXN3eb5Z8wNz8
Request Chain 448
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=1&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UcERfDds1M6sOS5&gdpr=1&gdpr_consent=
Request Chain 450
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KoMbjQnSRMeewIRttxFqxg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 452
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=160260f9-196e-4e00-8100-cd03167c1cd2
Request Chain 453
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkE4MzFCOEQtMDlEMi00NEM3LTlFQzAtODQ2REI3MTE2QUM2&gdpr=1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=
Request Chain 454
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=CAESECSJWbZH-GJNdOi2IeQd7dU&google_cver=1
Request Chain 456
  • https://ad.turn.com/r/cs?pid=1&gdpr=1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4511887567113342455&gdpr=1&gdpr_consent=&us_privacy=
Request Chain 457
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPkZcAAC1p7DQQBg&gdpr=1&gdpr_consent=
Request Chain 459
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:160260f9-196e-4e00-8100-cd03167c1cd2&gdpr=1&gdpr_consent=
Request Chain 465
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a8247e8d-eabb-11eb-af53-a315fb130a7e&gdpr=1&gdpr_consent=
Request Chain 466
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=1&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL
Request Chain 467
  • https://pmp.mxptint.net/sn.ashx?&gdpr=1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_E09B4408_29746F646&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 468
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent= HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c23c2fdd-51af-4fb8-a205-acff8724f6f6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 470
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1
Request Chain 472
  • https://sync.resetdigital.co:10001/csync/pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000072535A0105
Request Chain 505
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4237664890651439057
Request Chain 506
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4237664890651439057
Request Chain 507
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4237664890651439057
Request Chain 516
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dq1ycPjOvwMe&ev=1&orig=trc&pid=562107
Request Chain 517
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4237664890651439057&orig=trc
Request Chain 518
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOTlxgvCObJjQzCME6xkOxQ&google_cver=1
Request Chain 519
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef:$UID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 520
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=dbf2263e-8210-4bfa-a619-fecfa99695b6-tuct7f29ef3
Request Chain 521
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b7fca496-5068-448b-a600-11c53c66350d
Request Chain 526
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
Request Chain 527
  • https://id5-sync.com/s/464/9.gif?puid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/464/464/7/1.gif?puid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOWotCl4O5jvV34CxV8t4WycNuevCh8B0-82gI6Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOWotCl4O5jvV34CxV8t4WycNuevCh8B0-82gI6Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=e3ea1f8d-0d83-4a2b-853f-d89386782304&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEJbbsecCytUybC6Rv6UZzc8&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEJbbsecCytUybC6Rv6UZzc8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4237664890651439057&opid=apx&ops=&utidl=tech:goo:CAESEJbbsecCytUybC6Rv6UZzc8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19243071581&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/4/4.gif?puid=5e429828c691e81e20c3012106c53070&gdpr=1&gdpr_consent=
Request Chain 528
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=MQtYelbdBnSIEGXechn5YA
Request Chain 530
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=taboola&bsw_custom_parameter=f435ba45-2d6f-4e1d-aa81-d80af7752577 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkc44a58f8-c759-4799-b984-9ef446a625b2&expires=7&user_group=5&ssp=taboola&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=257&user_id=mkc44a58f8-c759-4799-b984-9ef446a625b2&expires=7&user_group=5&ssp=taboola&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6c4a472d-8b2e-4b0e-97ba-7abe8e648681
Request Chain 531
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3Df9433a83-181d-40ba-b28d-5d437a6691d2&isDirect=0
Request Chain 533
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=044caa9d-9c00-51cb-baf6-142ada0f0d58
Request Chain 535
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=ebeXoWsASoinoXTbumRp0Q&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef%26ui%3DebeXoWsASoinoXTbumRp0Q HTTP 302
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&ui=ebeXoWsASoinoXTbumRp0Q
Request Chain 536
  • https://eb2.3lift.com/xuid?mid=7772&xuid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Request Chain 549
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=hvMJc7DwNtKA&ev=1&orig=trc&pid=562107
Request Chain 550
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4237664890651439057&orig=trc
Request Chain 551
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2
Request Chain 552
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
Request Chain 553
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=rKpiONo-Djm_h7ZUchn5YA
Request Chain 555
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=f435ba45-2d6f-4e1d-aa81-d80af7752577
Request Chain 556
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3Df9433a83-181d-40ba-b28d-5d437a6691d2&isDirect=0
Request Chain 557
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f6a07e9a-066a-51cb-9e23-cd3ffedad44d
Request Chain 559
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOTlxgvCObJjQzCME6xkOxQ&google_cver=1
Request Chain 561
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b7fca496-5068-448b-a600-11c53c66350d
Request Chain 566
  • https://id5-sync.com/s/464/9.gif?puid=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOWotCl4O5jvV34CxV8t4WycNuevCh8B0-82gI6Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOWotCl4O5jvV34CxV8t4WycNuevCh8B0-82gI6Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=e3ea1f8d-0d83-4a2b-853f-d89386782304&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEJbbsecCytUybC6Rv6UZzc8&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEJbbsecCytUybC6Rv6UZzc8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4237664890651439057&opid=apx&ops=&utidl=tech:goo:CAESEJbbsecCytUybC6Rv6UZzc8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19243071581&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/464/19/4/4.gif?puid=5e429828c691e81e20c3012106c53070&gdpr=1&gdpr_consent=
Request Chain 568
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=4IoUgYNHSnm5HvjFThJpNA&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0%26ui%3D4IoUgYNHSnm5HvjFThJpNA HTTP 302
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&ui=4IoUgYNHSnm5HvjFThJpNA
Request Chain 569
  • https://eb2.3lift.com/xuid?mid=7772&xuid=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Request Chain 574
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=kHvRZRuMwb6j&ev=1&orig=trc&pid=562107
Request Chain 575
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc HTTP 302
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4237664890651439057&orig=trc
Request Chain 576
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2
Request Chain 577
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
Request Chain 578
  • https://s.c.appier.net/taboola HTTP 302
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YYofZ4xkDZOu4V7rchn5YA
Request Chain 580
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=taboola&bsw_custom_parameter=f435ba45-2d6f-4e1d-aa81-d80af7752577 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkcc1cfe3f-09c7-44ec-9175-8d2541f35269&expires=7&user_group=5&ssp=taboola&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=257&user_id=mkcc1cfe3f-09c7-44ec-9175-8d2541f35269&expires=7&user_group=5&ssp=taboola&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577 HTTP 302
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6c4a472d-8b2e-4b0e-97ba-7abe8e648681
Request Chain 581
  • https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2 HTTP 302
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3Df9433a83-181d-40ba-b28d-5d437a6691d2&isDirect=0
Request Chain 582
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f6a07e9a-066a-51cb-9e23-cd3ffedad44d
Request Chain 584
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOTlxgvCObJjQzCME6xkOxQ&google_cver=1
Request Chain 586
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b7fca496-5068-448b-a600-11c53c66350d
Request Chain 591
  • https://id5-sync.com/s/464/9.gif?puid=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOWotCl4O5jvV34CxV8t4WycNuevCh8B0-82gI6Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOWotCl4O5jvV34CxV8t4WycNuevCh8B0-82gI6Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=e3ea1f8d-0d83-4a2b-853f-d89386782304&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEJbbsecCytUybC6Rv6UZzc8&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEJbbsecCytUybC6Rv6UZzc8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4237664890651439057&opid=apx&ops=&utidl=tech:goo:CAESEJbbsecCytUybC6Rv6UZzc8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19243071581&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
Request Chain 593
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=HncLd3B_Q_m24GAMZ10wRw&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3Df7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0%26ui%3DHncLd3B_Q_m24GAMZ10wRw HTTP 302
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&ui=HncLd3B_Q_m24GAMZ10wRw
Request Chain 594
  • https://eb2.3lift.com/xuid?mid=7772&xuid=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&dongle=tbla HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Request Chain 602
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 604
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=obOL_fUPD02bBG3ydhn5YA
Request Chain 605
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 607
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=6YbkqIXhpJXe&pid=557219
Request Chain 608
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID} HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Request Chain 609
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F27B8664615F43BF999E7F597B6068FB
Request Chain 610
  • https://pixel.onaudience.com/?partner=214&mapped=2A831B8D-09D2-44C7-9EC0-846DB7116AC6 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4ead82c08ff8ca1c3ff8903fbfa060e1
Request Chain 611
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6&addseg=17
Request Chain 613
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:2A831B8D-09D2-44C7-9EC0-846DB7116AC6 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=a3796d00-eabb-11eb-a833-0aa6849ebafd&companyId=673&id=pubmatic_id:2A831B8D-09D2-44C7-9EC0-846DB7116AC6

633 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.themoscowtimes.com/ 		93 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.215.189.12 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host880.procolix.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
ac1e2a8bbd108d79f6df82f70a28a7fbf34cbbf17aa54c962c52861e8fea05d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Request headers

Host
www.themoscowtimes.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Server
Apache/2.4.25 (Debian)
Strict-Transport-Security
max-age=15552000
X-Frame-Options
SAMEORIGIN
Cache-Control
no-cache, private
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
15998
Connection
close
Content-Type
text/html; charset=UTF-8
main.css
static.themoscowtimes.com/css/ 		188 KB
188 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/css/main.css?v=29
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
15fe9a93ff99b6cde710739566662390ed76fb516dd24b0c4ff274a7e80b4ff8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Wed, 14 Jul 2021 17:31:21 GMT
Server
nginx/1.10.3
ETag
"60ef1f69-2effb"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
text/css
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
192507
X-Content-Type-Options
nosniff
tag.min.js
get.s-onetag.com/de8d3c3f-602a-4921-94f6-6c06fb8d9728/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/de8d3c3f-602a-4921-94f6-6c06fb8d9728/tag.min.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f6c910971dd5b42c99835ff5e3d6dcdba3eb9735368bfbefdeeab88c45d5abc

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
1SkQP0orxGbWmBZos0.OQF658a_AEtgy
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 11:48:08 GMT
server
AmazonS3
age
7888
etag
W/"5e568e0b6202c88bdf9b2d5ec871ffe4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 22 Jul 2021 04:57:36 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
7OzpBUnapm4ht36GrIlxL08NLZNnVz5qTQB1lkxq_RZM6VXX7X8pOQ==
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:28 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
586
etag
W/"96fc99e13be87550fcfc4474d30d43d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
672ad685fb9e2bca-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Sun, 25 Jul 2021 07:08:28 GMT
gpt.js
www.googletagservices.com/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b2ce8cd899350a862463d395abc7d4a4e1825ed816e40ffd0cd3d5b65cc40d90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"937 / 173 of 1000 / last-modified: 1626905394"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24868
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:28 GMT
logo_1280.png
static.themoscowtimes.com/img/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/img/logo_1280.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
236ddfb4c7ba17cb430dd68df496bb75143ccfc0a178367056b35605ef0160a0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Wed, 14 Jul 2021 17:31:21 GMT
Server
nginx/1.10.3
ETag
"60ef1f69-d003"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/png
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
53251
X-Content-Type-Options
nosniff
37708F51-6A66-4A70-88BB-F2303CFF6126.jpg
static.themoscowtimes.com/image/article_1360/25/ 		226 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_1360/25/37708F51-6A66-4A70-88BB-F2303CFF6126.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
ab429e4f6e702e0b12a60d49043d17762b3b9bd4531b38e681b0a744a9ead753
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Wed, 21 Jul 2021 19:39:00 GMT
Server
nginx/1.10.3
ETag
"60f877d4-38668"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
231016
X-Content-Type-Options
nosniff
TechCrunch_Disrupt_Europe_Berlin_2013_10537067163.jpg
static.themoscowtimes.com/image/article_640/9c/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/9c/TechCrunch_Disrupt_Europe_Berlin_2013_10537067163.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
f630dae15f0a9a6eba59a56002b2c3e44def47a0389b8b8a1a0734c1f105a1d5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Wed, 21 Jul 2021 14:42:44 GMT
Server
nginx/1.10.3
ETag
"60f83264-3b9a"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
15258
X-Content-Type-Options
nosniff
slozhnaya-lesopozharnaya-obstanovka-sohranyaetsya-v-13-ti-rayonah-yakutii_1626568038778963157__2000x2000__watermark.jpg
static.themoscowtimes.com/image/article_640/41/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/41/slozhnaya-lesopozharnaya-obstanovka-sohranyaetsya-v-13-ti-rayonah-yakutii_1626568038778963157__2000x2000__watermark.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
171b30090a50daafa0dcfdd76e78898e29a776f0134b90d264f6f24848efba9f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Wed, 21 Jul 2021 08:03:32 GMT
Server
nginx/1.10.3
ETag
"60f7d4d4-42fa"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
17146
X-Content-Type-Options
nosniff
TASS_46803748.jpg
static.themoscowtimes.com/image/article_640/df/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/df/TASS_46803748.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
35d7512a41e8773da9d0e75a7c792b2bab3d5af242eace907227a97290e0a5cd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Mon, 12 Jul 2021 06:09:36 GMT
Server
nginx/1.10.3
ETag
"60ebdca0-6c35"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
27701
X-Content-Type-Options
nosniff
mtteam-2.jpg
static.themoscowtimes.com/image/1360/57/ 		251 KB
252 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/1360/57/mtteam-2.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
6234a39dcd62bc491dd5783b62b01645cc6c40462e04f5cdf2c938d7bd3a72bc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 27 Nov 2020 13:22:58 GMT
Server
nginx/1.10.3
ETag
"5fc0fdb2-3eccd"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
257229
X-Content-Type-Options
nosniff
b12eba308f6b4ba8aff80c96601d5ee6.jpg
static.themoscowtimes.com/image/640/91/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/640/91/b12eba308f6b4ba8aff80c96601d5ee6.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
c42c33a6261de03b67177736276f491023560fba20a88a4873df07efaba0c074
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Wed, 20 Mar 2019 14:01:29 GMT
Server
nginx/1.10.3
ETag
"5c9247b9-1944f"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
103503
X-Content-Type-Options
nosniff
A84FF9EB-F671-4309-A624-F62FCF1096EE.jpeg
static.themoscowtimes.com/image/article_640/6e/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/6e/A84FF9EB-F671-4309-A624-F62FCF1096EE.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
218185e16ac494150ee145a101be6a0916aae1e4516b5d1b136338e1e42f2f73
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Mon, 05 Jul 2021 10:07:32 GMT
Server
nginx/1.10.3
ETag
"60e2d9e4-7468"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
29800
X-Content-Type-Options
nosniff
guyanasheikh.jpeg
static.themoscowtimes.com/image/article_640/3a/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/3a/guyanasheikh.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
f5aa0bae032c4c3eb71cea7f66989d1e8924c593b673199c2a7c89947461e3b4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 09 Jul 2021 08:01:08 GMT
Server
nginx/1.10.3
ETag
"60e80244-4e6f"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
20079
X-Content-Type-Options
nosniff
94324F64-D9FE-4725-97AF-8DB84F7641CE.jpeg
static.themoscowtimes.com/image/article_1360/59/ 		202 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_1360/59/94324F64-D9FE-4725-97AF-8DB84F7641CE.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
9774f5dd879a2d3385f46ed34e95c91a9c301239dc47e4c085db6c199d507fba
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Wed, 30 Jun 2021 11:25:52 GMT
Server
nginx/1.10.3
ETag
"60dc54c0-3267c"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
206460
X-Content-Type-Options
nosniff
TASS_30093819.jpg
static.themoscowtimes.com/image/article_640/44/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/44/TASS_30093819.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
ca6b73e36406f5b70cfd1c0e98478ce885c72adf41f5166e6d00f97a76bf3156
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Wed, 21 Jul 2021 08:39:37 GMT
Server
nginx/1.10.3
ETag
"60f7dd49-5360"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
21344
X-Content-Type-Options
nosniff
Screenshot2021-07-19at132226.png
static.themoscowtimes.com/image/article_640/b5/ 		294 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/b5/Screenshot2021-07-19at132226.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
bd18b2f4349c00bc2cd8c034aa828731854ec12d633715efd17fc77f451b619e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Jul 2021 10:24:57 GMT
Server
nginx/1.10.3
ETag
"60f552f9-49960"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/png
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
301408
X-Content-Type-Options
nosniff
561526-2.jpg
static.themoscowtimes.com/image/article_640/a2/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/a2/561526-2.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
a351dbfb6f2f3cebb089ead9ac6b2e53a9ec87068a197ce7d52dddeacb21ac05
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Jul 2021 11:47:21 GMT
Server
nginx/1.10.3
ETag
"60f56649-366c"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
13932
X-Content-Type-Options
nosniff
TASS_4138595.jpg
static.themoscowtimes.com/image/article_640/4c/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/4c/TASS_4138595.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
a3813c9c6054aa37df0101c0fe525e8806b8e402182dba8c99a9dfcceda597eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 16 Jul 2021 15:09:42 GMT
Server
nginx/1.10.3
ETag
"60f1a136-48ac"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
18604
X-Content-Type-Options
nosniff
123-11.jpeg
static.themoscowtimes.com/image/article_640/20/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/20/123-11.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
38aa4b1475a1b116166adefc4741bef9c78bfcd1ebb1ee1d12ec71451c61941e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 16 Jul 2021 09:19:34 GMT
Server
nginx/1.10.3
ETag
"60f14f26-49ba"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
18874
X-Content-Type-Options
nosniff
95EB3312-B2AC-406C-A7EA-00B8D98DE04B.jpeg
static.themoscowtimes.com/image/article_1360/08/ 		446 KB
446 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_1360/08/95EB3312-B2AC-406C-A7EA-00B8D98DE04B.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
e48c854e6018cf52dc7fbeec9f9b4b45b0b6efa57abe21ae4b3109d65c502042
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 14 May 2021 09:49:54 GMT
Server
nginx/1.10.3
ETag
"609e47c2-6f64c"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
456268
X-Content-Type-Options
nosniff
TASS_46951131.jpg
static.themoscowtimes.com/image/article_640/17/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/17/TASS_46951131.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
ca39e0194b669df0158d736838e13f2061ec04e3bc8e5d2b824dd99990cd3db9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Wed, 21 Jul 2021 10:27:41 GMT
Server
nginx/1.10.3
ETag
"60f7f69d-6333"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
25395
X-Content-Type-Options
nosniff
3482206830_80a963c48c_k2222.jpg
static.themoscowtimes.com/image/article_640/43/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/43/3482206830_80a963c48c_k2222.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
10519068aa50edc0f5e7756949df5ae21fb6c307d8ff1e556c8d6788ae3608a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 16 Jul 2021 15:03:50 GMT
Server
nginx/1.10.3
ETag
"60f19fd6-71e5"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
29157
X-Content-Type-Options
nosniff
DCE08DBC-7269-4468-81AC-952CBC572DBD.jpeg
static.themoscowtimes.com/image/article_640/d6/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/d6/DCE08DBC-7269-4468-81AC-952CBC572DBD.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
1f3c4d8d12dc9a6aa89f42c4842379d6e6ae583728bd57a559b0443536719ad9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Thu, 15 Jul 2021 09:45:55 GMT
Server
nginx/1.10.3
ETag
"60f003d3-742a"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
29738
X-Content-Type-Options
nosniff
123-10.jpeg
static.themoscowtimes.com/image/article_640/20/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/20/123-10.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
d8de34d4bc18a6d5c9c4e9f4ee3e4e5146bd6e7f2becb67994035d9f9748bddb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Mon, 12 Jul 2021 10:05:16 GMT
Server
nginx/1.10.3
ETag
"60ec13dc-6f41"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
28481
X-Content-Type-Options
nosniff
pig-2671628_1920.jpg
static.themoscowtimes.com/image/article_640/68/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/68/pig-2671628_1920.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
7131e8c212605a563a50ba916ae957382ebacb97d634b0c82aac54a065447bcb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Thu, 15 Jul 2021 12:54:09 GMT
Server
nginx/1.10.3
ETag
"60f02ff1-541d"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
21533
X-Content-Type-Options
nosniff
06E5C940-E81F-4E0F-9EC4-479E387E160E.jpeg
static.themoscowtimes.com/image/article_640/3c/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/3c/06E5C940-E81F-4E0F-9EC4-479E387E160E.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
3d582344b18c01128b6e502afb7f61457b007410f324926cfba555b53bffde05
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Wed, 14 Jul 2021 13:01:40 GMT
Server
nginx/1.10.3
ETag
"60eee034-600b"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
24587
X-Content-Type-Options
nosniff
0D4A7B98-B2D2-43C0-AAB1-E2F60A06C80E.jpeg
static.themoscowtimes.com/image/article_640/4e/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/4e/0D4A7B98-B2D2-43C0-AAB1-E2F60A06C80E.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
cff914a6263536c31084b33230dda30127ef98a0f3c8ef138f10f851e859d942
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Mon, 12 Jul 2021 12:40:32 GMT
Server
nginx/1.10.3
ETag
"60ec3840-42d4"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
17108
X-Content-Type-Options
nosniff
597EA2BA-3983-4621-ADAB-530F9585A567.jpeg
static.themoscowtimes.com/image/article_640/a9/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/a9/597EA2BA-3983-4621-ADAB-530F9585A567.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
dd33c93828d94f3d714db8575745d18098ff74224f56b3fb69fd4216a00f5191
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Mon, 12 Jul 2021 11:54:38 GMT
Server
nginx/1.10.3
ETag
"60ec2d7e-3526"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
13606
X-Content-Type-Options
nosniff
europeanmedicalcenter.jpeg
static.themoscowtimes.com/image/article_640/ea/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/ea/europeanmedicalcenter.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
54049b269e5247406b21a3fe7f22a1dac675923d31980d7dc8fad6e2aafb361f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 16 Jul 2021 08:36:47 GMT
Server
nginx/1.10.3
ETag
"60f1451f-8b0a"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
35594
X-Content-Type-Options
nosniff
000_9EY4EC77.jpg
static.themoscowtimes.com/image/article_640/8a/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/8a/000_9EY4EC77.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
7fbae8490c8b8f762a9e3b763e48a65411d3cfc0fe5d61aa867228d2cf47cb5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Thu, 15 Jul 2021 15:16:14 GMT
Server
nginx/1.10.3
ETag
"60f0513e-4177"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
16759
X-Content-Type-Options
nosniff
1280px-____________.jpg
static.themoscowtimes.com/image/article_640/e0/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/e0/1280px-____________.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
4b355bb9084c9c8997d5e1c529d1c3d2dab373e6228fa472cbc70ba10355d81b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Thu, 15 Jul 2021 10:43:00 GMT
Server
nginx/1.10.3
ETag
"60f01134-50af"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
20655
X-Content-Type-Options
nosniff
2021-07-19190541.jpg
static.themoscowtimes.com/image/article_960/b2/ 		117 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_960/b2/2021-07-19190541.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
d5e3e8f955011d3e486acbd01ed6a46e48b685855e0e1e2e14c34789807a0cf9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Jul 2021 18:30:25 GMT
Server
nginx/1.10.3
ETag
"60f5c4c1-1d514"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
120084
X-Content-Type-Options
nosniff
2021-07-19125718.jpg
static.themoscowtimes.com/image/article_640/c8/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/c8/2021-07-19125718.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
bd79e8aab174214bf0ba01cf081ffa90a7f15b40c4b60d42dce0e2466c6de0d8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Mon, 19 Jul 2021 10:18:57 GMT
Server
nginx/1.10.3
ETag
"60f55191-5f84"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
24452
X-Content-Type-Options
nosniff
2021-07-17114052.jpg
static.themoscowtimes.com/image/article_640/6c/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/6c/2021-07-17114052.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
4c8e0676c3b08c39afd59bf47be571a0d2fe37b0ffefb3a11b15be2fee58119a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Sat, 17 Jul 2021 08:55:36 GMT
Server
nginx/1.10.3
ETag
"60f29b08-5960"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
22880
X-Content-Type-Options
nosniff
402855.jpg
static.themoscowtimes.com/image/article_640/31/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/31/402855.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
cc8631ee9fa6f8185d3deaf01a4c2d125e1f29eaea7e894ea27617d762603a71
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 16 Jul 2021 13:55:33 GMT
Server
nginx/1.10.3
ETag
"60f18fd5-6644"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
26180
X-Content-Type-Options
nosniff
mamonov.jpg
static.themoscowtimes.com/image/article_640/1f/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/1f/mamonov.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
e496aafa00a2e0f7052bfbe3322badedbddafbeac0769eaa584146fb9bb170e1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Thu, 15 Jul 2021 15:22:26 GMT
Server
nginx/1.10.3
ETag
"60f052b2-1b7f"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
7039
X-Content-Type-Options
nosniff
A0F0D8AA-36A8-4BC5-9713-B2B569B3B783.jpeg
static.themoscowtimes.com/image/article_640/ab/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/ab/A0F0D8AA-36A8-4BC5-9713-B2B569B3B783.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
87be3cc965a8ac826f0afb43ec8d447c67253848930f1d4083344f43ab15c042
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Mon, 21 Jun 2021 11:06:58 GMT
Server
nginx/1.10.3
ETag
"60d072d2-31f5"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
12789
X-Content-Type-Options
nosniff
9548E589-CFED-4A61-823E-7E6EED441213.jpeg
static.themoscowtimes.com/image/article_640/32/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/32/9548E589-CFED-4A61-823E-7E6EED441213.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
f3847b3773e3f90ee60e73c3fb72d9908fc98ff07ef7d305bc23110755c18b01
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Thu, 03 Jun 2021 13:42:56 GMT
Server
nginx/1.10.3
ETag
"60b8dc60-4951"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
18769
X-Content-Type-Options
nosniff
968B4024-4471-460D-A29F-0D4134597F51.jpeg
static.themoscowtimes.com/image/article_640/21/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/article_640/21/968B4024-4471-460D-A29F-0D4134597F51.jpeg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
69d22be62170122e61b816e8894bf97250f3e336a734304559ca52f60b78da08
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Wed, 02 Jun 2021 07:17:32 GMT
Server
nginx/1.10.3
ETag
"60b7308c-48f6"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
18678
X-Content-Type-Options
nosniff
GyfLy3HP_400x400.png
static.themoscowtimes.com/image/320/03/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/320/03/GyfLy3HP_400x400.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
a21374a3f8e02566ede77b6371937fcf2869587e01b38389552193a4ff9ef56c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Nov 2019 10:43:09 GMT
Server
nginx/1.10.3
ETag
"5dca8cbd-40bf"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/png
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
16575
X-Content-Type-Options
nosniff
CWJdLmXk_400x400.png
static.themoscowtimes.com/image/320/3f/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/320/3f/CWJdLmXk_400x400.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
1c4c5f95ac39592247ba98f6be4c5124d948da7e1ec8210c0e26ec1ad0b9c87f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Nov 2019 10:42:10 GMT
Server
nginx/1.10.3
ETag
"5dca8c82-3625"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/png
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
13861
X-Content-Type-Options
nosniff
LUWCANFI_400x400.jpg
static.themoscowtimes.com/image/320/36/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/320/36/LUWCANFI_400x400.jpg
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
fc8910a12a56baa8d399a29ea83ff9d09e9326cd7a38be03892a0333df79c931
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Nov 2019 10:43:20 GMT
Server
nginx/1.10.3
ETag
"5dca8cc8-212c"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/jpeg
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
8492
X-Content-Type-Options
nosniff
icon-180x180.png
static.themoscowtimes.com/image/320/0a/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.themoscowtimes.com/image/320/0a/icon-180x180.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
269eb85c158413a8e1c036fc2f3aa2360f35cdc4999234028be80b94e9ec2389
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Tue, 12 Nov 2019 10:43:15 GMT
Server
nginx/1.10.3
ETag
"5dca8cc3-ac6c"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
image/png
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
44140
X-Content-Type-Options
nosniff
jquery-2.2.0.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.0.min.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:28 GMT
content-encoding
gzip
last-modified
Fri, 08 Jan 2016 20:03:15 GMT
server
nginx
etag
W/"56901603-14e55"
vary
Accept-Encoding
x-hw
1626937708.dop208.fr8.t,1626937708.cds235.fr8.hc,1626937708.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29875
Timeago.js
static.themoscowtimes.com/vendor/jquery/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/vendor/jquery/Timeago.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
51d2ca3e2554c558c0638095a604a4a3cdc1a914ca9a5f0ace149245b76804c3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Mon, 20 Apr 2020 08:53:55 GMT
Server
nginx/1.10.3
ETag
"5e9d6323-1a99"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
6809
X-Content-Type-Options
nosniff
Lightbox.js
static.themoscowtimes.com/vendor/jquery/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/vendor/jquery/Lightbox.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
f8ca71efa8f9823626b975330f1cd7dde8163230fba36ba1ccf8bf9182ea46cb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Fri, 02 Dec 2016 06:20:54 GMT
Server
nginx/1.10.3
ETag
"584112c6-1597"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
5527
X-Content-Type-Options
nosniff
fitvids.js
static.themoscowtimes.com/vendor/jquery/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/vendor/jquery/fitvids.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
206bf243e0b1ba7ef7435675de712d76c920dc8b2f1c6799f1ba89d2986e2e20
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Thu, 17 Jan 2019 14:30:47 GMT
Server
nginx/1.10.3
ETag
"5c409197-a54"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
2644
X-Content-Type-Options
nosniff
Yellow.js
static.themoscowtimes.com/vendor/yellow/ 		27 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/vendor/yellow/Yellow.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
c623e82418aeacccf4b6feed6c69d7aeab0f81ae791e91eb448b8f61a50671c7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Thu, 03 Jan 2019 16:54:46 GMT
Server
nginx/1.10.3
ETag
"5c2e3e56-6c05"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
27653
X-Content-Type-Options
nosniff
all.css
use.fontawesome.com/releases/v5.13.0/css/ 		57 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/css/all.css
Requested by
Host: static.themoscowtimes.com
URL: https://static.themoscowtimes.com/css/main.css?v=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1335663
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
K7KFCEA8WS216944
x-amz-id-2
vFI37i3iZlekqImjGxpyBYRKzy+Iw5ysMc4Pmyi/hoG9KI5DHPO8hC38lfUNomED4ueNUGY5tHw=
last-modified
Wed, 30 Jun 2021 15:38:38 GMT
server
cloudflare
etag
W/"76cb46c10b6c0293433b371bae2414b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Fg%2Fo%2FlnsfmvSonn%2FpodebEHb04%2Bvc3kAt02UhWI6Bm73jf9bELFNXt6TAmk0b3vkiKfc%2BxxVWoUhMAYJwfnFUHiy2fbZyIUDLn2NCsL%2FUDZPMo65eoFSfLSbeTBjr639WX%2FrkQbu%2FsyyHkWsmLkbXbk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
672ad685ad004a9d-FRA
v4-shims.css
use.fontawesome.com/releases/v5.13.0/css/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/css/v4-shims.css
Requested by
Host: static.themoscowtimes.com
URL: https://static.themoscowtimes.com/css/main.css?v=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1335657
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
18ETSTT16Z01PQXR
x-amz-id-2
Hwu+zOJlJdZW/+JaQ1Qlq1rGwuu77I1UtywA908XnHLS70EQhvE+thvjMkp7ke5KyzaBdy/PiJc=
last-modified
Wed, 30 Jun 2021 15:38:38 GMT
server
cloudflare
etag
W/"fb073a92592d70e5aa6e3cce1cf93a11"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCsw4UtVxOr452PipeBxMxDUUr%2FaMZcK56IYOuNtiI4leqdvLWLz3d1zCn0uQJm2Q6GTjQEj4m9xBXtwKi3zDfHR6qD2te3%2BDbFliQz44zAMH1uuD7vsFTxSJh7GpmnAryHdch%2BENlBYCjJrwJmu8v8r"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
672ad685ad044a9d-FRA
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Requested by
Host: static.themoscowtimes.com
URL: https://static.themoscowtimes.com/css/main.css?v=29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b74fc3666be448b57191d1b21d896316748bd0b311eb01e344f2f90d8237954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 22 Jul 2021 07:08:28 GMT
server
ESF
date
Thu, 22 Jul 2021 07:08:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 22 Jul 2021 07:08:28 GMT
gtm.js
www.googletagmanager.com/ 		101 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TR8JKK
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ddaabf016a1295656c69c557f9bb2b3fb1b2b79134282ffd05d371432d08e88d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38765
x-xss-protection
0
last-modified
Thu, 22 Jul 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Jul 2021 07:08:28 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 12:00:01 GMT
x-content-type-options
nosniff
age
155307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:00:01 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://use.fontawesome.com/releases/v5.13.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:28 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1335516
cf-ray
672ad6860b1a2bd6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
79444
x-amz-id-2
5Bzw3ckL2KCB2055FbdhhVgl4MKX16bdbqjquGyYEXcbIRJYPCoQBftMHAJImn91s0iFBkbNC3A=
last-modified
Wed, 30 Jun 2021 15:39:01 GMT
server
cloudflare
etag
"b15db15f746f29ffa02638cb455b8ec0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfmFj0fXwqXcsyMLDp%2FqHj2BEQnKipXauGwrn8xmRxZI3MjT3JCECcRhcVVq%2FW8O6Ui%2BtETvf%2B43O%2Fr6K1%2FGCszShvKuz2FoV4B%2FZahQ7Lrps8I%2BOS9sntnQxh1WV0V0FYivsVEUZ2fXDORODRW5Duoe"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
NK4QMARBPW8N1VCA
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 18:26:24 GMT
x-content-type-options
nosniff
age
218524
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 18:26:24 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 12:36:34 GMT
x-content-type-options
nosniff
age
153114
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15724
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:36:34 GMT
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v22/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de878ac09635910d6fdc776b259330509502e11a42aee1881a73a59d491e0000
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 20:42:00 GMT
x-content-type-options
nosniff
age
210388
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19128
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:07:17 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 20:42:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 17:17:27 GMT
x-content-type-options
nosniff
age
136261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 17:17:27 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.13.0/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.13.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.13.0/css/all.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://use.fontawesome.com/releases/v5.13.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:28 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1335516
cf-ray
672ad6860b1d2bd6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
76612
x-amz-id-2
5uf+OWzRxW1I5PnWgZdC62DYnyPo9Uam0m5YpsEB33r9cisRkH08HUkUOUI4WrkrBynbBYSkUcU=
last-modified
Wed, 30 Jun 2021 15:39:01 GMT
server
cloudflare
etag
"a06da7f0950f9dd366fc9db9d56d618a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fq9w4qPEYGn%2FkPr%2BmUetVUB0wmXbaX%2B00akWqpBau9zmCs7EUOlxHOutE5dEkjEyNxU5jkX4k9a2KtQdnW0oE3wPodjymCyPXKlJy7t7R8bYjc14o2BJ7VY9k9moNumIUFNw%2BD79M%2FwR8gv2LYeGwP97"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
NK4G7SNE93T44RDJ
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 01:45:21 GMT
x-content-type-options
nosniff
age
192187
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 01:45:21 GMT
u-4n0qyriQwlOrhSvowK_l521wRZXMf6lvg.woff2
fonts.gstatic.com/s/merriweather/v22/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v22/u-4n0qyriQwlOrhSvowK_l521wRZXMf6lvg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63031beb1c84a9a3dd906d48438550b3a17d852d46cc4e475d274543a0100423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 18:26:49 GMT
x-content-type-options
nosniff
age
218499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15036
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:07:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 18:26:49 GMT
KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v27/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Merriweather:300,300i,400,900
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.themoscowtimes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 22:47:10 GMT
x-content-type-options
nosniff
age
202878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:11:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 22:47:10 GMT
/
onetag-geo.s-onetag.com/ 		555 B
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/de8d3c3f-602a-4921-94f6-6c06fb8d9728/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-116.dus51.r.cloudfront.net
Software
/
Resource Hash
c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 21:07:15 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront), 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
age
36073
x-amzn-requestid
9ed8a778-5ad8-48db-8402-5b8b9c0856b5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2, DUS51-C1
x-amz-apigw-id
C1rknEmuiYcFegw=
content-length
555
x-amz-cf-id
zP8e46o8MT1Amgo8kwXkpHkqSCfVM7x-aV60vkkOPHDcCzoaHz4lAA==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/de8d3c3f-602a-4921-94f6-6c06fb8d9728/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-82.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0fada3fee77dc698adeffcd47f525c0a7b896d16ee64cb77a8e88a5183a3b13

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5WxyQkEm2Kq_qjV3My5YZ01rVsNAmWVj
content-encoding
gzip
etag
W/"c2de88e9bb066ad3a01d9fa28cb15eac"
last-modified
Tue, 13 Jul 2021 12:52:29 GMT
server
AmazonS3
age
65752
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 21 Jul 2021 12:52:37 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
ZVCavQmQs_3QK9hSzIHNi0hZeFQ_KtnEy50qnJbddr5ESVvMwFSsqw==
main.js
static.themoscowtimes.com/js/ 		45 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.themoscowtimes.com/js/main.js?v=29
Requested by
Host: static.themoscowtimes.com
URL: https://static.themoscowtimes.com/vendor/yellow/Yellow.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.215.189.11 , Netherlands, ASN51758 (PROCOLIX, NL),
Reverse DNS
host879.procolix.com
Software
nginx/1.10.3 /
Resource Hash
71490e2ffc0e6c966ce1a08e4c6b77df0811d049ad7f36db7f488bf767cbd117
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:28 GMT
Referrer-Policy
no-referrer
Last-Modified
Wed, 14 Jul 2021 17:31:21 GMT
Server
nginx/1.10.3
ETag
"60ef1f69-b4fc"
X-Download-Options
noopen
Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
46332
X-Content-Type-Options
nosniff
pubads_impl_2021071901.js
securepubads.g.doubleclick.net/gpt/ 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
41a1857e679cc8f0d48f2a256c2f2d712990396469a662c994e77fa09fc4e210
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Jul 2021 08:40:24 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117201
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		146 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.themoscowtimes.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
6562673fb96a52e4da9a371e001269d44d20745329df31059f776c3fb0e5584c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:28 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TR8JKK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
3670
date
Thu, 22 Jul 2021 06:07:18 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Thu, 22 Jul 2021 08:07:18 GMT
fbevents.js
connect.facebook.net/en_US/ 		95 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
VhW4ZlQx0JCyB+9h2MlJBUM10wha8LqaTQl+DILTTZ8haz28HhCDXE8K1fbRpM9WGaXCT3LWd+sXOCIy7WhYVA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Thu, 22 Jul 2021 07:08:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ede2b9c6411f6d0ebc48cb31e.js
chimpstatic.com/mcjs-connected/js/users/239926d40266233686ee429be/ 		50 B
579 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/239926d40266233686ee429be/ede2b9c6411f6d0ebc48cb31e.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.32.243.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-243-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
99
Date
Thu, 22 Jul 2021 07:08:28 GMT
Last-Modified
Mon, 28 Sep 2020 12:02:51 GMT
Server
AmazonS3
x-amz-request-id
A4606814F9780D65
X-EdgeConnect-MidMile-RTT
0
ETag
"104d46a3208b40e8ded389332f5a78a3"
Content-Type
application/javascript
Cache-Control
max-age=1713
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
50
x-amz-id-2
QvHUUfFtnDQmdDj7epA/qBFLTlWY/vEEaLIZhMCUtzqBsQtiVZjqC0n1w/xss8u/1coxsOlg8zs=
Expires
Thu, 22 Jul 2021 07:37:01 GMT
/
onetag-geo.s-onetag.com/ 		555 B
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-116.dus51.r.cloudfront.net
Software
/
Resource Hash
c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 21:07:15 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront), 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
age
36073
x-amzn-requestid
9ed8a778-5ad8-48db-8402-5b8b9c0856b5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2, DUS51-C1
x-amz-apigw-id
C1rknEmuiYcFegw=
content-length
555
x-amz-cf-id
OsDqJ5MsMWsXDsgbBqLK_7yPsYKVYgsT02ytvByF28b0ObFpThOuGg==
publisher:getClientId
ampcid.google.com/v1/ 		74 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 22 Jul 2021 07:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.themoscowtimes.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
342433566951762
connect.facebook.net/signals/config/ 		268 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/342433566951762?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
64aad5f4964aee5ab4d2ce7733eb5be488b443e2a7aa2f0e78a38716633b8dc0
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
76447
x-xss-protection
0
pragma
public
x-fb-debug
PWETpJIrg/cadGQGNRsBUhFYlDDIL4ZBoi7+6r4GAyQ22JnACCxhXpbQit35go7ZBeu23FDI08RDAQSXpu2sXQ==
x-frame-options
DENY
date
Thu, 22 Jul 2021 07:08:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-116.dus51.r.cloudfront.net
Software
/
Resource Hash
c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 21:07:15 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront), 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
age
36073
x-amzn-requestid
9ed8a778-5ad8-48db-8402-5b8b9c0856b5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2, DUS51-C1
x-amz-apigw-id
C1rknEmuiYcFegw=
content-length
555
x-amz-cf-id
_upUTjLQR7Qca6yEP_q7FZDb0H3FehgBpHrvH5YE9cNKUsm3QicjZQ==
publisher:getClientId
ampcid.google.de/v1/ 		3 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 22 Jul 2021 07:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.themoscowtimes.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
/
www.facebook.com/tr/ 		0
154 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary9ro0WioNUMCpjRw4

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Thu, 22 Jul 2021 07:08:28 GMT
content-type
text/plain
access-control-allow-origin
https://www.themoscowtimes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
collect
stats.g.doubleclick.net/j/ 		4 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-4186815-1&cid=1305798905.1626937709&jid=1604104377&gjid=1330183787&_gid=777212076.1626937709&_u=YGBAgAABAAQCAE~&z=62889255
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 22 Jul 2021 07:08:28 GMT
content-type
text/plain
access-control-allow-origin
https://www.themoscowtimes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j91&a=628606094&t=pageview&_s=1&dl=https%3A%2F%2Fwww.themoscowtimes.com%2F&ul=en-us&de=UTF-8&dt=The%20Moscow%20Times&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABAAQC~&jid=1604104377&gjid=1330183787&cid=1305798905.1626937709&tid=UA-4186815-1&_gid=777212076.1626937709&gtm=2wg7j0TR8JKK&z=1713356828
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Jul 2021 09:10:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
79097
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1145328381627518&correlator=250303793394695&output=ldjh&impl=fifs&eid=31061849%2C21064367%2C31061843%2C20211866&vrg=2021071901&ptt=17&sc=1&sfv=1-0-38&ecs=20210722&iu_parts=21704504769%2CTMT%2Cbillboard_top%2Csidebar_home%2Csidebar_top%2Cbillboard_bottom%2Cbillboard_bottom_2%2Cvideo-in-article-content&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=728x90%7C970x90%7C980x120%7C970x250%2C300x250%7C336x280%2C300x250%7C336x280%7C300x600%2C728x90%7C970x90%7C980x120%7C970x250%2C728x90%7C970x90%7C980x120%7C970x250%2C728x90%7C970x90%7C980x120%7C970x250&cookie_enabled=1&bc=31&abxe=1&lmt=1626937708&dt=1626937708824&dlt=1626937708252&idt=541&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1158%2C-9%2C436%2C436%2C-9&adys=12%2C234%2C-9%2C3020%2C5023%2C-9&adks=118446099%2C2416679599%2C236420964%2C1528615819%2C2558784702%2C3391782540&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_tz=120&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.themoscowtimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C336x0%7C0x-1%7C984x0%7C984x0%7C0x-1&msz=1600x0%7C336x0%7C0x-1%7C984x0%7C984x0%7C0x-1&ga_vid=1305798905.1626937709&ga_sid=1626937709&ga_hid=628606094&ga_fc=false&fws=4%2C4%2C2%2C4%2C4%2C2&ohw=1600%2C336%2C0%2C1600%2C1600%2C0&btvi=0%7C0%7C-1%7C1%7C2%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
554dbf4e77d7b498ecc94ca1e71aee2b88c7d1bf027fbb1c5be87555d8dff6b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16909
x-xss-protection
0
google-lineitem-id
5307164598,5307164598,5307164598,5307164598,5587152685,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138304378621,138304378627,138304207033,138303854969,138337163964,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.themoscowtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 833F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 22 Jul 2021 07:08:28 GMT
expires
Fri, 22 Jul 2022 07:08:28 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-4186815-1&cid=1305798905.1626937709&jid=1604104377&_u=YGBAgAABAAQCAE~&z=100841366
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-4186815-1&cid=1305798905.1626937709&jid=1604104377&_u=YGBAgAABAAQCAE~&z=100841366
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		555 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-116.dus51.r.cloudfront.net
Software
/
Resource Hash
c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 21:07:15 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront), 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
age
36073
x-amzn-requestid
9ed8a778-5ad8-48db-8402-5b8b9c0856b5
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2, DUS51-C1
x-amz-apigw-id
C1rknEmuiYcFegw=
content-length
555
x-amz-cf-id
IDgCMr0iD28TmovQp198OrGrzfx3XxGtOiz3p-sIdvPOCiuvBdH0PQ==
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=342433566951762&ev=Microdata&dl=https%3A%2F%2Fwww.themoscowtimes.com%2F&rl=&if=false&ts=1626937709251&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Moscow%20Times%22%2C%22meta%3Akeywords%22%3A%22news%2Crussia%2Cmoscow%22%2C%22meta%3Adescription%22%3A%22Independent%20news%20from%20Russia%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22The%20Moscow%20Times%22%2C%22twitter%3Aaccount_id%22%3A%2219527964%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.themoscowtimes.com%2F%22%2C%22og%3Atitle%22%3A%22The%20Moscow%20Times%22%2C%22og%3Adescription%22%3A%22Independent%20news%20from%20Russia%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fstatic.themoscowtimes.com%2Fimg%2Fshare_default.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%221360%22%2C%22og%3Aimage%3Aheight%22%3A%22500%22%2C%22twitter%3Adescription%22%3A%22Independent%20news%20from%20Russia%22%2C%22twitter%3Aimage%3Asrc%22%3A%22https%3A%2F%2Fstatic.themoscowtimes.com%2Fimg%2Fshare_default.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22NewsMediaOrganization%22%2C%22address%22%3A%7B%22%40type%22%3A%22PostalAddress%22%2C%22addressCountry%22%3A%22RU%22%2C%22addressLocality%22%3A%22Moscow%22%2C%22postalCode%22%3A%22125167%22%2C%22streetAddress%22%3A%22Leningradsky%20Prospekt%2039%22%7D%2C%22name%22%3A%22The%20Moscow%20Times%22%2C%22email%22%3A%22general%40themoscowtimes.com%22%2C%22telephone%22%3A%22%2B7%20495%20139%2025%2056%22%2C%22url%22%3A%22https%3A%2F%2Fthemoscowtimes.com%22%2C%22logo%22%3A%22https%3A%2F%2Fstatic.themoscowtimes.com%2Fimg%2Flogo_1280.png%22%7D%5D&sw=1600&sh=1200&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1626937708746.1915070728&it=1626937708681&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 22 Jul 2021 07:08:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F630 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4L27glK2dFEsUnlMttudNkONIOE7FPbUwJkecTT0ZTbiKloIlOGkhj-krASl7696urfEi_KaPSOa6ZhFC01B7HijoprsAK-l0XvwhtSOtEJRWM5Va2Ucb2MlB2z3ePgsX_5QUPlktde2vussHF93FAGMz0xnkNo73Nv7gadT6ZWWPqTeEp3CPj1jl6yHBL5rD0RySH0TxFTRU9_NIYAFGjikyd9b8pZ8joA6Y9OZF88gMXO-JsRz3qEtZcYGzmlHTKiZlrYZ_cbqVR0Ok-jjAMAK_JLeIxyAKrfK5dqcS6FxOBZ7RG9kSw3n6F94ImUM8fFi8Y9rf&sai=AMfl-YSNFh5x3RVYZ2Kwlpj5r_Q5Dr9fSbTN3pt2d-Z7LxkLZ0RBcNiyNd6_9zj8-SfOkuyUUHSDqCAaUkiewbTS7g_84k4HiujG2BNKrVaOMgDVYj4llVP2fVQ1nrQSc4g&sig=Cg0ArKJSzI7EsC8EvKysEAE&urlfix=1&adurl=
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Jul 2021 07:08:29 GMT
t.js
likevertising.com/ Frame F630 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=8182381626937709343
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
aedbcaf59bde05c2647664f984294a63268053d8805a6eef4ae724040779626d

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
W7hfthRgDp8GkBA6XKPSmbgqZvnsns7hyLcleOFG2yJ0C3waeSE24A==
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F630 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626736020213958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C84F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstekWgH_ophOkgpLlxUJeBAPR3NGd7kQIHY62e8jEyA3FMEB4PAEP6zyEyJ4xwqBKtwwGvo24H7I3ug28X6nOWL1s-L1fE5-vS41N7d5BV5UxdsF-1YkjBGX_4KtZ7AMjt4Rn8CO0a1tytQonJknjp_0obpTSxi087Mklws3xbdLFp4jdyvPyweuPKoGdmH7OXDOyB_a1pzBtqU7ebOH3Vl-9WmDnXhvPtJCN9SMnbmCfPuOF96GLG-rq9NueMPPMKTpm9jXsCTH_xcT2UgJRe4xd_vB2RDH4t6geTEYI01GMTohz1fxH2is2PsvT-GZVixT3uW5ienJK6&sai=AMfl-YQ78pyokMUXlCcUEPD-dImlpEyZnF8u9NgDFmtPkdznHn0j8hRMIM1g3x-nk1SvExTicYtKJ9Abx0kr2EI9vF0JzSn1eU-uQV_itkfSDcaNy0vYugj0y6BRhiL8cO8&sig=Cg0ArKJSzDL2W2E6cHxJEAE&urlfix=1&adurl=
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Jul 2021 07:08:29 GMT
t.js
likevertising.com/ Frame C84F 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=5930321626937709347
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
2b9b3e17a5e8ed75dddf674cf0bba83d502c20903aefac3de435806c356a1357

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Q_nKKsAkGaqtBd3WkEwgGgoMdnB5ZBlJWHymW50xvH6jVAL8wdOb2A==
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C84F 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626736020213958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 364A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstyw6xr8bPPHhgPvvSU_zsBaosWqcWkcpNChU45kpiKwznsY5uVucNuB8ZOQKzlOtBlobaFneMyJhfWJ6Tz9OZafll9WvuAYmvyTYUEMU0eezPVJxraQWn1HiY_SJ9wFfRo0Nn1s4C6Kq-q2J5NwDPYq3IAxpGLk7nQvocDBUI1lY250_SG5x39AXLSO4cJcrN2yEXuhBiUnG0K_SL8wgI725DlHpZ7P2btBgqHoFsAn6hD4Ts8_cCqicKtcWZnAfiwn3iOGu4K9ReDmdpvmwsGRCDBe7iLNV_8lfAfI8CvvWe9NmmLoujCgas2Q3EBykZ6cyhLBuHAnYqZYmQX&sai=AMfl-YQtnIlKa90ieFgx14vCd0rA232dFHq3yHlnbpG14Blhw9O9mOXTbrzxhAErpeOJ-WAhNHqMyFUf4_jL9BaSaGsLa3Lcexh3SwRP_SzR7yL0zu_RY7qLovSGiOzs43s&sig=Cg0ArKJSzHexpAQ1o4Z-EAE&urlfix=1&adurl=
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Jul 2021 07:08:29 GMT
t.js
likevertising.com/ Frame 364A 		17 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9969291626937709350
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
f06dc6262a9f2bb81e4288a5b9ebc02644d16378f9185259cf8bea2530de97d6

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
tSs8oBqByRPiOsBuO49qpB3qH_bTGGEwrqxTSnNLDfoFyIE6j50Y3g==
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 364A 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626736020213958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:29 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ae2862c982de5ca8aa7d0b97b493a0561b30a04a6d7ae249ae8f758e7453842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626736025986498"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28059
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:29 GMT
container.html
adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 43BA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 22 Jul 2021 07:08:28 GMT
expires
Fri, 22 Jul 2022 07:08:28 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c592be4d97d41efe5f50997313c6b840a3f555db91feed0dc5317e6a96e8f91e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8461
x-xss-protection
0
truncated
/ Frame F630 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef29b7ebed415a06f46ebcc5289bfc54da95fc508a2217449584605bae3e65d6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 364A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19b5eeeb8644a0d2458c87a3853a6fd2733ce574b95a44567337669aa2cd6b19

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C84F 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d5267ff101258bdb32f038ae3afce268d3674c52e0f2adfc017b8e5a4618322

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071901.js?31061849
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:29 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 43BA 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
URL: https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 07:05:01 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 43BA 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
URL: https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 19:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 19:57:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 43BA 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
URL: https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626736020213958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:29 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4CCB 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=5930321626937709347
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
14149249daefaa39c09c0f12f450f9fdd13901a7e5cc42a804174c37b21c786d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"937 / 546 of 1000 / last-modified: 1626905394"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24160
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:29 GMT
syncro
likevertising.com/ Frame 5404 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/syncro?i=ozq8lklz3e1znpqig3c&a=4f4a4c72e5d91df7438c43d8a6ef40cd5&cb=9518151626937709520
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=5930321626937709347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
faa29af882ddfc0fc714ab1287771fe2d94452b0ed1d6c5d8fc830312860f52e

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/syncro?i=ozq8lklz3e1znpqig3c&a=4f4a4c72e5d91df7438c43d8a6ef40cd5&cb=9518151626937709520
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
vary
Accept-Encoding
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
NSSt6t8A7o_mels-_6SciJCeCFwIq-otNPLnFXxHHgAYHrzEdPGWBw==
syncro
likevertising.com/ Frame 9697 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/syncro?i=ozq8lklz3e1znpqig3c&a=6edc5c89447c574ef4cea93f1f2f891a3&cb=6671621626937709523
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=5930321626937709347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
556b5e9b6751392ef5c74eafd48e3944dcec8047f3b30b1ac79aea5f77a376eb

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/syncro?i=ozq8lklz3e1znpqig3c&a=6edc5c89447c574ef4cea93f1f2f891a3&cb=6671621626937709523
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
mo9O6DKrXPAciFDjRg-2v59SHQxOxckPhICKyyvd57g-QCX2bBNp4w==
stats
likevertising.com/ Frame 9ECA 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/stats?i=ozq8lklz3e1znpqig3c&a=3f438269c50c900a489ac681b8b2a85d5&cb=0667781626937709524
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=5930321626937709347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
556b5e9b6751392ef5c74eafd48e3944dcec8047f3b30b1ac79aea5f77a376eb

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/stats?i=ozq8lklz3e1znpqig3c&a=3f438269c50c900a489ac681b8b2a85d5&cb=0667781626937709524
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
vZK2vfe51eptCostKvhW6HuAQYhg5vlmWgVIITvIk_vvAG3qxIFWkQ==
stats
likevertising.com/ Frame E470 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/stats?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=0371801626937709525
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=5930321626937709347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
234d48220a4763b35e1ad644dba7c68f5119ce179153535f60a20297f3558caa

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/stats?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=0371801626937709525
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
vary
Accept-Encoding
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
xH6mnbc1HCLzX18oxAfxeuKQ2N5TYg71eoTG7pA_8GCLxw4LuKItiw==
counter
likevertising.com/ Frame BA68 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=5089751626937709526
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=5930321626937709347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
ebb9ccd7e633b6add76b5839940681d91b486e8e37f8e9a4709f15904b768175

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=5089751626937709526
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1633
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
xrWXxu1zb-gq6NwL09HEkbXAKWTSydfPrxQ2nZ2C3O0zDx4vSg5rxg==
count
likevertising.com/ Frame 2608 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/count?i=ozq8lklz3e1znpqig3c&a=0663c4e8643197170d2aea8d47191c273&cb=8887861626937709527
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=ozq8lklz3e1znpqig3c&cb=5930321626937709347
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
556b5e9b6751392ef5c74eafd48e3944dcec8047f3b30b1ac79aea5f77a376eb

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/count?i=ozq8lklz3e1znpqig3c&a=0663c4e8643197170d2aea8d47191c273&cb=8887861626937709527
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ARffLqWW1YC_x7xOdu4cWyuAmZcwWc5mBWJIv-g37U54PtVfK3Ft3g==
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 85C9 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=8182381626937709343
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
07ebd531a889d9aaf2e9204e5ff3d7638b41949a479f8f24a3f5cec9724d22df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"937 / 919 of 1000 / last-modified: 1626905325"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24144
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:29 GMT
sync
likevertising.com/ Frame 50F1 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b1&cb=1850571626937709536
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=8182381626937709343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
d7032bca089ded934885262dd86ef3b6381b6a039f00f7644b8699864e995374

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/sync?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b1&cb=1850571626937709536
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1874
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
EeyW1o1STQrx6CUnawcfBh7H6hdaEEIEKWGLPFaiOATM0yL4qm6sZA==
syncro
likevertising.com/ Frame 2048 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/syncro?i=b2q9ssvr0rctu7elxrne&a=71fe11d01084140e99d087fe51ae4cfc5&cb=4862661626937709537
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=8182381626937709343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
b44d608a5eac718f2863cb143e95d2f4c2b5a4c670964fe0f653caea806017f1

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/syncro?i=b2q9ssvr0rctu7elxrne&a=71fe11d01084140e99d087fe51ae4cfc5&cb=4862661626937709537
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
V3FI05A6z0k6VRNxtdF5al-Mj_HMJ46OfBK5-3SrgUlX-gtF9rISMQ==
sync
likevertising.com/ Frame 4E78 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2535&cb=7071071626937709538
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=8182381626937709343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
d471fca96620458724db33f0271e221a6117003d4ffb473a472046cff5eae2b8

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/sync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2535&cb=7071071626937709538
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1632
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
-LfSXXI3mNRr3OGK1JM4SuqmEWn4V09gaOMxlly6H1aClb1_Lepg3Q==
user
likevertising.com/ Frame 1F8A 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/user?i=b2q9ssvr0rctu7elxrne&a=381b3593439a32d7eb976a934b5655d65&cb=7042991626937709539
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=8182381626937709343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
b44d608a5eac718f2863cb143e95d2f4c2b5a4c670964fe0f653caea806017f1

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/user?i=b2q9ssvr0rctu7elxrne&a=381b3593439a32d7eb976a934b5655d65&cb=7042991626937709539
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
zFWWa-EJJvxeOLIwZLqx5UO2K2xjGW5Wjyo4o3XXxfx6QftBTYZTCQ==
async_usersync
likevertising.com/ Frame D8B5 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=8275681626937709540
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=8182381626937709343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
3fd54b4388f4d46c57f1ea0452307f0b54841d4e3ca1320a0408da973765acdc

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=8275681626937709540
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1677
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
boEpKvsrOwkrEkuRpsAEbCSPQ2NzD3hHbDED6R7b-9KgRxUgIKIIHg==
syncro
likevertising.com/ Frame 2496 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/syncro?i=b2q9ssvr0rctu7elxrne&a=56a2b13f3aa682806e16e152c8c768697&cb=9247031626937709541
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=8182381626937709343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
b44d608a5eac718f2863cb143e95d2f4c2b5a4c670964fe0f653caea806017f1

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/syncro?i=b2q9ssvr0rctu7elxrne&a=56a2b13f3aa682806e16e152c8c768697&cb=9247031626937709541
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
_to4ev5LqaQ-CzxYoRkYpAng7713AiMi9gwCTDKSLPdEqdm5QlDCeg==
view
securepubads.g.doubleclick.net/pcs/ Frame C84F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvivCok2aPvUZ1FEswvVLz21EYKCvEeJkO8z8uDWl2NVhtIJ4P75Ihv75piyu2Z0FbJabfFeVLS61014otfVUdh5s0TeUiXcGOxiL5dXioSkppnE2Whh1CELYa-sK-gPLddkB8K1qT4T_fl1TsVd2s13rkR-DXp_f18qd0jtImcVX-RAlHDJ91bXJb0J12PMFiAaIz1sHkuxYdJAU43iH07USwfLKKmWo7Z7Ya0nyDk7GA_Fe1_ZQsXc5Iy0dpX1mWO0Gg3m3rdi1mIiLUCoohNAMwdOtPNwfBt2tORIPxI9uCv0O-Wm1rLzTAD9mSBGr7h3_-tE8Ri4i9Oads&sai=AMfl-YRLgh1BzATvFr-8Dq5FdUocqRGBfaXs7ydD0RXdbkArcv6t8Kc0aHNVq2vF_TlpqI451MoDcalZqE31_-Pvk6jOIcPTIjFY6K85GBq61c99OBMu10E2p4wnehgf2uI&sig=Cg0ArKJSzHMpRRgPjwq4EAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Jul 2021 07:08:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F630 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssnsrdspVnFmoSZtUsz51IAEXe8cdD4m8tLLp9VgzjwDsw9jiFw0IQYiPCXzKszrW2_wop3NoqRMbU_IN4Zjsn_PcxKkfVgqpG-T8sgxMJqePegF6z45P67MuvBnN-8QhPqgsrV_JBCZ4FPfto2OQ2KUbWjs1ZiQ3A8tw3KO_34-YCmS40PfSG46jZhrnYRZ8zlPWToKH5zrpaw6Hx3k8P4-z6AVj09oNyGvqnW5W1t2c9SxFA3ChSYLJ4f9EIQSXJ9V6FxFDfymAL0WUnB1OJP2Sjz-SQTDyNowUJRT_-dyM-FVFhbjlM1drlCJGwXFPjTUMp-_Uw4trE&sai=AMfl-YSWN-1oGqjshNiujj6Ilm80JPU0_jHjvoWoZIumbaqYSASBxsHYwKYZh7pzLA9LxGQl1bvsF75caftDIuoCyBRNFF6-nn3WQaBO9NrEt7lEZsbHRJRRyDntPRiwvio&sig=Cg0ArKJSzBKk4EI1G4pUEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Jul 2021 07:08:29 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 50DD 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9969291626937709350
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
14149249daefaa39c09c0f12f450f9fdd13901a7e5cc42a804174c37b21c786d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"937 / 662 of 1000 / last-modified: 1626905394"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24160
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:29 GMT
syncro
likevertising.com/ Frame E1BA 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/syncro?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b5&cb=0553241626937709562
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9969291626937709350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
d7032bca089ded934885262dd86ef3b6381b6a039f00f7644b8699864e995374

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/syncro?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b5&cb=0553241626937709562
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1874
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
mIkSrssg0Af8o4bljvLLLauwdw7-jn1p_ib7gp1GtIdIbBkObmefhw==
stat
likevertising.com/ Frame 6078 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/stat?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=1059091626937709564
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9969291626937709350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
3fd54b4388f4d46c57f1ea0452307f0b54841d4e3ca1320a0408da973765acdc

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/stat?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=1059091626937709564
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1677
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
iYimfnwxFttkq_PeyxuCg9EA-WTHf5SV8W1hHR0ebCcujRfIcofKag==
usync
likevertising.com/ Frame 75B2 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/usync?i=b2q9ssvr0rctu7elxrne&a=56a2b13f3aa682806e16e152c8c768693&cb=3808101626937709565
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9969291626937709350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
b44d608a5eac718f2863cb143e95d2f4c2b5a4c670964fe0f653caea806017f1

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/usync?i=b2q9ssvr0rctu7elxrne&a=56a2b13f3aa682806e16e152c8c768693&cb=3808101626937709565
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
_sE-1poJELAomIxtCa2ub2rjl8pfSmUpLCtDpRBUOgkEbNHyeCnk4w==
async_usersync
likevertising.com/ Frame 8E1E 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=381b3593439a32d7eb976a934b5655d61&cb=8808011626937709567
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9969291626937709350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
b44d608a5eac718f2863cb143e95d2f4c2b5a4c670964fe0f653caea806017f1

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/async_usersync?i=b2q9ssvr0rctu7elxrne&a=381b3593439a32d7eb976a934b5655d61&cb=8808011626937709567
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
PyoQCyw6kqpCU9VkcvCbI9uMKxnOICSI4fAM-H6gYtn2tbf-7u3bLQ==
send
likevertising.com/ Frame CA29 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/send?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=3876291626937709568
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9969291626937709350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
d471fca96620458724db33f0271e221a6117003d4ffb473a472046cff5eae2b8

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/send?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=3876291626937709568
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
content-length
1632
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
iQyli2I4TgewHBAoIGdXUdEzzij60i1qs15WykjvL7Upf5XLaWwZlA==
syncro
likevertising.com/ Frame 3A09 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://likevertising.com/syncro?i=b2q9ssvr0rctu7elxrne&a=71fe11d01084140e99d087fe51ae4cfc7&cb=0834071626937709569
Requested by
Host: likevertising.com
URL: https://likevertising.com/t.js?i=b2q9ssvr0rctu7elxrne&cb=9969291626937709350
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
b44d608a5eac718f2863cb143e95d2f4c2b5a4c670964fe0f653caea806017f1

Request headers

:method
GET
:authority
likevertising.com
:scheme
https
:path
/syncro?i=b2q9ssvr0rctu7elxrne&a=71fe11d01084140e99d087fe51ae4cfc7&cb=0834071626937709569
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SSID=37c52fe00031466be2bab8142310c1c4359f17e2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

content-type
text/html; charset=UTF-8
date
Thu, 22 Jul 2021 07:08:29 GMT
x-cache
Miss from cloudfront
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
YXzKAVdujo4eAhvKlP76BvslWPmA-nAElWhzPFBXlMqgakA2dzhUWw==
view
securepubads.g.doubleclick.net/pcs/ Frame 364A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstHgsUKM7_1vgvV3-ZSLDrgj6qH06B55kgeV3S9ki9Rxd_N3ku83I5Cy1l4kmEoUTnShlT_HhkLQMCWX0VRwlDxBXVagcvbMsrRyjiUxtjpMLC39RI89j8V-7YZgeSG1i5IOhkyVRI14S7D99SAX0TA0qU3VjISmWEDUhOrw13yXcrHzZitS1PPw9Rzk6kF-cPA3sDIL2L_cHyIqWh4ONNlF5uvvE20RhQ3jLX7TsVJVmjxClLNFxZ9VQYgDCnS4KNHmXNQ22-sBkVM6-9E-H6moFfnww7Eccwn9DthTnRwFqCnRWd42uvOlRhZ67UgM0lN52h40s2Tk8-RMvjlGJo&sai=AMfl-YRVGYLRXFE4J2jwFGJO_fVZwDNsLLRl64yahCLJ9aGNldgab9xRkMRMMvgv0XnV5THR2Kxo7gGanU0JUFW1KLmfj8u_xIvNTUmTqT5OXqnJrUio6iLj4aTcNaeAAXE&sig=Cg0ArKJSzPDKCbCzoWDMEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Jul 2021 07:08:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C97A 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Thu, 22 Jul 2021 05:54:42 GMT
expires
Fri, 22 Jul 2022 05:54:42 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4427
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4D92 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6730cb64130083f4b3116d7b581a7ee7cd9af6a5e9843b27c825b57ebce7e321
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sUB2p6KeVdR8zpSVlOnUBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

expires
Thu, 22 Jul 2021 07:08:29 GMT
date
Thu, 22 Jul 2021 07:08:29 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-sUB2p6KeVdR8zpSVlOnUBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dfa7banner_html_inpage_rendering_lib_200_268.js
s0.2mdn.net/879366/ Frame 43BA 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Requested by
Host: adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
URL: https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
Referer
https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 11:54:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69231
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Tue, 14 Jan 2020 17:35:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jul 2021 11:54:38 GMT
pubads_impl_2021071401.js
securepubads.g.doubleclick.net/gpt/ Frame 4CCB 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 08:38:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117283
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:29 GMT
pxl.jpg
likevertising.com/ Frame C84F 		597 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://likevertising.com/pxl.jpg?i=ozq8lklz3e1znpqig3c&s=519&p=https%3A%2F%2Fwww.themoscowtimes.com%2F&rstk=https%3A%2F%2Fwww.themoscowtimes.com%2F&h=7832911626937709655
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
597
x-amz-cf-id
YN2GCO8gKJMJ0xSiQkydgX_5Wt25ulPOqc6CBWV8-LWwPLpoMaHypQ==
x-cache
Miss from cloudfront
content-type
image/jpeg; charset=UTF-8
pubads_impl_2021071301.js
securepubads.g.doubleclick.net/gpt/ Frame 85C9 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
9f43aa34b620c451290ad923748729c9956da9e7476387b34f860d1131108924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 08:39:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117314
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:29 GMT
pxl.jpg
likevertising.com/ Frame F630 		597 B
831 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://likevertising.com/pxl.jpg?i=b2q9ssvr0rctu7elxrne&s=519&p=https%3A%2F%2Fwww.themoscowtimes.com%2F&rstk=https%3A%2F%2Fwww.themoscowtimes.com%2F&h=6253251626937709666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
597
x-amz-cf-id
UqxEkMx6zqgkWoiGWj3PbnF7NXYjgTghhIF_2MTPtLPXAMABWJKMtA==
x-cache
Miss from cloudfront
content-type
image/jpeg; charset=UTF-8
async.js
cdn.adtrue.com/rtb/ Frame 5404 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/syncro?i=ozq8lklz3e1znpqig3c&a=4f4a4c72e5d91df7438c43d8a6ef40cd5&cb=9518151626937709520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
age
10490823
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
672ad68d98445363-FRA
expires
Thu, 17 Mar 2022 21:01:26 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 9697 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/syncro?i=ozq8lklz3e1znpqig3c&a=6edc5c89447c574ef4cea93f1f2f891a3&cb=6671621626937709523
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5194
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jroxz69PRw2jzeDKAApbDr0CpvnfaGMGHozRokmDBLzqyacGaqKeYagjTKF7muQR91hvYDWJzy44u6GP4aUwOa4qG3o0BN9CN8BjN%2B8RLFLGBVXIX%2BbfsoWBW2aDEIKuBbnN7oQJnl3pKc8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
672ad68dab724eb6-FRA
/
ads.projectagoraservices.com/ Frame E470 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=8135&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Requested by
Host: likevertising.com
URL: https://likevertising.com/stats?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=0371801626937709525
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4d5e8667edc2c8b5f448fdd68f3305b070e34b7ef53bd3c2ae60c5c0d4d6985b

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
6324
expires
Thu, 22 Jul 2021 07:08:29 GMT
pubads_impl_2021071401.js
securepubads.g.doubleclick.net/gpt/ Frame 50DD 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 08:38:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117283
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:29 GMT
pxl.jpg
likevertising.com/ Frame 364A 		597 B
830 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://likevertising.com/pxl.jpg?i=b2q9ssvr0rctu7elxrne&s=519&p=https%3A%2F%2Fwww.themoscowtimes.com%2F&rstk=https%3A%2F%2Fwww.themoscowtimes.com%2F&h=9869271626937709695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.74.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-74-72.fra2.r.cloudfront.net
Software
/
Resource Hash
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
content-length
597
x-amz-cf-id
U1Eg_BPeMvbbqa1ZCwt-asUqPWN4Xw2Hav7qFPY8SyO4AAWhUgXcTg==
x-cache
Miss from cloudfront
content-type
image/jpeg; charset=UTF-8
prebid_v4_21.js
hb.adpone.com/ Frame 2608 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/count?i=ozq8lklz3e1znpqig3c&a=0663c4e8643197170d2aea8d47191c273&cb=8887861626937709527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5194
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hhleao8PAKYm3eUDWbwQIPVODZwMhOpDT0vxZZSvw6oiN0gOVllKV57zKmpQdsI64pvXFLXweia66Oc2wCgi6EreDjslwO52KCLcaOkT8aDrI5AggwivmVr5sWWuZwNs89eguEZrtSzpOg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
672ad68dab764eb6-FRA
970_250.html
s0.2mdn.net/dfp/1776344/4911503909/1620363419657/ Frame 2745 		37 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/dfp/1776344/4911503909/1620363419657/970_250.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/dfp/1776344/4911503909/1620363419657/970_250.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
9690
date
Wed, 21 Jul 2021 12:59:54 GMT
expires
Thu, 22 Jul 2021 12:59:54 GMT
last-modified
Fri, 07 May 2021 04:56:59 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
65315
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 43BA 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvs-oytPz59eXIFiRKzBw6NMlvq-KPJFHD04IHhZGlpMNBLLHNXGORezIEG8LwM2zXbQZHv1mF9gKEmycWZ9O7waL-IvDn09q54PyVV_P8Vr6qyrhA403i1w9mu2l86aQIld7qMVkPpUgjqKVq5AXgE1y4O1yP34RRqrLq30NrVkj_Cn4yFdJYs4IuUwSCdwTfWpigJI0MrF7YNHqV22P1w0qv4wvkZF1O_5s4vyIaqQyr4gfNbyluZj-HCBf12yfZcIRYRE1mCNdqpjwAZP4lWcWB3mAMRjbUYNmKsMJcvWc8fL2FaU1p_cEeMt4wjlQGzJNt-vLejn9xDJtk&sai=AMfl-YT7BC682SUpnN5LD3sFNriPXMeGyVvai3JJ6cwudp0eUlOOnNSxEPpSvru5hB_PeVzJWc3hufLgSrAsoLjnkP18__7QdUtIAv8Uvr4pDHGLuBm7u8tSZfskk3gKgCE&sig=Cg0ArKJSzGUIIOrQqwcOEAE&urlfix=1&adurl=
Requested by
Host: adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
URL: https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
prebid_v4_21.js
hb.adpone.com/ Frame 9ECA 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/stats?i=ozq8lklz3e1znpqig3c&a=3f438269c50c900a489ac681b8b2a85d5&cb=0667781626937709524
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5194
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCPbBN7t2fucVHSYtB07FJ49ZDxyZKqx7ZwW%2FBBctMXpERsFjitnwZVHDijbXvlcDAyxECuATkZYnCKNe9x6SQmz%2Bku8LT3ZWkrtrbvZGgrmuVjZidqX2JVzQpgWi5ePYjGfCScZj%2BuBjXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
672ad68dcbb14eb6-FRA
fpi.js
ap.lijit.com/www/delivery/ Frame BA68 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=689163&width=300&height=250
Requested by
Host: likevertising.com
URL: https://likevertising.com/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=5089751626937709526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:29 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"60468d89-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap7ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
async.js
cdn.adtrue.com/rtb/ Frame 50F1 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b1&cb=1850571626937709536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
age
10490823
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
672ad68dc8bd5363-FRA
expires
Thu, 17 Mar 2022 21:01:26 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame 4E78 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=689161&width=728&height=90
Requested by
Host: likevertising.com
URL: https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2535&cb=7071071626937709538
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:29 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"60468d89-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap7ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 2496 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/syncro?i=b2q9ssvr0rctu7elxrne&a=56a2b13f3aa682806e16e152c8c768697&cb=9247031626937709541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5194
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SFpzee7qcDvh4tEKdWzJap623p%2FklNumQE3nqlQJoX73iqzu%2Bn%2BCFnwayX7QmBHW%2BEu6MCpUoOyYUE5%2F2CwN2dYwPRvvB6wDom9kzKS3oHbseeTFPX9mo6VX1zeY4aIUsv%2FoNBTQf9iT%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
672ad68ddbdf4eb6-FRA
prebid_v4_21.js
hb.adpone.com/ Frame 2048 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/syncro?i=b2q9ssvr0rctu7elxrne&a=71fe11d01084140e99d087fe51ae4cfc5&cb=4862661626937709537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5194
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUvcgqmrEBvyjlkpT3PLVsFr4j4jKxZhhaJXUm9xV5V3DCus4hmCDOapiQRysJfLKos4sLIIUsBfpfnNCLvnYW3CJV1ZDMXQ90PZMoCQ0V8509WevJMqWOiVvUzNI6rdjSWQ%2Fbtj6rf51u4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
672ad68dec014eb6-FRA
/
ads.projectagoraservices.com/ Frame D8B5 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=8136&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=8275681626937709540
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3703
expires
Thu, 22 Jul 2021 07:08:29 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 1F8A 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/user?i=b2q9ssvr0rctu7elxrne&a=381b3593439a32d7eb976a934b5655d65&cb=7042991626937709539
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5194
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9GL1WugNDIrmLxaJ70lIBu%2FwhUPGpWE%2Bysagv2BMBG3nqNG5%2FRX7JuB2Ig4Ihjq7VIZ92UmQpORDOKMZhXTIkCh8zPRkXWyrDAhcGQEU9vdFGOWytTnPw7c%2B7ADyXFPnXvUh%2FNObMI2G8ng%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
672ad68dec1e4eb6-FRA
/
ads.projectagoraservices.com/ Frame 6078 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=8136&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Requested by
Host: likevertising.com
URL: https://likevertising.com/stat?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=1059091626937709564
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3703
expires
Thu, 22 Jul 2021 07:08:29 GMT
async.js
cdn.adtrue.com/rtb/ Frame E1BA 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/async.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/syncro?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b5&cb=0553241626937709562
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 16 Nov 2020 01:20:45 GMT
server
cloudflare
age
10490823
etag
W/"5fb1d3ed-1c9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
672ad68df9255363-FRA
expires
Thu, 17 Mar 2022 21:01:26 GMT
prebid_v4_21.js
hb.adpone.com/ Frame 8E1E 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=381b3593439a32d7eb976a934b5655d61&cb=8808011626937709567
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5194
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nP1Xbug4RQVzzAKCyH9AV61aEUQzhkRPr9n8Pj7RVWh70SEnpN44cf6t%2FZblHrjnw5ag5LWmh6vltVvERHnUo0BAWAOK9R961pAew%2B24%2BfNEVS58w9TKSLsdEXInmoPfplgiD9E%2F9JFZJCw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
672ad68dfc454eb6-FRA
prebid_v4_21.js
hb.adpone.com/ Frame 75B2 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/usync?i=b2q9ssvr0rctu7elxrne&a=56a2b13f3aa682806e16e152c8c768693&cb=3808101626937709565
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5194
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NngqpApMUpLPCY5XhHgOpPTMzp2m2p3JsHtKNYX1jkoT5Rtwj2oY4ZXd8yx%2BVpevj0mFRpsmR6lG%2BhojDNEUvhkCQee3f5OdJ94O22oGSGJrT5btL3rpG8C2f7WwDAdMfVej%2BWqdnwqIdNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
672ad68e0c4c4eb6-FRA
prebid_v4_21.js
hb.adpone.com/ Frame 3A09 		302 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.adpone.com/prebid_v4_21.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/syncro?i=b2q9ssvr0rctu7elxrne&a=71fe11d01084140e99d087fe51ae4cfc7&cb=0834071626937709569
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5194
x-amz-request-id
8X8Z2AAXWD3RZ6XD
x-amz-id-2
bSmexo+TrMnKkcWOI6Tqa7TCfeGYYHMT4OsTT33XH7Bv6B0BShSDWSBlAdxGZAhGTnfnIdpPonw=
last-modified
Mon, 08 Feb 2021 16:04:15 GMT
server
cloudflare
etag
W/"7c64ec269c372f63980a99b0d62ff80e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXF5UoZQxUl5T%2BtUhq1KK8MHTVxezg8TijJY4S3JTU82NYRMp1n7SDBNCmca3lvaR4ljvWiWvXa6MHpAsjIThLmpI7P%2B0rIFR9rt0DeVXsPi%2BpTB8Xy%2BEqW1w%2BqZDqVE8sV%2FJvovxjJ18v0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
4iEuyd4JotkFGoSUTSV1UffB3iHQiIcX
cf-ray
672ad68e0c614eb6-FRA
fpi.js
ap.lijit.com/www/delivery/ Frame CA29 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=689161&width=728&height=90
Requested by
Host: likevertising.com
URL: https://likevertising.com/send?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=3876291626937709568
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:29 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"60468d89-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap7ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
integrator.js
adservice.google.nl/adsid/ Frame 4CCB 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4CCB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4CCB 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2033173021682209&correlator=4204260742642738&output=ldjh&impl=fifs&eid=31061161%2C31061818%2C20211866%2C21065724&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210722&iu_parts=21671350435%2C300x250-themoscowtimes.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie=ID%3D15c06ed0c5b61b24-22bb415e8ac80016%3AT%3D1626937708%3AS%3DALNI_MZqdy4w5N19kdRKuTLMy58KOP48OQ&cdm=www.themoscowtimes.com&bc=31&abxe=1&lmt=1626937709&dt=1626937709805&dlt=1626937709516&idt=268&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=1140&adys=484&adks=2351213819&ucis=wyfz40ibtwcn&ifi=1&ifk=2161904850&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.themoscowtimes.com%2F&top=https%3A%2F%2Fwww.themoscowtimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1305798905.1626937709&ga_sid=1626937710&ga_hid=590364968&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11959
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.themoscowtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 243E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 22 Jul 2021 07:08:29 GMT
expires
Fri, 22 Jul 2022 07:08:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prebid.3-25.js
projectagora.net/libs/prebidv3/ Frame E470 		360 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8135&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9028 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1713
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
7STB6VJT6WDA3MWJ
x-amz-id-2
/ys6rJm0v963RwJLIz1Vw+5I2kXtWUdGVY1NXs1SPMPvxGECyDtJJ9CarnGLKSFrT9GII9o7it0=
last-modified
Wed, 05 May 2021 10:36:16 GMT
server
cloudflare
etag
W/"fa7fdd65f39d0e16a18830e016d93050"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIiLMCHSIoKA4kSHMxNNoXcS%2FP%2BWysD2oYGvFMdcd8lmkCq%2Bu%2Bcp%2BvmwSND4qmI%2BIjla7QUgIvT1NOr1Vpl5rEEmhrSoWlo4blurmWENbjbYkjCRb33suOGmuBL31VsdbaY35ZvpXPHYl9y%2B2K7u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
672ad68e8a9c5363-FRA
impress
exchange.adtrue.com/delivery/ Frame 3AB2 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=17495&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=492262664&timeZone=2&adWidth=300&adHeight=250&loc=https://www.themoscowtimes.com/
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
server
nginx
x-adtrue-instance
java1
content-length
4586
content-type
application/javascript
prebid.3-25.js
projectagora.net/libs/prebidv3/ Frame D8B5 		360 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8136&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9028 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1713
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
7STB6VJT6WDA3MWJ
x-amz-id-2
/ys6rJm0v963RwJLIz1Vw+5I2kXtWUdGVY1NXs1SPMPvxGECyDtJJ9CarnGLKSFrT9GII9o7it0=
last-modified
Wed, 05 May 2021 10:36:16 GMT
server
cloudflare
etag
W/"fa7fdd65f39d0e16a18830e016d93050"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMhMHQNHHdCjU%2FtmoFx3YKCWri4EXCTzNwn4hjC0ImiFY3bZcFPIvNUQpa3qVdaO4adYWEiWJL2EY4CrNhZfBywayPpAJg2pittpM%2BXWnpCh5Nbyg7QYO%2BafAlorhx%2BpwQJFQ8Dl8NZS1rxb4RPA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
672ad68e8aa45363-FRA
prebid.3-25.js
projectagora.net/libs/prebidv3/ Frame 6078 		360 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8136&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:9028 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1713
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
7STB6VJT6WDA3MWJ
x-amz-id-2
/ys6rJm0v963RwJLIz1Vw+5I2kXtWUdGVY1NXs1SPMPvxGECyDtJJ9CarnGLKSFrT9GII9o7it0=
last-modified
Wed, 05 May 2021 10:36:16 GMT
server
cloudflare
etag
W/"fa7fdd65f39d0e16a18830e016d93050"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFW%2FqWIu8PxVfgGtBiKgDzGFLptiRlLWBXLrAKjYSRYqGkTZl4XDRJJJTCa5D2VUuLJK9mPTfIPSjT49n3JMqq5hxQ1ldM86DhNtR3QTOnqgBC5aWFczYyUJybItYROJ3SE%2B%2BVJvItDjkBbKVmx9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
672ad68e8aa65363-FRA
integrator.js
adservice.google.nl/adsid/ Frame 85C9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 85C9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 85C9 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1736153969817316&correlator=234354403725045&output=ldjh&impl=fifs&eid=21068767%2C31061763%2C20211866&vrg=2021071301&ptt=17&sc=1&sfv=1-0-38&ecs=20210722&iu_parts=21671350435%2C970x90-themoscowtimes.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&cookie=ID%3D15c06ed0c5b61b24-22bb415e8ac80016%3AT%3D1626937708%3AS%3DALNI_MZqdy4w5N19kdRKuTLMy58KOP48OQ&cdm=www.themoscowtimes.com&bc=31&abxe=1&lmt=1626937709&dt=1626937709872&dlt=1626937709533&idt=318&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=90&oid=2&adxs=315&adys=12&adks=3938885534&ucis=ybtebwp8vkfr&ifi=1&ifk=2358820106&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.themoscowtimes.com%2F&top=https%3A%2F%2Fwww.themoscowtimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90&msz=970x-1&ga_vid=1305798905.1626937709&ga_sid=1626937710&ga_hid=1997740985&ga_fc=true&fws=256&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9760
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.themoscowtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C605 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 22 Jul 2021 07:08:29 GMT
expires
Fri, 22 Jul 2022 07:08:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
impress
exchange.adtrue.com/delivery/ Frame A3EA 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=17496&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=3666695480&timeZone=2&adWidth=728&adHeight=90&loc=https://www.themoscowtimes.com/
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
server
nginx
x-adtrue-instance
java1
content-length
2640
content-type
application/javascript
integrator.js
adservice.google.nl/adsid/ Frame 50DD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.nl/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 50DD 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.themoscowtimes.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 50DD 		109 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=75747363110516&correlator=4360477596324096&output=ldjh&impl=fifs&eid=31061816%2C31061818%2C44741898%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210722&iu_parts=21671350435%2C970x90-themoscowtimes.com&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&cookie=ID%3D15c06ed0c5b61b24-22bb415e8ac80016%3AT%3D1626937708%3AS%3DALNI_MZqdy4w5N19kdRKuTLMy58KOP48OQ&cdm=www.themoscowtimes.com&bc=31&abxe=1&lmt=1626937709&dt=1626937709929&dlt=1626937709559&idt=362&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=90&oid=3&adxs=315&adys=3270&adks=3938885534&ucis=j606snpbakqs&ifi=1&ifk=2358820106&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.themoscowtimes.com%2F&top=https%3A%2F%2Fwww.themoscowtimes.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x90&msz=970x-1&ga_vid=1305798905.1626937709&ga_sid=1626937710&ga_hid=743442623&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/CC_Display_VoiceVideo_728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/CC_Display_VoiceVideo_728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKOCmaKP9vECFU-Uewod_bQHFg&gqi=&layout=/sadbundle/%24csp%253Der3%24/1774599441615069123/CC_Display_VoiceVideo_728x90.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/CC_Display_VoiceVideo_728x90.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/CC_Display_VoiceVideo_728x90.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKOCmaKP9vECFU-Uewod_bQHFg&gqi=&layout=/sadbundle/%24csp%253Der3%24/1774599441615069123/CC_Display_VoiceVideo_728x90.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30828
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Thu, 22 Jul 2021 07:08:30 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.themoscowtimes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E012 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 22 Jul 2021 07:08:29 GMT
expires
Fri, 22 Jul 2022 07:08:29 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sync
ap.lijit.com/ Frame BA68 		87 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=689163&width=300&height=250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 20:48:41 GMT
Server
nginx
ETag
W/"60468da9-15bdc"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap7ams1
Expires
Fri, 23 Jul 2021 07:08:29 GMT
sync
ap.lijit.com/ Frame 4E78 		87 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=689161&width=728&height=90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 20:48:41 GMT
Server
nginx
ETag
W/"60468da9-15bdc"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap7ams1
Expires
Fri, 23 Jul 2021 07:08:29 GMT
sync
ap.lijit.com/ Frame CA29 		87 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=689161&width=728&height=90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:29 GMT
Content-Encoding
gzip
Last-Modified
Mon, 08 Mar 2021 20:48:41 GMT
Server
nginx
ETag
W/"60468da9-15bdc"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap7ams1
Expires
Fri, 23 Jul 2021 07:08:29 GMT
impress
exchange.adtrue.com/delivery/ Frame 0595 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/delivery/impress?pzoneid=17496&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=955274615&timeZone=2&adWidth=728&adHeight=90&loc=https://www.themoscowtimes.com/
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
server
nginx
x-adtrue-instance
java2
content-length
4583
content-type
application/javascript
createjs.min.js
code.createjs.com/1.0.0/ Frame 2745 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/1776344/4911503909/1620363419657/970_250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Thu, 22 Jul 2021 07:23:29 GMT
K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js
pagead2.googlesyndication.com/bg/ Frame C97A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 20:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
555238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13214
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 20:54:31 GMT
prebid
ib.adnxs.com/ut/v3/ Frame E470 		142 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0b1738be-85bb-4242-bbe1-83f63e6d84e8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
142
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame E470 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b11%3b123
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://likevertising.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
translator
hbopenbid.pubmatic.com/ Frame E470 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://likevertising.com
date
Thu, 22 Jul 2021 07:08:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame E470 		241 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=298380&zone_id=1600878&size_id=15&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fwww.themoscowtimes.com%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=eb9acd97-903e-40b4-ba7b-b1db164ed5ce&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8950640069681615
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D8B5 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2628ca21-7c3e-4038-8caf-df8155335172
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame D8B5 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=298380&zone_id=1600890&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fwww.themoscowtimes.com%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=f538871b-ecfc-484a-ab4c-2b2f3499b734&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.38042236899267134
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ Frame D8B5 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://likevertising.com
date
Thu, 22 Jul 2021 07:08:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame D8B5 		974 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b4%3b43
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://likevertising.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
adcfg
ap.lijit.com/ Frame 4E78 		158 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=689161&tid=5eaf9652350b46acaca37b64aff3f23a3079911c&mode=1&dmn=www.themoscowtimes.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:30 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
145
adcfg
ap.lijit.com/ Frame BA68 		159 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=689163&tid=09a24e91fe314e2abb6caefeb9c7cecd6c74f3e1&mode=1&dmn=www.themoscowtimes.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:30 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
146
adcfg
ap.lijit.com/ Frame CA29 		158 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=689161&tid=6cdefdf47f8a444196e95faace87859893d7a9b8&mode=1&dmn=www.themoscowtimes.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:30 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
146
translator
hbopenbid.pubmatic.com/ Frame 6078 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://likevertising.com
date
Thu, 22 Jul 2021 07:08:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 6078 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
dbd3b101-b5ef-4c93-a1f4-73e36c48ec39
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ Frame 6078 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:29 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b3%3b40
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://likevertising.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6078 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21034&site_id=298380&zone_id=1600890&size_id=2&gdpr=0&rp_schain=1.0,0!projectagora.com,100489,1,,,&rf=https%3A%2F%2Fwww.themoscowtimes.com%2F&tk_flint=pbjs_lite_v3.25.0&x_source.tid=36e24733-2153-4c64-8114-3d2ad04ba5ad&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7076340876142475
Requested by
Host: projectagora.net
URL: https://projectagora.net/libs/prebidv3/prebid.3-25.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
970_250_atlas_.jpg
s0.2mdn.net/dfp/1776344/4911503909/1620363419657/images/ Frame 2745 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dfp/1776344/4911503909/1620363419657/images/970_250_atlas_.jpg
Requested by
Host: adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
URL: https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/dfp/1776344/4911503909/1620363419657/970_250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 07:32:40 GMT
x-content-type-options
nosniff
last-modified
Fri, 07 May 2021 04:56:59 GMT
server
sffe
age
84950
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70952
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:32:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 43BA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuykgz8NnBBczGHrZlvCnnddEFIZ4JgH6wl06EIn3VnWcuRX2804lw7QOBhyToQbKOFDGL154vT2B9Uwd2wUT5cznkjeJheijDeo7AyjmSKqfpB2_CaA_8KO_qsYhJOabROgzNE61dpIHDuPBSlM8ZFldIsV7CAEmLh1Jz4ZbvE0Kry8MqfQdKNjrctADD4Zl4TkDKbVnt68Ul70tnL_-CI7qWl63hPbtspAlKGrVysog6PkQ5gSiqIn32kOwKMokJlg5B0gbUB4nVWz0UO7CWkaM0QGk8OgHVGz0hONNV8dPj3NBT_uw-i7RP-5rzN4maUbRCu77OcmcE5Jaudyw&sai=AMfl-YQwoLlnFtgvZXwIILaX8r_CDZFaVXF4Uv5X1-h8UAlKV0f9ea8UAy-ybzbsNrISQBROJmCImNbxXuXAKmxbhbR736nWk2PyU8p9pAVK5Zpe0sJRFn_YXnm7T1HX2fc&sig=Cg0ArKJSzDaF-Ne0o8saEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 22 Jul 2021 07:08:30 GMT
addelivery
ap.lijit.com/ Frame 4E78 		261 B
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=689161&tid=a_689161_7fa28fc915a4410ea5c10eed02d9feef&cb=undefined&mode=1&flv=0.0.0&ifr=true&od=www.themoscowtimes.com&time=07%3A08%3A30&fd=1&be=sf&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fwww.themoscowtimes.com%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_689161_7fa28fc915a4410ea5c10eed02d9feef
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:30 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
210
addelivery
ap.lijit.com/ Frame BA68 		261 B
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=689163&tid=a_689163_64c7450fef2241569ad36138e6c19fa3&cb=undefined&mode=1&flv=0.0.0&ifr=true&od=www.themoscowtimes.com&time=07%3A08%3A30&fd=1&be=sf&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fwww.themoscowtimes.com%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_689161_7fa28fc915a4410ea5c10eed02d9feef
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:30 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
212
addelivery
ap.lijit.com/ Frame CA29 		261 B
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=689161&tid=a_689161_660c52d31a614b05938a8325de33da82&cb=undefined&mode=1&flv=0.0.0&ifr=true&od=www.themoscowtimes.com&time=07%3A08%3A30&fd=1&be=sf&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fwww.themoscowtimes.com%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_689161_7fa28fc915a4410ea5c10eed02d9feef
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:30 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
211
Cookie set beacon
gslbeacon.lijit.com/ Frame D4B7 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Host
gslbeacon.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://likevertising.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=a7614e7bcdf0eedd8e91233c
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

Server
nginx
Date
Thu, 22 Jul 2021 07:08:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJxlkDsWwzAIBO%2Bi2oVAIMBXy8vd%2FSJXTMrhs7vwGTJu2RpTTWReY%2B%2FDKRbrx9pxdQzpLBP9Vy3c1E8fclUVf5WEJhIlPBKZ0sAO5oXcR6IszL%2F7u3LWSYw8Gv3mBT%2BDn0HfMe%2FtH98HfBtUSw%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 22-Jul-2022 07:08:30 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 22-Jul-2022 07:08:30 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=a7614e7bcdf0eedd8e91233c;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap2ams1
containertag
ap.lijit.com/ Frame 4E78 		49 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=689161&v=2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap7ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap7ams1.lijit.com/addelivery/ Frame 4E78 		43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap7ams1.lijit.com/addelivery/impression?bannerid=0&campaignid=232&zoneid=689161&tid=a_689161_7fa28fc915a4410ea5c10eed02d9feef
Requested by
Host: likevertising.com
URL: https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2535&cb=7071071626937709538
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
container.html
f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A2EC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 22 Jul 2021 07:08:29 GMT
expires
Fri, 22 Jul 2022 07:08:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 4CCB 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626736025986498"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28059
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4CCB 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8526
x-xss-protection
0
containertag
ap.lijit.com/ Frame CA29 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=689161&v=2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap7ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap7ams1.lijit.com/addelivery/ Frame CA29 		43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap7ams1.lijit.com/addelivery/impression?bannerid=0&campaignid=232&zoneid=689161&tid=a_689161_660c52d31a614b05938a8325de33da82
Requested by
Host: likevertising.com
URL: https://likevertising.com/send?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=3876291626937709568
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 28EB 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8136&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:356b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1715
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
A9XFDQZ2GN2GNC7J
x-amz-id-2
6jcIV+hxJoVCclc60WoYMrWHv6DeHWIYj7/1Flj+kmbFgaSI+Rv4Ql1tT4UpkqwkiLEPCLaLj8I=
last-modified
Tue, 20 Jul 2021 08:31:03 GMT
server
cloudflare
etag
W/"2d16b383f5bd347613b311222e31c59d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vy4HmF4hEUQhdrvGv3vl88cSDwiFQCbnEz1YOI2qCOfBDC0YMl4zBZt5pOlf78qzbnAvS3hkpTFQiiVmwhInn%2B6oA3QPzIGRJgCTwOJRden1%2BTWZgqA3A1tL%2BJo8aMLn%2F1PaCPdcP90mBDX1ENhb88HIgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
672ad6918bae2bad-FRA
/
projectagora-483829-hdb.adomik.com/ Frame D8B5 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiODNjOWJlZDUtN2MwOC00NDQyLTljYjMtYzZlMmExNWZkYmM1IiwiaG9zdG5hbWUiOiJsaWtldmVydGlzaW5nLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiUlVCSUNPTiJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX0seyJwbGFjZW1lbnRDb2RlIjoiMTg2MDQ1NzlfdGhlbW9zY293dGltZXMuY29tX3Jvc183Mjh4OTAiLCJzaXplcyI6W3sid2lkdGgiOjAsImhlaWdodCI6MH1dLCJldmVudHMiOnsicmVxdWVzdHMiOltdLCJyZXNwb25zZXMiOlt7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIiLCJwbGFjZW1lbnRDb2RlIjoiMTg2MDQ1NzlfdGhlbW9zY293dGltZXMuY29tX3Jvc183Mjh4OTAiLCJpZCI6IjkwMGVhMTBjN2YxZDYyIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjE2MSwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIiwicGxhY2VtZW50Q29kZSI6IjE4NjA0NTc5X3RoZW1vc2Nvd3RpbWVzLmNvbV9yb3NfNzI4eDkwIiwiaWQiOiI5MDBlYTEwYzdmMWQ2MiIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLCJzaXplIjp7IndpZHRoIjowLCJoZWlnaHQiOjB9LCJ0aW1lVG9SZXNwb25kIjoxNjEsImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fV19&id=83c9bed5-7c08-4442-9cb3-c6e2a15fdbc5&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.243.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-243-79.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 68B9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8135&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:356b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1715
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
A9XFDQZ2GN2GNC7J
x-amz-id-2
6jcIV+hxJoVCclc60WoYMrWHv6DeHWIYj7/1Flj+kmbFgaSI+Rv4Ql1tT4UpkqwkiLEPCLaLj8I=
last-modified
Tue, 20 Jul 2021 08:31:03 GMT
server
cloudflare
etag
W/"2d16b383f5bd347613b311222e31c59d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGxBNkQLKwKy423okUKM%2BoP4MgmU4tADpF1Z5R0Af8gXCaDjlnTqq%2FC5Q6Tan6wXCxc0cNfh2RCJTokaXoBOSL39iPylvuVfcn%2Ft%2FbcxbeiautY2TzvMFJELUcZ14YdTaDP%2FPxE1ko9ZA4ilesYMruEv1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
672ad6918bb52bad-FRA
/
projectagora-483829-hdb.adomik.com/ Frame E470 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiOGQzOGExMjQtOTQyYS00YWYxLTk5NzItNmZmOWRiZmI4ZjA5IiwiaG9zdG5hbWUiOiJsaWtldmVydGlzaW5nLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IkFQUE5FWFVTIn0seyJiaWRkZXIiOiJBUFBORVhVUyJ9LHsiYmlkZGVyIjoiU01BUlRBRFNFUlZFUiJ9LHsiYmlkZGVyIjoiUFVCTUFUSUMifSx7ImJpZGRlciI6IlJVQklDT04ifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX0seyJwbGFjZW1lbnRDb2RlIjoiMTg2MDQzNTZfdGhlbW9zY293dGltZXMuY29tX3Jvc18zMDB4MjUwIiwic2l6ZXMiOlt7IndpZHRoIjowLCJoZWlnaHQiOjB9XSwiZXZlbnRzIjp7InJlcXVlc3RzIjpbXSwicmVzcG9uc2VzIjpbeyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIiwicGxhY2VtZW50Q29kZSI6IjE4NjA0MzU2X3RoZW1vc2Nvd3RpbWVzLmNvbV9yb3NfMzAweDI1MCIsImlkIjoiOTE2ZjEyMTM2MzljMWQiLCJzdGF0dXMiOiJWQUxJRCIsImNwbSI6MCwic2l6ZSI6eyJ3aWR0aCI6MCwiaGVpZ2h0IjowfSwidGltZVRvUmVzcG9uZCI6MTU4LCJhZnRlclRpbWVvdXQiOmZhbHNlfSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIiLCJwbGFjZW1lbnRDb2RlIjoiMTg2MDQzNTZfdGhlbW9zY293dGltZXMuY29tX3Jvc18zMDB4MjUwIiwiaWQiOiI5MTZmMTIxMzYzOWMxZCIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLCJzaXplIjp7IndpZHRoIjowLCJoZWlnaHQiOjB9LCJ0aW1lVG9SZXNwb25kIjoxNTgsImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fV19&id=8d38a124-942a-4af1-9972-6ff9dbfb8f09&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.243.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-243-79.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
pa_backupads_lib.js
projectagoralibs.com/libs/ Frame 7CE1 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagoralibs.com/libs/pa_backupads_lib.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=8136&uref=https%3A%2F%2Fwww.themoscowtimes.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:356b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1715
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
A9XFDQZ2GN2GNC7J
x-amz-id-2
6jcIV+hxJoVCclc60WoYMrWHv6DeHWIYj7/1Flj+kmbFgaSI+Rv4Ql1tT4UpkqwkiLEPCLaLj8I=
last-modified
Tue, 20 Jul 2021 08:31:03 GMT
server
cloudflare
etag
W/"2d16b383f5bd347613b311222e31c59d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W9e4oNmsJJFK2NFXNwQc6%2Fda21Cv94fvjT%2FhuR%2F823irrwx9O7x8RqvyJZaj70trrZjPHKPQ78OsRvOcxdeZuziEDIwYIyMXYUeXiHnXJa4YlbapYAGRCUU8EEp7cpXEI733bYWaMGD8gauZXlX6m6FxCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
672ad6918bb62bad-FRA
/
projectagora-483829-hdb.adomik.com/ Frame 6078 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://projectagora-483829-hdb.adomik.com/?q=eyJ1aWQiOiJwcm9qZWN0YWdvcmEtNDgzODI5IiwiYWhiYWlkIjoiNDljNzIwNGEtNjIxZS00YjY0LWFhMDItYzViODJmMmQxMzUwIiwiaG9zdG5hbWUiOiJsaWtldmVydGlzaW5nLmNvbSIsImV2ZW50c0J5UGxhY2VtZW50Q29kZSI6W3sic2l6ZXMiOltdLCJldmVudHMiOnsicmVxdWVzdHMiOlt7ImJpZGRlciI6IlBVQk1BVElDIn0seyJiaWRkZXIiOiJQVUJNQVRJQyJ9LHsiYmlkZGVyIjoiQVBQTkVYVVMifSx7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIifSx7ImJpZGRlciI6IlJVQklDT04ifV0sInJlc3BvbnNlcyI6W10sIndpbm5lcnMiOltdfX0seyJwbGFjZW1lbnRDb2RlIjoiMTg2MDQ1NzlfdGhlbW9zY293dGltZXMuY29tX3Jvc183Mjh4OTAiLCJzaXplcyI6W3sid2lkdGgiOjAsImhlaWdodCI6MH1dLCJldmVudHMiOnsicmVxdWVzdHMiOltdLCJyZXNwb25zZXMiOlt7ImJpZGRlciI6IlNNQVJUQURTRVJWRVIiLCJwbGFjZW1lbnRDb2RlIjoiMTg2MDQ1NzlfdGhlbW9zY293dGltZXMuY29tX3Jvc183Mjh4OTAiLCJpZCI6IjljNTllNTBhYzZmMGJjIiwic3RhdHVzIjoiVkFMSUQiLCJjcG0iOjAsInNpemUiOnsid2lkdGgiOjAsImhlaWdodCI6MH0sInRpbWVUb1Jlc3BvbmQiOjE1NCwiYWZ0ZXJUaW1lb3V0IjpmYWxzZX0seyJiaWRkZXIiOiJTTUFSVEFEU0VSVkVSIiwicGxhY2VtZW50Q29kZSI6IjE4NjA0NTc5X3RoZW1vc2Nvd3RpbWVzLmNvbV9yb3NfNzI4eDkwIiwiaWQiOiI5YzU5ZTUwYWM2ZjBiYyIsInN0YXR1cyI6IlZBTElEIiwiY3BtIjowLCJzaXplIjp7IndpZHRoIjowLCJoZWlnaHQiOjB9LCJ0aW1lVG9SZXNwb25kIjoxNTQsImFmdGVyVGltZW91dCI6ZmFsc2V9XSwid2lubmVycyI6W119fV19&id=49c7204a-621e-4b64-aa02-c5b82f2d1350&part=0&on=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.243.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-243-79.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4CCB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:30 GMT
t.dhj
pxdrop.lijit.com/1/d/ Frame 4E78 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=likevertising.com&GDPR_v2=&pubid=AdPone1
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Thu, 22 Jul 2021 07:08:30 GMT
pixel
ps.eyeota.net/ Frame 4E78 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=&pid=51md42u&t=gif
Requested by
Host: likevertising.com
URL: https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2535&cb=7071071626937709538
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:30 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
merge
ce.lijit.com/ Frame 4E78
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=a7614e7bcdf0eedd8e91233c/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/5/ct=y/c=5436/tp=SVRN/tpid=a7614e7bcdf0eedd8e91233c/gdpr=1/gdpr_consent=/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=5001&3pid=5e429828c691e81e20c3012106c53070&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=5e429828c691e81e20c3012106c53070&gdpr=1&gdpr_consent=
Requested by
Host: likevertising.com
URL: https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2535&cb=7071071626937709538
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=5e429828c691e81e20c3012106c53070&gdpr=1&gdpr_consent=
cache-control
no-cache
x-server
10.45.13.235
content-length
0
expires
0
ct
ap.lijit.com/data/ Frame 4E78 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_689161_7fa28fc915a4410ea5c10eed02d9feef&zoneid=689161&cid=18&geo=NL&all_tags=185%2C203%2C205%2C248%2C429%2C458%2C462%2C465%2C490%2C515%2C520%2C523%2C541%2C543%2C561%2C563%2C565%2C578%2C589%2C590%2C600&tss=92%2C93%2C94&fired_tags=520%2C541%2C590&count=3&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C8%2C1%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C32&elapsed_ms=95
Requested by
Host: likevertising.com
URL: https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2535&cb=7071071626937709538
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
X-Sovrn-Pod
ad_ap7ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
t.dhj
pxdrop.lijit.com/1/d/ Frame CA29 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=likevertising.com&GDPR_v2=&pubid=AdPone1
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Thu, 22 Jul 2021 07:08:30 GMT
ct
ap.lijit.com/data/ Frame CA29 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_689161_660c52d31a614b05938a8325de33da82&zoneid=689161&cid=18&geo=NL&all_tags=248%2C429%2C458%2C465%2C490%2C523%2C543%2C578%2C590%2C600&tss=108&fired_tags=590&count=1&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C32&elapsed_ms=109
Requested by
Host: likevertising.com
URL: https://likevertising.com/send?i=b2q9ssvr0rctu7elxrne&a=798b3c9db127d443eca7398dcf6ff2537&cb=3876291626937709568
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
X-Sovrn-Pod
ad_ap7ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame A33A 		624 B
350 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COPJBxCc80UYmezwrAEwAQ&v=APEucNVMqsCvoKvyfy7Be0iJTzhbTDquhd4A3ErRR3Pu0h4_j3LDyNH6AFLbINlaLa-WNXkq38IOww3I4oaW9xrCHC3zjBCL-Uvu9uorxP7CvBFTRJqHNX8bNOeXZjjx2GIIaoMu9xQkrLTC2Rpf1_bMGqJ2ULr220oxWZV-if_hpO5-mYKNiJg
Requested by
Host: f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
URL: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=COPJBxCc80UYmezwrAEwAQ&v=APEucNVMqsCvoKvyfy7Be0iJTzhbTDquhd4A3ErRR3Pu0h4_j3LDyNH6AFLbINlaLa-WNXkq38IOww3I4oaW9xrCHC3zjBCL-Uvu9uorxP7CvBFTRJqHNX8bNOeXZjjx2GIIaoMu9xQkrLTC2Rpf1_bMGqJ2ULr220oxWZV-if_hpO5-mYKNiJg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlGMlCiuI-o8YmKQtvposZe_2fzxWxMikrLzwnwt-zYnseS7vcUTktb67Ric-o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 22 Jul 2021 07:08:30 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame A2EC 		11 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmzXMzPs7IMDBm8EK9AttKYx3mvNz7xCTe6rKClenZwA55deehNxhQDhkKjQ5-Ba40QXtRh7sRAuSHxaE30ub83OOONHsCfYh1fVGZCMgPI4XXr7WK5usuTgIXVkO43XmhV5NtexUJBwwgQBrTU7t2HerKBA&dbm_d=AKAmf-Drl-po34kjorrxvo8ZkaSJWazDStkNnWzhJ5r8WBUsqrGjsVykUU8E6ULEEoDVkPPJiW5pw8I2c29U1cWRy5KqXugF_z_oboWWdqHOkjAWX2igu4pUY7klTg4EzYk6cOLsgCDa31je2VwY87Df6t-MzrTLFcoPe6GfnuZmbkvojTVcz45ojhHMCM3A1b9hUbKVzsOnqCGkvM7RAhMsZ0Ud8eQa98lCwh-LG_ZXxMXXnj55jjXz4o9upH_P1nsJr7C2XpMC_JCMqZJkjL2gPEN2txprYsC6EGMqH7enjjvsRwGUFn4ItBvEtyGkhSnmV2KXmDmnLLjPM6z8VImiCfkHqH1oN_1Ge1SQ2QRbIHcJLv6NW8DxAKA6RjygbxYhdDwpClIjKC08fqzP9htJ5iQVBvzTu2tCxKiu_jAo78LPhuYR6zNw8zVuX-VE4vsmUXA0Lf3Zb7Pu7pDUYstzt4jicNhu9Nsr6ebhOzxZVAjWjVXcE0WbF7ni0Rrfm5UtbW6EJL2F1u-uP7CfWGcsFSgfNlraJdbvm6jNdKZsXCkzP8mLxbc8xmTTWA5f4CMSxBE1__0dWizRP8NxSLUS_9jtL1tzuWrwehtUnRuH8nsP5HMJ9VikHRf9YEjTPQ8HCljL8YuZnH9sHzntLEFvY6tfzG18hM4_Eg98nYgfq-ZX_2qTGpzkDPhMxUBXXlK49J-rcRj-0YjEsuf-koiDY5wLUeIrBeuuA7U2G8yOEVDCSwwSTixX8eEfywynUhYoOLTEOtLwhoygrgqBOpDjZ1U9sZkyWrCrv-x1wGQ2Z977mUDlDRcuNxmMj7wBKJiEvUQv0KzM6Cv9pzZcIoKmyAvwzmg4kqZfMuFZMRrr9fpRixR1An0LQYf1GAO2QM0cl7M-MDlWdvlvCcIB2fqKbL9-HTJ4W4Vwu-tTDUdYOMl9IxaGOUVl9FvSsybPRjpHpNdjYXwI8ybliYVxhyzOyl1vIHa32R8nY7w6Q_3cvup63hKTCE3V8NGSN9ip9VKXNZtls32YACiskZGFbxDe2LckxMZYcw_txvOMeKnP8Qa1dhyk_DrG7Goyzvew-gvQXxtHvhEfPuW6XGVxUXtotHgMJWSW9fVxTRp5uJpqIBcSzSWYKnw4vXyq2lI6rEgc5-1bztTA7WZ08KcNLkmONA9JK8NM4h-jvf-qrAIPA0aVEhxOGwh6SlSgfs_W9Ck25bIO4AOv1lX5055QyxoAY8SY47DeXH30zh9hRlIQUn6x3fkxJe9mGQpRYny6ahOeT3cMEP-RSHbykq64bPVFBCywlUbe-ZBt6H9nJ7ubbZSf4cOpfbtIX5uBmwSpvNs7wJxzSDvYczVOne7XMmV3GgQ0qXASeJ6OIBvd9TzQJJeOuyOFsjC_N7_YwXDXzRJsoLOkMbTrjq7_Qm4VRrwFEKZuACuTBLGeuWfY5p1qcz9ZIrF9isP0czfnmBk3wtQSpDkBQybVrxg8N1FZPNV9Gig-3QqIaLvrGpTYWTLPbYwj7z0elvERG8F9ClzTplBgR1AuUwlEVrir-c-hp7EjLTeMgx-RaoM-c7Bfs-wRTike7e_WSnBXtbkVUqcLeOqmV2DWQhsBQgys7v-0dV9A8DePll141BH-Fx_w0wphxgQwxBONsjVfP8HV_hcjrz14zLL7Nfn0r3111GfdFLMws5WJSr7LeREslcdMuqbokcigi-__TK_-QTTiBZ1HuZYhEaPI-wHawqwKAa9TSrh8U9Kq2Ndy08IpLuNajt6H2Ko5dUl7Bl6g_i2O1sUyOrA5UP5k2UJbtmv5dLS0SoKQWfclLI6NNR095X6rnCBmo9Oa2-ZwzPaTN2x_DmT3AOruEwUyPBm1J4Ys4pxTfQkGrLoRIDlqziRtMAhwh9iMFl-XwDh9DYmEDHhxeap9nkG1pO4rpvMy6dz-CuiE3mq6FYk-8BTr8fLu4OgPKvZJxJM8qic7K8nEDbTcliTzgwyc8qCnNLUF_jP0Kz1Hg7SlEHOn34q6y18_hwW9eUcTWRsKxOAxbdMGMe-AV_d4qpUUJP2enkiwkS4aqnfZe6b5cgL18jCF7EKBESVVaN95fjC9hvMvraRs_SzcXmM_9xJyd5-4qMpZwgFI5UPEYwBSbPM_-9GXu4to7N4PzaDwmFokGAjGkv-WGg4eDX1XltDcau8V8xMPA4_gNAIq-SqWbr3Pwoo0P2t0iyRfIPIyUV6HUaREUnRdYHe1YJcsfPhatzXOLUJBJAp52ek0outfkpevn7dPE_EIPtsaqehPtnRvcnARFKSBxW25tSG3YbzphU6sp5Yrpd0Ahm5I_brJgn3_8M3yglC65Bbausbzgc_o79IeVijzQK_CElwysc2PcebFGIj1kzVndBjycR3H16jNsqDYczxPOml7YzLhMrNUFCMqMxwbVvhVZscHyT0SgxQWrEhbldG1b4Qwo-uCdtW9h_PmVhlUYvXEZgMA0fkWf_bVZpA2dynSC2p0udzk0s2iGG8NZ23yuGSQWosAVNqcGCgdEVwhmwGWffbgZ7mWKjfKy48JUNn5PdxDV-26H5w8kSfs4o4Ovor0N-TVtpOEEnlWkAsq5I8KXKlu-3Dkb828aPp24ovNn4tKyvzCMVHFyx6kBgU-M8uJemQBXh28-zSadnTQ3iKnhZtTl58uwhFzCnRfL1ROTXz6xVdRnn50-jKuEfSkaQzFCuNFY7W1yDaYy8L0iT93Z4QaC9kIyr1rN8fyxho7_R8iwYQopkHdbr1lwHmicx9JT-_rVWGVWJhj9C4_vmSOsh9GbN_htZ7PNKFkz3T-PN1nMlhs1MqpFrW_Zka6F3-m-CK1cUXHWqaZDQ&cid=CAASEuRov_GxNnfDTu9ZuTcRp7y3Bg&rfl=3%2Chttps%253A%252F%252Fwww.themoscowtimes.com%242%2C%2Chttps%253A%252F%252Fwww.themoscowtimes.com%252F%240
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8769
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A2EC 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dch-KvWtsy42dfrW9Mv5KqIIKXN-JawLniU_Z52AH082k0XamJVz1CxTshSulntiMLqSxPOAiXimdDct31tzJE8--yPMiRzRpBzSnwUBYBNnYTWBo
Requested by
Host: f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
URL: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame A2EC 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU8axF8QPuCzIfC2WZ0v7IMvGvt5D8Bwp9U-SDKtSym1TC3two&d=CnkAoCZ_4H51IzU_YhNUn1N5_ew6YkFHdgXMocpcaNFdWEenvlNQfFzcoiLBHJrVRRXD_KGzunsTpfJGpRH3JxHfusVZlHAwWNi9G59u-azVM9V5S4WIMv7YZGpYJjSZWAW3MPdqx8RkdgXm_uJcpDkDY8EETM3utLnAEukSAKAmf-ClJq3xRlRfFtbgriUmHDowivqxp4PIOwX31rpZ_S-VPCNaW2itx6XAvadZJ4V76ASms2IVTrIMNtUESaLRV__gi-aNlmm2ahpimNyo-8SaOMaHnWqVTXw1s6YLq7hPIwtBy4-lrCIQ32iEcX38UcnafXJjQJUbXZfWbc3O4KG4-THeWMvsf2rme5ecphMGdfjFFctHXHs9X22X3hM04sZx4kEfJWGcJLP7SqoKfchJDkflGt8QOjJtyJczhEReyKepkBeEMPWJ3jYN51dqW_zPzMRPZ7QaSzFx4_mESktphCG-vbzrg1XPMbwGiLSaC6Xm_9N6MYC1XtwvUQXcxuzpmQUlNfdLCIfcD-enqsK0Y8_6YJLlxK3wfYE4t9CkRH0X8_kVHTtszQAnFL83u6TmHzhqUD-igQYGZoe3Kj8rTDAADdGRN1lE9dfBngUv370xLpSnDjSDQRmMH4xQ68tAJgHmTFxohoYC9QxgXs713cf94WkWFTco8J2n573BCnIB9jEuX5QwaOpOumBFSDyLWGFkY6Q39RnTLAzj6_8x9GH1nK41_bS89ZAq3vSRluejPOf5VOzbZMNJaUQg9ENavWabS9erGj_JGjlEO-ZaONKha-qLsineMKFlDSClXSl7WfL_-7NUIvEGxFuvn74AoSz893GzqSW_js1Jqr8Fv_6M55NOwpsGRe7OwKoSb5pDmijAJ0EaKefpvdoiMUhdm0n8Bw4CEEpci_sTImmX9Jh1M-IfDfZXOrtcPnScWhc7DHX11W0aUvdrr_J3KthTAEAtxY5KyZFcCHq5HDvj8-hGx41dAmatSvKfgmxb-7dZRjOFGZGmbV5l0nuXgordpEULNTKLIa9b7t5oWrF5mGk1cu66cStorNQauKBX42oSEHnGG_Vsz1PeaU23n7MZuj5S91U8t-u7xegc0KrqgCQEpAV1fR7AMde0Z21DqLBnTU2wihcPsqtThVATnfaKm0g7v5egd7m6yINIQfnDiEmj0DgRahtwS6QkaretF5xi0fv5WshlLTu596ahx8da2pmQstGfMHCjsPRYO_dCbFIegz7dRp4HjoSlO-dqETzgFyj-NUz14NY-nVMcpUj04tC7KS9v7k34mbEgi40wbAvnlSfTwGaGB8ol0X8agCs8mYT1hS11OvM7jgJbmAegyhtMRzmcXgsvCE-n-Y-Af_FZU_4ufFRef2AVmXm9gN0dZjIW30jwRFq7hBWnY_0W_-L7l3U_NxH5MCMtcsxcL5My3zMmFb4tfsu2J4jzGibjI8_I2CrvXtTqLGztBXO7I9XYGljTkrSsmMu8dJBU5Z4kDCy3E8-KjFUdEdR4ftyNXJd8KstnIeRwCVw0U_X70EkwzH8dpwWmzPuN9pCQ0SLyIDuMoIpEPGmSz0vOi_NOyrqKhWK1zpCI30rMqGywB-K5-rHRzKX_i3Ss1kIqOqOqOGDxB2yEdJAlwwPv6ZKote5wsSeUacxOs04GNrNd_99aEGuQmQ18RtcLqpzPM00HgS4Q0-iuMyjZUiMIaSkyY_7I3uUzQIJC-kiiSrTHJoWdjx3VBzM49LX9v_FSR_jTcEfzasgsNiL6OfoyxjWizDOWW3dRzckqdpXWO6PWORHeexdsbFJwx8wPffZqmOwsZxvUX1SUFB6M3jjjOcIMlQM4PXCrp9bUpCFCRtSRsvFtX286xfu9KFMQajNhcFKwr0L63BIcuruMejPYL8UaNWMjB468Pnp0tFBYTB7plaW8ty0srs3xkV9969-4o8lqPKLkNMjPkBzpb4B9BXgn9IZK-UbiF4hl344BvLF_APFIt30YT7EUyjPXCJLgPLoshwX-18tH_D0nQCXcoCDvFLdchMAawXjSoqALMiHdukJ12jJCMwi5zzSCpS3VhihyBG77P_pI0ULR8dGCwuhDZxk3p6Q4mCyt-MUylULyYYhZn3b0bWPZxbXHBG4m7NYAxNpbHsfHgWzHc1JvQfNUHFSyH71F7gXKtyx7GzMFx4ajNutCmNLXFAuL3X0AhP2r7O2OU4jRDt0gEgankhAEiLW_dY4ms6plBuMLwJ9DZCxHV1jBsxKe5ehj7cB8uCvyy49H_vs5bmNVSCmrjIKlcyudWkIb8e5iEsFpsmmptiyrnfD3vheYiHk2VCU-fyfV3CIO9n-OYumZ2HRvpx00sY-B2ep9bZ0lmLIUq_hiP4B4gzir6q0Y9DOookiqDPwMeeFt6RVWMOk7SraoQOPyriA0Np3rE54PTOQsIM7zaJtwzFkwiNpthFsaVb0tHKCEtN47078PbxTAfI4rF3hPFDk15FN638Dt5D4RRoD6gxMbw__NqK2DDJy--uLMDf31XB_lRuzbdt5xub71TKin1MNOt4nPZk9bSdjM-gIwGXpQzXaCDzDsYycPOzx53BXu3CVsMrxjmmvP7bszTd0s3_Mwoh-8pr5LwZDlZ3qmGJ-YCLVYr5wqEOSnQtzCtxdfEGguEzNhrurANVzvlgGJdHxU2EhVafVLje_kV-zxCVJxnJ426FWTZBNRcKGzKtH26F_0Xz8pHV-n04b76fgGR991sRh-DPQXAmVl7rAFtFecAYBoJi1mJDeUb4_YzUFGpgVVsLFWKu7y-PdJTgb91nplK82zGt4eM0-V80w8dc7ZotyJfGxRI6rD2xsnyg79O7VnwQZratkV5AZ3MthgM17WxZfNdMTUbKhj2SdN8IHrAu_wZsRxM-hwNl3yohoopkRYhyeh4EnnPCLiFj5g6Kii_jNO4OZyJkFsRqJ0YRQ4y7uENCWwnRTQ6j38kNRxMmbrk1nZqIv6IOdd-6qdnz1Le9e3WQdXwjLpHlyz5Lg_hYH4YB0w9G1ccOEq8Fw1W1P4RZvA-E2AfW7TwEb9uHwjgSuz0JxVjv-DdLpFbM1Oj_SjBEYXs86yBVE5xIToFBB1QIACFHrSDelB4xEM7n6r9TpbquF18RSw3wY1of-CWGW04fOcEyBNJAd8IIIbr1M9omZfYR2VeZg8HRffMIzmaPDr90_5mgY8k83JrcEqdjZ7YRXYxmDV_eEEVFwcudgJ_IrvygMsm4_lY4biL_O5DqWn3IH1-r9RrCGPyGoEllCXVy9xZMVkd-Hj5l-mm8cpbrdfwXDVZF7odRAuMJ6fPTU7RwtIE89qurI5c5NbxfrBD8-rd0GXbqKA2UqmMiqInYZ3xcLGBeSSezWqebhtGhYIABIS5Gi_8bE2d8NO71m5NxGnvLcGYAE
Requested by
Host: f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
URL: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.110.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15726
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame A2EC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
URL: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 07:06:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A2EC 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
URL: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626736020213958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame A2EC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
URL: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 07:02:37 GMT
l
www.google.com/ads/measurement/ Frame A2EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQsTV-t3FgvtXlxHvpQAPPsh_HXVoi7hBw2p1MW59gWyjkjz4diy54L7sYWTLADNcMYSwvjsziwm7j3MNfGko1Y_VssmA
Requested by
Host: f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
URL: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
x.bidswitch.net/ Frame D4B7 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=fmx&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.55.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-55-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
data.adsrvr.org/track/cmf/ Frame D4B7 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame D4B7
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=1&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=MNFi2M4LtkapmZKGXJzj&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=MNFi2M4LtkapmZKGXJzj&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=MNFi2M4LtkapmZKGXJzj&pi=sovrn&gdpr_consent=&gdpr=1&tc=1
pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT, Thu, 22 Jul 2021 07:08:30 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame D4B7
Redirect Chain
  • https://sync.1rx.io/usersync2/sovrn?gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://ce.lijit.com/merge?pid=56&3pid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
tum
ums.acuityplatform.com/ Frame D4B7 		0
0
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame D4B7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Content-Type
image/gif
merge
ce.lijit.com/ Frame D4B7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=1&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AAB0IE7B8jMAADcKfo2eqA&gdpr=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAB0IE7B8jMAADcKfo2eqA&gdpr=1
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAB0IE7B8jMAADcKfo2eqA&gdpr=1
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
iu3
aax-eu.amazon-adsystem.com/s/ Frame D4B7
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/x/ae12848777b41970a5f2?gdpr=1&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&dl=sovrn&gdpr=1&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame D4B7
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=a7614e7bcdf0eedd8e91233c&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:5110a8311c0697a7160cda10a4039983
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c:5110a8311c0697a7160cda10a4039983
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Thu, 22 Jul 2021 07:08:30 GMT
server
Aorta/20210715-1901da7
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://ce.lijit.com/merge?pid=84&3pid=c:5110a8311c0697a7160cda10a4039983
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-17-137.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame D4B7
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YWU4ZDZkZGU4NDIwZTk0ODg4ZTI3MTU3&gdpr=1
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YWU4ZDZkZGU4NDIwZTk0ODg4ZTI3MTU3&gdpr=1
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=YWU4ZDZkZGU4NDIwZTk0ODg4ZTI3MTU3&gdpr=1
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
merge
ce.lijit.com/ Frame D4B7
Redirect Chain
  • https://jadserve.postrelease.com/suid/101957?ntv_r=https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:33 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:33 GMT
server
nginx/1.12.1
location
https://ce.lijit.com/merge?pid=90&3pid=NTV_USER_ID&gdpr=1&gdpr_consent=
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
no_match_opted_out
um.simpli.fi/ Frame D4B7
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1626937710291&gdpr=1&gdpr_consent=
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 22 Jul 2021 07:08:31 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Thu, 22 Jul 2021 07:08:31 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Wed, 21 Jul 2021 07:08:31 GMT
merge
ce.lijit.com/ Frame D4B7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:33 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://ce.lijit.com/merge?pid=16&3pid=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
merge
ce.lijit.com/ Frame D4B7
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=1870471596879379729
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=1870471596879379729
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=1870471596879379729
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
reporting
ap.lijit.com/dsp/google/ Frame D4B7
Redirect Chain
  • https://ap.lijit.com/dsp/google/cookiematch/beacon?gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_hm=YWU4ZDZkZGU4NDIwZTk0ODg4ZTI3MTU3&gdpr=1
  • https://ap.lijit.com/dsp/google/reporting?gdpr=1
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/dsp/google/reporting?gdpr=1
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ap.lijit.com/dsp/google/reporting?gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
noop
px.owneriq.net/ Frame D4B7
Redirect Chain
  • https://px.owneriq.net/eucm/p/sv?gdpr=1&gdpr_consent=
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fpx.owneriq.net%2ffr%2fepx.gif&uid=Q6802241101764390927&ref=%2Feucm%2Fp%2Fsv
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:46 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Thu, 22 Jul 2021 07:08:46 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame D4B7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
87d839cc3e00ba41df3f5dd9eab06282
Content-Type
image/gif
merge
ce.lijit.com/ Frame D4B7
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sovrn&gdpr=1&gdpr_consent=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sovrn&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=87&3pid=f9433a83-181d-40ba-b28d-5d437a6691d2
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=87&3pid=f9433a83-181d-40ba-b28d-5d437a6691d2
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:32 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
//ce.lijit.com/merge?pid=87&3pid=f9433a83-181d-40ba-b28d-5d437a6691d2
Date
Thu, 22 Jul 2021 07:08:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ Frame D4B7
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558511&ev=1&rurl=https%3A%2F%2Fce.lijit.com/merge?pid=49&3pid=%%VGUID%%&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=49&3pid=SoBoVed4Debs&ev=1&pid=558511&gdpr_consent=&gdpr=1
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=49&3pid=SoBoVed4Debs&ev=1&pid=558511&gdpr_consent=&gdpr=1
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:33 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://ce.lijit.com/merge?pid=49&3pid=SoBoVed4Debs&ev=1&pid=558511&gdpr_consent=&gdpr=1
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-589cbd599f-lgxkq
expires
-1
merge
ce.lijit.com/ Frame D4B7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-CXt61zNBpKUt1.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=8Dinavcx9zXrPPQ2_zjsMPcw8mfrO_Jj9TimzMu9
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=8Dinavcx9zXrPPQ2_zjsMPcw8mfrO_Jj9TimzMu9
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:31 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://ce.lijit.com/merge?pid=43&gdpr=1&gdpr_consent=&us_privacy=&3pid=8Dinavcx9zXrPPQ2_zjsMPcw8mfrO_Jj9TimzMu9
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
getuid
secure.adnxs.com/ Frame D4B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D12%263pid%3D%24UID&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
merge
ce.lijit.com/ Frame D4B7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=17&mt_exuid=a7614e7bcdf0eedd8e91233c&redirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D3%263pid%3D%5BUUID%5D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=3&3pid=160260f9-196e-4e00-8100-cd03167c1cd2&gdpr=1&gdpr_consent=
43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=3&3pid=160260f9-196e-4e00-8100-cd03167c1cd2&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://gslbeacon.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:31 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Thu, 22 Jul 2021 07:08:31 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x24
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ce.lijit.com/merge?pid=3&3pid=160260f9-196e-4e00-8100-cd03167c1cd2&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Jul 2021 07:08:30 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7608 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gslbeacon.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=101305
expires
Fri, 23 Jul 2021 11:16:55 GMT
date
Thu, 22 Jul 2021 07:08:30 GMT
vary
Accept-Encoding
Cookie set merge
ce.lijit.com/ Frame B234
Redirect Chain
  • https://d.turn.com/r/dd/id/L21rdC8xMjcvY2lkLzI4NTUyOTczL3QvMg/url/https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D1%263pid%3D%24!%7BTURN_UUID%7D&gdpr=1&gdpr_consent=
  • https://ce.lijit.com/merge?pid=1&3pid=4511887567113342455&gdpr=1&gdpr_consent=
43 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=1&3pid=4511887567113342455&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://gslbeacon.lijit.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ctag=561:1629529710|515:1629529710|563:1629529710|565:1627024110|520:1629529710|185:1627024110|203:1628147310|205:1627024110|541:1628147310|589:1629529710|462:1627024110; ljtrtbexp=eJxlkDsWwzAIBO%2Bi2oVAIMBXy8vd%2FSJXTMrhs7vwGTJu2RpTTWReY%2B%2FDKRbrx9pxdQzpLBP9Vy3c1E8fclUVf5WEJhIlPBKZ0sAO5oXcR6IszL%2F7u3LWSYw8Gv3mBT%2BDn0HfMe%2FtH98HfBtUSw%3D%3D; ljt_reader=ae8d6dde8420e94888e27157
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

Server
nginx
Date
Thu, 22 Jul 2021 07:08:30 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_1=4511887567113342455;Path=/;Domain=.lijit.com;Expires=Fri, 22-Jul-2022 07:08:30 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=ae8d6dde8420e94888e27157;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 22-Jul-2022 07:08:30 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxlkDsWwzAIBO%2Bi2oVAIMBXy8vd%2FSJXTMrhs7vwGTJu2RpTTWReY%2B%2FDKRbrx9pxdQzpLBP9Vy3c1E8fclUVf5WEJhIlPBKZ0sAO5oXcR6IszL%2F7u3LWSYw8Gv3mBT%2BDn0HfMe%2FtH98HfBtUSw%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 22-Jul-2022 07:08:30 GMT;Max-Age=31536000;Secure;SameSite=None ctag=561:1629529710|515:1629529710|563:1629529710|565:1627024110|520:1629529710|185:1627024110|203:1628147310|205:1627024110|541:1628147310|589:1629529710|462:1627024110;Path=/;Domain=.lijit.com;Expires=Sat, 21-Aug-2021 07:08:30 GMT;Max-Age=2592000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2ams1

Redirect headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
set-cookie
uid=4511887567113342455; Domain=.turn.com; Expires=Tue, 18-Jan-2022 07:08:30 GMT; Path=/; Secure; SameSite=None
location
https://ce.lijit.com/merge?pid=1&3pid=4511887567113342455&gdpr=1&gdpr_consent=
content-length
0
date
Thu, 22 Jul 2021 07:08:29 GMT
cm
us-u.openx.net/w/1.0/ Frame 7A16
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_c...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&g...
776 B
810 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash

Request headers

:method
GET
:authority
us-u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gslbeacon.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=c0c97433-29c9-02f4-2221-2bfe9ff58c82|1626937710
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=c0c97433-29c9-02f4-2221-2bfe9ff58c82|1626937710; Version=1; Expires=Fri, 22-Jul-2022 07:08:30 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1626937710|gekin0vNiygu; Version=1; Expires=Fri, 06-Aug-2021 07:08:30 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.211.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 22 Jul 2021 07:08:30 GMT
content-type
text/html
content-length
476
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=c0c97433-29c9-02f4-2221-2bfe9ff58c82|1626937710; Version=1; Expires=Fri, 22-Jul-2022 07:08:30 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.211.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
date
Thu, 22 Jul 2021 07:08:30 GMT
content-length
0
via
1.1 google
alt-svc
clear
0608867b
rtb.gumgum.com/usync/ Frame 8A3C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gslbeacon.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1; Domain=.gumgum.com; Expires=Fri, 22-Jul-2022 07:08:30 GMT; Path=/; Secure; SameSite=None
etag
W/"0a4825813af46b410fbe4537f4829d1ac"
timing-allow-origin
*
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2C9A 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
Requested by
Host: gslbeacon.lijit.com
URL: https://gslbeacon.lijit.com/beacon?viewId=a_689161_7fa28fc915a4410ea5c10eed02d9feef&rand=8349&informer=13406526&type=fpads&loc=https%3A%2F%2Fwww.themoscowtimes.com%2F&v=1.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156212&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D71%263pid%3D&gdpr=1&gdpr_consent=ABCFETYFDJLNBFCV&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://gslbeacon.lijit.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://gslbeacon.lijit.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=101305
expires
Fri, 23 Jul 2021 11:16:55 GMT
date
Thu, 22 Jul 2021 07:08:30 GMT
vary
Accept-Encoding
container.html
021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E887 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 22 Jul 2021 07:08:29 GMT
expires
Fri, 22 Jul 2022 07:08:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 50DD 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626736025986498"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28059
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 50DD 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8644
x-xss-protection
0
loader.js
cdn.taboola.com/libtrc/themoscowtimes300x250gr-r18604356/ Frame 68B9 		73 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/themoscowtimes300x250gr-r18604356/loader.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/stats?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=0371801626937709525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
obaker.93.1.2-11.64.9 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DODmMNwiSHZ6XLM1Jt0RbeGxko7AcE5A
content-encoding
gzip
etag
"d3fa4a4df505a52a7101ed05602ad7ea24cf2130"
age
0
via
1.1 varnish
x-cache
MISS
content-length
20022
x-amz-id-2
g12GtyRIf/83OBEbubEjDUtkkWWyGV84JgBOD/5kh1WtJ3HKwzMDRFiaPA+KUpKIbbTHlr0ntjk=
x-served-by
cache-fra19136-FRA
last-modified
Thu, 22 Jul 2021 07:08:31 UTC
server
obaker.93.1.2-11.64.9
x-timer
S1626937712.508884,VS0,VE226
date
Thu, 22 Jul 2021 07:08:31 GMT
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
VRAFF1DFSBD6AJ6W
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
19
x-cache-hits
0
loader.js
cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/ Frame 7CE1 		73 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/stat?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=1059091626937709564
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
obaker.93.1.2-11.64.9 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GN6cLj48ZaAUlTZJ4vLkZyIO1ZzuYhcu
content-encoding
gzip
etag
"cde2daac6f065237a557447d7f3b04219057a44e"
age
0
via
1.1 varnish
x-cache
HIT
content-length
20033
x-amz-id-2
xXiUgMNhBeirZMve2HU8WkNeJux/55PQWMdTClVm+UuBuAXHcPtsj0zM+rTERkFTTBF8Bqek0Nk=
x-served-by
cache-fra19136-FRA
last-modified
Thu, 22 Jul 2021 07:08:31 UTC
server
obaker.93.1.2-11.64.9
x-timer
S1626937712.509070,VS0,VE270
date
Thu, 22 Jul 2021 07:08:31 GMT
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
VRA9B215W6R63A0Z
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
19
x-cache-hits
1
loader.js
cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/ Frame 28EB 		73 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=8275681626937709540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
obaker.93.1.2-11.64.9 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
GN6cLj48ZaAUlTZJ4vLkZyIO1ZzuYhcu
content-encoding
gzip
etag
"cde2daac6f065237a557447d7f3b04219057a44e"
age
0
via
1.1 varnish
x-cache
MISS
content-length
20033
x-amz-id-2
xXiUgMNhBeirZMve2HU8WkNeJux/55PQWMdTClVm+UuBuAXHcPtsj0zM+rTERkFTTBF8Bqek0Nk=
x-served-by
cache-fra19136-FRA
last-modified
Thu, 22 Jul 2021 07:08:31 UTC
server
obaker.93.1.2-11.64.9
x-timer
S1626937712.509004,VS0,VE270
date
Thu, 22 Jul 2021 07:08:31 GMT
vary
Accept-Encoding, Accept-Encoding
x-amz-request-id
VRA9B215W6R63A0Z
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
19
x-cache-hits
0
container.html
89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C3C6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 22 Jul 2021 07:08:29 GMT
expires
Fri, 22 Jul 2022 07:08:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 85C9 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626736025986498"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28059
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 85C9 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8547
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1DDE 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Thu, 22 Jul 2021 05:54:42 GMT
expires
Fri, 22 Jul 2022 05:54:42 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame BF20 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0RB1S6ma6Yi7Jx2NO6weJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

expires
Thu, 22 Jul 2021 07:08:30 GMT
date
Thu, 22 Jul 2021 07:08:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-0RB1S6ma6Yi7Jx2NO6weJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 50DD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061818
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:30 GMT
prebid.js
cdn.adtrue.com/pb/ Frame 0595 		257 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=17496&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=955274615&timeZone=2&adWidth=728&adHeight=90&loc=https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 05:31:13 GMT
server
cloudflare
age
10490814
etag
W/"5f3f5c21-405dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
672ad692cca45363-FRA
expires
Thu, 17 Mar 2022 21:01:36 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 0595 		250 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 10:00:55 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3e6b0-5c21f162d696a"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=36421
accept-ranges
bytes
content-type
text/javascript
content-length
78804
expires
Thu, 22 Jul 2021 17:15:31 GMT
ga.js
cdn-adtrue.com/track/ Frame 0595 		751 B
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=17496&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=955274615&timeZone=2&adWidth=728&adHeight=90&loc=https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
9688519
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 01 Apr 2021 03:35:26 GMT
server
cloudflare
etag
W/"60653f7e-2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVVoTXX0BfIrQxnbbaD9QVJ1y3B5VHX3AZr8A2WFaGMTv%2BBvtvoQqAViNqGwC7RoZedP7M6XE0pO%2BoHsoCRJ5JGYLsD5Ei4DajF1T7NPN%2FF1JdZqyqhdzJ%2FjnMY%2BAA8mIpNZ4Pe%2FFKN3jKnU4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
672ad692fd1d324c-FRA
expires
Sun, 27 Mar 2022 03:53:11 GMT
impression
track.adtruedsp.com/delivery/ Frame BEB0 		377 B
471 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.adtruedsp.com/delivery/impression?i=aa9ac0c8e405a655245aee869180b962f2f51a66e84947078807b963ec5e85187eb3cb9d6e3182c38ca45282fb92c12fdb5ca238f8b753fba92304f127a0e049ff337b1c663720b321efd90d6b5640d44ad77ee3882b6f97116c4c3e9e684955b5dd11e03dc69f409d7ba72f6f3ba96fb5c86d82cf29a37fbc6ba8f0980ef36b08c3ce2aafbdbcf3ec974f0db805a74717e56e2469ee9c2ae335dba667c409449beb5c5bc9e2cc15f71da6650bc8bdcb852f95f33cad6ea96e75a11571de85e69ba0d7721ff8980330987933186db8c8dfd4f25e6925a63de549673eee824c6b91bd834a139cb105cd0745ca50992e88bad7b95609b40e7e80adb6079cff5cf1d34869e04ffa17581d294adc984232b60d0dd8da00e3efad067c62779934cac99d99c59c9936a9fd43515715c242fac051f40e8f91919af3dc6ecc7d7a54c132278dbd1fc38b193de6952938d4bd116681b9f657507dbb814587bddfb45eb4d0527fd52419bdf2668e55201e00f7522c218016bd34e039392029141832e66f90&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&domain=themoscowtimes.com&c_id=25327
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=17496&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=3666695480&timeZone=2&adWidth=728&adHeight=90&loc=https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.232.41.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-232-41-179.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
track.adtruedsp.com
:scheme
https
:path
/delivery/impression?i=aa9ac0c8e405a655245aee869180b962f2f51a66e84947078807b963ec5e85187eb3cb9d6e3182c38ca45282fb92c12fdb5ca238f8b753fba92304f127a0e049ff337b1c663720b321efd90d6b5640d44ad77ee3882b6f97116c4c3e9e684955b5dd11e03dc69f409d7ba72f6f3ba96fb5c86d82cf29a37fbc6ba8f0980ef36b08c3ce2aafbdbcf3ec974f0db805a74717e56e2469ee9c2ae335dba667c409449beb5c5bc9e2cc15f71da6650bc8bdcb852f95f33cad6ea96e75a11571de85e69ba0d7721ff8980330987933186db8c8dfd4f25e6925a63de549673eee824c6b91bd834a139cb105cd0745ca50992e88bad7b95609b40e7e80adb6079cff5cf1d34869e04ffa17581d294adc984232b60d0dd8da00e3efad067c62779934cac99d99c59c9936a9fd43515715c242fac051f40e8f91919af3dc6ecc7d7a54c132278dbd1fc38b193de6952938d4bd116681b9f657507dbb814587bddfb45eb4d0527fd52419bdf2668e55201e00f7522c218016bd34e039392029141832e66f90&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&domain=themoscowtimes.com&c_id=25327
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://likevertising.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

date
Thu, 22 Jul 2021 07:08:38 GMT
content-type
text/html
content-length
377
server
nginx
x-host-name
java4
ga.js
cdn-adtrue.com/track/ Frame A3EA 		751 B
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=17496&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=3666695480&timeZone=2&adWidth=728&adHeight=90&loc=https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
9688519
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 01 Apr 2021 03:35:26 GMT
server
cloudflare
etag
W/"60653f7e-2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbyPjpDolKo5OT9dm%2FRAqHtpBdTzTjAyzTKGu2xh96uIuzLROUF7qu71UgcWPwVG%2Fls10LgJmioK%2BeuIUlTIyfiYGYkK%2FSCPUBQY5h0XIda8seRJjGoFX5le4pBNCJ9mFwCmzVZ05dh8VEq%2Fmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
672ad692fd20324c-FRA
expires
Sun, 27 Mar 2022 03:53:11 GMT
23431609264559_25267.gif
static.adtruedsp.com/bn/20/12/25267/ Frame A3EA 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adtruedsp.com/bn/20/12/25267/23431609264559_25267.gif
Requested by
Host: likevertising.com
URL: https://likevertising.com/sync?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b1&cb=1850571626937709536
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:ea60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
access-control-allow-methods
GET, POST, OPTIONS
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
76575
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
68417
last-modified
Tue, 29 Dec 2020 17:55:59 GMT
server
cloudflare
etag
"5feb6daf-10b41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3PcuCXdMuVc5IkeJ6qMeUOAjSVtEXeBn45VjE%2BFoog8IjNfUXfMQpnddpJPQGMz9DjAKD%2FixdTNe1rH91HlQoUBQxPVKDU%2FOABKz1g5LJvnvthyMwpSx0PclOoN9NaJfO8RLsQCRm6mD56WKAcfTHRM%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
672ad69309221f3d-FRA
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,X-Auth-Token
expires
Thu, 31 Dec 2037 23:55:55 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A2EC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmzXMzPs7IMDBm8EK9AttKYx3mvNz7xCTe6rKClenZwA55deehNxhQDhkKjQ5-Ba40QXtRh7sRAuSHxaE30ub83OOONHsCfYh1fVGZCMgPI4XXr7WK5usuTgIXVkO43XmhV5NtexUJBwwgQBrTU7t2HerKBA&dbm_d=AKAmf-Drl-po34kjorrxvo8ZkaSJWazDStkNnWzhJ5r8WBUsqrGjsVykUU8E6ULEEoDVkPPJiW5pw8I2c29U1cWRy5KqXugF_z_oboWWdqHOkjAWX2igu4pUY7klTg4EzYk6cOLsgCDa31je2VwY87Df6t-MzrTLFcoPe6GfnuZmbkvojTVcz45ojhHMCM3A1b9hUbKVzsOnqCGkvM7RAhMsZ0Ud8eQa98lCwh-LG_ZXxMXXnj55jjXz4o9upH_P1nsJr7C2XpMC_JCMqZJkjL2gPEN2txprYsC6EGMqH7enjjvsRwGUFn4ItBvEtyGkhSnmV2KXmDmnLLjPM6z8VImiCfkHqH1oN_1Ge1SQ2QRbIHcJLv6NW8DxAKA6RjygbxYhdDwpClIjKC08fqzP9htJ5iQVBvzTu2tCxKiu_jAo78LPhuYR6zNw8zVuX-VE4vsmUXA0Lf3Zb7Pu7pDUYstzt4jicNhu9Nsr6ebhOzxZVAjWjVXcE0WbF7ni0Rrfm5UtbW6EJL2F1u-uP7CfWGcsFSgfNlraJdbvm6jNdKZsXCkzP8mLxbc8xmTTWA5f4CMSxBE1__0dWizRP8NxSLUS_9jtL1tzuWrwehtUnRuH8nsP5HMJ9VikHRf9YEjTPQ8HCljL8YuZnH9sHzntLEFvY6tfzG18hM4_Eg98nYgfq-ZX_2qTGpzkDPhMxUBXXlK49J-rcRj-0YjEsuf-koiDY5wLUeIrBeuuA7U2G8yOEVDCSwwSTixX8eEfywynUhYoOLTEOtLwhoygrgqBOpDjZ1U9sZkyWrCrv-x1wGQ2Z977mUDlDRcuNxmMj7wBKJiEvUQv0KzM6Cv9pzZcIoKmyAvwzmg4kqZfMuFZMRrr9fpRixR1An0LQYf1GAO2QM0cl7M-MDlWdvlvCcIB2fqKbL9-HTJ4W4Vwu-tTDUdYOMl9IxaGOUVl9FvSsybPRjpHpNdjYXwI8ybliYVxhyzOyl1vIHa32R8nY7w6Q_3cvup63hKTCE3V8NGSN9ip9VKXNZtls32YACiskZGFbxDe2LckxMZYcw_txvOMeKnP8Qa1dhyk_DrG7Goyzvew-gvQXxtHvhEfPuW6XGVxUXtotHgMJWSW9fVxTRp5uJpqIBcSzSWYKnw4vXyq2lI6rEgc5-1bztTA7WZ08KcNLkmONA9JK8NM4h-jvf-qrAIPA0aVEhxOGwh6SlSgfs_W9Ck25bIO4AOv1lX5055QyxoAY8SY47DeXH30zh9hRlIQUn6x3fkxJe9mGQpRYny6ahOeT3cMEP-RSHbykq64bPVFBCywlUbe-ZBt6H9nJ7ubbZSf4cOpfbtIX5uBmwSpvNs7wJxzSDvYczVOne7XMmV3GgQ0qXASeJ6OIBvd9TzQJJeOuyOFsjC_N7_YwXDXzRJsoLOkMbTrjq7_Qm4VRrwFEKZuACuTBLGeuWfY5p1qcz9ZIrF9isP0czfnmBk3wtQSpDkBQybVrxg8N1FZPNV9Gig-3QqIaLvrGpTYWTLPbYwj7z0elvERG8F9ClzTplBgR1AuUwlEVrir-c-hp7EjLTeMgx-RaoM-c7Bfs-wRTike7e_WSnBXtbkVUqcLeOqmV2DWQhsBQgys7v-0dV9A8DePll141BH-Fx_w0wphxgQwxBONsjVfP8HV_hcjrz14zLL7Nfn0r3111GfdFLMws5WJSr7LeREslcdMuqbokcigi-__TK_-QTTiBZ1HuZYhEaPI-wHawqwKAa9TSrh8U9Kq2Ndy08IpLuNajt6H2Ko5dUl7Bl6g_i2O1sUyOrA5UP5k2UJbtmv5dLS0SoKQWfclLI6NNR095X6rnCBmo9Oa2-ZwzPaTN2x_DmT3AOruEwUyPBm1J4Ys4pxTfQkGrLoRIDlqziRtMAhwh9iMFl-XwDh9DYmEDHhxeap9nkG1pO4rpvMy6dz-CuiE3mq6FYk-8BTr8fLu4OgPKvZJxJM8qic7K8nEDbTcliTzgwyc8qCnNLUF_jP0Kz1Hg7SlEHOn34q6y18_hwW9eUcTWRsKxOAxbdMGMe-AV_d4qpUUJP2enkiwkS4aqnfZe6b5cgL18jCF7EKBESVVaN95fjC9hvMvraRs_SzcXmM_9xJyd5-4qMpZwgFI5UPEYwBSbPM_-9GXu4to7N4PzaDwmFokGAjGkv-WGg4eDX1XltDcau8V8xMPA4_gNAIq-SqWbr3Pwoo0P2t0iyRfIPIyUV6HUaREUnRdYHe1YJcsfPhatzXOLUJBJAp52ek0outfkpevn7dPE_EIPtsaqehPtnRvcnARFKSBxW25tSG3YbzphU6sp5Yrpd0Ahm5I_brJgn3_8M3yglC65Bbausbzgc_o79IeVijzQK_CElwysc2PcebFGIj1kzVndBjycR3H16jNsqDYczxPOml7YzLhMrNUFCMqMxwbVvhVZscHyT0SgxQWrEhbldG1b4Qwo-uCdtW9h_PmVhlUYvXEZgMA0fkWf_bVZpA2dynSC2p0udzk0s2iGG8NZ23yuGSQWosAVNqcGCgdEVwhmwGWffbgZ7mWKjfKy48JUNn5PdxDV-26H5w8kSfs4o4Ovor0N-TVtpOEEnlWkAsq5I8KXKlu-3Dkb828aPp24ovNn4tKyvzCMVHFyx6kBgU-M8uJemQBXh28-zSadnTQ3iKnhZtTl58uwhFzCnRfL1ROTXz6xVdRnn50-jKuEfSkaQzFCuNFY7W1yDaYy8L0iT93Z4QaC9kIyr1rN8fyxho7_R8iwYQopkHdbr1lwHmicx9JT-_rVWGVWJhj9C4_vmSOsh9GbN_htZ7PNKFkz3T-PN1nMlhs1MqpFrW_Zka6F3-m-CK1cUXHWqaZDQ&cid=CAASEuRov_GxNnfDTu9ZuTcRp7y3Bg&rfl=3%2Chttps%253A%252F%252Fwww.themoscowtimes.com%242%2C%2Chttps%253A%252F%252Fwww.themoscowtimes.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 19:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 19:57:04 GMT
containertag
ap.lijit.com/ Frame BA68 		23 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=689163&v=2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap7ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap7ams1.lijit.com/addelivery/ Frame BA68 		43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap7ams1.lijit.com/addelivery/impression?bannerid=0&campaignid=232&zoneid=689163&tid=a_689163_64c7450fef2241569ad36138e6c19fa3
Requested by
Host: likevertising.com
URL: https://likevertising.com/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=5089751626937709526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 85C9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:30 GMT
rum
dsum-sec.casalemedia.com/ Frame A33A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrcLr_6gMc0_z8gUrXJ6ms&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrcLr_6gMc0_z8gUrXJ6ms&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrcLr_6gMc0_z8gUrXJ6ms&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COPJBxCc80UYmezwrAEwAQ&v=APEucNVMqsCvoKvyfy7Be0iJTzhbTDquhd4A3ErRR3Pu0h4_j3LDyNH6AFLbINlaLa-WNXkq38IOww3I4oaW9xrCHC3zjBCL-Uvu9uorxP7CvBFTRJqHNX8bNOeXZjjx2GIIaoMu9xQkrLTC2Rpf1_bMGqJ2ULr220oxWZV-if_hpO5-mYKNiJg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 22 Jul 2021 07:08:32 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrcLr_6gMc0_z8gUrXJ6ms&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Thu, 22 Jul 2021 07:08:32 GMT
rum
dsum-sec.casalemedia.com/ Frame A33A
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPkZb58refuy92rPeEBxDQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrcLr_6gMc0_z8gUrXJ6ms&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrcLr_6gMc0_z8gUrXJ6ms&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COPJBxCc80UYmezwrAEwAQ&v=APEucNVMqsCvoKvyfy7Be0iJTzhbTDquhd4A3ErRR3Pu0h4_j3LDyNH6AFLbINlaLa-WNXkq38IOww3I4oaW9xrCHC3zjBCL-Uvu9uorxP7CvBFTRJqHNX8bNOeXZjjx2GIIaoMu9xQkrLTC2Rpf1_bMGqJ2ULr220oxWZV-if_hpO5-mYKNiJg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:32 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 22 Jul 2021 07:08:32 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELrcLr_6gMc0_z8gUrXJ6ms&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A33A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPSseXGzCb8q7bRygAbVAvg&google_cver=1
43 B
1002 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPSseXGzCb8q7bRygAbVAvg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COPJBxCc80UYmezwrAEwAQ&v=APEucNVMqsCvoKvyfy7Be0iJTzhbTDquhd4A3ErRR3Pu0h4_j3LDyNH6AFLbINlaLa-WNXkq38IOww3I4oaW9xrCHC3zjBCL-Uvu9uorxP7CvBFTRJqHNX8bNOeXZjjx2GIIaoMu9xQkrLTC2Rpf1_bMGqJ2ULr220oxWZV-if_hpO5-mYKNiJg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b8d09ad0-e7ae-4edf-b7c6-fa2f20106f55
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPSseXGzCb8q7bRygAbVAvg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A33A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzNzY2NDg5MDY1MTQzOTA1Nw%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzNzY2NDg5MDY1MTQzOTA1Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COPJBxCc80UYmezwrAEwAQ&v=APEucNVMqsCvoKvyfy7Be0iJTzhbTDquhd4A3ErRR3Pu0h4_j3LDyNH6AFLbINlaLa-WNXkq38IOww3I4oaW9xrCHC3zjBCL-Uvu9uorxP7CvBFTRJqHNX8bNOeXZjjx2GIIaoMu9xQkrLTC2Rpf1_bMGqJ2ULr220oxWZV-if_hpO5-mYKNiJg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
af0bf52b-b8df-4fd0-938d-8f7c1662e816
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDIzNzY2NDg5MDY1MTQzOTA1Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F630 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_NRZoMqR6EwIL20_x12XjpZElpWdivuRs2PivMPG-63VCHusu7sCbnl1gXH2BrVTeW94tixXRLJyIOOwwUsYs1e65nQSZl11ag58UZIAYmvOW-xX7&sig=Cg0ArKJSzDjTzC9lZH6jEAE&id=lidar2&mcvt=1025&p=12,315,102,1285&mtos=1025,1025,1025,1025,1025&tos=1025,0,0,0,0&v=20210719&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=118446099&rs=4&met=ie&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626937709354&rpt=202&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv360-floodlight-observer.min.js
cdn.greenhousegroup.com/ghg-nl/inview_intersection/ Frame A2EC 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.greenhousegroup.com/ghg-nl/inview_intersection/dv360-floodlight-observer.min.js
Requested by
Host: f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
URL: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:1e00:11:b35a:f1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 22 Jun 2021 15:51:36 GMT
content-encoding
gzip
last-modified
Mon, 13 Jan 2020 13:49:39 GMT
server
AmazonS3
age
2560615
etag
W/"76e0b699ebbb6ea1146319f686902cbf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
7W0DjHjeJl7YfGwkZ3aIE-JHMZ5Xi8NZVYM55MVb92fBWjcrNCjR8g==
express_html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame A2EC 		111 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 00:44:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23063
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39287
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Jul 2021 00:44:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/ Frame A2EC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/omrhp.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU8axF8QPuCzIfC2WZ0v7IMvGvt5D8Bwp9U-SDKtSym1TC3two&d=CnkAoCZ_4H51IzU_YhNUn1N5_ew6YkFHdgXMocpcaNFdWEenvlNQfFzcoiLBHJrVRRXD_KGzunsTpfJGpRH3JxHfusVZlHAwWNi9G59u-azVM9V5S4WIMv7YZGpYJjSZWAW3MPdqx8RkdgXm_uJcpDkDY8EETM3utLnAEukSAKAmf-ClJq3xRlRfFtbgriUmHDowivqxp4PIOwX31rpZ_S-VPCNaW2itx6XAvadZJ4V76ASms2IVTrIMNtUESaLRV__gi-aNlmm2ahpimNyo-8SaOMaHnWqVTXw1s6YLq7hPIwtBy4-lrCIQ32iEcX38UcnafXJjQJUbXZfWbc3O4KG4-THeWMvsf2rme5ecphMGdfjFFctHXHs9X22X3hM04sZx4kEfJWGcJLP7SqoKfchJDkflGt8QOjJtyJczhEReyKepkBeEMPWJ3jYN51dqW_zPzMRPZ7QaSzFx4_mESktphCG-vbzrg1XPMbwGiLSaC6Xm_9N6MYC1XtwvUQXcxuzpmQUlNfdLCIfcD-enqsK0Y8_6YJLlxK3wfYE4t9CkRH0X8_kVHTtszQAnFL83u6TmHzhqUD-igQYGZoe3Kj8rTDAADdGRN1lE9dfBngUv370xLpSnDjSDQRmMH4xQ68tAJgHmTFxohoYC9QxgXs713cf94WkWFTco8J2n573BCnIB9jEuX5QwaOpOumBFSDyLWGFkY6Q39RnTLAzj6_8x9GH1nK41_bS89ZAq3vSRluejPOf5VOzbZMNJaUQg9ENavWabS9erGj_JGjlEO-ZaONKha-qLsineMKFlDSClXSl7WfL_-7NUIvEGxFuvn74AoSz893GzqSW_js1Jqr8Fv_6M55NOwpsGRe7OwKoSb5pDmijAJ0EaKefpvdoiMUhdm0n8Bw4CEEpci_sTImmX9Jh1M-IfDfZXOrtcPnScWhc7DHX11W0aUvdrr_J3KthTAEAtxY5KyZFcCHq5HDvj8-hGx41dAmatSvKfgmxb-7dZRjOFGZGmbV5l0nuXgordpEULNTKLIa9b7t5oWrF5mGk1cu66cStorNQauKBX42oSEHnGG_Vsz1PeaU23n7MZuj5S91U8t-u7xegc0KrqgCQEpAV1fR7AMde0Z21DqLBnTU2wihcPsqtThVATnfaKm0g7v5egd7m6yINIQfnDiEmj0DgRahtwS6QkaretF5xi0fv5WshlLTu596ahx8da2pmQstGfMHCjsPRYO_dCbFIegz7dRp4HjoSlO-dqETzgFyj-NUz14NY-nVMcpUj04tC7KS9v7k34mbEgi40wbAvnlSfTwGaGB8ol0X8agCs8mYT1hS11OvM7jgJbmAegyhtMRzmcXgsvCE-n-Y-Af_FZU_4ufFRef2AVmXm9gN0dZjIW30jwRFq7hBWnY_0W_-L7l3U_NxH5MCMtcsxcL5My3zMmFb4tfsu2J4jzGibjI8_I2CrvXtTqLGztBXO7I9XYGljTkrSsmMu8dJBU5Z4kDCy3E8-KjFUdEdR4ftyNXJd8KstnIeRwCVw0U_X70EkwzH8dpwWmzPuN9pCQ0SLyIDuMoIpEPGmSz0vOi_NOyrqKhWK1zpCI30rMqGywB-K5-rHRzKX_i3Ss1kIqOqOqOGDxB2yEdJAlwwPv6ZKote5wsSeUacxOs04GNrNd_99aEGuQmQ18RtcLqpzPM00HgS4Q0-iuMyjZUiMIaSkyY_7I3uUzQIJC-kiiSrTHJoWdjx3VBzM49LX9v_FSR_jTcEfzasgsNiL6OfoyxjWizDOWW3dRzckqdpXWO6PWORHeexdsbFJwx8wPffZqmOwsZxvUX1SUFB6M3jjjOcIMlQM4PXCrp9bUpCFCRtSRsvFtX286xfu9KFMQajNhcFKwr0L63BIcuruMejPYL8UaNWMjB468Pnp0tFBYTB7plaW8ty0srs3xkV9969-4o8lqPKLkNMjPkBzpb4B9BXgn9IZK-UbiF4hl344BvLF_APFIt30YT7EUyjPXCJLgPLoshwX-18tH_D0nQCXcoCDvFLdchMAawXjSoqALMiHdukJ12jJCMwi5zzSCpS3VhihyBG77P_pI0ULR8dGCwuhDZxk3p6Q4mCyt-MUylULyYYhZn3b0bWPZxbXHBG4m7NYAxNpbHsfHgWzHc1JvQfNUHFSyH71F7gXKtyx7GzMFx4ajNutCmNLXFAuL3X0AhP2r7O2OU4jRDt0gEgankhAEiLW_dY4ms6plBuMLwJ9DZCxHV1jBsxKe5ehj7cB8uCvyy49H_vs5bmNVSCmrjIKlcyudWkIb8e5iEsFpsmmptiyrnfD3vheYiHk2VCU-fyfV3CIO9n-OYumZ2HRvpx00sY-B2ep9bZ0lmLIUq_hiP4B4gzir6q0Y9DOookiqDPwMeeFt6RVWMOk7SraoQOPyriA0Np3rE54PTOQsIM7zaJtwzFkwiNpthFsaVb0tHKCEtN47078PbxTAfI4rF3hPFDk15FN638Dt5D4RRoD6gxMbw__NqK2DDJy--uLMDf31XB_lRuzbdt5xub71TKin1MNOt4nPZk9bSdjM-gIwGXpQzXaCDzDsYycPOzx53BXu3CVsMrxjmmvP7bszTd0s3_Mwoh-8pr5LwZDlZ3qmGJ-YCLVYr5wqEOSnQtzCtxdfEGguEzNhrurANVzvlgGJdHxU2EhVafVLje_kV-zxCVJxnJ426FWTZBNRcKGzKtH26F_0Xz8pHV-n04b76fgGR991sRh-DPQXAmVl7rAFtFecAYBoJi1mJDeUb4_YzUFGpgVVsLFWKu7y-PdJTgb91nplK82zGt4eM0-V80w8dc7ZotyJfGxRI6rD2xsnyg79O7VnwQZratkV5AZ3MthgM17WxZfNdMTUbKhj2SdN8IHrAu_wZsRxM-hwNl3yohoopkRYhyeh4EnnPCLiFj5g6Kii_jNO4OZyJkFsRqJ0YRQ4y7uENCWwnRTQ6j38kNRxMmbrk1nZqIv6IOdd-6qdnz1Le9e3WQdXwjLpHlyz5Lg_hYH4YB0w9G1ccOEq8Fw1W1P4RZvA-E2AfW7TwEb9uHwjgSuz0JxVjv-DdLpFbM1Oj_SjBEYXs86yBVE5xIToFBB1QIACFHrSDelB4xEM7n6r9TpbquF18RSw3wY1of-CWGW04fOcEyBNJAd8IIIbr1M9omZfYR2VeZg8HRffMIzmaPDr90_5mgY8k83JrcEqdjZ7YRXYxmDV_eEEVFwcudgJ_IrvygMsm4_lY4biL_O5DqWn3IH1-r9RrCGPyGoEllCXVy9xZMVkd-Hj5l-mm8cpbrdfwXDVZF7odRAuMJ6fPTU7RwtIE89qurI5c5NbxfrBD8-rd0GXbqKA2UqmMiqInYZ3xcLGBeSSezWqebhtGhYIABIS5Gi_8bE2d8NO71m5NxGnvLcGYAE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 07:07:13 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame A2EC 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU8axF8QPuCzIfC2WZ0v7IMvGvt5D8Bwp9U-SDKtSym1TC3two&d=CnkAoCZ_4H51IzU_YhNUn1N5_ew6YkFHdgXMocpcaNFdWEenvlNQfFzcoiLBHJrVRRXD_KGzunsTpfJGpRH3JxHfusVZlHAwWNi9G59u-azVM9V5S4WIMv7YZGpYJjSZWAW3MPdqx8RkdgXm_uJcpDkDY8EETM3utLnAEukSAKAmf-ClJq3xRlRfFtbgriUmHDowivqxp4PIOwX31rpZ_S-VPCNaW2itx6XAvadZJ4V76ASms2IVTrIMNtUESaLRV__gi-aNlmm2ahpimNyo-8SaOMaHnWqVTXw1s6YLq7hPIwtBy4-lrCIQ32iEcX38UcnafXJjQJUbXZfWbc3O4KG4-THeWMvsf2rme5ecphMGdfjFFctHXHs9X22X3hM04sZx4kEfJWGcJLP7SqoKfchJDkflGt8QOjJtyJczhEReyKepkBeEMPWJ3jYN51dqW_zPzMRPZ7QaSzFx4_mESktphCG-vbzrg1XPMbwGiLSaC6Xm_9N6MYC1XtwvUQXcxuzpmQUlNfdLCIfcD-enqsK0Y8_6YJLlxK3wfYE4t9CkRH0X8_kVHTtszQAnFL83u6TmHzhqUD-igQYGZoe3Kj8rTDAADdGRN1lE9dfBngUv370xLpSnDjSDQRmMH4xQ68tAJgHmTFxohoYC9QxgXs713cf94WkWFTco8J2n573BCnIB9jEuX5QwaOpOumBFSDyLWGFkY6Q39RnTLAzj6_8x9GH1nK41_bS89ZAq3vSRluejPOf5VOzbZMNJaUQg9ENavWabS9erGj_JGjlEO-ZaONKha-qLsineMKFlDSClXSl7WfL_-7NUIvEGxFuvn74AoSz893GzqSW_js1Jqr8Fv_6M55NOwpsGRe7OwKoSb5pDmijAJ0EaKefpvdoiMUhdm0n8Bw4CEEpci_sTImmX9Jh1M-IfDfZXOrtcPnScWhc7DHX11W0aUvdrr_J3KthTAEAtxY5KyZFcCHq5HDvj8-hGx41dAmatSvKfgmxb-7dZRjOFGZGmbV5l0nuXgordpEULNTKLIa9b7t5oWrF5mGk1cu66cStorNQauKBX42oSEHnGG_Vsz1PeaU23n7MZuj5S91U8t-u7xegc0KrqgCQEpAV1fR7AMde0Z21DqLBnTU2wihcPsqtThVATnfaKm0g7v5egd7m6yINIQfnDiEmj0DgRahtwS6QkaretF5xi0fv5WshlLTu596ahx8da2pmQstGfMHCjsPRYO_dCbFIegz7dRp4HjoSlO-dqETzgFyj-NUz14NY-nVMcpUj04tC7KS9v7k34mbEgi40wbAvnlSfTwGaGB8ol0X8agCs8mYT1hS11OvM7jgJbmAegyhtMRzmcXgsvCE-n-Y-Af_FZU_4ufFRef2AVmXm9gN0dZjIW30jwRFq7hBWnY_0W_-L7l3U_NxH5MCMtcsxcL5My3zMmFb4tfsu2J4jzGibjI8_I2CrvXtTqLGztBXO7I9XYGljTkrSsmMu8dJBU5Z4kDCy3E8-KjFUdEdR4ftyNXJd8KstnIeRwCVw0U_X70EkwzH8dpwWmzPuN9pCQ0SLyIDuMoIpEPGmSz0vOi_NOyrqKhWK1zpCI30rMqGywB-K5-rHRzKX_i3Ss1kIqOqOqOGDxB2yEdJAlwwPv6ZKote5wsSeUacxOs04GNrNd_99aEGuQmQ18RtcLqpzPM00HgS4Q0-iuMyjZUiMIaSkyY_7I3uUzQIJC-kiiSrTHJoWdjx3VBzM49LX9v_FSR_jTcEfzasgsNiL6OfoyxjWizDOWW3dRzckqdpXWO6PWORHeexdsbFJwx8wPffZqmOwsZxvUX1SUFB6M3jjjOcIMlQM4PXCrp9bUpCFCRtSRsvFtX286xfu9KFMQajNhcFKwr0L63BIcuruMejPYL8UaNWMjB468Pnp0tFBYTB7plaW8ty0srs3xkV9969-4o8lqPKLkNMjPkBzpb4B9BXgn9IZK-UbiF4hl344BvLF_APFIt30YT7EUyjPXCJLgPLoshwX-18tH_D0nQCXcoCDvFLdchMAawXjSoqALMiHdukJ12jJCMwi5zzSCpS3VhihyBG77P_pI0ULR8dGCwuhDZxk3p6Q4mCyt-MUylULyYYhZn3b0bWPZxbXHBG4m7NYAxNpbHsfHgWzHc1JvQfNUHFSyH71F7gXKtyx7GzMFx4ajNutCmNLXFAuL3X0AhP2r7O2OU4jRDt0gEgankhAEiLW_dY4ms6plBuMLwJ9DZCxHV1jBsxKe5ehj7cB8uCvyy49H_vs5bmNVSCmrjIKlcyudWkIb8e5iEsFpsmmptiyrnfD3vheYiHk2VCU-fyfV3CIO9n-OYumZ2HRvpx00sY-B2ep9bZ0lmLIUq_hiP4B4gzir6q0Y9DOookiqDPwMeeFt6RVWMOk7SraoQOPyriA0Np3rE54PTOQsIM7zaJtwzFkwiNpthFsaVb0tHKCEtN47078PbxTAfI4rF3hPFDk15FN638Dt5D4RRoD6gxMbw__NqK2DDJy--uLMDf31XB_lRuzbdt5xub71TKin1MNOt4nPZk9bSdjM-gIwGXpQzXaCDzDsYycPOzx53BXu3CVsMrxjmmvP7bszTd0s3_Mwoh-8pr5LwZDlZ3qmGJ-YCLVYr5wqEOSnQtzCtxdfEGguEzNhrurANVzvlgGJdHxU2EhVafVLje_kV-zxCVJxnJ426FWTZBNRcKGzKtH26F_0Xz8pHV-n04b76fgGR991sRh-DPQXAmVl7rAFtFecAYBoJi1mJDeUb4_YzUFGpgVVsLFWKu7y-PdJTgb91nplK82zGt4eM0-V80w8dc7ZotyJfGxRI6rD2xsnyg79O7VnwQZratkV5AZ3MthgM17WxZfNdMTUbKhj2SdN8IHrAu_wZsRxM-hwNl3yohoopkRYhyeh4EnnPCLiFj5g6Kii_jNO4OZyJkFsRqJ0YRQ4y7uENCWwnRTQ6j38kNRxMmbrk1nZqIv6IOdd-6qdnz1Le9e3WQdXwjLpHlyz5Lg_hYH4YB0w9G1ccOEq8Fw1W1P4RZvA-E2AfW7TwEb9uHwjgSuz0JxVjv-DdLpFbM1Oj_SjBEYXs86yBVE5xIToFBB1QIACFHrSDelB4xEM7n6r9TpbquF18RSw3wY1of-CWGW04fOcEyBNJAd8IIIbr1M9omZfYR2VeZg8HRffMIzmaPDr90_5mgY8k83JrcEqdjZ7YRXYxmDV_eEEVFwcudgJ_IrvygMsm4_lY4biL_O5DqWn3IH1-r9RrCGPyGoEllCXVy9xZMVkd-Hj5l-mm8cpbrdfwXDVZF7odRAuMJ6fPTU7RwtIE89qurI5c5NbxfrBD8-rd0GXbqKA2UqmMiqInYZ3xcLGBeSSezWqebhtGhYIABIS5Gi_8bE2d8NO71m5NxGnvLcGYAE
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:05:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9349
x-xss-protection
0
server
cafe
etag
11779355884012761328
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 07:05:25 GMT
CC_Display_VoiceVideo_728x90.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/ Frame 4668 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/CC_Display_VoiceVideo_728x90.html
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/1774599441615069123/CC_Display_VoiceVideo_728x90.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1251
date
Sun, 18 Jul 2021 06:01:46 GMT
expires
Mon, 18 Jul 2022 06:01:46 GMT
last-modified
Wed, 24 Feb 2021 00:22:18 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
349604
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 15ED 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C326SbRn5YOOXO8-o7gP96Z6wAaqV5uVj8Jafw9AN0aKb4pcOEAEg1ubFWGCRhICA_BegAfmbtuECyAEJ4AIAqAMByAMIqgSMAk_QmIYAOFZak-lOAPFMWNhB4GdHcc-aa52bPetKJddLeH-NMZKCNU80gJ3Y8C-4zdEaUPWjQgoUpmswebg3sthHsnxSLXLqbGD6VQZkFb34OZ9bBiU0qdgZVfyFTxrDXLfsab0N7Gqfo8ik8eaLV8-XG-lRxrAhvd0-9xq5Hk1mE5GgL-wLt5vmCK6817YWwNMr94e8I9MtwMApan-f9R2j8mc9R6uCDRJk986Q97LQVF9tw8a5Ba3_zrsomZhlUEZuX2ntBPFcu40e2IVJ-QP3v2CwfFEdKSq4r9pVXRH1uhLioEL0R0n3CLWKJmBSRsesIPYE6kPmDao5CxBFHRwa_qSM5w0EVbMQMpfABJXrpp-2A-AEAZIFBAgEGAGSBQQIBRgEoAYugAfv48meAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDExgjSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTg3NjQ4ODM1MzQzNjY4ODeACgPICwHYEwyIFAHQFQGYFgGAFwGyFxoKGAgAEhRwdWItMjEyODc1NzE2NzgxMjY2Mw&sigh=W6FcA1qmAkE&template_id=419
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 15ED 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
209
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 07:05:01 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 15ED 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 07:06:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 15ED 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626736020213958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 15ED 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 07:02:37 GMT
l
www.google.com/ads/measurement/ Frame 15ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2sDwVWLk0AnpT8M8-iP0Pa90g_lv841VWP50zgf95Fd89vfFNKF-sMqW112m05hCuxQuHyIjJ9CdGAhr6lsyuu8Iy_Q
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 31CE 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Thu, 22 Jul 2021 05:54:42 GMT
expires
Fri, 22 Jul 2022 05:54:42 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6D32 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-URbY/SG1r4xyYxQdp4igSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

expires
Thu, 22 Jul 2021 07:08:30 GMT
date
Thu, 22 Jul 2021 07:08:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-URbY/SG1r4xyYxQdp4igSA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071901&jk=1145328381627518&bg=!MDOlM3fNAAbnC78O5ws7ACkAdvg8Wg2Mkz24Wj6VCS05qLpt2PUNnXHPACdCrP0wOCHHz9p93YfvXAIAAAEeUgAAAHJoAQcKAGnxq1fSDXStId0ccn7Q5wpJakJKP1lHaSEOGEQ1fDvkRCihrEuQVIFUUKKA9rgoN1Cb279V-8Du8ToMR_C2IF170LU1094UfItNLWm0B0IrqNxN5t_BQsJPcAvOqUnzUbCFV5lJk2JJfQiZAoQyj-arEX9xLBhMsJtlDOheNNriqtBH46vQ1KklkepjgoACg4BYWtOziJMuM8sQYeY5E_-H83C1Nf-tXv7G9jrcZheXW1Fl8Ywc7n1TehsXqX_BYqME_csc4-qAVApj_bEmKT1vRKtInnO4rtYTsU-xuATxSnMVyP4Wk3n6K1gYIMogCkZO_wD3mYmtrQxQ-tfNTq4Bn7y48eBGRhS1b9ccWnIB-QLa0NxvevIlVWZDfs1laCjKhQbRLan1La7MAiz25OyrNhNNAp3u5N2DaLqK5McN1fKuKsK4sa_ercOkAXsfpvGWMGsIJ5yWGI4SqY8UjOOie2_aFDjAg989Dmj7C2cOC5Xq012XReU36H2DkGtvdsdvkW8fKI5pXB4sFBOPoLHb8PjMf4PP-R58lgUnFPRP0R6Unkc8W54gBFRA3oO-nzl48qjGjFH-1bP-eNzq0rfcBO0hnRhsK4UutO-LCoaf2O3P_bHDsXnGFjj8VOEku0V_gvOD-7B2QdrvY143umE8NJHJ0DM0CA0U-nx8DD-zJjOGMfwd42XXxsON9f9LHHmcBBV1IFPqvHlxosDx4Sr0Wu5_bIz_aH1_817mtYfoO8wkHVsdE30GhWp-z8evqPB32F9Kbf93snk3s3b4-3s08fVbEeOzXPY-_EaFFFQcprYWCj3rEh_CI4T7n99OJcqVwJ0PHELzTWGKeZk9pZJNQX0Gu-GPcWGLuvkTLnFjdE5d8rs_wfODpRzdP-WTw6zNUDXL9QZbAofy5MjTDfgWKA38tcpm5kqLNMF4ksr7cSrioW0kiEuuCoQkPqNPQo3iOk5WmeJaGzFQ3IV4bRJBoUNWLNSYP68llnYfaGryUA
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EC62 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY3czZlQEwAQ&v=APEucNWYmmOYh2vcCAbAExMf1OPnwG9YwlEh8L9eq89h3jAve_8TiPiDggif0rOl6gFKpM1TYJsHgjQw1MBKC_UnVR0-JGYYanvv9LVa2oIHa5oVirCynB81XrjzLyXAuAwuXFxvcxmejAneAq0ueJJ0cSr6QYwHZQM7Rfx-FAwrrAqwQHn6CSs
Requested by
Host: 89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
URL: https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsY3czZlQEwAQ&v=APEucNWYmmOYh2vcCAbAExMf1OPnwG9YwlEh8L9eq89h3jAve_8TiPiDggif0rOl6gFKpM1TYJsHgjQw1MBKC_UnVR0-JGYYanvv9LVa2oIHa5oVirCynB81XrjzLyXAuAwuXFxvcxmejAneAq0ueJJ0cSr6QYwHZQM7Rfx-FAwrrAqwQHn6CSs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlGMlCiuI-o8YmKQtvposZe_2fzxWxMikrLzwnwt-zYnseS7vcUTktb67Ric-o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 22 Jul 2021 07:08:30 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame C3C6 		25 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ap17dA-J8Pvp1-rB_EsWMR9lLtspf0_E84635jofIQXA4qGNNwqGBvY6KR7cJ_9IvgK2Kj45_5CAJhSQQWoivDue32nAJP2JVgYDrLOgD8fBVFS6lE1kKbvF2VnqtT-udz9wOJQD-Ucj7Y2rKYW14_9OXb5Q&cry=1&dbm_d=AKAmf-BCqaT-ukW9xgeeek6FjN_znIGZaiAaErVnqnAHo1n-acNofuqPmXUEJO-DDlhZr93aAOVcRgW6HhZZWCcZzZnCGjKe4Cc0dc_MP8ariOREGeJhm1ls4RgmAB_IiIPdQ7DVSEj-3deveTBnAHXkfGKMPCajKMlsZF366LjIi0GmotvZL4lIA6btTetbYHdXU4IIK8t6Euk6KblOUzLwr2jTxq0SHCn9YObMynuglB6wzgbDl-8lKUfBU63XgV6WHXr9E9QywCtcjcvpDG6jMObIjWgPDAmaClgQ5CsMw_MZ5Toj-I821dtTSzk2hXNwmp5CGAG93bsfYXagUP9Yg6-kxrFeW22qzmwOpbc5gHJt9Ze2amdS7TvbnyoQdEtzA3_H7s6-8qO6mUm-NazBbqDCNC9Y8yv4asrayM_fbnVHeOserBl5r5RqNFjuEdvizpq-NQ625SpHf_rYpDx-tOtqOwH2C7BhhFNVKklf5ea1IlCfoQ6yhq8fHuPdIQrgNiQzBR3yyBRLaLfwwdrPFP3sNsmDU2H3_p9lAJvxGglsBQE7ReybyV5NV9rksD06FDU9iJPDcegDEhTsgV8PeDQa1bym57vaFdkumy2FwEn2GdNPHKxaJXIFrvDt-0iRIQ6ZZ8fq54utPfGB74fCCja04C3rZFKIbGS6-6VUTZS3ytS0BgtOROeMvNfe954g5EysNW6a6FostV5RWc-_-KXlY-Sv4wCIMDqF18Kb8U2eYunk4yOfN2EqBTS6zCR96j2bl4ar8BH-haIMFu87_lt6BzdFI1d4Px71e4i7viXvkISHvQ0700kGquoG411dmgae5VHi32kSWRrwzaQ2S4-yadWHXy4fpb218GLOWWvSvYurTgkTOKjX-nKTrj9CQlDFNqm7MHnm_2GgDakquN14SHOJLf1civhYzj5gLx4HFeA_FfR7s41qebEXLJ8skmDRqoSMMfJsbHNOIlPC4CzqlRTpUL26yonfH463Kx2g2aKrjXqmt3dHMHVYguMsKDXSPwCvvXgglvzC9mRvkle_R2V1GjY-DPsWN1bKgVy7hRHQWfC5k4mtOZ1JxPYFM07uAi0MdAWsJ7g9Ae00nPcNpSwAGhwyHnDKXegGadh57EZu-FrTrfBWkXxD6zbpRTY3oq43NUg4fyfbFEbcuSzCpGHaCnWgNTK5iGjGeeYAiN5ginpLTUiwYHVVLueKp9p66uglVQ2DVOz96d1q4tuoEut7ttsTU4rBXWGc3JEvXP6npAxQtKol6JPJwHPIDVlCE7t3rQ6XCw0v1t3MbxRnkwI0foO3v_RKaAsEw4paI1pde798dlAJenC_o2W1FH-8NjZRpz8N3zDmMsJSvWZ9Ix2RQE58vuAgvBQBhUSWVN0CBLCOE2QKoAdmk6cDWtm0fsvQ1e6QiBUXbPOFVlL-rFwhIgE2vCWI68GgUOnk0NsnLkfl8DOyEQNRivkSMp2w46LblBo-_rRNLPBTfgVifpvfuZM7x3zkfXeUXdljMAmWpR81_UIbFay8SxQA_gPu6SQy5NmPLj06x2Hcfw3QlDMuD1rARfXO4Ot4HQB2HQbkiK1_BWs8tIpkkqhKgFkItWXoeWR-djMcZJv5jsS1xqxum7D38FEUZdiSdqgsmA5oPyWxADuFwKwSlAhHqyL_UD6-PEK2M1_f89qE9MSwJUzgixEAlOg7S4w3arJRPpcusH9oSUVmp1yXtZAxoYCORR8UetH4sEXNb1Kid9B9xTj3jsG4Ojt4eIvK6uNf62QLcwGyObgNqm4lq_2B7qfuhh-tejCelqzskz9k_AjQ9ucawH3hD7R2eyt-p_uRjl-SrlVd_KUNt-gA8Uj4yV0EMPENC10pTF48blUhYK0EoRkPKCPIJCGzWNILWjUbAxSW1fsKcxqxsJNgRZmGwMuDU6BzfVyJVcyl-fcpNCo5AmfaV76EgRe_IsU8hHefppaAf2_rz_pb3mlHr5rL0zFfH_StGZUX_nO0GGeh0IszbDDD8niLiL0QYVskWxQ3TED2XLhbXgxtoC0nvZdQY4sH7mQznTp6D4CkhY7VR9H_xBO184KLLQCAuwVH-xY3saR1NN66yruIVuKNLtm4SufZIrC02NJT2KgArGlhVha4u9p859IxFnhHC46MmmDcdRRrdEc7gYtWVxYbH_Z7FtloD2IZLPTIAq7UJGGPAdjbPILWPxGdWXbtx3BxHnJfpSRMvHptbek-DFo_804_IQKfT7CjdM6qTAQEiGTqcwPU7MPJO04H6gPcBZxwgrxK-pXyBaMlVUOK6OZiRjoyyJgTteHRM3pEkJ2Y66DBHG7IUjn2fLV1acUZK_iWQe14fsXIMXGSBaUTAkWb5wFrnq_XmMfu6aiFsxVlDoi1nbTU8EruO5AVJZmwy8j5uODEQxYKv3HWje-zrsd7quKsUjyaO1HuaR1NhzI9G1JZZEYRRQykFeoya2_tdOGJLIG8FrA0dFvFT7B2caRb78Ux4VbRmfj7f9J8oPAG_6wO3suu5Jpjr1ErMUsMShwYYpJKX4s-_bbz9_xtRNUXCTyjhdk6onRBKG0EgqA47pFU50Xe4d0aA91uebO06xdPaLko6aX_oaPC6vgyCOU9qhlL5EdALZn6QRYb_cUumzdMtrtIUgVzEWj6uFLMjYaADHHZo_ENvjyeDifVZK3RMcLdGPMNENAS1TmRXxWACkE-UMwo8I53NI-aQY75At68ofHpeNBio27VhysNkUdgvoVHi0_9va5n0TIuzWGe52XfNBCEVUs5a8vLRzmE7mIUiaFvAzxG22r_9VqvFbQL2jEDlUMt2p0K8OFGQYxanddGFOUAa3LtaHHKhSmQIZIUiPARp83puGgGNfpXwDpDKdNfzthioODN5WXjQk4myJeW2r9BxTjOHPmjPYH8QRoEbvsQg6Iv1OmsabxDrw2QsJfFau5L2MTT1JqfWqhH6ELpvnJ7WV3BqO4erzeEdg7yedVpD05SA2ExCV9TQ_xYdxpVEE0IH9BXtKXsb1bAwmvue4CGUFCeiBNB2noYm0kIRNaRdxWgfDSW48-WhCkZpXDrUpjExsqDLXv5EoxNjMP5Zjzc_YXMlz4ZQ549NpcnhugIzUevyCwi7tLOsUbI4ySTsi7Cq8COY_2oIAVWtptd0xtyWQF88wg8eJO6PL83yoWH8mYyko5Rvw-NdFpXqZKj8VGNivWLyZfmwVISp2QyVbq8ZdgFUkAOXpTweLV8Bk4q3EAR-QpsRNRpLm6ywnMGKFkCblKDqHkkC-cD6Vi-BucRsFIqbOMrjoCh_WlrGnoHpFrbx7SCqC5XR5H4QZ-92b84R8JhiPxjYwYz283LnzptibMcMQ&cid=CAASEuRoF3N0AXm7WwhaoCewt1XRqA&rfl=3%2Chttps%253A%252F%252Fwww.themoscowtimes.com%242%2C%2Chttps%253A%252F%252Fwww.themoscowtimes.com%252F%240
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12864
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C3C6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BmGWLhJNZFsyRsiHTe0gpJsHe_akdp8PRqt1RBWIBWc-GzAVCcFwXv2qyBtA5-NB7ll2OutUAfUCxpd88UNI-0nCCz0xha50QXWItvGOcimtpzIXQ
Requested by
Host: 89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
URL: https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame C3C6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: 89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
URL: https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
103
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 07:06:47 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C3C6 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
URL: https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1626736020213958"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:30 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame C3C6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
URL: https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:02:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 07:02:37 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7ED8 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 21 Jul 2021 23:32:24 GMT
expires
Thu, 21 Jul 2022 23:32:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
27366
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cdb
bidder.criteo.com/ Frame 0595 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 0595 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
cb3373d1-e3a3-4933-9f57-fddd523b6cfe
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 0595 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://likevertising.com
date
Thu, 22 Jul 2021 07:08:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
merge
ce.lijit.com/ Frame 7A16 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=7f8b95aa-6afa-070e-3f4b-55b08363802d&gdpr=1&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7A16
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b88e60f9-196e-4700-8a0b-e8ed8f33e4d8
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b88e60f9-196e-4700-8a0b-e8ed8f33e4d8
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 22 Jul 2021 07:08:31 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x30
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b88e60f9-196e-4700-8a0b-e8ed8f33e4d8
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Jul 2021 07:08:30 GMT
sd
us-u.openx.net/w/1.0/ Frame 7A16
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=vbAWMLq5Rm-mtEY57-RdOLuwSTym5RI96uIncjY0
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=vbAWMLq5Rm-mtEY57-RdOLuwSTym5RI96uIncjY0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=vbAWMLq5Rm-mtEY57-RdOLuwSTym5RI96uIncjY0
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 7A16
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=286919147265762957
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=286919147265762957
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=286919147265762957
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 7A16 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=13654b6a-804e-3d03-78f7-e316fbd2bf7f&gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 7A16 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2YwYTk4YTAtNDkzOS02M2E3LTZkMTctYjlhZjMxMzA3MTFm
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7A16
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPGo0Hyqz6NhW2RlZB5_Jjo&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPGo0Hyqz6NhW2RlZB5_Jjo&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?cc=1&id=dc2068a3-fa3d-4b5f-8a61-3d5a1a58fc05&ph=21f03281-5b83-4670-a0e0-dc15f7542014&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D76%263pid%3D%7BOPENX_ID%7D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash

Request headers

Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPGo0Hyqz6NhW2RlZB5_Jjo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8B23 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Thu, 22 Jul 2021 05:54:42 GMT
expires
Fri, 22 Jul 2022 05:54:42 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6056 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IwGrr+My38YdMHnqPkRm+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.themoscowtimes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.themoscowtimes.com/

Response headers

expires
Thu, 22 Jul 2021 07:08:30 GMT
date
Thu, 22 Jul 2021 07:08:30 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-IwGrr+My38YdMHnqPkRm+g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
prebid.js
cdn.adtrue.com/pb/ Frame 3AB2 		257 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/pb/prebid.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=17495&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=492262664&timeZone=2&adWidth=300&adHeight=250&loc=https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 05:31:13 GMT
server
cloudflare
age
10490814
etag
W/"5f3f5c21-405dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
672ad69408345363-FRA
expires
Thu, 17 Mar 2022 21:01:36 GMT
pwt.js
ads.pubmatic.com/AdServer/js/pwt/155495/4202/ Frame 3AB2 		250 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
last-modified
Wed, 12 May 2021 10:00:55 GMT
server
Apache/2.2.15 (CentOS)
etag
"1241a12-3e6b0-5c21f162d696a"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=36421
accept-ranges
bytes
content-type
text/javascript
content-length
78804
expires
Thu, 22 Jul 2021 17:15:31 GMT
ga.js
cdn-adtrue.com/track/ Frame 3AB2 		751 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-adtrue.com/track/ga.js
Requested by
Host: exchange.adtrue.com
URL: https://exchange.adtrue.com/delivery/impress?pzoneid=17495&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&cb=492262664&timeZone=2&adWidth=300&adHeight=250&loc=https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
9688519
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Thu, 01 Apr 2021 03:35:26 GMT
server
cloudflare
etag
W/"60653f7e-2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7KsiDlS2jrrmLvcJaI4ZP0u%2BlMIkb%2B%2BKv2yjc2AalzbHW2cQ7DsdgTd9OyCt4J5mRLICS79DPvMH80czRMxqVQ%2BziPoWd3liHVHkVM7%2FhKygA%2Bps2QEmC4yvmHaTKxzfHMnzLPh0LXRUQkQVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
672ad6943f550746-FRA
expires
Sun, 27 Mar 2022 03:53:11 GMT
t.dhj
pxdrop.lijit.com/1/d/ Frame BA68 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=likevertising.com&GDPR_v2=&pubid=AdPone1
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:30 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Thu, 22 Jul 2021 07:08:30 GMT
ct
ap.lijit.com/data/ Frame BA68 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_689163_64c7450fef2241569ad36138e6c19fa3&zoneid=689163&cid=18&geo=NL&all_tags=248%2C429%2C458%2C465%2C490%2C523%2C543%2C578%2C590%2C600&tss=179&fired_tags=590&count=1&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C32&elapsed_ms=180
Requested by
Host: likevertising.com
URL: https://likevertising.com/counter?i=ozq8lklz3e1znpqig3c&a=212f87a9373ade82747a9703475edc401&cb=5089751626937709526
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:30 GMT
Server
nginx
X-Sovrn-Pod
ad_ap7ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/ Frame 8A3C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=4237664890651439057
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=4237664890651439057
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:34 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ade84d18-9559-4cfc-b72f-5ddfd1dd89c6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=4237664890651439057
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 8A3C 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.55.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-55-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
sync
sync.srv.stackadapt.com/ Frame 8A3C 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.16.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-16-83.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:34 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync
rtb.gumgum.com/ Frame 8A3C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1&gdpr=1&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=&gdpr=1
Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
78
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 8A3C
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://rtb.gumgum.com/usersync?b=rhy&i=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
rtb.gumgum.com/ Frame 8A3C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=0eZ20hsQWdE6&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=0eZ20hsQWdE6&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:33 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=0eZ20hsQWdE6&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-589cbd599f-mx4r4
expires
-1
um
cs.emxdgt.com/ Frame 8A3C
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=1&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%28bn4CWn7FMgVF6c6lx2bBCB809gNCa-_M0HIXPjWOwtBhsC9SBouGOX6y6Ea00NuX%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1&obuid=ENC(bn4CWn7FMgVF6c6lx2bBCB809gNCa-_M0HIXPjWOwtBhsC9SBouGOX6y6Ea00NuX)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24%7BUID%7D%26obUid%3Dbn4CWn7FMgVF6c6lx2bBCB809gNCa-_M0HIXPjWOwtBhsC9SBouGOX6y6Ea00NuX%0A%0A
0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24%7BUID%7D%26obUid%3Dbn4CWn7FMgVF6c6lx2bBCB809gNCa-_M0HIXPjWOwtBhsC9SBouGOX6y6Ea00NuX%0A%0A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
content-length
0
content-type
text/html

Redirect headers

Location
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24%7BUID%7D%26obUid%3Dbn4CWn7FMgVF6c6lx2bBCB809gNCa-_M0HIXPjWOwtBhsC9SBouGOX6y6Ea00NuX%0A%0A
Date
Thu, 22 Jul 2021 07:08:32 GMT
X-TraceId
402732e2cc6d14c74350ad6a36ef87d3
Content-Length
0
usersync
rtb.gumgum.com/ Frame 8A3C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=e458ef1a-a85b-0555-1f8c-f3fb3382be39
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=e458ef1a-a85b-0555-1f8c-f3fb3382be39
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:30 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
server
OXGW/16.211.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=e458ef1a-a85b-0555-1f8c-f3fb3382be39
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 8A3C
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=1&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-08mGCX5E2pcC2M4gx_sufEElwFFb_ZRzJ.KL~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-08mGCX5E2pcC2M4gx_sufEElwFFb_ZRzJ.KL~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Thu, 22 Jul 2021 07:08:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-08mGCX5E2pcC2M4gx_sufEElwFFb_ZRzJ.KL~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 8A3C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%...
  • https://rtb.gumgum.com/usersync?b=vnt&i=a8147900-eabb-11eb-9cc7-0d125e564534
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=a8147900-eabb-11eb-9cc7-0d125e564534
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:46 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=a8147900-eabb-11eb-9cc7-0d125e564534
Date
Thu, 22 Jul 2021 07:08:46 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
a8147901-eabb-11eb-9cc7-0d125e564534
services
sync.technoratimedia.com/ Frame 8A3C 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:46 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
1038091770
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 8A3C 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:46 GMT
content-length
0
server
a
usersync
rtb.gumgum.com/ Frame 8A3C
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=d138651a-a164-465b-83c3-95e7b5161e4d
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=d138651a-a164-465b-83c3-95e7b5161e4d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:46 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=d138651a-a164-465b-83c3-95e7b5161e4d
date
Thu, 22 Jul 2021 07:08:46 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 8A3C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15
  • https://rtb.gumgum.com/usersync?b=sad&i=891245554246134967&gdpr=1&gdpr_consent=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sad&i=891245554246134967&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=sad&i=891245554246134967&gdpr=1&gdpr_consent=
date
Thu, 22 Jul 2021 07:08:33 GMT
content-length
0
merge
ce.lijit.com/ Frame 8A3C 		43 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=36&3pid=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:32 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FDE0 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=1&gdprConsent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=101305
expires
Fri, 23 Jul 2021 11:16:55 GMT
date
Thu, 22 Jul 2021 07:08:30 GMT
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 31C3 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
match.adsrvr.org
:scheme
https
:path
/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-type
image/gif
content-length
70
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usync.html
eus.rubiconproject.com/ Frame CAA5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 22 Jul 2021 07:08:46 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=gumgum
Date
Thu, 22 Jul 2021 07:08:46 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
usersync
rtb.gumgum.com/ Frame 6F2A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=1&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=05b960f9-196e-4400-b728-b9fce4eafa30&gdpr=1&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=05b960f9-196e-4400-b728-b9fce4eafa30&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=05b960f9-196e-4400-b728-b9fce4eafa30&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Thu, 22 Jul 2021 07:08:31 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3810 5cb7d7e master zrh-pixel-x30
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=05b960f9-196e-4400-b728-b9fce4eafa30; domain=.mathtag.com; path=/; expires=Fri, 19-Aug-2022 07:08:30 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=05b960f9-196e-4400-b728-b9fce4eafa30&gdpr=1&gdpr_consent=
Expires
Thu, 22 Jul 2021 07:08:30 GMT
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 9E21
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YPkZcAAC1ozDQABg
85 B
162 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YPkZcAAC1ozDQABg
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

:method
GET
:authority
sync-tm.everesttech.net
:scheme
https
:path
/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YPkZcAAC1ozDQABg
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
everest_g_v2=g_surferid~YPkZcAAC1p7DQQBg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish
age
9
x-served-by
cache-fra19123-FRA
x-cache
HIT
x-cache-hits
23
x-timer
S1626937712.267857,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
85

Redirect headers

p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
set-cookie
everest_g_v2=g_surferid~YPkZcAAC1ozDQABg; Path=/; Domain=.everesttech.net; Expires=Fri, 22-Jul-2022 07:08:32 GMT; Max-Age=31536000;SameSite=None;Secure
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=1&gdpr_consent=&_test=YPkZcAAC1ozDQABg
server
Jetty(9.4.35.v20201120)
accept-ranges
bytes
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish
x-served-by
cache-fra19123-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1626937712.149306,VS0,VE92
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 21E5 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8xOTNhOGY2Ny01NGM5LTQ3ZmItYjhkYi1lNWQxOGNlMjVmZTE=&gdpr=1&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV8xOTNhOGY2Ny01NGM5LTQ3ZmItYjhkYi1lNWQxOGNlMjVmZTE=&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlGMlCiuI-o8YmKQtvposZe_2fzxWxMikrLzwnwt-zYnseS7vcUTktb67Ric-o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Thu, 22 Jul 2021 07:08:30 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
ssc-cms.33across.com/ps/ Frame 951D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
Software
33XP003 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&id=0013300001r0t9mAAA&ru=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dtta%26i%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

x-33x-status
2000208
server
33XP003
date
Thu, 22 Jul 2021 07:08:45 GMT
um
cs.emxdgt.com/ Frame BDBF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Thu, 22 Jul 2021 07:08:32 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame CAC8
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YPkZfsCo5soAAM0M1boAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YPkZfsCo5soAAM0M1boAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YPkZfsCo5soAAM0M1boAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 22 Jul 2021 07:08:46 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Thu, 22 Jul 2021 07:08:46 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YPkZfsCo5soAAM0M1boAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-Ads-Time
2
X-SO-HostName
a-ad40070.dc2p.scaleout.jp
X-SO-LB-Hostname
a-tgng40006.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":22,"gdpr":true,"ipv4":"0.0.0.0","key":"YPkZfsCo5soAAM0M1boAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40070"}
X-SO-Key
YPkZfsCo5soAAM0M1boAAAAA
X-SO-IP
159.48.55.63
X-SO-Cluster-ID
22
X-SO-Upstream-ID
a-ad40070
usersync
rtb.gumgum.com/ Frame 89B4
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=1870471596879379729
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=1870471596879379729
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=1870471596879379729
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Thu, 22 Jul 2021 07:08:30 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
rud=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NLMwtzQ2tzQ3shTiM9TNKS0LijdKDtbNLkqX4jU0MzIDSpobGphZGAAAwkZnszQAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 16 Aug 2022 07:08:30 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NLMwtzQ2tzQ3shTiM9TNKS0LijdKDtbNLkoHAMEA_0clAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None eud=H4sIAAAAAAAAADvEyGtoZmRmaWxubmhgZmGwSgyJb2FsCADPHGb6IAAAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 16 Aug 2022 07:08:30 GMT; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=1870471596879379729
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 5782
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://rtb.gumgum.com/usersync?b=rth&i=MNFi2M4LtkapmZKGXJzj&pi=gumgum
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=MNFi2M4LtkapmZKGXJzj&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/0608867b?r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D36%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.210.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-210-171.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=MNFi2M4LtkapmZKGXJzj&pi=gumgum
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Thu, 22 Jul 2021 07:08:30 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Thu, 22 Jul 2021 07:08:30 GMT Thu, 22 Jul 2021 07:08:30 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=MNFi2M4LtkapmZKGXJzj&pi=gumgum
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 31B4 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com
URL: https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlGMlCiuI-o8YmKQtvposZe_2fzxWxMikrLzwnwt-zYnseS7vcUTktb67Ric-o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 22 Jul 2021 06:16:24 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
3126
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 15ED 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themoscowtimes.com%2F&domain=likevertising.com&cw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://likevertising.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://likevertising.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1388
date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 0595
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themoscowtimes.com%2F&domain=likevertising.com&cw=1
  • https://mug.criteo.com/sid?cpp=Sjeq_3xnRmp2QVBzZHJXUlFvY1JvU0Y2VFA3dGswZ0p0R2xLaHNNOXlZU2RZdk5pNm1GcTBOQW55OGwzTTNBc1JIeERFZWhCTlA3cXhYZEgzWkdIUk9ObmxWUk04SVNOaGJBcjFlZWRxUCtYSkZKR3k3S0xhY1hSL29sZE...
350 B
607 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Sjeq_3xnRmp2QVBzZHJXUlFvY1JvU0Y2VFA3dGswZ0p0R2xLaHNNOXlZU2RZdk5pNm1GcTBOQW55OGwzTTNBc1JIeERFZWhCTlA3cXhYZEgzWkdIUk9ObmxWUk04SVNOaGJBcjFlZWRxUCtYSkZKR3k3S0xhY1hSL29sZEI1ZjJaZ2lRdXNGdEpkcDN1VWdQdmxDS2U0eno4RnF6UTNKWHFLeUVKVWtzM0RBZVpEeEVCZ0NWQllZVUYwSnIwL3NQUUxURTVLNVRNNENTSnVYU05udkw3OCtmejdJVnVUSHVFb01FcWMrZUNObzc5Zk4zYlZyZkdpc1RLMVdpK0N2bmVoekZkfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 22 Jul 2021 07:08:30 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2522
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 22 Jul 2021 07:08:30 GMT
location
https://mug.criteo.com/sid?cpp=Sjeq_3xnRmp2QVBzZHJXUlFvY1JvU0Y2VFA3dGswZ0p0R2xLaHNNOXlZU2RZdk5pNm1GcTBOQW55OGwzTTNBc1JIeERFZWhCTlA3cXhYZEgzWkdIUk9ObmxWUk04SVNOaGJBcjFlZWRxUCtYSkZKR3k3S0xhY1hSL29sZEI1ZjJaZ2lRdXNGdEpkcDN1VWdQdmxDS2U0eno4RnF6UTNKWHFLeUVKVWtzM0RBZVpEeEVCZ0NWQllZVUYwSnIwL3NQUUxURTVLNVRNNENTSnVYU05udkw3OCtmejdJVnVUSHVFb01FcWMrZUNObzc5Zk4zYlZyZkdpc1RLMVdpK0N2bmVoekZkfA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://likevertising.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1889
content-length
509
expires
0
index.html
s0.2mdn.net/4470817/1623242751524/ Frame 0E9E 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4470817/1623242751524/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/4470817/1623242751524/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2266
date
Wed, 21 Jul 2021 22:54:39 GMT
expires
Thu, 22 Jul 2021 22:54:39 GMT
last-modified
Wed, 09 Jun 2021 12:45:51 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
29631
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame A2EC 		0
545 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHCUKt5ehVJNgXCH5XPs8w2jyZH2ra4QhcKqzLydus2cIR93dhlx_vnE18jSLHZI-7-4aXFqpUsolsp6LuRkjCieHhLXZ3JXSStv4p0wdbzymd0BRf8gZMNdTFLmtH_1gOlwDlMC6zHOhXWsDEUvIGOltTRzCiiQ&sai=AMfl-YSNps-ZBXTgcQvfiHDjW_LfSMFr5Nog4B5gU2dpOakDUrlt9GAmiP--qyLm7IzMc3eVkJYx1G_ekfNanhDkKSO_aETDrIDXTfA&sig=Cg0ArKJSzF4O7PI6GloEEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=328&cbvp=1&cstd=316&cisv=r20210720.18133&adurl=
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame C3C6 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ap17dA-J8Pvp1-rB_EsWMR9lLtspf0_E84635jofIQXA4qGNNwqGBvY6KR7cJ_9IvgK2Kj45_5CAJhSQQWoivDue32nAJP2JVgYDrLOgD8fBVFS6lE1kKbvF2VnqtT-udz9wOJQD-Ucj7Y2rKYW14_9OXb5Q&cry=1&dbm_d=AKAmf-BCqaT-ukW9xgeeek6FjN_znIGZaiAaErVnqnAHo1n-acNofuqPmXUEJO-DDlhZr93aAOVcRgW6HhZZWCcZzZnCGjKe4Cc0dc_MP8ariOREGeJhm1ls4RgmAB_IiIPdQ7DVSEj-3deveTBnAHXkfGKMPCajKMlsZF366LjIi0GmotvZL4lIA6btTetbYHdXU4IIK8t6Euk6KblOUzLwr2jTxq0SHCn9YObMynuglB6wzgbDl-8lKUfBU63XgV6WHXr9E9QywCtcjcvpDG6jMObIjWgPDAmaClgQ5CsMw_MZ5Toj-I821dtTSzk2hXNwmp5CGAG93bsfYXagUP9Yg6-kxrFeW22qzmwOpbc5gHJt9Ze2amdS7TvbnyoQdEtzA3_H7s6-8qO6mUm-NazBbqDCNC9Y8yv4asrayM_fbnVHeOserBl5r5RqNFjuEdvizpq-NQ625SpHf_rYpDx-tOtqOwH2C7BhhFNVKklf5ea1IlCfoQ6yhq8fHuPdIQrgNiQzBR3yyBRLaLfwwdrPFP3sNsmDU2H3_p9lAJvxGglsBQE7ReybyV5NV9rksD06FDU9iJPDcegDEhTsgV8PeDQa1bym57vaFdkumy2FwEn2GdNPHKxaJXIFrvDt-0iRIQ6ZZ8fq54utPfGB74fCCja04C3rZFKIbGS6-6VUTZS3ytS0BgtOROeMvNfe954g5EysNW6a6FostV5RWc-_-KXlY-Sv4wCIMDqF18Kb8U2eYunk4yOfN2EqBTS6zCR96j2bl4ar8BH-haIMFu87_lt6BzdFI1d4Px71e4i7viXvkISHvQ0700kGquoG411dmgae5VHi32kSWRrwzaQ2S4-yadWHXy4fpb218GLOWWvSvYurTgkTOKjX-nKTrj9CQlDFNqm7MHnm_2GgDakquN14SHOJLf1civhYzj5gLx4HFeA_FfR7s41qebEXLJ8skmDRqoSMMfJsbHNOIlPC4CzqlRTpUL26yonfH463Kx2g2aKrjXqmt3dHMHVYguMsKDXSPwCvvXgglvzC9mRvkle_R2V1GjY-DPsWN1bKgVy7hRHQWfC5k4mtOZ1JxPYFM07uAi0MdAWsJ7g9Ae00nPcNpSwAGhwyHnDKXegGadh57EZu-FrTrfBWkXxD6zbpRTY3oq43NUg4fyfbFEbcuSzCpGHaCnWgNTK5iGjGeeYAiN5ginpLTUiwYHVVLueKp9p66uglVQ2DVOz96d1q4tuoEut7ttsTU4rBXWGc3JEvXP6npAxQtKol6JPJwHPIDVlCE7t3rQ6XCw0v1t3MbxRnkwI0foO3v_RKaAsEw4paI1pde798dlAJenC_o2W1FH-8NjZRpz8N3zDmMsJSvWZ9Ix2RQE58vuAgvBQBhUSWVN0CBLCOE2QKoAdmk6cDWtm0fsvQ1e6QiBUXbPOFVlL-rFwhIgE2vCWI68GgUOnk0NsnLkfl8DOyEQNRivkSMp2w46LblBo-_rRNLPBTfgVifpvfuZM7x3zkfXeUXdljMAmWpR81_UIbFay8SxQA_gPu6SQy5NmPLj06x2Hcfw3QlDMuD1rARfXO4Ot4HQB2HQbkiK1_BWs8tIpkkqhKgFkItWXoeWR-djMcZJv5jsS1xqxum7D38FEUZdiSdqgsmA5oPyWxADuFwKwSlAhHqyL_UD6-PEK2M1_f89qE9MSwJUzgixEAlOg7S4w3arJRPpcusH9oSUVmp1yXtZAxoYCORR8UetH4sEXNb1Kid9B9xTj3jsG4Ojt4eIvK6uNf62QLcwGyObgNqm4lq_2B7qfuhh-tejCelqzskz9k_AjQ9ucawH3hD7R2eyt-p_uRjl-SrlVd_KUNt-gA8Uj4yV0EMPENC10pTF48blUhYK0EoRkPKCPIJCGzWNILWjUbAxSW1fsKcxqxsJNgRZmGwMuDU6BzfVyJVcyl-fcpNCo5AmfaV76EgRe_IsU8hHefppaAf2_rz_pb3mlHr5rL0zFfH_StGZUX_nO0GGeh0IszbDDD8niLiL0QYVskWxQ3TED2XLhbXgxtoC0nvZdQY4sH7mQznTp6D4CkhY7VR9H_xBO184KLLQCAuwVH-xY3saR1NN66yruIVuKNLtm4SufZIrC02NJT2KgArGlhVha4u9p859IxFnhHC46MmmDcdRRrdEc7gYtWVxYbH_Z7FtloD2IZLPTIAq7UJGGPAdjbPILWPxGdWXbtx3BxHnJfpSRMvHptbek-DFo_804_IQKfT7CjdM6qTAQEiGTqcwPU7MPJO04H6gPcBZxwgrxK-pXyBaMlVUOK6OZiRjoyyJgTteHRM3pEkJ2Y66DBHG7IUjn2fLV1acUZK_iWQe14fsXIMXGSBaUTAkWb5wFrnq_XmMfu6aiFsxVlDoi1nbTU8EruO5AVJZmwy8j5uODEQxYKv3HWje-zrsd7quKsUjyaO1HuaR1NhzI9G1JZZEYRRQykFeoya2_tdOGJLIG8FrA0dFvFT7B2caRb78Ux4VbRmfj7f9J8oPAG_6wO3suu5Jpjr1ErMUsMShwYYpJKX4s-_bbz9_xtRNUXCTyjhdk6onRBKG0EgqA47pFU50Xe4d0aA91uebO06xdPaLko6aX_oaPC6vgyCOU9qhlL5EdALZn6QRYb_cUumzdMtrtIUgVzEWj6uFLMjYaADHHZo_ENvjyeDifVZK3RMcLdGPMNENAS1TmRXxWACkE-UMwo8I53NI-aQY75At68ofHpeNBio27VhysNkUdgvoVHi0_9va5n0TIuzWGe52XfNBCEVUs5a8vLRzmE7mIUiaFvAzxG22r_9VqvFbQL2jEDlUMt2p0K8OFGQYxanddGFOUAa3LtaHHKhSmQIZIUiPARp83puGgGNfpXwDpDKdNfzthioODN5WXjQk4myJeW2r9BxTjOHPmjPYH8QRoEbvsQg6Iv1OmsabxDrw2QsJfFau5L2MTT1JqfWqhH6ELpvnJ7WV3BqO4erzeEdg7yedVpD05SA2ExCV9TQ_xYdxpVEE0IH9BXtKXsb1bAwmvue4CGUFCeiBNB2noYm0kIRNaRdxWgfDSW48-WhCkZpXDrUpjExsqDLXv5EoxNjMP5Zjzc_YXMlz4ZQ549NpcnhugIzUevyCwi7tLOsUbI4ySTsi7Cq8COY_2oIAVWtptd0xtyWQF88wg8eJO6PL83yoWH8mYyko5Rvw-NdFpXqZKj8VGNivWLyZfmwVISp2QyVbq8ZdgFUkAOXpTweLV8Bk4q3EAR-QpsRNRpLm6ywnMGKFkCblKDqHkkC-cD6Vi-BucRsFIqbOMrjoCh_WlrGnoHpFrbx7SCqC5XR5H4QZ-92b84R8JhiPxjYwYz283LnzptibMcMQ&cid=CAASEuRoF3N0AXm7WwhaoCewt1XRqA&rfl=3%2Chttps%253A%252F%252Fwww.themoscowtimes.com%242%2C%2Chttps%253A%252F%252Fwww.themoscowtimes.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:05:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
185
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9349
x-xss-protection
0
server
cafe
etag
11779355884012761328
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 05 Aug 2021 07:05:25 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C3C6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ap17dA-J8Pvp1-rB_EsWMR9lLtspf0_E84635jofIQXA4qGNNwqGBvY6KR7cJ_9IvgK2Kj45_5CAJhSQQWoivDue32nAJP2JVgYDrLOgD8fBVFS6lE1kKbvF2VnqtT-udz9wOJQD-Ucj7Y2rKYW14_9OXb5Q&cry=1&dbm_d=AKAmf-BCqaT-ukW9xgeeek6FjN_znIGZaiAaErVnqnAHo1n-acNofuqPmXUEJO-DDlhZr93aAOVcRgW6HhZZWCcZzZnCGjKe4Cc0dc_MP8ariOREGeJhm1ls4RgmAB_IiIPdQ7DVSEj-3deveTBnAHXkfGKMPCajKMlsZF366LjIi0GmotvZL4lIA6btTetbYHdXU4IIK8t6Euk6KblOUzLwr2jTxq0SHCn9YObMynuglB6wzgbDl-8lKUfBU63XgV6WHXr9E9QywCtcjcvpDG6jMObIjWgPDAmaClgQ5CsMw_MZ5Toj-I821dtTSzk2hXNwmp5CGAG93bsfYXagUP9Yg6-kxrFeW22qzmwOpbc5gHJt9Ze2amdS7TvbnyoQdEtzA3_H7s6-8qO6mUm-NazBbqDCNC9Y8yv4asrayM_fbnVHeOserBl5r5RqNFjuEdvizpq-NQ625SpHf_rYpDx-tOtqOwH2C7BhhFNVKklf5ea1IlCfoQ6yhq8fHuPdIQrgNiQzBR3yyBRLaLfwwdrPFP3sNsmDU2H3_p9lAJvxGglsBQE7ReybyV5NV9rksD06FDU9iJPDcegDEhTsgV8PeDQa1bym57vaFdkumy2FwEn2GdNPHKxaJXIFrvDt-0iRIQ6ZZ8fq54utPfGB74fCCja04C3rZFKIbGS6-6VUTZS3ytS0BgtOROeMvNfe954g5EysNW6a6FostV5RWc-_-KXlY-Sv4wCIMDqF18Kb8U2eYunk4yOfN2EqBTS6zCR96j2bl4ar8BH-haIMFu87_lt6BzdFI1d4Px71e4i7viXvkISHvQ0700kGquoG411dmgae5VHi32kSWRrwzaQ2S4-yadWHXy4fpb218GLOWWvSvYurTgkTOKjX-nKTrj9CQlDFNqm7MHnm_2GgDakquN14SHOJLf1civhYzj5gLx4HFeA_FfR7s41qebEXLJ8skmDRqoSMMfJsbHNOIlPC4CzqlRTpUL26yonfH463Kx2g2aKrjXqmt3dHMHVYguMsKDXSPwCvvXgglvzC9mRvkle_R2V1GjY-DPsWN1bKgVy7hRHQWfC5k4mtOZ1JxPYFM07uAi0MdAWsJ7g9Ae00nPcNpSwAGhwyHnDKXegGadh57EZu-FrTrfBWkXxD6zbpRTY3oq43NUg4fyfbFEbcuSzCpGHaCnWgNTK5iGjGeeYAiN5ginpLTUiwYHVVLueKp9p66uglVQ2DVOz96d1q4tuoEut7ttsTU4rBXWGc3JEvXP6npAxQtKol6JPJwHPIDVlCE7t3rQ6XCw0v1t3MbxRnkwI0foO3v_RKaAsEw4paI1pde798dlAJenC_o2W1FH-8NjZRpz8N3zDmMsJSvWZ9Ix2RQE58vuAgvBQBhUSWVN0CBLCOE2QKoAdmk6cDWtm0fsvQ1e6QiBUXbPOFVlL-rFwhIgE2vCWI68GgUOnk0NsnLkfl8DOyEQNRivkSMp2w46LblBo-_rRNLPBTfgVifpvfuZM7x3zkfXeUXdljMAmWpR81_UIbFay8SxQA_gPu6SQy5NmPLj06x2Hcfw3QlDMuD1rARfXO4Ot4HQB2HQbkiK1_BWs8tIpkkqhKgFkItWXoeWR-djMcZJv5jsS1xqxum7D38FEUZdiSdqgsmA5oPyWxADuFwKwSlAhHqyL_UD6-PEK2M1_f89qE9MSwJUzgixEAlOg7S4w3arJRPpcusH9oSUVmp1yXtZAxoYCORR8UetH4sEXNb1Kid9B9xTj3jsG4Ojt4eIvK6uNf62QLcwGyObgNqm4lq_2B7qfuhh-tejCelqzskz9k_AjQ9ucawH3hD7R2eyt-p_uRjl-SrlVd_KUNt-gA8Uj4yV0EMPENC10pTF48blUhYK0EoRkPKCPIJCGzWNILWjUbAxSW1fsKcxqxsJNgRZmGwMuDU6BzfVyJVcyl-fcpNCo5AmfaV76EgRe_IsU8hHefppaAf2_rz_pb3mlHr5rL0zFfH_StGZUX_nO0GGeh0IszbDDD8niLiL0QYVskWxQ3TED2XLhbXgxtoC0nvZdQY4sH7mQznTp6D4CkhY7VR9H_xBO184KLLQCAuwVH-xY3saR1NN66yruIVuKNLtm4SufZIrC02NJT2KgArGlhVha4u9p859IxFnhHC46MmmDcdRRrdEc7gYtWVxYbH_Z7FtloD2IZLPTIAq7UJGGPAdjbPILWPxGdWXbtx3BxHnJfpSRMvHptbek-DFo_804_IQKfT7CjdM6qTAQEiGTqcwPU7MPJO04H6gPcBZxwgrxK-pXyBaMlVUOK6OZiRjoyyJgTteHRM3pEkJ2Y66DBHG7IUjn2fLV1acUZK_iWQe14fsXIMXGSBaUTAkWb5wFrnq_XmMfu6aiFsxVlDoi1nbTU8EruO5AVJZmwy8j5uODEQxYKv3HWje-zrsd7quKsUjyaO1HuaR1NhzI9G1JZZEYRRQykFeoya2_tdOGJLIG8FrA0dFvFT7B2caRb78Ux4VbRmfj7f9J8oPAG_6wO3suu5Jpjr1ErMUsMShwYYpJKX4s-_bbz9_xtRNUXCTyjhdk6onRBKG0EgqA47pFU50Xe4d0aA91uebO06xdPaLko6aX_oaPC6vgyCOU9qhlL5EdALZn6QRYb_cUumzdMtrtIUgVzEWj6uFLMjYaADHHZo_ENvjyeDifVZK3RMcLdGPMNENAS1TmRXxWACkE-UMwo8I53NI-aQY75At68ofHpeNBio27VhysNkUdgvoVHi0_9va5n0TIuzWGe52XfNBCEVUs5a8vLRzmE7mIUiaFvAzxG22r_9VqvFbQL2jEDlUMt2p0K8OFGQYxanddGFOUAa3LtaHHKhSmQIZIUiPARp83puGgGNfpXwDpDKdNfzthioODN5WXjQk4myJeW2r9BxTjOHPmjPYH8QRoEbvsQg6Iv1OmsabxDrw2QsJfFau5L2MTT1JqfWqhH6ELpvnJ7WV3BqO4erzeEdg7yedVpD05SA2ExCV9TQ_xYdxpVEE0IH9BXtKXsb1bAwmvue4CGUFCeiBNB2noYm0kIRNaRdxWgfDSW48-WhCkZpXDrUpjExsqDLXv5EoxNjMP5Zjzc_YXMlz4ZQ549NpcnhugIzUevyCwi7tLOsUbI4ySTsi7Cq8COY_2oIAVWtptd0xtyWQF88wg8eJO6PL83yoWH8mYyko5Rvw-NdFpXqZKj8VGNivWLyZfmwVISp2QyVbq8ZdgFUkAOXpTweLV8Bk4q3EAR-QpsRNRpLm6ywnMGKFkCblKDqHkkC-cD6Vi-BucRsFIqbOMrjoCh_WlrGnoHpFrbx7SCqC5XR5H4QZ-92b84R8JhiPxjYwYz283LnzptibMcMQ&cid=CAASEuRoF3N0AXm7WwhaoCewt1XRqA&rfl=3%2Chttps%253A%252F%252Fwww.themoscowtimes.com%242%2C%2Chttps%253A%252F%252Fwww.themoscowtimes.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 19:57:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126686
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 19:57:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4945 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
URL: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Wed, 21 Jul 2021 11:56:19 GMT
expires
Thu, 22 Jul 2021 11:56:19 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
69131
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame A2EC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
PugMaster
image6.pubmatic.com/AdServer/ Frame 7608 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58910494&p=137711&s=137812&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4668 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/CC_Display_VoiceVideo_728x90.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41561
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 22 Jul 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4668 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/CC_Display_VoiceVideo_728x90.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66658
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Thu, 22 Jul 2021 12:37:33 GMT
createjs.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/libs/1.0.0/ Frame 4668 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/libs/1.0.0/createjs.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/CC_Display_VoiceVideo_728x90.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
349604
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64179
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 00:22:18 GMT
server
sffe
date
Sun, 18 Jul 2021 06:01:47 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Jul 2022 06:01:47 GMT
CC_Display_VoiceVideo_728x90.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/ Frame 4668 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/CC_Display_VoiceVideo_728x90.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/CC_Display_VoiceVideo_728x90.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
349604
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6953
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 00:22:18 GMT
server
sffe
date
Sun, 18 Jul 2021 06:01:47 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Jul 2022 06:01:47 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Sjeq_3xnRmp2QVBzZHJXUlFvY1JvU0Y2VFA3dGswZ0p0R2xLaHNNOXlZU2RZdk5pNm1GcTBOQW55OGwzTTNBc1JIeERFZWhCTlA3cXhYZEgzWkdIUk9ObmxWUk04SVNOaGJBcjFlZWRxUCtYSkZKR3k3S0xhY1hSL29sZEI1ZjJaZ2lRdXNGdEpkcDN1VWdQdmxDS2U0eno4RnF6UTNKWHFLeUVKVWtzM0RBZVpEeEVCZ0NWQllZVUYwSnIwL3NQUUxURTVLNVRNNENTSnVYU05udkw3OCtmejdJVnVUSHVFb01FcWMrZUNObzc5Zk4zYlZyZkdpc1RLMVdpK0N2bmVoekZkfA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1041
date
Thu, 22 Jul 2021 07:08:31 GMT
content-encoding
gzip
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themoscowtimes.com%2F&domain=likevertising.com&cw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://likevertising.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://likevertising.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1445
date
Thu, 22 Jul 2021 07:08:30 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 3AB2
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.themoscowtimes.com%2F&domain=likevertising.com&cw=1
  • https://mug.criteo.com/sid?cpp=u4vMnnw5QmJtaXFXUWZVbkY5Z0JOQ1hlRDAzOG9UTHg1V2szZFI3eTgrbldTZjQyRFNTamxoNWxFd3BiZkI4clVtQ1hLNWNwNVNKazcxTEQvQkJoT2hzNVF5L2RybDZRRnJZT2MyeVFFS2hLYndid3NvNkw3c0tlcHZIMF...
342 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=u4vMnnw5QmJtaXFXUWZVbkY5Z0JOQ1hlRDAzOG9UTHg1V2szZFI3eTgrbldTZjQyRFNTamxoNWxFd3BiZkI4clVtQ1hLNWNwNVNKazcxTEQvQkJoT2hzNVF5L2RybDZRRnJZT2MyeVFFS2hLYndid3NvNkw3c0tlcHZIMFBUZWo5T0taT1c1Q3dnYlQwYm4vL1ZUaVpVQjdEemJFZ0tYQ1pMSWNQTVNWck5RQUhWYmZJZk5WWHgwMnhDTGk2WUI0V3lrbjFkRlczNm0zd1Z3czlHcXgweTRBYjIreHdKRVhwaUpUS1hLVDhsTlZLczZnb0tNb2xueUp6YkhCUkdFSEtpc0h3fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Thu, 22 Jul 2021 07:08:31 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2423
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 22 Jul 2021 07:08:30 GMT
location
https://mug.criteo.com/sid?cpp=u4vMnnw5QmJtaXFXUWZVbkY5Z0JOQ1hlRDAzOG9UTHg1V2szZFI3eTgrbldTZjQyRFNTamxoNWxFd3BiZkI4clVtQ1hLNWNwNVNKazcxTEQvQkJoT2hzNVF5L2RybDZRRnJZT2MyeVFFS2hLYndid3NvNkw3c0tlcHZIMFBUZWo5T0taT1c1Q3dnYlQwYm4vL1ZUaVpVQjdEemJFZ0tYQ1pMSWNQTVNWck5RQUhWYmZJZk5WWHgwMnhDTGk2WUI0V3lrbjFkRlczNm0zd1Z3czlHcXgweTRBYjIreHdKRVhwaUpUS1hLVDhsTlZLczZnb0tNb2xueUp6YkhCUkdFSEtpc0h3fA&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://likevertising.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1958
content-length
509
expires
0
translator
hbopenbid.pubmatic.com/ Frame 3AB2 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://likevertising.com
date
Thu, 22 Jul 2021 07:08:29 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 3AB2 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=11918689012
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://likevertising.com
date
Thu, 22 Jul 2021 07:08:31 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
prebid
ib.adnxs.com/ut/v3/ Frame 3AB2 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:31 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6c0cce6a-e388-4a76-b149-665eb8e39194
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://likevertising.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EC62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPGo0Hyqz6NhW2RlZB5_Jjo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPGo0Hyqz6NhW2RlZB5_Jjo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY3czZlQEwAQ&v=APEucNWYmmOYh2vcCAbAExMf1OPnwG9YwlEh8L9eq89h3jAve_8TiPiDggif0rOl6gFKpM1TYJsHgjQw1MBKC_UnVR0-JGYYanvv9LVa2oIHa5oVirCynB81XrjzLyXAuAwuXFxvcxmejAneAq0ueJJ0cSr6QYwHZQM7Rfx-FAwrrAqwQHn6CSs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPGo0Hyqz6NhW2RlZB5_Jjo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EC62
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2YwYTk4YTAtNDkzOS02M2E3LTZkMTctYjlhZjMxMzA3MTFm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2YwYTk4YTAtNDkzOS02M2E3LTZkMTctYjlhZjMxMzA3MTFm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY3czZlQEwAQ&v=APEucNWYmmOYh2vcCAbAExMf1OPnwG9YwlEh8L9eq89h3jAve_8TiPiDggif0rOl6gFKpM1TYJsHgjQw1MBKC_UnVR0-JGYYanvv9LVa2oIHa5oVirCynB81XrjzLyXAuAwuXFxvcxmejAneAq0ueJJ0cSr6QYwHZQM7Rfx-FAwrrAqwQHn6CSs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 22 Jul 2021 07:08:31 GMT
content-encoding
gzip
server
OXGW/16.211.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2YwYTk4YTAtNDkzOS02M2E3LTZkMTctYjlhZjMxMzA3MTFm
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame EC62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOfHnGQf8r2MjZ8eW1ZG8ug&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOfHnGQf8r2MjZ8eW1ZG8ug&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY3czZlQEwAQ&v=APEucNWYmmOYh2vcCAbAExMf1OPnwG9YwlEh8L9eq89h3jAve_8TiPiDggif0rOl6gFKpM1TYJsHgjQw1MBKC_UnVR0-JGYYanvv9LVa2oIHa5oVirCynB81XrjzLyXAuAwuXFxvcxmejAneAq0ueJJ0cSr6QYwHZQM7Rfx-FAwrrAqwQHn6CSs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 22 Jul 2021 07:08:31 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEOfHnGQf8r2MjZ8eW1ZG8ug&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame EC62 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsY3czZlQEwAQ&v=APEucNWYmmOYh2vcCAbAExMf1OPnwG9YwlEh8L9eq89h3jAve_8TiPiDggif0rOl6gFKpM1TYJsHgjQw1MBKC_UnVR0-JGYYanvv9LVa2oIHa5oVirCynB81XrjzLyXAuAwuXFxvcxmejAneAq0ueJJ0cSr6QYwHZQM7Rfx-FAwrrAqwQHn6CSs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 22 Jul 2021 07:08:31 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif
K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js
pagead2.googlesyndication.com/bg/ Frame 1DDE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 20:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
555240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13214
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 20:54:31 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6710 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Wed, 21 Jul 2021 23:32:24 GMT
expires
Thu, 21 Jul 2022 23:32:24 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
27367
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
CC_DisplayAd_Leaderboard_Leaderboard.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/images/ Frame 4668 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/images/CC_DisplayAd_Leaderboard_Leaderboard.jpg
Requested by
Host: 021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com
URL: https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
90378
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41250
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 00:22:18 GMT
server
sffe
date
Wed, 21 Jul 2021 06:02:13 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Jul 2022 06:02:13 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=u4vMnnw5QmJtaXFXUWZVbkY5Z0JOQ1hlRDAzOG9UTHg1V2szZFI3eTgrbldTZjQyRFNTamxoNWxFd3BiZkI4clVtQ1hLNWNwNVNKazcxTEQvQkJoT2hzNVF5L2RybDZRRnJZT2MyeVFFS2hLYndid3NvNkw3c0tlcHZIMFBUZWo5T0taT1c1Q3dnYlQwYm4vL1ZUaVpVQjdEemJFZ0tYQ1pMSWNQTVNWck5RQUhWYmZJZk5WWHgwMnhDTGk2WUI0V3lrbjFkRlczNm0zd1Z3czlHcXgweTRBYjIreHdKRVhwaUpUS1hLVDhsTlZLczZnb0tNb2xueUp6YkhCUkdFSEtpc0h3fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
985
date
Thu, 22 Jul 2021 07:08:31 GMT
content-encoding
gzip
vary
Accept-Encoding
studio-style.css
s0.2mdn.net/4470817/1623242751524/ Frame 0E9E 		2 KB
471 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4470817/1623242751524/studio-style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4470817/1623242751524/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 22:54:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
447
x-xss-protection
0
last-modified
Wed, 09 Jun 2021 12:45:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 22 Jul 2021 22:54:39 GMT
style.css
s0.2mdn.net/4470817/1623242751524/ Frame 0E9E 		564 B
345 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4470817/1623242751524/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4470817/1623242751524/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 22:54:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
321
x-xss-protection
0
last-modified
Wed, 09 Jun 2021 12:45:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 22 Jul 2021 22:54:39 GMT
lemonpi.js
creative-libraries.lemonpi.io/v1/ Frame 0E9E 		98 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://creative-libraries.lemonpi.io/v1/lemonpi.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:6c00:5:98ca:e7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KYc33U6lgBqHpBwue0.NtD5dhizvVx.l
via
1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
last-modified
Thu, 06 May 2021 08:34:09 GMT
server
AmazonS3
age
304
etag
"8122486c4f3bb9190f8b999d3567b81f"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 22 Jul 2021 07:06:08 GMT
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-length
100719
x-amz-cf-id
dxqHdtEbZRLrz3h30XosceQvnTwj0QZO3FhBfoDrDqaZJKyPX85Cug==
TweenMax.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/2.1.2/ Frame 0E9E 		113 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/2.1.2/TweenMax.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
35271
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
34771
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-1c4b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BUv7nngURHNR2IL7d3qT%2BGoPg9yUIS1mc6asQV510m6qGykQJ9xqicdn2ijCSmEsut%2FoV7C%2B1XoNT5f0zw9K2FZj%2BJziWvO3c4qQejgYZ0ePqSNnLkXH2VRdeOVDX%2BpOtClDBuk4naLTx6sbUr7afzm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
672ad6967d9b4a68-FRA
expires
Tue, 12 Jul 2022 07:08:31 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ Frame 0E9E 		86 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2961762
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
27748
cf-request-id
0abe1b8a5f00002b35110d4000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jij431rNQ%2BHhFA8XU5%2BYYDsFuzQDtAAMu%2Bfej4YWQHEpvKVjBmBARDtFZyr5NH3KCyPGJloR%2BxpAss%2BFxAfQhHbSnIf%2BzqmVSao%2BpAyW5P%2Fl7v6DoCcqn8tRH0rEv7fSCQarhhe7PPCwJEaN1Rze%2FBGY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
672ad6967d9d4a68-FRA
expires
Tue, 12 Jul 2022 07:08:31 GMT
script.js
s0.2mdn.net/4470817/1623242751524/ Frame 0E9E 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4470817/1623242751524/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4470817/1623242751524/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 22:54:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7812
x-xss-protection
0
last-modified
Wed, 09 Jun 2021 12:45:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 22 Jul 2021 22:54:39 GMT
os3968sx7dh6
hal9000.redintelligence.net/zone/ Frame C3C6 		0
0
K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js
pagead2.googlesyndication.com/bg/ Frame 7ED8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 20:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
555240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13214
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 20:54:31 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 31B4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com
URL: https://021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlGMlCiuI-o8YmKQtvposZe_2fzxWxMikrLzwnwt-zYnseS7vcUTktb67Ric-o
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 22 Jul 2021 07:08:31 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 22-Jul-2021 08:08:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 22 Jul 2021 07:08:31 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 22 Jul 2021 07:08:31 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame 4945
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOroudG8awVUBnAywSqXMjI&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOroudG8awVUBnAywSqXMjI&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NEtoN05DQWUxTTZzT1M1&google_gid=CAESEOroudG8awVUBnAywSqXMjI&google_cver=1&google_push=AYg5qPKmAPkgtbv_Bl7R23DBvPQ8vDq37uooz-_V7rWKyT9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NEtoN05DQWUxTTZzT1M1&google_gid=CAESEOroudG8awVUBnAywSqXMjI&google_cver=1&google_push=AYg5qPKmAPkgtbv_Bl7R23DBvPQ8vDq37uooz-_V7rWKyT92j_Sto2sAANAf237twJzuQEh4TWj5dD5Tvl_sQD6G8n4ucOF0WCjY
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:34 GMT
Server
PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-0b5388877fe362141@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=604800; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=NEtoN05DQWUxTTZzT1M1&google_gid=CAESEOroudG8awVUBnAywSqXMjI&google_cver=1&google_push=AYg5qPKmAPkgtbv_Bl7R23DBvPQ8vDq37uooz-_V7rWKyT92j_Sto2sAANAf237twJzuQEh4TWj5dD5Tvl_sQD6G8n4ucOF0WCjY
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4945
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKTxkLLyA3D61v9oPQyYtEM&google_cver=1&google_push=AYg5qPKjljGWrZotphSwdhPV6Wf3fS0T7ZlFXX--vT0D2p1K8YmEVsLOHXbpZI5TB0O2R5br3UF4m8nKG4R0OrD8...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKjljGWrZotphSwdhPV6Wf3fS0T7ZlFXX--vT0D2p1K8YmEVsLOHXbpZI5TB0O2R5br3UF4m8nKG4R0OrD8XVzQg586Q0SD
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKjljGWrZotphSwdhPV6Wf3fS0T7ZlFXX--vT0D2p1K8YmEVsLOHXbpZI5TB0O2R5br3UF4m8nKG4R0OrD8XVzQg586Q0SD
Requested by
Host: f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
URL: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 22 Jul 2021 07:08:31 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x4
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKjljGWrZotphSwdhPV6Wf3fS0T7ZlFXX--vT0D2p1K8YmEVsLOHXbpZI5TB0O2R5br3UF4m8nKG4R0OrD8XVzQg586Q0SD
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Jul 2021 07:08:30 GMT
pixel
cm.g.doubleclick.net/ Frame 4945
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENaCyrJpTQ_DFU7Od7aLN2E&google_push=AYg5qPK86pQC4dpc6J1ErBm7HXb8ErgJhRZhxEaWg5yvKogLsQSU-NDGNd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENaCyrJpTQ_DFU7Od7aLN2E&google_push=AYg5qPK86pQC4dpc6J1ErBm7HXb8ErgJhRZhxEaWg5yvKogLsQSU-NDGNdMawLi99BouzMNUUi7ffKJVKYwo8fE9FQLj_NoZUYtS
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1626937712.149360,VS0,VE92
x-served-by
cache-fra19123-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENaCyrJpTQ_DFU7Od7aLN2E&google_push=AYg5qPK86pQC4dpc6J1ErBm7HXb8ErgJhRZhxEaWg5yvKogLsQSU-NDGNdMawLi99BouzMNUUi7ffKJVKYwo8fE9FQLj_NoZUYtS
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 4945
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEH6IjVsPKiI64bR3hWqqTcs&google_cver=1&google_push=AYg5qPKg4BWUUWE2FD7bFvJIV1dghMU6MHj5hfx4brmwsyM1JJ-AyIX2D-gRQz7qKja5jMGeYJgM-J8...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=8&google_gid=CAESEH6IjVsPKiI64bR3hWqqTcs&google_cver=1&google_push=AYg5qPKg4BWUUWE2FD7bFvJIV1dghMU6MHj5hfx4brmwsyM1JJ-AyIX2D-gRQz7qKja5j...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=KadYnQLSRuKxf5YmkAp8zWD5GXE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=KadYnQLSRuKxf5YmkAp8zWD5GXE
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=KadYnQLSRuKxf5YmkAp8zWD5GXE
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 4945
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFl09iTxGI637ihWgGZWMMQ&google_cver=1&google_push=AYg5qPI75kCNGqHZ-0MypgrtTS0cNau56fe4xtKKqGWmOP4kAYeeFo4n8LTNoU4o9l0QjSHQKvuRFtUfksFPmg...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NzY0NDI2NTY3ODMwNTQyMw%3D%3D&google_push=AYg5qPI75kCNGqHZ-0MypgrtTS0cNau56fe4xtKKqGWmOP4kAYeeFo4n8LTNoU4o9l0QjSHQKvuRFtUfksFPmgUzMt...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NzY0NDI2NTY3ODMwNTQyMw%3D%3D&google_push=AYg5qPI75kCNGqHZ-0MypgrtTS0cNau56fe4xtKKqGWmOP4kAYeeFo4n8LTNoU4o9l0QjSHQKvuRFtUfksFPmgUzMt-vmnL5be65
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=Njk4NzY0NDI2NTY3ODMwNTQyMw%3D%3D&google_push=AYg5qPI75kCNGqHZ-0MypgrtTS0cNau56fe4xtKKqGWmOP4kAYeeFo4n8LTNoU4o9l0QjSHQKvuRFtUfksFPmgUzMt-vmnL5be65
Date
Thu, 22 Jul 2021 07:08:32 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 4945
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEIYt2K3XwdxxfvBF4vW-c54&google_cver=1&google_push=AYg5qPJof14lVBlCFIzTYc3J4-8ddrh9kjB5OaFTXO_pRuv-1H9ziury2bIgSAHsWGYOp8Dxu_KNvWm05eiwUPXcNSMn...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEIYt2K3XwdxxfvBF4vW-c54&google_cver=1&google_push=AYg5qPJof14lVBlCFIzTYc3J4-8ddrh9kjB5OaFTXO_pRuv-1H9ziury2bIgSAHsWGYOp8Dxu_KNvWm05eiwUP...
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=f435ba45-2d6f-4e1d-aa81-d80af7752577
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=f435ba45-2d6f-4e1d-aa81-d80af7752577
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=8406805f-176e-4342-a99e-e0b8938e08ab&ssp=google&expires=30&user_group=5&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJof14lVBlCFIzTYc3J4-8ddrh9kjB5OaFTXO_pRuv-1H9ziury2bIgSAHsWGYOp8Dxu_KNvWm05eiwUPXcNSMnuqsKS1DN&google_hm=9DW6RS1vTh2qgdgK93Uldw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJof14lVBlCFIzTYc3J4-8ddrh9kjB5OaFTXO_pRuv-1H9ziury2bIgSAHsWGYOp8Dxu_KNvWm05eiwUPXcNSMnuqsKS1DN&google_hm=9DW6RS1vTh2qgdgK93Uldw==
Requested by
Host: f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
URL: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPJof14lVBlCFIzTYc3J4-8ddrh9kjB5OaFTXO_pRuv-1H9ziury2bIgSAHsWGYOp8Dxu_KNvWm05eiwUPXcNSMnuqsKS1DN&google_hm=9DW6RS1vTh2qgdgK93Uldw==
date
Thu, 22 Jul 2021 07:08:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4945
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKeQzKqtGGfUwXDt8Fsi5dQ&google_cver=1&google_push=AYg5qPIDY01nj9TZtfljJK-wXFZTrMB_bKnAcrtsBRDJYiHVIAe-2WtfT2VgADXZaVSohcxGPJQ_jM...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIDY01nj9TZtfljJK-wXFZTrMB_bKnAcrtsBRDJYiHVIAe-2WtfT2VgADXZaVSohcxGPJQ_jMbFWtJCrIClS6S8CXNJSaOH&google_hm=MjYyOTUxND...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIDY01nj9TZtfljJK-wXFZTrMB_bKnAcrtsBRDJYiHVIAe-2WtfT2VgADXZaVSohcxGPJQ_jMbFWtJCrIClS6S8CXNJSaOH&google_hm=MjYyOTUxNDQ2MzU2NDA0OTYyOQ%3D%3D
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPIDY01nj9TZtfljJK-wXFZTrMB_bKnAcrtsBRDJYiHVIAe-2WtfT2VgADXZaVSohcxGPJQ_jMbFWtJCrIClS6S8CXNJSaOH&google_hm=MjYyOTUxNDQ2MzU2NDA0OTYyOQ%3D%3D
date
Thu, 22 Jul 2021 07:08:33 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 4945 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLLvdYCAynVwLrWKt_vCdoznNB5K4hLYDW8QHfneMJxqlvrXCEGKAL6txWPxWw9_mWtgLT
Requested by
Host: f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
URL: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js
pagead2.googlesyndication.com/bg/ Frame 31CE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 20:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
555240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13214
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 20:54:31 GMT
CC_Display_VoiceVideo_728x90_atlas_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/images/ Frame 4668 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1774599441615069123/images/CC_Display_VoiceVideo_728x90_atlas_1.png
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
349604
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39796
x-xss-protection
0
last-modified
Wed, 24 Feb 2021 00:22:18 GMT
server
sffe
date
Sun, 18 Jul 2021 06:01:47 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Jul 2022 06:01:47 GMT
K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js
pagead2.googlesyndication.com/bg/ Frame 8B23 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 20:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
555240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13214
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 20:54:31 GMT
request-cookies
content.lemonpi.io/a/119/ Frame 0E9E 		90 B
479 B 		Script
General
Check archive.org
Download Go to
Full URL
https://content.lemonpi.io/a/119/request-cookies?callback=_lemonpiCookiesLoaded
Requested by
Host: creative-libraries.lemonpi.io
URL: https://creative-libraries.lemonpi.io/v1/lemonpi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.165.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.15.8.1 /
Resource Hash

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:31 GMT
Server
openresty/1.15.8.1
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
90
18.png
s0.2mdn.net/4470817/1623242751524/ Frame 0E9E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4470817/1623242751524/18.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4470817/1623242751524/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 22:54:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 12:45:52 GMT
server
sffe
age
29632
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1681
x-xss-protection
0
expires
Thu, 22 Jul 2021 22:54:39 GMT
33.png
s0.2mdn.net/4470817/1623242751524/ Frame 0E9E 		126 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4470817/1623242751524/33.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4470817/1623242751524/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 12:45:52 GMT
server
sffe
age
0
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126
x-xss-protection
0
expires
Fri, 23 Jul 2021 07:08:31 GMT
9.png
s0.2mdn.net/4470817/1623242751524/ Frame 0E9E 		133 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4470817/1623242751524/9.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/4470817/1623242751524/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 22:54:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 12:45:52 GMT
server
sffe
age
29632
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
expires
Thu, 22 Jul 2021 22:54:39 GMT
K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js
pagead2.googlesyndication.com/bg/ Frame 6710 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/K69jH8UFrOCkOTHHl3NJFfCa68pF8Bp7Mwjsnyploxc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 15 Jul 2021 20:54:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
555240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13214
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Jul 2022 20:54:31 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A2EC 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvHCUKt5ehVJNgXCH5XPs8w2jyZH2ra4QhcKqzLydus2cIR93dhlx_vnE18jSLHZI-7-4aXFqpUsolsp6LuRkjCieHhLXZ3JXSStv4p0wdbzymd0BRf8gZMNdTFLmtH_1gOlwDlMC6zHOhXWsDEUvIGOltTRzCiiQ&sai=AMfl-YSNps-ZBXTgcQvfiHDjW_LfSMFr5Nog4B5gU2dpOakDUrlt9GAmiP--qyLm7IzMc3eVkJYx1G_ekfNanhDkKSO_aETDrIDXTfA&sig=Cg0ArKJSzF4O7PI6GloEEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1100&vt=11&dtpt=772&dett=3&cstd=316&cisv=r20210720.18133&adurl=
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Thu, 22 Jul 2021 07:08:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
passback.js
cdn.adtrue.com/rtb/ Frame A677 		753 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
age
10490493
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
672ad69a6fd45363-FRA
expires
Thu, 17 Mar 2022 21:06:57 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 0595 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 10:59:58 GMT
server
nginx
etag
W/"60ec20ae-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Jul 2021 07:08:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4CCB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071401&jk=2033173021682209&bg=!rq2lrenNAAbnC78O5ws7ACkAdvg8WotPsAi8qWj-WnUzsX4TZxWaoVR6ssGlWDO9Az_QhUSELGAl_gIAAAHVUgAAAEFoAQcKAHYmYWi5tR_zCxS5z1h-A4h48BfY-up5GM7BMPY25EJDB8v6gTifWLsDtMMxZO9t6buAtHsLGc9hlLGtH0Ihm2TadvxxKb04dJuDwUrBuvdw1OjvT7C7qfHPKDyig0NQFQ94-G5EL3l5Epcx-2SRQOCTKvmtUNe0mQK8-e0rKA_5eZtt9ZNRs66HegSTc0Jd5K7n0JR8fO3Xkaq8slysFCvlReHMg7OccD3KWpcQOvEvw6bNdgKqfJt1ZdEhU-C-Vi9DQiThNgVvb22ej7xRO6wBCVgBEZ69eDeC1J6VSQAlf01t9enbeu1m0lM3P9HCaeK8LVss3APw5_H6alvFARGOf2o_6v-GMv7-hcBcA7tTp6hsnDzLojTpmJYtfZatqc7x0193ocfWOvSZ6EE5z3t50MbNFQcMyXXV5uc0t2ROi0DIB_iQryHNyl1zraLbNhlr3_FGlYyCkaYI32I-a9YV3-dbegSmqUnYzPbta2NUCRRRN7-WUAkyupphJX8xIki4XAh0QIU92oIr-A6OXHEs4t_ATwRNZcKIyScyzRHB-QcL64FgsB-r6VguGkjyh0VunsKbqe8KLLzMYUuzXjiueFCiwRjO4d2wNct9hSWUjqekUqsCb-87cEqaATLytPw2hgcbitQw8sAjEhtpn17OTWJWgpOPx0BGJiSZGFVWXhvTWlGaFqsfiW3NAwbfzhZPAmRRZHCraOR-H9Nlt-2wRkYNYPaTM6-D3lkIGhIRN9MIJy_zP9FMupXEutJHM8W0FqUTc8MaGKzeUQErY7pMLgQApmiio0wvepFdHoqE5i8YWAMizwdiTtZ9ks4VYst4Izoan-sUGeSvZYzQC_Zb87Dcu3tcTpUxdi-Izm-sanKjBCmAgCUPvVFVulyXJVTxrrBNWyHnPWZimYIGgYP-y0qrBaWQ4-ue7arrGQANWqiXDMK9XcYLfnW8MFxj4tTQTgbylg0hqY5_NiRRiJB5axrbnKpF-XM2jE7L5iOzhUbqAszTAU6MxoEAj7pRXm7MdVb3vAgM01aGEMqOJp6X962vkd5EihJ0C5Hd0dOb_V146LRHap99vPVmry6Po_F9T1NwrQ
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
log.lemonpi.io/ Frame 0E9E 		2 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.lemonpi.io/log
Requested by
Host: creative-libraries.lemonpi.io
URL: https://creative-libraries.lemonpi.io/v1/lemonpi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.165.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.15.8.1 /
Resource Hash

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 22 Jul 2021 07:08:32 GMT
Server
openresty/1.15.8.1
Access-Control-Allow-Methods
POST,GET,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
2
10207-35811
content.lemonpi.io/a/119/c/7879/content/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://content.lemonpi.io/a/119/c/7879/content/10207-35811?impression-id=36f1fe06-3a17-4be9-b9f0-1df42706ae02
Protocol
HTTP/1.1
Server
34.240.165.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.15.8.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://s0.2mdn.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, POST
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Content-Length
0
Date
Thu, 22 Jul 2021 07:08:39 GMT
Server
openresty/1.15.8.1
Connection
keep-alive
10207-35811
content.lemonpi.io/a/119/c/7879/content/ Frame 0E9E 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.lemonpi.io/a/119/c/7879/content/10207-35811?impression-id=36f1fe06-3a17-4be9-b9f0-1df42706ae02
Requested by
Host: creative-libraries.lemonpi.io
URL: https://creative-libraries.lemonpi.io/v1/lemonpi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.165.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.15.8.1 /
Resource Hash

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Date
Thu, 22 Jul 2021 07:08:39 GMT
Content-Encoding
gzip
Server
openresty/1.15.8.1
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
543
passback
exchange.adtrue.com/tag/ Frame A677 		251 B
442 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=17496&divid=2049510330&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
server
nginx
content-length
251
content-type
application/javascript
impl.20210720-25-RELEASE.js
cdn.taboola.com/libtrc/ Frame 68B9 		530 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes300x250gr-r18604356/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RYrRL9DkhJ9yK7.ugA8T7yMB93xjMbwo
content-encoding
br
etag
"3e4890d667ef0557c79ff79ded14943e"
age
23485
x-cache
HIT
content-length
120530
x-amz-id-2
7f3wwyOBYCVI1pEwt+/Dhk/19sCARmyYfNw9KwLOdIkR4cpkSsitFo/9QL6NpziHl7kYDeDmmRM=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 21 Jul 2021 08:30:30 GMT
server
AmazonS3-br
x-timer
S1626937712.833907,VS0,VE0
date
Thu, 22 Jul 2021 07:08:31 GMT
vary
Accept-Encoding
x-amz-request-id
XP1WVY627H6VX0BS
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
73
x-cache-hits
38436
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85C9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071301&jk=1736153969817316&bg=!zM-lz4vNAAbnC78O5ws7ACkAdvg8Ws_A5VnjS6iYp6W94v9vGr81bCPIi5J65-g66US83Dt_nm2J4wIAAAFzUgAAAEBoAQeZAr-pJMeu2bvGxHOKX-WqOiQmfY60yP61qnFBDBM6UugVMuDvxKRUdv_F4kb0aC3TyW9c_gDBUchqzU-LjLnTRD-LXwX-MdExrHLZQj3853ptL4nJIWlLLRY5aM6D-UgxalpJkvr55NogcnDWjWbICLCrrmkdSXe-o87AM7wXwyeokeYOAahvBY7g8kaQs9ZpukLXH0hkTYxVVJ1KcEGOcp-yZA53j6k9IdO5SKMpfBgw29Z9x9Cs5ewyjwtSy-7qOFwkHAheB5m5DGr-WvopBQapNIGu2P4q62PQMmiOCiXJQAAgeLXVEVNUq45kngW3rV4Q_2tM3_WvMIPK_SwH7czA53RUN6qchq-usphuZkHpSu3dmf-7kx8llDqSs1SNti-trQiSAkT2Spc0vfkSI1wL1qyYQ8S_i5BLSZfdveOpeqP9Hdtjqd0G0BxYIQvvp-7syraQqYvZHAMYejuQ8H275djdbXkBio-NmpFSiCNxAb98VgC9H40cuZ00gQIbn3OdLR5--nZTQUU3CdwpdRIqGWvKvhEkxLzQHYhnQE3-Xkzc5zJJ1gngeTKhOT22CABuZif_wl5iHFJnSWkmx3or9fi43pJMDtHQVkWS4GywlOg6BH3D44ZuUKzuHubg33AH5zXOr1gEjcS512NEBl9d4P_mvKg0YcN1aDMXJBPVtd5QlSXgb-MH35ulbUH845kdkR1XAffY9ptKoyzBPd4FuMjLcI6gLKgLm_a60bV_uUxub5T8xQvintcgP_ME6a1Oze7EV1SZ4CQYuoOnUP2wYsC-NCC8cH2_3rqeSOe5SyrfzpjynmGTS8BhjeCOA1n3jSQTzL4LfcPtIdZQqYHjho8iOwGjCabfT_J7NkHb98BQigU8vOvOWx7GxQna-N84RzdDUoaleBC7J3gAXIB3GplfG2SO8Tj163Y9TSku
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ED8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQnqnbhn5YMiJGamMjuwPoqW9gAUAAAAAOAHgBAI&bg=!PT6lPnrNAAbnC78O5ws7ACkAdvg8WtwNHxFM439vc2hRuJhI98jG7NKyaKpgH1B6N_Aw55bGOoW-agIAAAIVUgAAADdoAQeZAw2q1Q5CfeFyCQawC-xlMwYL7JvZQfstX5ezH7fazYtAUGZDaxBY0ver4yPIb5-7mR33w-BkGJwkuURH53Y7d9CWezJ3JiAleOTOCPFNS2XV6GjU1bgq_QCyT-IzHGNbKpW7OU4rXjEXctDaRN-x32BBIbNN5yhuD4iN7St6_YOHZ4V6WdDLfGLz_q8K5aKZigHd_1f6KzQblIL3T4nnepI4kAXn8xDe33ixIJp2yXYQd3tK_lpJBSBNNdGTXizmRo_Dn0tD2X3v8JifKot2SpLCRkuC1Ht_rbPn7trBMMNfDjlG2gtcpCvAdS2X43c8Nlb_avR7IV0Ybsbl3CaavBYIdZP85DIIgcXXfw7lmjhSkvIchI_VBLlQyN55U---e0f9p_oMqHXay__of7TDjuEHORe7L2aRzaKlNbPN-LN3qqXzYdwJR-kITAN9oylFaEN1qBjdd8hyWBNebkhxsRmIfCiPwuwtoATpnHjzu5oCcTyjIoHXSHAibCaQwCiFRX2wSq9r0xZkbisMmvnDA_CH76DJmRPPTfalxpz9lT9mau3gaczQ8ndtvzJMW-54Jic95iSum9LKqY7wNKmaUEXS6gEHlJmqkfhZlnebL6Aa9phqMzslqDZKPxHoG0okP8HNblv0TC48AQw87iPNdV17kzQpBCK55xoDjYbzjV0Zd3XCmH-nGZvNCdU9kqYRxk4vgWS5MG-luy2m8zbPq95vGHtnrsAatBoXiaJSCb1RK5bVSSVnUm7hjZvPP3F4zGltoVdB18AuNIHfX5jxlEu-VnL_VYiKRJP_jGwosth2t3qMsxA86OyTlsd7fa8QXLqd1KbYHLwFudVoOItUZ7DXnbbC8hcZPovPxWU4-o43YNcX7bmy5raTp0ql96tQUB22k8e8sgTV8GAOUq_5r2vApeL-iePAJN_LMgoUY7vNnxwwk8yTLu75PUjlpCX57d5xLzhJwSPbE5UjpjDN023fEymo_2krIHW1w2Y3R2WwZez7aph5fBT_zeIl8i6Aq_NEf4TkK-bZs1qzpper
Requested by
Host: f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
URL: https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
passback.js
cdn.adtrue.com/rtb/ Frame 2017 		753 B
485 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adtrue.com/rtb/passback.js
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 28 Oct 2020 03:26:52 GMT
server
cloudflare
age
10490493
etag
W/"5f98e4fc-2f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31104000
cf-ray
672ad69b097e5363-FRA
expires
Thu, 17 Mar 2022 21:06:57 GMT
syncframe
gum.criteo.com/ Frame 4E7E 		291 B
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.themoscowtimes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.themoscowtimes.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://likevertising.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1582
set-cookie
uid=da6a4ec8-ed37-4208-a77f-2a073d5df9e7; expires=Fri, 22 Jul 2022 07:08:31 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Thu, 22 Jul 2021 07:08:31 GMT
content-length
321
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 0595 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 10:59:58 GMT
server
nginx
etag
W/"60ec20ae-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Jul 2021 07:08:31 GMT
impl.20210720-25-RELEASE.js
cdn.taboola.com/libtrc/ Frame 28EB 		530 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RYrRL9DkhJ9yK7.ugA8T7yMB93xjMbwo
content-encoding
br
etag
"3e4890d667ef0557c79ff79ded14943e"
age
23485
x-cache
HIT
content-length
120530
x-amz-id-2
7f3wwyOBYCVI1pEwt+/Dhk/19sCARmyYfNw9KwLOdIkR4cpkSsitFo/9QL6NpziHl7kYDeDmmRM=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 21 Jul 2021 08:30:30 GMT
server
AmazonS3-br
x-timer
S1626937712.884868,VS0,VE0
date
Thu, 22 Jul 2021 07:08:31 GMT
vary
Accept-Encoding
x-amz-request-id
XP1WVY627H6VX0BS
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
73
x-cache-hits
38437
impl.20210720-25-RELEASE.js
cdn.taboola.com/libtrc/ Frame 7CE1 		530 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
RYrRL9DkhJ9yK7.ugA8T7yMB93xjMbwo
content-encoding
br
etag
"3e4890d667ef0557c79ff79ded14943e"
age
23485
x-cache
HIT
content-length
120530
x-amz-id-2
7f3wwyOBYCVI1pEwt+/Dhk/19sCARmyYfNw9KwLOdIkR4cpkSsitFo/9QL6NpziHl7kYDeDmmRM=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 21 Jul 2021 08:30:30 GMT
server
AmazonS3-br
x-timer
S1626937712.904236,VS0,VE0
date
Thu, 22 Jul 2021 07:08:31 GMT
vary
Accept-Encoding
x-amz-request-id
XP1WVY627H6VX0BS
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
73
x-cache-hits
38438
passback
exchange.adtrue.com/tag/ Frame 2017 		300 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://exchange.adtrue.com/tag/passback?adtrue_pzoneid=17495&divid=575888186&ref=undefined
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/rtb/passback.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.145.6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-145-6.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
server
nginx
content-length
300
content-type
application/javascript
gen_204
pagead2.googlesyndication.com/pagead/ Frame 50DD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071401&jk=75747363110516&bg=!SUqlSg7NAAbnC78O5ws7ACkAdvg8WtcrGicMlsXehc0Zgc-KZnHT0E4zJLCrgYy48Q8myUNUBfWuHAIAAAHtUgAAAEVoAQeZAsV-5-FED0Z5o-xy48pPNQpArZF0RUXpYjJYv-GvfCt-VE3MTg5iQhWPI71OMypUcpZmQ3QZP28BB_SKw6_Q2TXlh116Q13t_o8x9U1Dq4OOu9xsYYQpwcI1e_MsGTpm_ExqtPfAFnyDyk0QeNPwz5s6Gz7fi_BYMlifIsE1o2PZD6qnPE85TGZelk3XS70-gNKJ2YmCmSQB6br-HEahyv8q51-NgEoLQMO7WsARiiB2mBUfb3pJqlCpwldCmGb5iTKHnr5YSoI9kYNWv7JbiG4NuQusqvoB0HgqEoQtYs1UMZvHj1yNaIfZ5erfcQnPwAnZl76wmVleHYCDDfi-EDiXwmdY4ubuxZEk2H2PuwmWgnq_bvuLctdudj0u-g6tID4Jz7ePm4wzW-QruJx3BD2WAu2hbJ1svUWdJqL1B6QkzXo3ONL9X7fd7xPQLyG84GakJ09ZfjpyjpzSmphbtqW-0YP7yRfcjELGSsLBhb1wll5_DZBPTWtcTg7j86f2F-UuHhAkyK9EBXeL6nzTK2Qvs9DvFBhF_tcyUKNi6zMphk33Ky78cz06vwnaP-NwrI3HbjY5HhHw3rY26b-rZEj1E59dStFNy9ZQr9vUeIxswtJ22OnAAmdbs3F1qrOixgBgDHH9VqL8HIYGcYrDthdMGg-WaxnHTDKJfcaNVZoEIUwd4GqC7LJKHOdhtRnXtOFB77rccsCJqoaC8-RGSilupUy9aERYTvb4E0V0T9br9lKUvvOi6GOmWMfteA_5tamdCvwDKfp2QHArmfdjARmOjvKWaVi4oo3R9pL1e8_4hRRKEz_vAkPrAIOaUrXSr4fhH8vRAkUyhUgoGNnRmE2vmHBCeNQqj8WbyE6ZVGMqtiEmEqs3SdPwZOp5Dv5iUKSpLkV6phjUJtkVD6A1EPw8E6KjupaTGkR5C7fMiPwdg4AgS1-g
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/themoscowtimes300x250gr-r18604356/trc/3/ Frame 68B9 		7 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes300x250gr-r18604356/trc/3/json?tim=09%3A08%3A31.909&lti=deflated&data=%7B%22id%22%3A919%2C%22ii%22%3A%22%2Fstats%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1626856967278%2C%22vi%22%3A1626937711907%2C%22cv%22%3A%2220210720-25-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flikevertising.com%2Fstats%3Fi%3Dozq8lklz3e1znpqig3c%26a%3D87a35e76bc314113496756222bdcb5fa3%26cb%3D0371801626937709525%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Fi%3Dozq8lklz3e1znpqig3c%26a%3D87a35e76bc314113496756222bdcb5fa3%26cb%3D0371801626937709525%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2218604356%22%2C%22orig_uip%22%3A%2218604356%22%2C%22cd%22%3A0%2C%22mw%22%3A300%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
85
date
Thu, 22 Jul 2021 07:08:32 GMT
content-encoding
gzip
server
nginx
x-timer
S1626937712.923348,VS0,VE85
x-served-by
cache-fra19136-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6710 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bob93bhn5YO6bKruyx_AP7fqoyAUAAAAAOAHgBAI&bg=!WFulWx_NAAbnC78O5ws7ACkAdvg8Wqw4bKWFKkpQLc54G_dHjgkCZBAO1zd0TRVJkW870ztpWmmYbAIAAAGqUgAAACNoAQcKADzRKcQ_5f4vUZ-XBjKTSpe62yDXqbJ-qyDdN040x7HxTmeYwJ9Iven-a0_mj4oe7sWcEjL2jrVTrRpTdp2ZAwID-8YSVNwqUJfLXDaQ_GZJhccF6SGuWJvpctiN4h9O_1U41TLFjNkKUI34T9eIaycJpJ2YjOnbfvsLdHSDJEySg9ZagPhbtAS2Jvhn-bpFJUKhge1BkWnlB_p7eURfzrWmrqhr3MtJtljw4q-gdkCT22XCu2aPQptgPg80O17pTvv8_PROhlzqOiqKi6BL-e51SG2NBt68g7kEaTIkrW0t9uJRC_BMO8gxWVLdevCQsc5whLnhXMcRhAMlmjBtipFIH9QPxhPwEHLeGHFt1-xSl5kubPNgOH9wQXf8WfsiiKJR8lQHe41hHdeCYtewFaPSTkS8nhWEKLgoEE4xRSol7dE4k3PJdgcr6uOTlvsni6B8FDMbJjgGQk_iO1hSBtS8m_WJdPzW9tQwFJFxw92GcPk3jQvLC0n8t-5C6AqhbyS4ez0wUuSrmMuowIqSSwNoRRwK9BxIC6tMvdZe72CwRvDZvK-ENM9YH0CXikoMfnp28WDWVq3awka0xzhZhaKu5-UfemvLtBba7cLfVD9EfWy8ihc8gWTPAgqc8_BELdMRfFK2x5US0vTmmysUC1OWJHG2DHOr5RPGI86rIi9JjKYQ0HZK9ymHU4PB9kCNkft9UiHnrFxnG85WlasthZSWWN2-iB5QjZRT1bunD4aey3_ckHJG-P6lysrOFKSB6A62t7Pufp1COVmDSPBjNxj_fv39vCjJzz9ZBmGifB1Vlf9A2WtLzV4929IYA35TVWMzckagnykfCwesKNL_TY9tam2GVJkAVsV7LpHBIDycjKsjOdWqpAnHT9TGO8kDLUNMkPWJEyAVfPK7WojqqXCFohV5nX81fSPgauFOjIrN2KMtCc6NTxkJeuw2k946a6xG_4GjkJYqxkaf9AmyMk3TZb_NohLzw7D9WA6vt8kc7IEHLee3rCsp2rQD4QENEnxVLBe-Y5evKXlsOy-KoxsBFqEIrLrbLET6jfXap-zyOhJmt8en8XbdJ_VE_r0Gj3uc1NywapMdmCAsOjaeX3t_hQ
Requested by
Host: 89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
URL: https://89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
world-health-day.gif
cdn-adtrue.com/statics/images/psa/ Frame A677 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-adtrue.com/statics/images/psa/world-health-day.gif
Requested by
Host: likevertising.com
URL: https://likevertising.com/syncro?i=b2q9ssvr0rctu7elxrne&a=42995271e73e9db492ff35b40498d85b5&cb=0553241626937709562
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:ead7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
8996696
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
26616
last-modified
Thu, 25 Jun 2020 02:50:22 GMT
server
cloudflare
etag
"5ef410ee-67f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6T1SIfCRXQqF9lARvenZnn3NKLSKA2SRddW6zX7J4pfqpMmgPczK%2FE8i09Y5fKLE4Wg0EIIcNTysPPBcXazr6oCHF0EJO%2B19W%2F3F7Lc%2B05GFw8pq6exqsmPwzUY85xt%2Fi%2BWqGtTEZQJzqBLXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
672ad69bf94b0746-FRA
expires
Mon, 04 Apr 2022 04:03:35 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A2EC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzvqqCXdKUX180H6TuWeE_m7urFQG3JNbNajV1rolV55elfI33_NEraPoS5atSipxd5F-kQYV1x0qTXbGlxm_hEvdxkdsGDkzplT1YASaj8VjK9yAfaQhmOXamXA&sai=AMfl-YSYRA4VUPa9Vg-TwrlT8Fze3Ct_5bBosfzgOItHlzJ71oMZYm3F_a2L4M2bKCWudvwdL7baZdje6uRhs1G8jPoa40zDkK0znlUMHMeAampuu3Yi_f83m97HSgk&sig=Cg0ArKJSzEzj2ZbtCmAhEAE&cid=CAASEuRov_GxNnfDTu9ZuTcRp7y3Bg&id=lidar2&mcvt=1001&p=0,0,250,300&asp=484,1140,734,1440&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210719&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2351213819&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626937710271&dlt=47&rpt=702&isd=0&lsd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame 68B9 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding
gzip
etag
"7a6ef5412d45e94af6813e18c060355d"
age
3938
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5990
x-amz-id-2
5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by
cache-fra19136-FRA
last-modified
Tue, 06 Jul 2021 14:02:32 GMT
server
AmazonS3
x-timer
S1626937712.045052,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
KQE2YD0951MP799B
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
73
x-cache-hits
17852
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 68B9 		2 KB
1009 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
24800
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by
cache-fra19136-FRA
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1626937712.045207,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
H26RXF80K5Y33KYT
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
73
x-cache-hits
123441
tfa-eid.20210720-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 68B9 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210720-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes300x250gr-r18604356/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Cn103B3.unhD.2oV1yUS0QilSow4IM1Z
content-encoding
gzip
etag
"ba5524dbc7c81ca08342e51952461a50"
age
6
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5063
x-amz-id-2
M5DR9IdHrmwdJSiPIPsZVeZE5DghASl0oIwjHbqMcTGuPGpdpAptn3CO/TiLN6snBJc3IEZ0NNk=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 21 Jul 2021 08:39:09 GMT
server
AmazonS3
x-timer
S1626937712.048109,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
1YX0ZX699YYMMR4Q
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
73
x-cache-hits
25
sha256.20210720-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 68B9 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210720-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes300x250gr-r18604356/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UMKtC7rc.894WMBhkcLK20g7xST4Z5ge
content-encoding
gzip
etag
"5024b55258863de36ef297ec85e46d6e"
age
23785
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2590
x-amz-id-2
fUyARnYoP5jo9FozckNhWV87YFFTAPpsx6HReckQ+LtkuQfRO0lteNWbRwwrevwO6fZAzwbAcuE=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 21 Jul 2021 08:39:20 GMT
server
AmazonS3
x-timer
S1626937712.048095,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
X31WGJSE775KT7HS
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
73
x-cache-hits
129932
userx.20210720-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 68B9 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210720-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes300x250gr-r18604356/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DUyjfPPHR8m4AVd.2weUytBCvUKp9ma.
content-encoding
gzip
etag
"3fc7496f14c8f18aa958460ea016d2f3"
age
12122
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7950
x-amz-id-2
5XS+6NdTnwtikiEnW5Odpnn5TrAYP+fzFvBx9xKxUdC1huEBsMve7GooT3K2KB3p6tZpRRgNdkk=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 21 Jul 2021 08:39:04 GMT
server
AmazonS3
x-timer
S1626937712.058202,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
8V462915VKTQ64ET
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
73
x-cache-hits
9004
visit.jpg
tps.doubleverify.com/ Frame 68B9 		305 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tps.doubleverify.com/visit.jpg?ctx=3758893&cmp=25811397&sid=5791742&plc=302180065&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.23 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:34 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Content-Type
image/jpeg
Cache-Control
max-age=0
Content-Length
142
Expires
7/21/2021 7:08:35 AM
ad_impression.gif
beacon.krxd.net/ Frame 68B9 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?confid=uoj57punt&campaignid=25811397&advertiserid=9710276&placementid=302180065&adid=494966431&creativeid=149894632&siteid=5791742
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.31.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:39 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1626937719
x-served-by
beacon-n019-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
B25811397.302180065;dc_pre=CPmnxaqP9vECFcjuuwgdgosAug;dc_trk_aid=494966431;dc_trk_cid=149894632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/ Frame 68B9
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25811397.302180065;dc_trk_aid=494966431;dc_trk_cid=149894632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;...
  • https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25811397.302180065;dc_pre=CPmnxaqP9vECFcjuuwgdgosAug;dc_trk_aid=494966431;dc_trk_cid=149894632;ord=[timestamp];dc_lat=;dc_rdid=;...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25811397.302180065;dc_pre=CPmnxaqP9vECFcjuuwgdgosAug;dc_trk_aid=494966431;dc_trk_cid=149894632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=likevertising.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:47 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N1153793.1006845TABOOLA.COM/B25811397.302180065;dc_pre=CPmnxaqP9vECFcjuuwgdgosAug;dc_trk_aid=494966431;dc_trk_cid=149894632;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=likevertising.com
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3AB2 		83 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 10:59:58 GMT
server
nginx
etag
W/"60ec20ae-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Jul 2021 07:08:32 GMT
1ed31af7c315864c6b0038cbb1079951.jpg
images.taboola.com/taboola/image/fetch/h_180,w_360,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 68B9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_180,w_360,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ed31af7c315864c6b0038cbb1079951.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish, 1.1 varnish
age
2126117
edge-cache-tag
297400146308244549327555219506619918149,581020326624456120581803963053862324929,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
105
expiration
expiry-date="Sun, 04 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_180,w_360,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ed31af7c315864c6b0038cbb1079951.jpg
content-length
4402
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 03 Jun 2021 11:25:14 GMT
server
nginx
x-timer
S1626937712.081523,VS0,VE1
etag
"32980040e23834d8c3c4d52bf49cdf81"
x-served-by
cache-wdc5523-WDC, cache-dca17736-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
socialmedia4.tmb-479v.png
www.who.int/images/default-source/campaigns/world-immunization-week/wiw-2020/ Frame 2017 		81 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.who.int/images/default-source/campaigns/world-immunization-week/wiw-2020/socialmedia4.tmb-479v.png?sfvrsn=937d8af2_6
Requested by
Host: likevertising.com
URL: https://likevertising.com/syncro?i=ozq8lklz3e1znpqig3c&a=4f4a4c72e5d91df7438c43d8a6ef40cd5&cb=9518151626937709520
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:71bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com player.4am.ch polyfill.io services.arcgis.com www.googleadservices.com assets.sitescdn.net *.nativechat.com *.addthis.com static.hotjar.com app.powerbi.com dc.services.visualstudio.com wabi-north-europe-redirect.analysis.windows.net pbipdfapp.azurewebsites.net content.powerapps.com visuals.azureedge.net gis.azureedge.net pbi.azureedge.net *.who.int m.addthis.com liveapi-cached.yext.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com liveapi.yext.com answers.yext-pixel.com westeurope.tts.speech.microsoft.com wabi-north-europe-redirect.analysis.windows.net pbipdfapp.azurewebsites.net who.cloudflareaccess.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com www.youtube.com cdn.insight.sitefinity.com public.tableau.com *.googleapis.com *.nativechat.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com *.sharethis.com connect.facebook.net ajax.aspnetcdn.com cdnjs.cloudflare.com www.clarity.ms c.clarity.ms https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org s7.addthis.com kendo.cdn.telerik.com www.googletagmanager.com z.moatads.com v1.addthisedge.com cdnjs.cloudflare.com www.who.int polyfill.io kendo.cdn.telerik.com *.googletagmanager.com *.pingdom.net *.jwpcdn.com *.doubleclick.net assets.sitescdn.net whosearch.searchblox.com *.msecnd.net tagmanager.google.com static.hotjar.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com script.hotjar.com assets.pinterest.com apps.who.int m.addthis.com npmcdn.com script.hotjar.com; style-src 'self' 'unsafe-inline' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com *.googleapis.com *.nativechat.com *.sharethis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com cdn.insight.sitefinity.com cdnjs.cloudflare.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com use.fontawesome.com www.who.int player.4am.ch whosearch.searchblox.com tagmanager.google.com; font-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com fonts.gstatic.com kendo.cdn.telerik.com *.nativechat.com *.sharethis.com netdna.bootstrapcdn.com data: use.fontawesome.com www.who.int player.4am.ch whosearch.searchblox.com script.hotjar.com app.powerbi.com pbi.azureedge.net; img-src 'self' data: tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com cdn.insight.sitefinity.com js.arcgis.com *.gstatic.com *.googleapis.com *.nativechat.com *.sharethis.com *.google-analytics.com platform.tumblr.com www.clarity.ms c.clarity.ms web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://apps.who.int https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com stats.g.doubleclick.net *.who.int yt3.ggpht.com i.ytimg.com addthis.com *.googleusercontent.com googletagmanager.com script.hotjar.com www.addthis.com log.pinterest.com whosearch.searchblox.com app.powerbi.com pbi.azureedge.net kendo.cdn.telerik.com; media-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com terrance.who.int data: blob: *.who.int; frame-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com who.maps.arcgis.com player.vimeo.com html5-player.libsyn.com *.nativechat.com public.tableau.com experience.arcgis.com www.facebook.com s7.addthis.com www.youtube.com platform.twitter.com *.who.int *.doubleclick.net docs.google.com syndication.twitter.com *.sitefinity.cloud player.4am.ch *.sharethis.mgr.consensu.org *.google.com vars.hotjar.com youtube-nocookie.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com assets.pinterest.com www.youtube-nocookie.com vars.hotjar.com app.powerbi.com pbi.azureedge.net wabi-north-europe-g-primary-redirect.analysis.windows.net; frame-ancestors tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com app.powerbi.com pbi.azureedge.net *.who.int; child-src 'self' blob: tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com https://platform.twitter.com/ https://syndication.twitter.com/ *.nativechat.com https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com www.who.int; connect-src 'self' frontdoor-l4uikgap6gz3m.azurefd.net geocode.arcgis.com tiles.arcgis.com www.arcgis.com services.arcgis.com static.arcgis.com utility.arcgisonline.com js.arcgis.com stats.g.doubleclick.net accounts.google.com https://*.dec.sitefinity.com *.nativechat.com *.mktoresp.com *.who.int www.clarity.ms c.clarity.ms services.arcgis.com dc.services.visualstudio.com whosearch.searchblox.com *.google-analytics.com smartsuggest.searchblox.com m.addthis.com liveapi-cached.yext.com liveapi.yext.com answers.yext-pixel.com wss://westeurope.tts.speech.microsoft.com in.hotjar.com wss://*.hotjar.com *.hotjar.com vc.hotjar.io app.powerbi.com pbi.azureedge.net pbipdfapp.azurewebsites.net wabi-north-europe-redirect.analysis.windows.net; object-src tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com app.powerbi.com pbi.azureedge.net pbipdfapp.azurewebsites.net wabi-north-europe-redirect.analysis.windows.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-aspnet-version
4.0.30319
age
34382
cf-polished
origFmt=png, origSize=114402
content-disposition
inline; filename="socialmedia4.webp"
x-instance-name
RD501AC5BFBB2E
vary
Accept, Accept-Encoding
content-length
82912
x-xss-protection
1; mode=block
request-context
appId=cid-v1:7d90af53-a640-4c9a-9d36-1c3f84f71f51
x-frame-options
SAMEORIGIN
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 14 Apr 2021 10:51:49 GMT
server
cloudflare
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/webp
access-control-allow-origin
*
cf-bgj
imgq:85,h2pri
access-control-expose-headers
Request-Context
cache-control
public, max-age=7776000, s-maxage=7776000
content-security-policy
default-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com player.4am.ch polyfill.io services.arcgis.com www.googleadservices.com assets.sitescdn.net *.nativechat.com *.addthis.com static.hotjar.com app.powerbi.com dc.services.visualstudio.com wabi-north-europe-redirect.analysis.windows.net pbipdfapp.azurewebsites.net content.powerapps.com visuals.azureedge.net gis.azureedge.net pbi.azureedge.net *.who.int m.addthis.com liveapi-cached.yext.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com liveapi.yext.com answers.yext-pixel.com westeurope.tts.speech.microsoft.com wabi-north-europe-redirect.analysis.windows.net pbipdfapp.azurewebsites.net who.cloudflareaccess.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com www.youtube.com cdn.insight.sitefinity.com public.tableau.com *.googleapis.com *.nativechat.com *.gstatic.com www.google.com *.google-analytics.com apis.google.com *.sharethis.com connect.facebook.net ajax.aspnetcdn.com cdnjs.cloudflare.com www.clarity.ms c.clarity.ms https://www.youtube.com/iframe_api platform.twitter.com https://syndication.twitter.com/ https://s.ytimg.com https://publish.twitter.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js https://dec.azureedge.net/ munchkin.marketo.net *.eloqua.com js.hs-scripts.com js.hs-analytics.net *.en25.com cdn.ampproject.org s7.addthis.com kendo.cdn.telerik.com www.googletagmanager.com z.moatads.com v1.addthisedge.com cdnjs.cloudflare.com www.who.int polyfill.io kendo.cdn.telerik.com *.googletagmanager.com *.pingdom.net *.jwpcdn.com *.doubleclick.net assets.sitescdn.net whosearch.searchblox.com *.msecnd.net tagmanager.google.com static.hotjar.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com script.hotjar.com assets.pinterest.com apps.who.int m.addthis.com npmcdn.com script.hotjar.com; style-src 'self' 'unsafe-inline' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com *.googleapis.com *.nativechat.com *.sharethis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com cdn.insight.sitefinity.com cdnjs.cloudflare.com www.google.com https://dec.azureedge.net platform.twitter.com/css/ *.twimg.com use.fontawesome.com www.who.int player.4am.ch whosearch.searchblox.com tagmanager.google.com; font-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com fonts.gstatic.com kendo.cdn.telerik.com *.nativechat.com *.sharethis.com netdna.bootstrapcdn.com data: use.fontawesome.com www.who.int player.4am.ch whosearch.searchblox.com script.hotjar.com app.powerbi.com pbi.azureedge.net; img-src 'self' data: tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com cdn.insight.sitefinity.com js.arcgis.com *.gstatic.com *.googleapis.com *.nativechat.com *.sharethis.com *.google-analytics.com platform.tumblr.com www.clarity.ms c.clarity.ms web.facebook.com www.facebook.com https://delicious.com www.redditstatic.com www.linkedin.com https://syndication.twitter.com https://static.licdn.com/scds/common/u/images/apps/connect/sprites/sprite_connect_v14.png https://dec.azureedge.net https://apps.who.int https://*.dec.sitefinity.com pbs.twimg.com platform.twitter.com/css/ *.twimg.com data: blob: *.eloqua.com track.hubspot.com stats.g.doubleclick.net *.who.int yt3.ggpht.com i.ytimg.com addthis.com *.googleusercontent.com googletagmanager.com script.hotjar.com www.addthis.com log.pinterest.com whosearch.searchblox.com app.powerbi.com pbi.azureedge.net kendo.cdn.telerik.com; media-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com terrance.who.int data: blob: *.who.int; frame-src 'self' tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com who.maps.arcgis.com player.vimeo.com html5-player.libsyn.com *.nativechat.com public.tableau.com experience.arcgis.com www.facebook.com s7.addthis.com www.youtube.com platform.twitter.com *.who.int *.doubleclick.net docs.google.com syndication.twitter.com *.sitefinity.cloud player.4am.ch *.sharethis.mgr.consensu.org *.google.com vars.hotjar.com youtube-nocookie.com covidfunding.eiu.com staging-dot-eiu-wellcome-7664.nw.r.appspot.com who-covid-answers.int.pagescdn.com who-answers.pagescdn.com assets.pinterest.com www.youtube-nocookie.com vars.hotjar.com app.powerbi.com pbi.azureedge.net wabi-north-europe-g-primary-redirect.analysis.windows.net; frame-ancestors tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com app.powerbi.com pbi.azureedge.net *.who.int; child-src 'self' blob: tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com https://platform.twitter.com/ https://syndication.twitter.com/ *.nativechat.com https://www.youtube.com/ https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com www.facebook.com web.facebook.com badge.stumbleupon.com www.who.int; connect-src 'self' frontdoor-l4uikgap6gz3m.azurefd.net geocode.arcgis.com tiles.arcgis.com www.arcgis.com services.arcgis.com static.arcgis.com utility.arcgisonline.com js.arcgis.com stats.g.doubleclick.net accounts.google.com https://*.dec.sitefinity.com *.nativechat.com *.mktoresp.com *.who.int www.clarity.ms c.clarity.ms services.arcgis.com dc.services.visualstudio.com whosearch.searchblox.com *.google-analytics.com smartsuggest.searchblox.com m.addthis.com liveapi-cached.yext.com liveapi.yext.com answers.yext-pixel.com wss://westeurope.tts.speech.microsoft.com in.hotjar.com wss://*.hotjar.com *.hotjar.com vc.hotjar.io app.powerbi.com pbi.azureedge.net pbipdfapp.azurewebsites.net wabi-north-europe-redirect.analysis.windows.net; object-src tiles.arcgis.com www.arcgis.com services.arcgis.com utility.arcgisonline.com js.arcgis.com app.powerbi.com pbi.azureedge.net pbipdfapp.azurewebsites.net wabi-north-europe-redirect.analysis.windows.net;
accept-ranges
bytes
cf-ray
672ad69caee8c2bd-FRA
expires
Tue, 19 Oct 2021 21:35:30 GMT
syncframe
gum.criteo.com/ Frame 667B 		291 B
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.themoscowtimes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=www.themoscowtimes.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://likevertising.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2967
set-cookie
uid=da6a4ec8-ed37-4208-a77f-2a073d5df9e7; expires=Fri, 22 Jul 2022 07:08:31 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Thu, 22 Jul 2021 07:08:31 GMT
content-length
321
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3AB2 		83 KB
27 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
content-encoding
gzip
last-modified
Mon, 12 Jul 2021 10:59:58 GMT
server
nginx
etag
W/"60ec20ae-14aab"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 23 Jul 2021 07:08:32 GMT
1ed31af7c315864c6b0038cbb1079951.jpg
images.taboola.com/taboola/image/fetch/h_180,w_360,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 68B9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_180,w_360,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ed31af7c315864c6b0038cbb1079951.jpg
Requested by
Host: likevertising.com
URL: https://likevertising.com/stats?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=0371801626937709525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish, 1.1 varnish
age
2126117
edge-cache-tag
297400146308244549327555219506619918149,581020326624456120581803963053862324929,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
105
expiration
expiry-date="Sun, 04 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/h_180,w_360,c_pad,b_auto/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1ed31af7c315864c6b0038cbb1079951.jpg
content-length
4402
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
last-modified
Thu, 03 Jun 2021 11:25:14 GMT
server
nginx
x-timer
S1626937712.119801,VS0,VE0
etag
"32980040e23834d8c3c4d52bf49cdf81"
x-served-by
cache-wdc5523-WDC, cache-dca17736-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
match
c1.adform.net/serving/cookie/ Frame AABC 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=286919147265762957
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 22 Jul 2021 07:08:32 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=286919147265762957; expires=Mon, 20 Sep 2021 07:08:32 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
redir
rtb-csync.smartadserver.com/ Frame B2D9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCMElFN0I4ak1BQURjS2ZvMmVxQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB0IE7B8jMAADcKfo2eqA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAB0IE7B8jMAADcKfo2eqA&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB0IE7B8jMAADcKfo2eqA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB0IE7B8jMAADcKfo2eqA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pbw=%24b%3d16890%3b%24o%3d11100; vs=343185=4498988; TestIfCookie=ok; TestIfCookieP=ok; sasd=%24qc%3D1314630405%3B%24ql%3DMedium%3B%24qpc%3D1101%3B%24qt%3D212_914_28045t%3B%24dma%3D0; sasd2=q=%24qc%3D1314630405%3B%24ql%3DMedium%3B%24qpc%3D1101%3B%24qt%3D212_914_28045t%3B%24dma%3D0&c=1&l=1483621083&lo=1945324547&lt=637625417101632275&o=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 22 Jul 2021 07:08:33 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Thu, 22 Jul 2021 07:08:33 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB0IE7B8jMAADcKfo2eqA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
usersync.aspx
dis.criteo.com/dis/ Frame 105E 		43 B
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
uid=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 22 Jul 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2645
date
Thu, 22 Jul 2021 07:08:32 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame F5BF
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
42 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=2A831B8D-09D2-44C7-9EC0-846DB7116AC6; chkChromeAb67Sec=1; DPSync3=1628121600%3A201_197%7C1627516800%3A164%7C1626998400%3A174; SyncRTB3=1627516800%3A38_15_223_2%7C1627344000%3A216%7C1628208000%3A35%7C1628121600%3A231_56_7_71_166_104_57_233_54_8_55_178_5_13_48_165_176_220_22_99_189_21_3%7C1627776000%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 22 Jul 2021 07:08:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 07:08:32 GMT; path=/ PugT=1626937712; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 21-Aug-2021 07:08:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 07:08:32 GMT; path=/
x-lat
amspug019:0:432
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Thu, 22 Jul 2021 07:08:32 GMT
content-type
text/html
cache-control
no-store, no-cache, must-revalidate
expires
0
pragma
no-cache
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=OPTOUT
etag
OPTOUT
141
match.deepintent.com/usersync/ Frame 668A 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Thu, 22 Jul 2021 07:08:45 GMT
server
a
bridge
cm.adgrx.com/ Frame 3C68 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 22 Jul 2021 07:08:32 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-4
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
noop
px.owneriq.net/ Frame 5A74
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host
px.owneriq.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
0
Content-Type
image/gif
Date
Thu, 22 Jul 2021 07:08:46 GMT
Connection
keep-alive

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Thu, 22 Jul 2021 07:08:46 GMT
Connection
keep-alive
i.match
s.tribalfusion.com/z/ Frame 56C0
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aynoeURwEfUS2QVqs9QhHrSa2QSpaU8VNcEnmwQj
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=afnseFmge07ousnA7ffGLKZatbZcuhUBJF7BZaUJ0PGkpGElT1MJf08vqfKRS0bYacrZcGfXJqRECvOgIHYZbVxm6; path=/; domain=.tribalfusion.com; expires=Wed, 20-Oct-2021 07:08:32 GMT; SameSite=None; Secure; ANON_ID_old=afnseFmge07ousnA7ffGLKZatbZcuhUBJF7BZaUJ0PGkpGElT1MJf08vqfKRS0bYacrZcGfXJqRECvOgIHYZbVxm6; path=/; domain=.tribalfusion.com; expires=Wed, 20-Oct-2021 07:08:32 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
672ad69f6c6bd6b5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Thu, 22 Jul 2021 07:08:32 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
5269
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aynoeURwEfUS2QVqs9QhHrSa2QSpaU8VNcEnmwQj; path=/; domain=.tribalfusion.com; expires=Wed, 20-Oct-2021 07:08:32 GMT; SameSite=None; Secure; ANON_ID_old=aynoeURwEfUS2QVqs9QhHrSa2QSpaU8VNcEnmwQj; path=/; domain=.tribalfusion.com; expires=Wed, 20-Oct-2021 07:08:32 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
672ad69e3a51d6b5-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 6E9A
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=F27B8664615F43BF999E7F597B6068FB
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=720384d4-d4e4-4f38-9e87-cc6344de5291
42 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=720384d4-d4e4-4f38-9e87-cc6344de5291
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=720384d4-d4e4-4f38-9e87-cc6344de5291
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=2A831B8D-09D2-44C7-9EC0-846DB7116AC6; KRTBCOOKIE_1199=23175-00000072535A0105; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&16736-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23019-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23114-uid:160260f9-196e-4e00-8100-cd03167c1cd2; KRTBCOOKIE_22=14911-4511887567113342455; KRTBCOOKIE_218=22978-YPkZcAAC1p7DQQBg&KRTB&23194-YPkZcAAC1p7DQQBg&KRTB&23209-YPkZcAAC1p7DQQBg&KRTB&23244-YPkZcAAC1p7DQQBg; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_1074=22956-e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1; KRTBCOOKIE_153=19420-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL&KRTB&22979-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL; KRTBCOOKIE_80=22987-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&16514-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&23025-CAESECSJWbZH-GJNdOi2IeQd7dU; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_860=16335-Dt2PdUBwSPRofFGXN3eb5Z8wNz8; KRTBCOOKIE_107=1471-uid:UcERfDds1M6sOS5; KRTBCOOKIE_1235=23226-f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0:$UID; PugT=1626937713; chkChromeAb67Sec=5; DPSync3=1627516800%3A164%7C1626998400%3A174%7C1628121600%3A219_221_228_236_201_197; SyncRTB3=1627344000%3A216%7C1628121600%3A22_234_237_96_204_5_48_8_78_176_231_71_99_220_222_21_165_56_166_189_3_225_55_178_54_233_104_13_7_57_81%7C1627516800%3A2_38_67_223_15%7C1627776000%3A63%7C1628208000%3A35%7C1629504000%3A224%7C1632096000%3A69; SPugT=1626921576
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 22 Jul 2021 07:08:34 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_308=22925-720384d4-d4e4-4f38-9e87-cc6344de5291&KRTB&23158-720384d4-d4e4-4f38-9e87-cc6344de5291; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 07:08:34 GMT; path=/ PugT=1626937714; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 21-Aug-2021 07:08:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 07:08:34 GMT; path=/
x-lat
amspug020:0:510
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 22 Jul 2021 07:08:36 GMT
Content-Length
0
Connection
keep-alive
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=720384d4-d4e4-4f38-9e87-cc6344de5291
Pug
simage2.pubmatic.com/AdServer/ Frame F027
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Dt2PdUBwSPRofFGXN3eb5Z8wNz8
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Dt2PdUBwSPRofFGXN3eb5Z8wNz8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Dt2PdUBwSPRofFGXN3eb5Z8wNz8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=2A831B8D-09D2-44C7-9EC0-846DB7116AC6; DPSync3=1628121600%3A201_197%7C1627516800%3A164%7C1626998400%3A174; KRTBCOOKIE_1199=23175-00000072535A0105; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&16736-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23019-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23114-uid:160260f9-196e-4e00-8100-cd03167c1cd2; KRTBCOOKIE_22=14911-4511887567113342455; KRTBCOOKIE_218=22978-YPkZcAAC1p7DQQBg&KRTB&23194-YPkZcAAC1p7DQQBg&KRTB&23209-YPkZcAAC1p7DQQBg&KRTB&23244-YPkZcAAC1p7DQQBg; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_1074=22956-e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1; KRTBCOOKIE_153=19420-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL&KRTB&22979-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL; KRTBCOOKIE_80=22987-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&16514-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&23025-CAESECSJWbZH-GJNdOi2IeQd7dU; KRTBCOOKIE_188=3189-no-consent; SyncRTB3=1627776000%3A63%7C1628208000%3A35%7C1628121600%3A176_104_57_231_81_13_55_22_21_178_54_8_48_7_71_165_99_56_166_189_204_233_220_3_5%7C1627344000%3A216%7C1627516800%3A2_38_223_15; KRTBCOOKIE_1235=23226-0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef:$UID; PugT=1626937713; chkChromeAb67Sec=4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 22 Jul 2021 07:08:32 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-Dt2PdUBwSPRofFGXN3eb5Z8wNz8; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 07:08:32 GMT; path=/ PugT=1626937712; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 21-Aug-2021 07:08:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 07:08:32 GMT; path=/
x-lat
amspug011:0:370
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Thu, 22 Jul 2021 07:08:34 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Dt2PdUBwSPRofFGXN3eb5Z8wNz8
Set-Cookie
sa-user-id=s%3A0-0edd8f75-4070-48f4-687c-519737779be5.9vHV4IJwfiH8Ys2Twh6mPHa8m%2BWX132wIvhpqEiPjf4; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-0edd8f75-4070-48f4-687c-519737779be5%24ip%24159.48.55.63.rnZayhb632UICLQZVRgV%2FYyD9fIWt4BpER283MBSb%2Fw; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 0DDB
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=1&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UcERfDds1M6sOS5&gdpr=1&gdpr_consent=
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UcERfDds1M6sOS5&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UcERfDds1M6sOS5&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=2A831B8D-09D2-44C7-9EC0-846DB7116AC6; DPSync3=1628121600%3A201_197%7C1627516800%3A164%7C1626998400%3A174; KRTBCOOKIE_1199=23175-00000072535A0105; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&16736-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23019-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23114-uid:160260f9-196e-4e00-8100-cd03167c1cd2; KRTBCOOKIE_22=14911-4511887567113342455; KRTBCOOKIE_218=22978-YPkZcAAC1p7DQQBg&KRTB&23194-YPkZcAAC1p7DQQBg&KRTB&23209-YPkZcAAC1p7DQQBg&KRTB&23244-YPkZcAAC1p7DQQBg; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_1074=22956-e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1; KRTBCOOKIE_153=19420-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL&KRTB&22979-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL; KRTBCOOKIE_80=22987-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&16514-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&23025-CAESECSJWbZH-GJNdOi2IeQd7dU; KRTBCOOKIE_188=3189-no-consent; SyncRTB3=1627776000%3A63%7C1628208000%3A35%7C1628121600%3A176_104_57_231_81_13_55_22_21_178_54_8_48_7_71_165_99_56_166_189_204_233_220_3_5%7C1627344000%3A216%7C1627516800%3A2_38_223_15; KRTBCOOKIE_1235=23226-0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef:$UID; chkChromeAb67Sec=4; KRTBCOOKIE_860=16335-Dt2PdUBwSPRofFGXN3eb5Z8wNz8; PugT=1626937712
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 22 Jul 2021 07:08:33 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:UcERfDds1M6sOS5; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 07:08:33 GMT; path=/ PugT=1626937713; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 21-Aug-2021 07:08:33 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 07:08:33 GMT; path=/
x-lat
amspug008:0:485
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Thu, 22 Jul 2021 07:08:34 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:UcERfDds1M6sOS5&gdpr=1&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/v2.0.30-661-ga8ef792#rel-ec2-master i-0b5388877fe362141@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=UcERfDds1M6sOS5; Domain=.w55c.net; Expires=Mon, 22-Aug-2022 07:08:34 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sat, 21-Aug-2021 07:08:34 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=604800; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set merge
ce.lijit.com/ Frame A55E 		43 B
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=58&3pid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Host
ce.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ctag=561:1629529710|515:1629529710|563:1629529710|565:1627024110|520:1629529710|185:1627024110|203:1628147310|205:1627024110|541:1628147310|589:1629529710|462:1627024110; ljtrtbexp=eJxlkDsWwzAIBO%2Bi2oVAIMBXy8vd%2FSJXTMrhs7vwGTJu2RpTTWReY%2B%2FDKRbrx9pxdQzpLBP9Vy3c1E8fclUVf5WEJhIlPBKZ0sAO5oXcR6IszL%2F7u3LWSYw8Gv3mBT%2BDn0HfMe%2FtH98HfBtUSw%3D%3D; ljt_reader=ae8d6dde8420e94888e27157; _ljtrtb_1=4511887567113342455; _ljtrtb_56=OPTOUT; _ljtrtb_86=MNFi2M4LtkapmZKGXJzj; _ljtrtb_5001=5e429828c691e81e20c3012106c53070; _ljtrtb_76=7f8b95aa-6afa-070e-3f4b-55b08363802d; _ljtrtb_85=AAB0IE7B8jMAADcKfo2eqA; _ljtrtb_10=1870471596879379729; _ljtrtb_84=c:5110a8311c0697a7160cda10a4039983; _ljtrtb_43=8Dinavcx9zXrPPQ2_zjsMPcw8mfrO_Jj9TimzMu9; _ljtrtb_3=160260f9-196e-4e00-8100-cd03167c1cd2; _ljtrtb_87=f9433a83-181d-40ba-b28d-5d437a6691d2; ljtrtb=eJwdkFtPwzAMhf9Ln4lkx0ls89ZpgNgoK9KQJl6mNG2lFY3LuKqI%2F07CSyTnfPY59k%2BF1XnlPKII%2B8CIRM4676uzyocsbdrt5n6bK8oFBrABRjWoYTBuADCC%2BUk9EAZOmHpbGgHKVD84q2IlBcVBcLCQCNAihOQJGDIpLnPpPNtDFEJMEJQjZ5%2FUx%2FzngFSFCukzWdcLuL7ghUxNXS%2FTeny2w2td1BK1ub082MbdvD%2FGl%2BPD%2Bmq3mqeicdZGdUTZwqBgbxx00XRWeuN7RxxDTvifHKFsKQyO0WsQVmJlq1ly5QCyPDzFz%2FSt8%2B7Utnd2P09vTZu%2B5DieNvvVpNvDcW4%2BCs8lEo%2FSqY%2FRhDhGk3ceDI2uM953IBRIwPbV7x%2BEPWA7; _ljtrtb_36=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Thu, 22 Jul 2021 07:08:32 GMT
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
_ljtrtb_5001=5e429828c691e81e20c3012106c53070;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_36=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_84=c:5110a8311c0697a7160cda10a4039983;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_3=160260f9-196e-4e00-8100-cd03167c1cd2;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_85=AAB0IE7B8jMAADcKfo2eqA;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_1=4511887567113342455;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_86=MNFi2M4LtkapmZKGXJzj;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_76=7f8b95aa-6afa-070e-3f4b-55b08363802d;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_10=1870471596879379729;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_43=8Dinavcx9zXrPPQ2_zjsMPcw8mfrO_Jj9TimzMu9;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_87=f9433a83-181d-40ba-b28d-5d437a6691d2;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None _ljtrtb_56=OPTOUT;Expires=Thu, 01-Jan-1970 00:00:00 GMT;Max-Age=0;Secure;SameSite=None ljtrtb=eJwdkMlqAzEMht9lzjVIlm1JvU3pQpdpUkih9BI8XiAp6b6R0nev3YtB%2Fj%2BhT%2FoZcDgcnEcUYR8YkchZ5%2F1wMPjQosVytbhdtYpagQFsgKoGNRTjCoARbE%2FKQBg4Ycq2o72xrFEpSg1svEtqHNfZzJJnU3xGScX6WrCPAegOvjirYiUFxSJYLCQCtAgheQKGRoprXDpsshCFEBME5cjNKuXY%2FhyQqlAnfSPH8QjOT%2FhIttM4HqfL%2BmTLy9jT7jddn27s5K7eH%2BLz7v7y7O5iv%2B0Zt6yqo%2BZOBgWzcTBHM1vJxmdHHEMz%2FN8Tod9EGByj1yCsxMpWW%2BT6ueR48xg%2F07fu716Xyxu73m%2FfpmX6kl19Xawvtrra7PbTR%2Be5K3GVWX2MJsQaTdu5GKpuNt7PIBRIwObh9w809mw9;Path=/;Domain=.lijit.com;Expires=Fri, 22-Jul-2022 07:08:32 GMT;Max-Age=31536000;Secure;SameSite=None _ljtrtb_58=2A831B8D-09D2-44C7-9EC0-846DB7116AC6;Path=/;Domain=.lijit.com;Expires=Fri, 22-Jul-2022 07:08:32 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=ae8d6dde8420e94888e27157;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None ljtrtbexp=eJxlkDsWwzAIBO%2Bi2oVAIMBXy8vd%2FSJXTMrhs7vwGTJu2RpTTWReY%2B%2FDKRbrx9pxdQzpLBP9Vy3c1E8fclUVf5WEJhIlPBKZ0sAO5oXcR6IszL%2F7u3LWSYw8Gv3mBT%2BDn0HfMe%2FtH98HfBtUSw%3D%3D;Path=/;Domain=.lijit.com;Expires=Fri, 22-Jul-2022 07:08:32 GMT;Max-Age=31536000;Secure;SameSite=None ctag=561:1629529710|515:1629529710|563:1629529710|565:1627024110|520:1629529710|185:1627024110|203:1628147310|205:1627024110|541:1628147310|589:1629529710|462:1627024110;Path=/;Domain=.lijit.com;Expires=Sat, 21-Aug-2021 07:08:32 GMT;Max-Age=2592000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap2ams1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7608
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KoMbjQnSRMeewIRttxFqxg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=101303
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Fri, 23 Jul 2021 11:16:55 GMT

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
420486.gif
idsync.rlcdn.com/ Frame 7608 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/420486.gif?partner_uid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 google
alt-svc
clear
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 7608
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=160260f9-196e-4e00-8100-cd03167c1cd2
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=160260f9-196e-4e00-8100-cd03167c1cd2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 02:39:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 22 Jul 2021 07:08:32 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x14
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=160260f9-196e-4e00-8100-cd03167c1cd2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Jul 2021 07:08:31 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7608
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkE4MzFCOEQtMDlEMi00NEM3LTlFQzAtODQ2REI3MTE2QUM2&gdpr=1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:234
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 7608
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=CAESECSJWbZH-GJNdOi2IeQd7dU&google_cver=1
42 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=CAESECSJWbZH-GJNdOi2IeQd7dU&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:287
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=1&gdpr_consent=&piggybackCookie=CAESECSJWbZH-GJNdOi2IeQd7dU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 7608 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 21 Jul 2021 07:08:32 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7608
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4511887567113342455&gdpr=1&gdpr_consent=&us_privacy=
1 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4511887567113342455&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:348
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4511887567113342455&gdpr=1&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 22 Jul 2021 07:08:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 7608
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPkZcAAC1p7DQQBg&gdpr=1&gdpr_consent=
1 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPkZcAAC1p7DQQBg&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
cache-control
no-store, no-cache, private
x-lat
amspug001:0:425
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1626937712.358968,VS0,VE92
x-served-by
cache-fra19123-FRA
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YPkZcAAC1p7DQQBg&gdpr=1&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
generic
match.adsrvr.org/track/cmf/ Frame 7608 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 7608
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:160260f9-196e-4e00-8100-cd03167c1cd2&gdpr=1&gdpr_consent=
42 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:160260f9-196e-4e00-8100-cd03167c1cd2&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:364
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 22 Jul 2021 07:08:32 GMT
Server
MT3 3810 5cb7d7e master zrh-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:160260f9-196e-4e00-8100-cd03167c1cd2&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 22 Jul 2021 07:08:31 GMT
2A831B8D-09D2-44C7-9EC0-846DB7116AC6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 7608 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2A831B8D-09D2-44C7-9EC0-846DB7116AC6?gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58292/ Frame 7608 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6&redir=true&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:41 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
1
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
getuid
ib.adnxs.com/ Frame 7608 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
current
pubmatic-match.dotomi.com/match/bounce/ Frame 7608 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
CookieSyncPubMatic&gdpr=1&gdpr_consent=
rtb.adentifi.com/ Frame 7608 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.173.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-173-52.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
Pug
simage2.pubmatic.com/AdServer/ Frame 7608
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=1&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a8247e8d-eabb-11eb-af53-a315fb130a7e&gdpr=1&gdpr_consent=
1 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a8247e8d-eabb-11eb-af53-a315fb130a7e&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:46 GMT
cache-control
no-store, no-cache, private
x-lat
amspug012:0:504
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=a8247e8d-eabb-11eb-af53-a315fb130a7e&gdpr=1&gdpr_consent=
Date
Thu, 22 Jul 2021 07:08:46 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
a8247e8e-eabb-11eb-af53-a315fb130a7e
Pug
image2.pubmatic.com/AdServer/ Frame 7608
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=1&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL
42 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=1&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug018:0:369
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=1&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sn.ashx
pmp.mxptint.net/ Frame 7608
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B342_E09B4408_29746F646&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
4.78.226.233 Dallas, United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=-309924520; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:39 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-309924520; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Thu, 22 Jul 2021 07:08:39 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:395
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 7608
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c23c2fdd-51af-4fb8-a205-acff8724f6f6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c23c2fdd-51af-4fb8-a205-acff8724f6f6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:37 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:455
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:c23c2fdd-51af-4fb8-a205-acff8724f6f6&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 22 Jul 2021 07:08:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
sync
x.bidswitch.net/ Frame 7608 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.55.232 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-55-232.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
Pug
simage2.pubmatic.com/AdServer/ Frame 7608
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=1&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1
42 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:31 GMT
cache-control
no-store, no-cache, private
x-lat
amspug016:0:668
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1
date
Thu, 22 Jul 2021 07:08:32 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
match
c1.adform.net/serving/cookie/ Frame 7608 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 7608
Redirect Chain
  • https://sync.resetdigital.co:10001/csync/pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000072535A0105
42 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000072535A0105
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:268
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 22 Jul 2021 07:08:32 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
on
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTgmdGw9NzIwMA==&piggybackCookie=00000072535A0105
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
json
trc.taboola.com/themoscowtimes728x90gr-r18604579/trc/3/ Frame 28EB 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes728x90gr-r18604579/trc/3/json?tim=09%3A08%3A32.434&lti=deflated&data=%7B%22id%22%3A290%2C%22ii%22%3A%22%2Fasync_usersync%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1626856987713%2C%22vi%22%3A1626937712433%2C%22cv%22%3A%2220210720-25-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flikevertising.com%2Fasync_usersync%3Fi%3Db2q9ssvr0rctu7elxrne%26a%3D6965507efc6b22ad0bb46f9e614d09d67%26cb%3D8275681626937709540%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22qs%22%3A%22%3Fi%3Db2q9ssvr0rctu7elxrne%26a%3D6965507efc6b22ad0bb46f9e614d09d67%26cb%3D8275681626937709540%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2218604579%22%2C%22orig_uip%22%3A%2218604579%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
261
date
Thu, 22 Jul 2021 07:08:32 GMT
content-encoding
gzip
server
nginx
x-timer
S1626937712.443166,VS0,VE261
x-served-by
cache-fra19136-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
json
trc.taboola.com/themoscowtimes728x90gr-r18604579/trc/3/ Frame 7CE1 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes728x90gr-r18604579/trc/3/json?tim=09%3A08%3A32.454&lti=deflated&data=%7B%22id%22%3A833%2C%22ii%22%3A%22%2Fstat%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1626856987713%2C%22vi%22%3A1626937712454%2C%22cv%22%3A%2220210720-25-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Flikevertising.com%2Fstat%3Fi%3Db2q9ssvr0rctu7elxrne%26a%3D6965507efc6b22ad0bb46f9e614d09d67%26cb%3D1059091626937709564%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A728%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A90%2C%22dw%22%3A728%2C%22dh%22%3A90%2C%22qs%22%3A%22%3Fi%3Db2q9ssvr0rctu7elxrne%26a%3D6965507efc6b22ad0bb46f9e614d09d67%26cb%3D1059091626937709564%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A3%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%2218604579%22%2C%22orig_uip%22%3A%2218604579%22%2C%22cd%22%3A0%2C%22mw%22%3A728%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
119
date
Thu, 22 Jul 2021 07:08:32 GMT
content-encoding
gzip
server
nginx
x-timer
S1626937712.463945,VS0,VE119
x-served-by
cache-fra19136-FRA
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame 7CE1 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding
gzip
etag
"7a6ef5412d45e94af6813e18c060355d"
age
3939
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5990
x-amz-id-2
5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by
cache-fra19136-FRA
last-modified
Tue, 06 Jul 2021 14:02:32 GMT
server
AmazonS3
x-timer
S1626937713.612343,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
KQE2YD0951MP799B
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
73
x-cache-hits
17856
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 7CE1 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
24800
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by
cache-fra19136-FRA
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1626937713.612342,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
H26RXF80K5Y33KYT
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
73
x-cache-hits
123450
tfa-eid.20210720-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 7CE1 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210720-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Cn103B3.unhD.2oV1yUS0QilSow4IM1Z
content-encoding
gzip
etag
"ba5524dbc7c81ca08342e51952461a50"
age
7
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5063
x-amz-id-2
M5DR9IdHrmwdJSiPIPsZVeZE5DghASl0oIwjHbqMcTGuPGpdpAptn3CO/TiLN6snBJc3IEZ0NNk=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 21 Jul 2021 08:39:09 GMT
server
AmazonS3
x-timer
S1626937713.613913,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
1YX0ZX699YYMMR4Q
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
73
x-cache-hits
29
sha256.20210720-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 7CE1 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210720-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UMKtC7rc.894WMBhkcLK20g7xST4Z5ge
content-encoding
gzip
etag
"5024b55258863de36ef297ec85e46d6e"
age
23785
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2590
x-amz-id-2
fUyARnYoP5jo9FozckNhWV87YFFTAPpsx6HReckQ+LtkuQfRO0lteNWbRwwrevwO6fZAzwbAcuE=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 21 Jul 2021 08:39:20 GMT
server
AmazonS3
x-timer
S1626937713.613970,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
X31WGJSE775KT7HS
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
73
x-cache-hits
129936
userx.20210720-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 7CE1 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210720-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DUyjfPPHR8m4AVd.2weUytBCvUKp9ma.
content-encoding
gzip
etag
"3fc7496f14c8f18aa958460ea016d2f3"
age
12122
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7950
x-amz-id-2
5XS+6NdTnwtikiEnW5Odpnn5TrAYP+fzFvBx9xKxUdC1huEBsMve7GooT3K2KB3p6tZpRRgNdkk=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 21 Jul 2021 08:39:04 GMT
server
AmazonS3
x-timer
S1626937713.619167,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
8V462915VKTQ64ET
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
73
x-cache-hits
9006
252610.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//tr.web.img4.acsta.net/pictures/14/01/17/15/48/ Frame 7CE1 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//tr.web.img4.acsta.net/pictures/14/01/17/15/48/252610.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
93
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish, 1.1 varnish
age
3181662
edge-cache-tag
315092502360006898711541382690202116417,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
48
expiration
expiry-date="Sun, 20 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//tr.web.img4.acsta.net/pictures/14/01/17/15/48/252610.jpg
content-length
3422
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 20 May 2021 21:11:30 GMT
server
nginx
x-timer
S1626937713.629570,VS0,VE93
etag
"73538a22cd68465f708cff55497fca73"
x-served-by
cache-wdc5555-WDC, cache-dca17767-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
da15ff93-6cb9-49ba-8dc0-30042d703aad_1000x600_a16e0da8efd526abf48bc88e2b3a005f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 7CE1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/da15ff93-6cb9-49ba-8dc0-30042d703aad_1000x600_a16e0da8efd526abf48bc88e2b3a005f.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish, 1.1 varnish
age
2377016
edge-cache-tag
393960441417634200352235332383473273587,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
13
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/da15ff93-6cb9-49ba-8dc0-30042d703aad_1000x600_a16e0da8efd526abf48bc88e2b3a005f.png
content-length
2376
x-request-id
3271f985c7505dc55e2ae846a4b3b83f
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Wed, 23 Jun 2021 15:31:01 GMT
server
nginx
x-timer
S1626937713.629550,VS0,VE1
etag
"db832d2bc3e9fc6ede5515ea02503f3b"
x-served-by
cache-wdc5566-WDC, cache-dca17774-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
563e742395eec37992f18786b2a206a3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7CE1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/563e742395eec37992f18786b2a206a3.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish, 1.1 varnish
age
3006421
edge-cache-tag
484665396082307422556707616675241268954,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
599
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/563e742395eec37992f18786b2a206a3.jpg
content-length
2646
x-request-id
0750852ea72508708424b81c627f211a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 17 Jun 2021 09:54:11 GMT
server
nginx
x-timer
S1626937713.629619,VS0,VE1
etag
"f959162c9580674f5c28ba13f64e2fe5"
x-served-by
cache-wdc5541-WDC, cache-dca17744-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/ Frame 28EB 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding
gzip
etag
"7a6ef5412d45e94af6813e18c060355d"
age
3939
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5990
x-amz-id-2
5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by
cache-fra19136-FRA
last-modified
Tue, 06 Jul 2021 14:02:32 GMT
server
AmazonS3
x-timer
S1626937713.733510,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
KQE2YD0951MP799B
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
73
x-cache-hits
17857
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ Frame 28EB 		2 KB
999 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding
gzip
etag
"10c372ee2c83a7fd12df18aebc5320c6"
age
24801
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
719
x-amz-id-2
A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by
cache-fra19136-FRA
last-modified
Tue, 06 Apr 2021 14:48:01 GMT
server
AmazonS3
x-timer
S1626937713.733577,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
H26RXF80K5Y33KYT
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
73
x-cache-hits
123451
tfa-eid.20210720-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 28EB 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210720-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Cn103B3.unhD.2oV1yUS0QilSow4IM1Z
content-encoding
gzip
etag
"ba5524dbc7c81ca08342e51952461a50"
age
7
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5063
x-amz-id-2
M5DR9IdHrmwdJSiPIPsZVeZE5DghASl0oIwjHbqMcTGuPGpdpAptn3CO/TiLN6snBJc3IEZ0NNk=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 21 Jul 2021 08:39:09 GMT
server
AmazonS3
x-timer
S1626937713.735932,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
1YX0ZX699YYMMR4Q
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
73
x-cache-hits
30
sha256.20210720-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 28EB 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/sha256.20210720-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UMKtC7rc.894WMBhkcLK20g7xST4Z5ge
content-encoding
gzip
etag
"5024b55258863de36ef297ec85e46d6e"
age
23785
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2590
x-amz-id-2
fUyARnYoP5jo9FozckNhWV87YFFTAPpsx6HReckQ+LtkuQfRO0lteNWbRwwrevwO6fZAzwbAcuE=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 21 Jul 2021 08:39:20 GMT
server
AmazonS3
x-timer
S1626937713.736026,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
X31WGJSE775KT7HS
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
73
x-cache-hits
129937
userx.20210720-25-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 28EB 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20210720-25-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themoscowtimes728x90gr-r18604579/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DUyjfPPHR8m4AVd.2weUytBCvUKp9ma.
content-encoding
gzip
etag
"3fc7496f14c8f18aa958460ea016d2f3"
age
12123
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7950
x-amz-id-2
5XS+6NdTnwtikiEnW5Odpnn5TrAYP+fzFvBx9xKxUdC1huEBsMve7GooT3K2KB3p6tZpRRgNdkk=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 21 Jul 2021 08:39:04 GMT
server
AmazonS3
x-timer
S1626937713.743579,VS0,VE0
date
Thu, 22 Jul 2021 07:08:32 GMT
vary
Accept-Encoding
x-amz-request-id
8V462915VKTQ64ET
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
73
x-cache-hits
9008
da15ff93-6cb9-49ba-8dc0-30042d703aad_1000x600_a16e0da8efd526abf48bc88e2b3a005f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 7CE1 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/da15ff93-6cb9-49ba-8dc0-30042d703aad_1000x600_a16e0da8efd526abf48bc88e2b3a005f.png
Requested by
Host: likevertising.com
URL: https://likevertising.com/stat?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=1059091626937709564
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish, 1.1 varnish
age
2377016
edge-cache-tag
393960441417634200352235332383473273587,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
13
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/da15ff93-6cb9-49ba-8dc0-30042d703aad_1000x600_a16e0da8efd526abf48bc88e2b3a005f.png
content-length
2376
x-request-id
3271f985c7505dc55e2ae846a4b3b83f
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb104
last-modified
Wed, 23 Jun 2021 15:31:01 GMT
server
nginx
x-timer
S1626937713.760418,VS0,VE0
etag
"db832d2bc3e9fc6ede5515ea02503f3b"
x-served-by
cache-wdc5566-WDC, cache-dca17774-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
563e742395eec37992f18786b2a206a3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7CE1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/563e742395eec37992f18786b2a206a3.jpg
Requested by
Host: likevertising.com
URL: https://likevertising.com/stat?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=1059091626937709564
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish, 1.1 varnish
age
3006421
edge-cache-tag
484665396082307422556707616675241268954,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
599
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/563e742395eec37992f18786b2a206a3.jpg
content-length
2646
x-request-id
0750852ea72508708424b81c627f211a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
last-modified
Thu, 17 Jun 2021 09:54:11 GMT
server
nginx
x-timer
S1626937713.760400,VS0,VE0
etag
"f959162c9580674f5c28ba13f64e2fe5"
x-served-by
cache-wdc5541-WDC, cache-dca17744-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
Can-your-employer-refuse-to-let-you-work-from-home.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s30776.pcdn.co/wp-content/uploads/2020/03/ Frame 28EB 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s30776.pcdn.co/wp-content/uploads/2020/03/Can-your-employer-refuse-to-let-you-work-from-home.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish, 1.1 varnish
age
593571
edge-cache-tag
405244367303756960479882715535446095809,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
500
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s30776.pcdn.co/wp-content/uploads/2020/03/Can-your-employer-refuse-to-let-you-work-from-home.jpeg
content-length
3982
x-request-id
da1b2f41e4b2b3b25b4095fdf7ee4f7a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 20 Jun 2021 02:55:16 GMT
server
nginx
x-timer
S1626937713.760381,VS0,VE1
etag
"00f98516def4807b92f7bddc243646d3"
x-served-by
cache-wdc5564-WDC, cache-dca17746-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
2add8cf9e53545c8d1a7d819bcd185a5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 28EB 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2add8cf9e53545c8d1a7d819bcd185a5.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
88
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish, 1.1 varnish
age
1480510
edge-cache-tag
540084540880327222825142697331460359464,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
13
expiration
expiry-date="Sun, 11 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2add8cf9e53545c8d1a7d819bcd185a5.jpg
content-length
3094
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Thu, 10 Jun 2021 03:03:10 GMT
server
nginx
x-timer
S1626937713.765937,VS0,VE88
etag
"9b0d7ea46972a2f910173d107d224308"
x-served-by
cache-wdc5523-WDC, cache-dca17774-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 0
6cf9a2da11f45aea3574a1219142ba1b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 28EB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6cf9a2da11f45aea3574a1219142ba1b.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish, 1.1 varnish
age
769193
edge-cache-tag
315986870392149998822079753856510697808,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
21
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6cf9a2da11f45aea3574a1219142ba1b.jpg
content-length
1636
x-request-id
0d353bf7367205301feb73e894bcc633
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Tue, 29 Jun 2021 03:26:10 GMT
server
nginx
x-timer
S1626937713.765922,VS0,VE1
etag
"d3b9e1b1c42ee520a5f77264d16003ad"
x-served-by
cache-wdc5531-WDC, cache-dca17778-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
Can-your-employer-refuse-to-let-you-work-from-home.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s30776.pcdn.co/wp-content/uploads/2020/03/ Frame 28EB 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s30776.pcdn.co/wp-content/uploads/2020/03/Can-your-employer-refuse-to-let-you-work-from-home.jpeg
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=8275681626937709540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish, 1.1 varnish
age
593571
edge-cache-tag
405244367303756960479882715535446095809,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
500
x-cache
MISS, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s30776.pcdn.co/wp-content/uploads/2020/03/Can-your-employer-refuse-to-let-you-work-from-home.jpeg
content-length
3982
x-request-id
da1b2f41e4b2b3b25b4095fdf7ee4f7a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified
Sun, 20 Jun 2021 02:55:16 GMT
server
nginx
x-timer
S1626937713.802758,VS0,VE0
etag
"00f98516def4807b92f7bddc243646d3"
x-served-by
cache-wdc5564-WDC, cache-dca17746-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2
6cf9a2da11f45aea3574a1219142ba1b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 28EB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6cf9a2da11f45aea3574a1219142ba1b.jpg
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=8275681626937709540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish, 1.1 varnish
age
769193
edge-cache-tag
315986870392149998822079753856510697808,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
99
x-envoy-upstream-service-time
21
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6cf9a2da11f45aea3574a1219142ba1b.jpg
content-length
1636
x-request-id
0d353bf7367205301feb73e894bcc633
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified
Tue, 29 Jun 2021 03:26:10 GMT
server
nginx
x-timer
S1626937713.802828,VS0,VE0
etag
"d3b9e1b1c42ee520a5f77264d16003ad"
x-served-by
cache-wdc5531-WDC, cache-dca17778-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 2
2add8cf9e53545c8d1a7d819bcd185a5.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 28EB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2add8cf9e53545c8d1a7d819bcd185a5.jpg
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=8275681626937709540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Jul 2021 07:08:32 GMT
via
1.1 varnish, 1.1 varnish
age
1480510
edge-cache-tag
540084540880327222825142697331460359464,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
100
x-envoy-upstream-service-time
13
expiration
expiry-date="Sun, 11 Jul 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2add8cf9e53545c8d1a7d819bcd185a5.jpg
content-length
3094
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb102
last-modified
Thu, 10 Jun 2021 03:03:10 GMT
server
nginx
x-timer
S1626937713.885970,VS0,VE0
etag
"9b0d7ea46972a2f910173d107d224308"
x-served-by
cache-wdc5523-WDC, cache-dca17774-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
806.json
id5-sync.com/g/v2/ Frame 0595 		213 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p14.id5-sync.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://likevertising.com
Date
Thu, 22 Jul 2021 07:08:25 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 0595 		77 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-248-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:32 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://likevertising.com
cache-control
no-cache
x-server
10.45.19.55
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ Frame 0595 		109 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://likevertising.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sat, 21 Aug 2021 07:08:32 GMT
806.json
id5-sync.com/g/v2/ Frame 3AB2 		213 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/806.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p14.id5-sync.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://likevertising.com
Date
Thu, 22 Jul 2021 07:08:25 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 3AB2 		77 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.248.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-248-240.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:33 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://likevertising.com
cache-control
no-cache
x-server
10.45.26.58
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ Frame 3AB2 		108 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/155495/4202/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 22 Jul 2021 07:08:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://likevertising.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sat, 21 Aug 2021 07:08:33 GMT
bulk
trc.taboola.com/themoscowtimes300x250gr-r18604356/log/3/ Frame 68B9 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes300x250gr-r18604356/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 22 Jul 2021 07:08:33 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937713.069967,VS0,VE9
x-served-by
cache-fra19136-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/themoscowtimes300x250gr-r18604356/log/3/ Frame 68B9 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes300x250gr-r18604356/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 22 Jul 2021 07:08:33 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937713.080268,VS0,VE9
x-served-by
cache-fra19136-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 68B9 		254 B
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: likevertising.com
URL: https://likevertising.com/stats?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=0371801626937709525
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
27062
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1626937713.103420,VS0,VE0
date
Thu, 22 Jul 2021 07:08:33 GMT
x-amz-request-id
6P8Y14FA9N2SAAH6
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
73
x-cache-hits
6962
Pug
simage2.pubmatic.com/AdServer/ Frame D8B5
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent=
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4237664890651439057
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4237664890651439057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:36 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:268
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:37 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
55c1d039-9815-49e2-9883-65abfad6a396
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4237664890651439057
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E470
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent=
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4237664890651439057
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4237664890651439057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:36 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:312
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:37 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a64c036e-3aba-454c-aff3-cab9b70850e6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4237664890651439057
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 6078
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156400&gdpr=0&gdpr_consent=
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4237664890651439057
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4237664890651439057
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:36 GMT
cache-control
no-store, no-cache, private
x-lat
amspug019:0:288
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:37 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
718a7620-7573-4e06-8efb-485dfa731636
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4237664890651439057
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bulk
trc.taboola.com/themoscowtimes728x90gr-r18604579/log/3/ Frame 7CE1 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes728x90gr-r18604579/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 22 Jul 2021 07:08:33 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937714.629247,VS0,VE9
x-served-by
cache-fra19136-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
bulk
trc.taboola.com/themoscowtimes728x90gr-r18604579/log/3/ Frame 28EB 		0
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes728x90gr-r18604579/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
8
pragma
no-cache
date
Thu, 22 Jul 2021 07:08:33 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937714.754611,VS0,VE8
x-served-by
cache-fra19136-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
visible
trc.taboola.com/themoscowtimes728x90gr-r18604579/log/3/ Frame 28EB 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themoscowtimes728x90gr-r18604579/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Thu, 22 Jul 2021 07:08:33 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937714.756017,VS0,VE9
x-served-by
cache-fra19136-FRA
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://likevertising.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 28EB 		254 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: likevertising.com
URL: https://likevertising.com/async_usersync?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=8275681626937709540
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
27063
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1626937714.786512,VS0,VE0
date
Thu, 22 Jul 2021 07:08:33 GMT
x-amz-request-id
6P8Y14FA9N2SAAH6
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
73
x-cache-hits
6964
10207-8245
creative-content.lemonpi.io/default-content/119/ Frame 0E9E 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://creative-content.lemonpi.io/default-content/119/10207-8245?impression-id=36f1fe06-3a17-4be9-b9f0-1df42706ae02
Requested by
Host: creative-libraries.lemonpi.io
URL: https://creative-libraries.lemonpi.io/v1/lemonpi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:a400:1f:ac51:e400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
2MYE.w7_R6haDtrQSTft8pZ.GvkHKB3o
via
1.1 dfeaf865724e57eaac72220929416926.cloudfront.net (CloudFront)
etag
"b397abcdb897f58b8737b38c27cbe7fb"
x-amz-cf-pop
DUS51-C1
x-cache
RefreshHit from cloudfront
access-control-max-age
3000
content-length
1143
last-modified
Tue, 29 Jun 2021 14:52:20 GMT
server
AmazonS3
date
Thu, 22 Jul 2021 07:08:34 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
6CIJv-K2ZUq9rvpx3aopenPNs4vU8863wgZn0qgiBvUzSPCndUNHzA==
log
log.lemonpi.io/ Frame 0E9E 		2 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.lemonpi.io/log
Requested by
Host: creative-libraries.lemonpi.io
URL: https://creative-libraries.lemonpi.io/v1/lemonpi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.165.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.15.8.1 /
Resource Hash

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 22 Jul 2021 07:08:34 GMT
Server
openresty/1.15.8.1
Access-Control-Allow-Methods
POST,GET,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
2
event
content.lemonpi.io/track/ Frame 0E9E 		47 B
461 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.lemonpi.io/track/event?e=%7B%22content%22%3A%7B%22source%22%3A%22s3%22%2C%22data%22%3A%7B%22introImageFamily%22%3A%7B%22type%22%3A%22image%22%2C%22value%22%3A%22https%3A%2F%2Fassets.lemonpi.io%2Fa%2F119%2F538761936a5be384cb098b03ca67a35a.svg%22%7D%2C%22logo%22%3A%7B%22type%22%3A%22image%22%2C%22value%22%3A%22https%3A%2F%2Fassets.lemonpi.io%2Fa%2F119%2F38cd0ce588681c3543402b9927e82680.png%22%7D%2C%22introCopy%22%3A%7B%22type%22%3A%22text%22%2C%22value%22%3A%22KUNNEN%20WEL%20EEN%3Cbr%3EPRAKTISCHE%20%C5%A0KODA%20GEBRUIKEN%22%7D%2C%22ctaText%22%3A%7B%22type%22%3A%22text%22%2C%22value%22%3A%22Ontdek%26nbsp%3Bonze%26nbsp%3Bmodellen%22%7D%2C%22endSlideImage%22%3A%7B%22type%22%3A%22image%22%2C%22value%22%3A%22https%3A%2F%2Fassets.lemonpi.io%2Fa%2F119%2Fe4cb7540219551f612c010199f4d2dd2.jpg%22%7D%2C%22endSlideCopy%22%3A%7B%22type%22%3A%22text%22%2C%22value%22%3A%22WELKE%20%C5%A0KODA%20KAN%20JOUW%3CBR%3EZATERDAGFAMILIE%20HET%3CBR%3EBEST%20GEBRUIKEN%3F%22%7D%2C%22fallbackUrl%22%3A%7B%22type%22%3A%22click%22%2C%22value%22%3A%22https%3A%2F%2Fwww.skoda.nl%2Fmodellen%22%7D%2C%22introImage%22%3A%7B%22type%22%3A%22image%22%2C%22value%22%3A%22https%3A%2F%2Fassets.lemonpi.io%2Fa%2F119%2Ffb1b339c73fe253c77bae53282fa1516.jpg%22%7D%2C%22fallbackImage%22%3A%7B%22type%22%3A%22image%22%2C%22value%22%3A%22https%3A%2F%2Fassets.lemonpi.io%2Fa%2F119%2F9af9b088e700c1bc36f11761b2bd9572.jpg%22%7D%2C%22click%22%3A%7B%22type%22%3A%22click%22%2C%22value%22%3A%22https%3A%2F%2Fwww.skoda.nl%2Fmodellen%3Futm_medium%3Ddisplay%26utm_source%3Dproj-zaterdag_rtb_dv_pr_rectangle_%26utm_campaign%3Dgh_proj-zaterdag_mei21%26utm_term%3D300x250%26utm_content%3Dstatisch_v2%22%7D%7D%7D%2C%22version%22%3A2%2C%22type%22%3A%22impression%22%2C%22schema%22%3A%22adset-creative%22%2C%22impression-id%22%3A%2236f1fe06-3a17-4be9-b9f0-1df42706ae02%22%2C%22adset-id%22%3A10207%2C%22creative-id%22%3A8245%2C%22advertiser-id%22%3A119%2C%22creative-revision-id%22%3A35811%7D
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.240.165.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.15.8.1 /
Resource Hash

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:34 GMT
Server
openresty/1.15.8.1
Access-Control-Allow-Methods
GET, POST
Content-Type
image/gif
access-control-allow-origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
47
sync.php
pixel.rubiconproject.com/exchange/ Frame C61C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame C61C
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dq1ycPjOvwMe&ev=1&orig=trc&pid=562107
0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dq1ycPjOvwMe&ev=1&orig=trc&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.57:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1276

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=dq1ycPjOvwMe&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-589cbd599f-lgxkq
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame C61C
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4237664890651439057&orig=trc
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4237664890651439057&orig=trc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1278

Redirect headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:34 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
dc6facc6-cb4e-48ba-b3e3-69ef75e9309f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4237664890651439057&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame C61C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOTlxgvCObJjQzCME6xkOxQ&google_cver=1
0
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOTlxgvCObJjQzCME6xkOxQ&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937714.096759,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19136-FRA

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOTlxgvCObJjQzCME6xkOxQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame C61C
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef:$UID
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Thu, 22 Jul 2021 07:08:33 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:386
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame C61C
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=dbf2263e-8210-4bfa-a619-fecfa99695b6-tuct7f29ef3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=dbf2263e-8210-4bfa-a619-fecfa99695b6-tuct7f29ef3
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=dbf2263e-8210-4bfa-a619-fecfa99695b6-tuct7f29ef3
tbl-x-upstream
10.41.14.127:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1276
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame C61C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b7fca496-5068-448b-a600-11c53c66350d
0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b7fca496-5068-448b-a600-11c53c66350d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
11
date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937714.110240,VS0,VE11
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19136-FRA

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b7fca496-5068-448b-a600-11c53c66350d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame C61C 		43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&us_privacy=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:35 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame C61C 		49 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-589cbd599f-lgxkq
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame C61C 		43 B
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:33 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame C61C 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:34 GMT
content-length
0
content-type
text/html
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame C61C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.127:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1283

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Thu, 22 Jul 2021 07:08:33 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2083
content-type
text/html; charset=utf-8
content-length
222
expires
Thu, 22 Jul 2021 00:00:00 GMT
4.gif
id5-sync.com/c/464/19/4/ Frame C61C
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://id5-sync.com/c/464/464/7/1.gif?puid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOWotCl4O5jvV34CxV8t4WycNuevCh8B0-82gI6Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOWotCl4O5jvV34CxV8t4WycNuevCh8B0-82gI6Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=e3ea1f8d-0d83-4a2b-853f-d89386782304&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEJbbsecCytUybC6Rv6UZzc8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4237664890651439057&opid=apx&ops=&utidl=tech:goo:CAESEJbbsecCytUybC6Rv6UZzc8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19243071581&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/4/4.gif?puid=5e429828c691e81e20c3012106c53070&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/19/4/4.gif?puid=5e429828c691e81e20c3012106c53070&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p14.id5-sync.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:29 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://id5-sync.com/c/464/19/4/4.gif?puid=5e429828c691e81e20c3012106c53070&gdpr=1&gdpr_consent=
cache-control
no-cache
x-server
10.45.9.118
content-length
0
expires
0
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame C61C
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=MQtYelbdBnSIEGXechn5YA
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=MQtYelbdBnSIEGXechn5YA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1276

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=MQtYelbdBnSIEGXechn5YA
date
Thu, 22 Jul 2021 07:08:34 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame C61C 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:08 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame C61C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=taboola&bsw_custom_parameter=f435ba45-2d6f-4e1d-aa81-d80af7752577
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkc44a58f8-c759-4799-b984-9ef446a625b2&expires=7&user_group=5&ssp=taboola&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=257&user_id=mkc44a58f8-c759-4799-b984-9ef446a625b2&expires=7&user_group=5&ssp=taboola&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6c4a472d-8b2e-4b0e-97ba-7abe8e648681
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6c4a472d-8b2e-4b0e-97ba-7abe8e648681
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Thu, 22 Jul 2021 07:08:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1277

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6c4a472d-8b2e-4b0e-97ba-7abe8e648681
date
Thu, 22 Jul 2021 07:08:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame C61C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3Df9433a83-181d-...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3Df9433a83-181d-40ba-b28d-5d437a6691d2&isDirect=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:35 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937715.155658,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19136-FRA

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3Df9433a83-181d-40ba-b28d-5d437a6691d2&isDirect=0
tbl-x-upstream
10.41.22.181:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1278
sd
u.openx.net/w/1.0/ Frame C61C 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame C61C
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=044caa9d-9c00-51cb-baf6-142ada0f0d58
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=044caa9d-9c00-51cb-baf6-142ada0f0d58
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1282

Redirect headers

location
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=044caa9d-9c00-51cb-baf6-142ada0f0d58
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
101956
jadserve.postrelease.com/suid/ Frame C61C 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.13.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-13-197.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame C61C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=ebeXoWsASoinoXTbumRp0Q&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_...
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&ui=ebeXoWsASoinoXTbumRp0Q
0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&ui=ebeXoWsASoinoXTbumRp0Q
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.199:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1276

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&ui=ebeXoWsASoinoXTbumRp0Q
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame C61C
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
date
Thu, 22 Jul 2021 07:08:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cds-pips.js
cdn.taboola.com/scripts/ Frame 68B9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2164
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1626937714.054888,VS0,VE0
date
Thu, 22 Jul 2021 07:08:34 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
73
x-cache-hits
10880
e4cb7540219551f612c010199f4d2dd2.jpg
assets.lemonpi.io/a/119/ Frame 0E9E 		293 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.lemonpi.io/a/119/e4cb7540219551f612c010199f4d2dd2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:f:7bbd:36c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 06:44:02 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Wed, 19 May 2021 15:13:22 GMT
server
AmazonS3
age
3976
etag
"e4cb7540219551f612c010199f4d2dd2"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
300329
x-amz-cf-id
mOJ1cJsbUZ95Y3lWHFgBBV90L74rJTekB4UKLSTWs7LIsHffdbyW4A==
fb1b339c73fe253c77bae53282fa1516.jpg
assets.lemonpi.io/a/119/ Frame 0E9E 		247 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.lemonpi.io/a/119/fb1b339c73fe253c77bae53282fa1516.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:f:7bbd:36c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:04:41 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Wed, 12 May 2021 11:11:55 GMT
server
AmazonS3
age
234
etag
"fb1b339c73fe253c77bae53282fa1516"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
252961
x-amz-cf-id
qX4ZY_g-2UhHVTFc90sRbbMlPboapSq4o9hO32iMy8iaR7UGJjmvIQ==
538761936a5be384cb098b03ca67a35a.svg
assets.lemonpi.io/a/119/ Frame 0E9E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.lemonpi.io/a/119/538761936a5be384cb098b03ca67a35a.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:f:7bbd:36c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 06:45:48 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Wed, 19 May 2021 09:28:04 GMT
server
AmazonS3
age
4062
etag
"538761936a5be384cb098b03ca67a35a"
x-cache
Hit from cloudfront
content-type
image/svg+xml
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
5040
x-amz-cf-id
sJbXdyP8WhL_0XNHnisbvac7bklCAzuJW3wKgfX2HMCruJlicMQU_Q==
38cd0ce588681c3543402b9927e82680.png
assets.lemonpi.io/a/119/ Frame 0E9E 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.lemonpi.io/a/119/38cd0ce588681c3543402b9927e82680.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e800:f:7bbd:36c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:01:22 GMT
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
last-modified
Tue, 11 May 2021 13:23:12 GMT
server
AmazonS3
age
1106
etag
"38cd0ce588681c3543402b9927e82680"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
17433
x-amz-cf-id
FgfKUthXeBTZXUSYVgy1nOUtNk-zliXOewZlWx4NEbDLB1oiCuptog==
skoda-next-w01-bold.woff2
s0.2mdn.net/4470817/1623242751524/ Frame 0E9E 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/4470817/1623242751524/skoda-next-w01-bold.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/4470817/1623242751524/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://s0.2mdn.net/4470817/1623242751524/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 12:45:51 GMT
server
sffe
age
0
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22180
x-xss-protection
0
expires
Fri, 23 Jul 2021 07:08:34 GMT
/
pips.taboola.com/ Frame 68B9 		64 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19146-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://likevertising.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame 68B9 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=0cfd43b8-f648-407e-826e-7aa9be5d5b66-tuct7f29eef&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 22 Jul 2021 07:08:34 GMT
Cache-Control
no-store
Server
nginx
Connection
close
SPug
simage4.pubmatic.com/AdServer/ Frame 7608 		0
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=137711&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=137711&s=137812&predirect=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D58%263pid%3D&gdpr=1&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
252610.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//tr.web.img4.acsta.net/pictures/14/01/17/15/48/ Frame 7CE1 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//tr.web.img4.acsta.net/pictures/14/01/17/15/48/252610.jpg
Requested by
Host: likevertising.com
URL: https://likevertising.com/stat?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=1059091626937709564
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 varnish, 1.1 varnish
age
3181664
edge-cache-tag
315092502360006898711541382690202116417,609000275878300931466227160548147665902,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining
99
x-envoy-upstream-service-time
48
expiration
expiry-date="Sun, 20 Jun 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache
HIT, HIT, HIT
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_86%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//tr.web.img4.acsta.net/pictures/14/01/17/15/48/252610.jpg
content-length
3422
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
last-modified
Thu, 20 May 2021 21:11:30 GMT
server
nginx
x-timer
S1626937715.614983,VS0,VE0
etag
"73538a22cd68465f708cff55497fca73"
x-served-by
cache-wdc5555-WDC, cache-dca17767-DCA, cache-fra19136-FRA
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 7CE1 		254 B
758 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: likevertising.com
URL: https://likevertising.com/stat?i=b2q9ssvr0rctu7elxrne&a=6965507efc6b22ad0bb46f9e614d09d67&cb=1059091626937709564
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via
1.1 varnish
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
age
27064
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
mouaSx+zLz+daByqFPTyWftjEEWVx2Ra4QTNy9MPIUClTT4jaqZDUS1ZHFYvQA07FPAY+M6uW30=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1626937715.615071,VS0,VE0
date
Thu, 22 Jul 2021 07:08:34 GMT
x-amz-request-id
6P8Y14FA9N2SAAH6
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
55
x-cache-hits
6965
sync.php
pixel.rubiconproject.com/exchange/ Frame 7A82 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 7A82
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=hvMJc7DwNtKA&ev=1&orig=trc&pid=562107
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=hvMJc7DwNtKA&ev=1&orig=trc&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.10.104:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1276

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=hvMJc7DwNtKA&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-589cbd599f-lgxkq
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 7A82
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4237664890651439057&orig=trc
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4237664890651439057&orig=trc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.181:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1276

Redirect headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:34 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d75e7bb4-9406-48e6-8b8b-4206b40aa185
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4237664890651439057&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7A82
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2
tbl-x-upstream
10.40.0.134:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1276
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 7A82
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1283

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Thu, 22 Jul 2021 07:08:34 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2155
content-type
text/html; charset=utf-8
content-length
222
expires
Thu, 22 Jul 2021 00:00:00 GMT
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 7A82
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=rKpiONo-Djm_h7ZUchn5YA
0
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=rKpiONo-Djm_h7ZUchn5YA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.57:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1278

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=rKpiONo-Djm_h7ZUchn5YA
date
Thu, 22 Jul 2021 07:08:34 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 7A82 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:07 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 7A82
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=taboola&bsw_user_id=${BSW_USER_UD}&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=0&user_id=&ssp=taboola&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=f435ba45-2d6f-4e1d-aa81-d80af7752577
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=f435ba45-2d6f-4e1d-aa81-d80af7752577
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1283

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=f435ba45-2d6f-4e1d-aa81-d80af7752577
date
Thu, 22 Jul 2021 07:08:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 7A82
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3Df9433a83-181d-...
0
52 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3Df9433a83-181d-40ba-b28d-5d437a6691d2&isDirect=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:35 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937715.155591,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19136-FRA

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3Df9433a83-181d-40ba-b28d-5d437a6691d2&isDirect=0
tbl-x-upstream
10.41.10.199:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1278
rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame 7A82
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f6a07e9a-066a-51cb-9e23-cd3ffedad44d
0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f6a07e9a-066a-51cb-9e23-cd3ffedad44d
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.127:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1278

Redirect headers

location
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f6a07e9a-066a-51cb-9e23-cd3ffedad44d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
101956
jadserve.postrelease.com/suid/ Frame 7A82 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.13.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-13-197.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 7A82
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOTlxgvCObJjQzCME6xkOxQ&google_cver=1
0
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOTlxgvCObJjQzCME6xkOxQ&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937715.657440,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19136-FRA

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOTlxgvCObJjQzCME6xkOxQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 7A82 		42 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0:$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:32 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:382
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 7A82
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b7fca496-5068-448b-a600-11c53c66350d
0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b7fca496-5068-448b-a600-11c53c66350d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937715.659644,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19136-FRA

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b7fca496-5068-448b-a600-11c53c66350d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 7A82 		43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&us_privacy=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:35 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 7A82 		49 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-589cbd599f-lgxkq
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 7A82 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 7A82 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:34 GMT
content-length
0
content-type
text/html
4.gif
id5-sync.com/c/464/19/4/ Frame 7A82
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOWotCl4O5jvV34CxV8t4WycNuevCh8B0-82gI6Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOWotCl4O5jvV34CxV8t4WycNuevCh8B0-82gI6Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=e3ea1f8d-0d83-4a2b-853f-d89386782304&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEJbbsecCytUybC6Rv6UZzc8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4237664890651439057&opid=apx&ops=&utidl=tech:goo:CAESEJbbsecCytUybC6Rv6UZzc8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19243071581&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/464/19/4/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/464/19/4/4.gif?puid=5e429828c691e81e20c3012106c53070&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/464/19/4/4.gif?puid=5e429828c691e81e20c3012106c53070&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p14.id5-sync.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:30 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://id5-sync.com/c/464/19/4/4.gif?puid=5e429828c691e81e20c3012106c53070&gdpr=1&gdpr_consent=
cache-control
no-cache
x-server
10.45.19.232
content-length
0
expires
0
sd
u.openx.net/w/1.0/ Frame 7A82 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame 7A82
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=4IoUgYNHSnm5HvjFThJpNA&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_...
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&ui=4IoUgYNHSnm5HvjFThJpNA
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&ui=4IoUgYNHSnm5HvjFThJpNA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1278

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&ui=4IoUgYNHSnm5HvjFThJpNA
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 7A82
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
date
Thu, 22 Jul 2021 07:08:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cds-pips.js
cdn.taboola.com/scripts/ Frame 7CE1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2164
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1626937715.621978,VS0,VE0
date
Thu, 22 Jul 2021 07:08:34 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
55
x-cache-hits
10885
/
pips.taboola.com/ Frame 7CE1 		64 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19146-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://likevertising.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame 7CE1 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 22 Jul 2021 07:08:35 GMT
Cache-Control
no-store
Server
nginx
Connection
close
sync.php
pixel.rubiconproject.com/exchange/ Frame 98C5 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Content-Type
image/gif
/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame 98C5
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
  • https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=kHvRZRuMwb6j&ev=1&orig=trc&pid=562107
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=kHvRZRuMwb6j&ev=1&orig=trc&pid=562107
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.127:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1278

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=kHvRZRuMwb6j&ev=1&orig=trc&pid=562107
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-589cbd599f-lgxkq
expires
-1
/
sync.taboola.com/sg/appnexus-network/1/rtb-h/ Frame 98C5
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc
  • https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4237664890651439057&orig=trc
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4237664890651439057&orig=trc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.195:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1278

Redirect headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:34 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5c60a31f-8e59-4dec-b3ad-4f0ba265ee5b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=4237664890651439057&orig=trc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 98C5
Redirect Chain
  • https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:35 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2
tbl-x-upstream
10.40.0.195:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1276
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 98C5
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
  • https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.95:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1283

Redirect headers

pragma
no-cache
x-errorlevel
0
server
Microsoft-IIS/10.0
date
Thu, 22 Jul 2021 07:08:34 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=da6a4ec8-ed37-4208-a77f-2a073d5df9e7
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2342
content-type
text/html; charset=utf-8
content-length
222
expires
Thu, 22 Jul 2021 00:00:00 GMT
rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame 98C5
Redirect Chain
  • https://s.c.appier.net/taboola
  • https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YYofZ4xkDZOu4V7rchn5YA
0
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YYofZ4xkDZOu4V7rchn5YA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.12.133:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1278

Redirect headers

location
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=YYofZ4xkDZOu4V7rchn5YA
date
Thu, 22 Jul 2021 07:08:34 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cookiesync
bttrack.com/pixel/ Frame 98C5 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track003-dc3
Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:07 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame 98C5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=taboola&bsw_custom_parameter=f435ba45-2d6f-4e1d-aa81-d80af7752577
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkcc1cfe3f-09c7-44ec-9175-8d2541f35269&expires=7&user_group=5&ssp=taboola&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=257&user_id=mkcc1cfe3f-09c7-44ec-9175-8d2541f35269&expires=7&user_group=5&ssp=taboola&bsw_param=f435ba45-2d6f-4e1d-aa81-d80af7752577
  • https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6c4a472d-8b2e-4b0e-97ba-7abe8e648681
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6c4a472d-8b2e-4b0e-97ba-7abe8e648681
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.22.84:10213
date
Thu, 22 Jul 2021 07:08:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1277

Redirect headers

location
//sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6c4a472d-8b2e-4b0e-97ba-7abe8e648681
date
Thu, 22 Jul 2021 07:08:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame 98C5
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=taboola
  • https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2
  • https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3Df9433a83-181d-...
0
76 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3Df9433a83-181d-40ba-b28d-5d437a6691d2&isDirect=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:35 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937715.155808,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19136-FRA

Redirect headers

location
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=f9433a83-181d-40ba-b28d-5d437a6691d2&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3Df9433a83-181d-40ba-b28d-5d437a6691d2&isDirect=0
tbl-x-upstream
10.41.14.95:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1278
rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame 98C5
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
  • https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f6a07e9a-066a-51cb-9e23-cd3ffedad44d
0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f6a07e9a-066a-51cb-9e23-cd3ffedad44d
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.134:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1278

Redirect headers

location
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=f6a07e9a-066a-51cb-9e23-cd3ffedad44d
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
101956
jadserve.postrelease.com/suid/ Frame 98C5 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.13.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-13-197.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame 98C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
  • https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOTlxgvCObJjQzCME6xkOxQ&google_cver=1
0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOTlxgvCObJjQzCME6xkOxQ&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937715.881417,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19136-FRA

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESEOTlxgvCObJjQzCME6xkOxQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
304
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 98C5 		42 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0:$UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:33 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:437
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame 98C5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
  • https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b7fca496-5068-448b-a600-11c53c66350d
0
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b7fca496-5068-448b-a600-11c53c66350d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 varnish
server
nginx
x-timer
S1626937715.781814,VS0,VE8
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-fra19136-FRA

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=b7fca496-5068-448b-a600-11c53c66350d
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
239
merge
ce.lijit.com/ Frame 98C5 		43 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=42&3pid=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&us_privacy=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:35 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 98C5 		49 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-589cbd599f-lgxkq
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 98C5 		43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:33 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
put
e1.emxdgt.com/ Frame 98C5 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d41&uid=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:34 GMT
content-length
0
content-type
text/html
18.gif
id5-sync.com/qp/ Frame 98C5
Redirect Chain
  • https://id5-sync.com/s/464/9.gif?puid=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOWotCl4O5jvV34CxV8t4WycNuevCh8B0-82gI6Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOWotCl4O5jvV34CxV8t4WycNuevCh8B0-82gI6Q&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
  • https://id5-sync.com/cq/464/124/6/2.gif?puid=e3ea1f8d-0d83-4a2b-853f-d89386782304&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEJbbsecCytUybC6Rv6UZzc8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4237664890651439057&opid=apx&ops=&utidl=tech:goo:CAESEJbbsecCytUybC6Rv6UZzc8&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19243071581&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/qp/18.gif?puid=vec%3A19243071581&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.20 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p14.id5-sync.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:29 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

location
https://id5-sync.com/qp/18.gif?puid=vec%3A19243071581&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
date
Thu, 22 Jul 2021 07:08:37 GMT
content-length
0
strict-transport-security
max-age=63072000;includeSubDomains;preload
sd
u.openx.net/w/1.0/ Frame 98C5 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=543998486&val=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
sync.taboola.com/sg/adxxscod-network/1/rtb-h/ Frame 98C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=taboolacom_ltd&google_sc&google_hm=HncLd3B_Q_m24GAMZ10wRw&google_redir=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fadxxscod-network%2F1%2Frtb-h%2F%3Ftaboola_...
  • https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&ui=HncLd3B_Q_m24GAMZ10wRw
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&ui=HncLd3B_Q_m24GAMZ10wRw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream
10.41.14.95:10213
date
Thu, 22 Jul 2021 07:08:35 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
1278

Redirect headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.taboola.com/sg/adxxscod-network/1/rtb-h/?taboola_hm=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&ui=HncLd3B_Q_m24GAMZ10wRw
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
340
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 98C5
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=7772&xuid=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&dongle=tbla
  • https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7772&xuid=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=7772&xuid=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&dongle=tbla&gdpr=1&cmp_cs=&us_privacy=
date
Thu, 22 Jul 2021 07:08:34 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cds-pips.js
cdn.taboola.com/scripts/ Frame 28EB 		2 KB
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding
gzip
etag
"3aa74dbf5cd656dbb65deda2d238ddbd"
age
2164
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
911
x-amz-id-2
qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 14 Jul 2021 05:06:01 GMT
server
AmazonS3
x-timer
S1626937715.743522,VS0,VE0
date
Thu, 22 Jul 2021 07:08:34 GMT
vary
Accept-Encoding
x-amz-request-id
X0T5G34XC8D2QGE8
via
1.1 varnish
cache-control
private, max-age=3600
accept-ranges
bytes
content-type
application/javascript
abp
55
x-cache-hits
10886
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1A4C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://likevertising.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=4237664890651439057; anj=dTM7k!M41.D>6NRF']wIg2E?dq'xo4!@wnfH8K6pQK`!5=E<*L5>xh2a5_DdbznD[Y@q#S[(!3e1It'NC2]T=0lgcd%nugO%v4VB%no]z*IINY; icu=ChgIz5I0EAoYAiACKAIw77LkhwY4AkACSAIKGAjYpkQQChgBIAEoATDusuSHBjgBQAFIARDvsuSHBhgC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 23 Jul 2021 07:08:37 GMT
Date
Thu, 22 Jul 2021 07:08:35 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0993 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://likevertising.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=2A831B8D-09D2-44C7-9EC0-846DB7116AC6; DPSync3=1628121600%3A201_197%7C1627516800%3A164%7C1626998400%3A174; KRTBCOOKIE_1199=23175-00000072535A0105; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&16736-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23019-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23114-uid:160260f9-196e-4e00-8100-cd03167c1cd2; KRTBCOOKIE_22=14911-4511887567113342455; KRTBCOOKIE_218=22978-YPkZcAAC1p7DQQBg&KRTB&23194-YPkZcAAC1p7DQQBg&KRTB&23209-YPkZcAAC1p7DQQBg&KRTB&23244-YPkZcAAC1p7DQQBg; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_1074=22956-e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1; KRTBCOOKIE_153=19420-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL&KRTB&22979-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL; KRTBCOOKIE_80=22987-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&16514-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&23025-CAESECSJWbZH-GJNdOi2IeQd7dU; KRTBCOOKIE_188=3189-no-consent; SyncRTB3=1627776000%3A63%7C1628208000%3A35%7C1628121600%3A176_104_57_231_81_13_55_22_21_178_54_8_48_7_71_165_99_56_166_189_204_233_220_3_5%7C1627344000%3A216%7C1627516800%3A2_38_223_15; chkChromeAb67Sec=4; KRTBCOOKIE_860=16335-Dt2PdUBwSPRofFGXN3eb5Z8wNz8; KRTBCOOKIE_107=1471-uid:UcERfDds1M6sOS5; KRTBCOOKIE_1235=23226-3a44fcc8-597e-4f20-a40a-370187dbd8a1-tuct7f29ef0:$UID; PugT=1626937712
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=106387
expires
Fri, 23 Jul 2021 12:41:41 GMT
date
Thu, 22 Jul 2021 07:08:34 GMT
vary
Accept-Encoding
/
pips.taboola.com/ Frame 28EB 		64 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-fra19146-FRA
access-control-allow-methods
GET
access-control-allow-origin
https://likevertising.com
cache-control
no-store
x-cache
HIT
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ Frame 28EB 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 22 Jul 2021 07:08:36 GMT
Cache-Control
no-store
Server
nginx
Connection
close
PugMaster
image6.pubmatic.com/AdServer/ Frame 0993 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33372127&p=155495&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:34 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
tum
ums.acuityplatform.com/ Frame A732 		0
0
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 26C3
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
52 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 varnish
x-served-by
cache-fra19136-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1626937715.868790,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 22-Jul-2022 07:08:34 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3759bd98-81e0-4a44-8203-3d5bdf56f90b-tuct7f29ef2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Thu, 22 Jul 2021 07:08:34 GMT
via
1.1 varnish
x-served-by
cache-fra19136-FRA
x-cache
MISS
x-cache-hits
0
x-timer
S1626937715.830871,VS0,VE9
x-vcl-time-ms
9
content-length
0
pubmatic
sync.dmp.kubient.net/match/ Frame 52E0 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame 942A
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=obOL_fUPD02bBG3ydhn5YA
42 B
321 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=obOL_fUPD02bBG3ydhn5YA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=obOL_fUPD02bBG3ydhn5YA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SPugT=1626937716; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 22 Jul 2021 07:08:37 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_904=16787-obOL_fUPD02bBG3ydhn5YA&KRTB&23130-obOL_fUPD02bBG3ydhn5YA; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 21-Aug-2021 07:08:37 GMT; path=/ PugT=1626937717; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 21-Aug-2021 07:08:37 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 07:08:37 GMT; path=/
x-lat
amspug003:0:389
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Thu, 22 Jul 2021 07:08:38 GMT
content-type
text/html; charset=utf-8
content-length
153
cache-control
no-store
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=obOL_fUPD02bBG3ydhn5YA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie
_auid=obOL_fUPD02bBG3ydhn5YA; Path=/; Domain=c.appier.net; Expires=Fri, 22 Jul 2022 07:08:38 GMT; Max-Age=31536000; HttpOnly; Secure; SameSite=None
Pug
simage2.pubmatic.com/AdServer/ Frame DB85
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
SPugT=1626937716; PUBMDCID=3; KRTBCOOKIE_904=16787-obOL_fUPD02bBG3ydhn5YA&KRTB&23130-obOL_fUPD02bBG3ydhn5YA; KRTBCOOKIE_52=22772-R1B342_E09B4408_29746F646&KRTB&23092-R1B342_E09B4408_29746F646; PugT=1626937719
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 22 Jul 2021 07:08:41 GMT
content-type
text/html; charset=utf-8
x-lat
amspug006:2:244
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=8bf2ef8b-fbeb-454a-907d-9aa7ccaf0e42; path=/; domain=csync.loopme.me; Expires=Sun, 22-Aug-2021 07:08:42 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Thu, 22 Jul 2021 07:08:42 GMT
server
_
101790
jadserve.postrelease.com/suid/ Frame 7A86 		43 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/suid/101790?vk=${PUBMATIC_UID}&ntv_r=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjUmdGw9MTI5NjAw&piggybackCookie=NTV_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.13.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-13-197.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash

Request headers

:method
GET
:authority
jadserve.postrelease.com
:scheme
https
:path
/suid/101790?vk=${PUBMATIC_UID}&ntv_r=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjUmdGw9MTI5NjAw&piggybackCookie=NTV_USER_ID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
opt_out=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 22 Jul 2021 07:08:34 GMT
content-type
image/gif
content-length
43
server
nginx/1.12.1
expires
Mon, 1 Jan 1990 12:00:00 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
set-cookie
opt_out=1; Domain=.postrelease.com; Expires=Fri, 22-Jul-2022 07:08:34 GMT; Path=/; Secure; SameSite=None;
Pug
simage2.pubmatic.com/AdServer/ Frame A982
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=6YbkqIXhpJXe&pid=557219
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=6YbkqIXhpJXe&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=6YbkqIXhpJXe&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=2A831B8D-09D2-44C7-9EC0-846DB7116AC6; KRTBCOOKIE_1199=23175-00000072535A0105; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&16736-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23019-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23114-uid:160260f9-196e-4e00-8100-cd03167c1cd2; KRTBCOOKIE_22=14911-4511887567113342455; KRTBCOOKIE_218=22978-YPkZcAAC1p7DQQBg&KRTB&23194-YPkZcAAC1p7DQQBg&KRTB&23209-YPkZcAAC1p7DQQBg&KRTB&23244-YPkZcAAC1p7DQQBg; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_1074=22956-e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1; KRTBCOOKIE_153=19420-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL&KRTB&22979-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL; KRTBCOOKIE_80=22987-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&16514-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&23025-CAESECSJWbZH-GJNdOi2IeQd7dU; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_860=16335-Dt2PdUBwSPRofFGXN3eb5Z8wNz8; KRTBCOOKIE_107=1471-uid:UcERfDds1M6sOS5; KRTBCOOKIE_1235=23226-f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0:$UID; PugT=1626937713; chkChromeAb67Sec=5; DPSync3=1627516800%3A164%7C1626998400%3A174%7C1628121600%3A219_221_228_236_201_197; SyncRTB3=1627344000%3A216%7C1628121600%3A22_234_237_96_204_5_48_8_78_176_231_71_99_220_222_21_165_56_166_189_3_225_55_178_54_233_104_13_7_57_81%7C1627516800%3A2_38_67_223_15%7C1627776000%3A63%7C1628208000%3A35%7C1629504000%3A224%7C1632096000%3A69
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 22 Jul 2021 07:08:33 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 07:08:33 GMT; path=/
x-lat
amspug015:0:363
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-589cbd599f-lgxkq
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=6YbkqIXhpJXe&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
check
pixel.tapad.com/idsync/ex/receive/ Frame B207
Redirect Chain
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxODQmdGw9MTU3NjgwMA==&r=https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB&partner_device_id=${PUBMATIC_UID}
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=PUBMATIC_RTB
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
95 B
164 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.tapad.com
:scheme
https
:path
/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
TapAd_TS=1626937717946; TapAd_DID=a1c914d5-2843-4ccc-9113-0d7e89fb6dd1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 22 Jul 2021 07:08:37 GMT
strict-transport-security
max-age=31536000
content-type
image/png
content-length
95
via
1.1 google
alt-svc
clear

Redirect headers

date
Thu, 22 Jul 2021 07:08:37 GMT
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
set-cookie
TapAd_TS=1626937717946;Expires=Mon, 20 Sep 2021 07:08:37 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None TapAd_DID=a1c914d5-2843-4ccc-9113-0d7e89fb6dd1;Expires=Mon, 20 Sep 2021 07:08:37 GMT;Path=/;Domain=.tapad.com;Secure;SameSite=None
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=PUBMATIC_RTB
content-length
0
via
1.1 google
alt-svc
clear
Pug
simage2.pubmatic.com/AdServer/ Frame 18BC
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F27B8664615F43BF999E7F597B6068FB
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F27B8664615F43BF999E7F597B6068FB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F27B8664615F43BF999E7F597B6068FB
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=2A831B8D-09D2-44C7-9EC0-846DB7116AC6; KRTBCOOKIE_1199=23175-00000072535A0105; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&16736-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23019-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23114-uid:160260f9-196e-4e00-8100-cd03167c1cd2; KRTBCOOKIE_22=14911-4511887567113342455; KRTBCOOKIE_218=22978-YPkZcAAC1p7DQQBg&KRTB&23194-YPkZcAAC1p7DQQBg&KRTB&23209-YPkZcAAC1p7DQQBg&KRTB&23244-YPkZcAAC1p7DQQBg; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_1074=22956-e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1; KRTBCOOKIE_153=19420-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL&KRTB&22979-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL; KRTBCOOKIE_80=22987-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&16514-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&23025-CAESECSJWbZH-GJNdOi2IeQd7dU; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_860=16335-Dt2PdUBwSPRofFGXN3eb5Z8wNz8; KRTBCOOKIE_107=1471-uid:UcERfDds1M6sOS5; KRTBCOOKIE_1235=23226-f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0:$UID; PugT=1626937713; chkChromeAb67Sec=5; DPSync3=1627516800%3A164%7C1626998400%3A174%7C1628121600%3A219_221_228_236_201_197; SyncRTB3=1627344000%3A216%7C1628121600%3A22_234_237_96_204_5_48_8_78_176_231_71_99_220_222_21_165_56_166_189_3_225_55_178_54_233_104_13_7_57_81%7C1627516800%3A2_38_67_223_15%7C1627776000%3A63%7C1628208000%3A35%7C1629504000%3A224%7C1632096000%3A69
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 22 Jul 2021 07:08:33 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 20-Oct-2021 07:08:33 GMT; path=/
x-lat
amspug016:0:334
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Thu, 22 Jul 2021 07:08:34 GMT
content-type
text/html
content-length
154
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:F27B8664615F43BF999E7F597B6068FB
expires
Wed, 21 Jul 2021 07:08:34 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
/
pixel.onaudience.com/ Frame 0993
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=2A831B8D-09D2-44C7-9EC0-846DB7116AC6
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4ead82c08ff8ca1c3ff8903fbfa060e1
35 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4ead82c08ff8ca1c3ff8903fbfa060e1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.79.83.225 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Thu, 22 Jul 2021 07:08:37 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=4ead82c08ff8ca1c3ff8903fbfa060e1
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Artemis
aud.pubmatic.com/AdServer/ Frame 0993
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6&addseg=17
7 B
87 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6&addseg=17
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:39 GMT
content-length
7
content-type
text/plain; charset=utf-8

Redirect headers

date
Thu, 22 Jul 2021 07:08:39 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6&addseg=17
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
g.pixel
aa.agkn.com/adscores/ Frame 0993 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=2A831B8D-09D2-44C7-9EC0-846DB7116AC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.243.222 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AAWebServer /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:37 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
expires
0
/
io.narrative.io/ Frame 0993
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:2A831B8D-09D2-44C7-9EC0-846DB7116AC6
  • https://io.narrative.io/?io.narrative.guid.v2=a3796d00-eabb-11eb-a833-0aa6849ebafd&companyId=673&id=pubmatic_id:2A831B8D-09D2-44C7-9EC0-846DB7116AC6
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=a3796d00-eabb-11eb-a833-0aa6849ebafd&companyId=673&id=pubmatic_id:2A831B8D-09D2-44C7-9EC0-846DB7116AC6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.225.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:38 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=a3796d00-eabb-11eb-a833-0aa6849ebafd&companyId=673&id=pubmatic_id:2A831B8D-09D2-44C7-9EC0-846DB7116AC6
Date
Thu, 22 Jul 2021 07:08:38 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 674B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://likevertising.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=4237664890651439057; anj=dTM7k!M41.D>6NRF']wIg2E?dq'xo4!@wnfH8K6pQK`!5=E<*L5>xh2a5_DdbznD[Y@q#S[(!3e1It'NC2]T=0lgcd%nugO%v4VB%no]z*IINY; icu=ChgIz5I0EAoYAiACKAIw77LkhwY4AkACSAIKGAjYpkQQChgBIAEoATDusuSHBjgBQAFIARDvsuSHBhgC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 23 Jul 2021 07:08:37 GMT
Date
Thu, 22 Jul 2021 07:08:35 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame A6C1 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: cdn.adtrue.com
URL: https://cdn.adtrue.com/pb/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://likevertising.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=2A831B8D-09D2-44C7-9EC0-846DB7116AC6; KRTBCOOKIE_1199=23175-00000072535A0105; PUBMDCID=3; KRTBCOOKIE_27=16735-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&16736-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23019-uid:160260f9-196e-4e00-8100-cd03167c1cd2&KRTB&23114-uid:160260f9-196e-4e00-8100-cd03167c1cd2; KRTBCOOKIE_22=14911-4511887567113342455; KRTBCOOKIE_218=22978-YPkZcAAC1p7DQQBg&KRTB&23194-YPkZcAAC1p7DQQBg&KRTB&23209-YPkZcAAC1p7DQQBg&KRTB&23244-YPkZcAAC1p7DQQBg; KRTBCOOKIE_594=17105-OPTOUT&KRTB&17107-OPTOUT; KRTBCOOKIE_1074=22956-e_193a8f67-54c9-47fb-b8db-e5d18ce25fe1; KRTBCOOKIE_153=19420-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL&KRTB&22979-qZ5JH66XGUCymhkW-8oCF6-eFhOyy00S_swP3wAL; KRTBCOOKIE_80=22987-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&16514-CAESECSJWbZH-GJNdOi2IeQd7dU&KRTB&23025-CAESECSJWbZH-GJNdOi2IeQd7dU; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_860=16335-Dt2PdUBwSPRofFGXN3eb5Z8wNz8; KRTBCOOKIE_107=1471-uid:UcERfDds1M6sOS5; KRTBCOOKIE_1235=23226-f7bc9042-0325-4952-9c79-408b971277bd-tuct7f29ef0:$UID; PugT=1626937713; KCCH=YES; chkChromeAb67Sec=5; DPSync3=1627516800%3A164%7C1626998400%3A174%7C1628121600%3A219_221_228_236_201_197; SyncRTB3=1627344000%3A216%7C1628121600%3A22_234_237_96_204_5_48_8_78_176_231_71_99_220_222_21_165_56_166_189_3_225_55_178_54_233_104_13_7_57_81%7C1627516800%3A2_38_67_223_15%7C1627776000%3A63%7C1628208000%3A35%7C1629504000%3A224%7C1632096000%3A69
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://likevertising.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=106387
expires
Fri, 23 Jul 2021 12:41:41 GMT
date
Thu, 22 Jul 2021 07:08:34 GMT
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 1A4C 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:35 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
af4669d2-247e-4bf2-96ec-06755067da85
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 674B 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:35 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b9cbcbd5-3062-4d7c-8da1-2957f289187d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1A4C 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:36 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
9f4c9594-d6e8-427f-93df-0030b645e3d9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 674B 		0
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 22 Jul 2021 07:08:36 GMT
X-Proxy-Origin
159.48.55.63; 159.48.55.63; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4e865709-eeb6-4a54-a921-6a0783af222f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 0993 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=155495&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
js
www.googletagmanager.com/gtag/ Frame BEB0 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
Requested by
Host: track.adtruedsp.com
URL: https://track.adtruedsp.com/delivery/impression?i=aa9ac0c8e405a655245aee869180b962f2f51a66e84947078807b963ec5e85187eb3cb9d6e3182c38ca45282fb92c12fdb5ca238f8b753fba92304f127a0e049ff337b1c663720b321efd90d6b5640d44ad77ee3882b6f97116c4c3e9e684955b5dd11e03dc69f409d7ba72f6f3ba96fb5c86d82cf29a37fbc6ba8f0980ef36b08c3ce2aafbdbcf3ec974f0db805a74717e56e2469ee9c2ae335dba667c409449beb5c5bc9e2cc15f71da6650bc8bdcb852f95f33cad6ea96e75a11571de85e69ba0d7721ff8980330987933186db8c8dfd4f25e6925a63de549673eee824c6b91bd834a139cb105cd0745ca50992e88bad7b95609b40e7e80adb6079cff5cf1d34869e04ffa17581d294adc984232b60d0dd8da00e3efad067c62779934cac99d99c59c9936a9fd43515715c242fac051f40e8f91919af3dc6ecc7d7a54c132278dbd1fc38b193de6952938d4bd116681b9f657507dbb814587bddfb45eb4d0527fd52419bdf2668e55201e00f7522c218016bd34e039392029141832e66f90&ref=https%3A%2F%2Fwww.themoscowtimes.com%2F&domain=themoscowtimes.com&c_id=25327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://track.adtruedsp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38146
x-xss-protection
0
last-modified
Thu, 22 Jul 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 22 Jul 2021 07:08:38 GMT
js
www.googletagmanager.com/gtag/ Frame BEB0 		126 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0DTZ6LRDBJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://track.adtruedsp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 07:08:38 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50608
x-xss-protection
0
expires
Thu, 22 Jul 2021 07:08:38 GMT
analytics.js
www.google-analytics.com/ Frame BEB0 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GTM-NPLC9ST
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://track.adtruedsp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
3680
date
Thu, 22 Jul 2021 06:07:18 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Thu, 22 Jul 2021 08:07:18 GMT
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/de8d3c3f-602a-4921-94f6-6c06fb8d9728/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Jul 2021 07:08:39 GMT
content-length
0
vary
Origin
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.themoscowtimes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 22 Jul 2021 07:08:39 GMT
content-length
0
vary
Origin
perf
am-trc-events.taboola.com/themoscowtimes300x250gr-r18604356/log/3/ Frame 68B9 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/themoscowtimes300x250gr-r18604356/log/3/perf?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://likevertising.com
pragma
no-cache
date
Thu, 22 Jul 2021 07:08:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
perf
am-trc-events.taboola.com/themoscowtimes728x90gr-r18604579/log/3/ Frame 7CE1 		0
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/themoscowtimes728x90gr-r18604579/log/3/perf?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210720-25-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://likevertising.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://likevertising.com
pragma
no-cache
date
Thu, 22 Jul 2021 07:08:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
dc_oe=ChMIj523oo_28QIV-JwnAh2KIAZqEAAYACC0xOFIQhMIyvORoo_28QIVi4J7Ch1qugKS;met=1;&timestamp=1626937722170;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A2EC 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj523oo_28QIV-JwnAh2KIAZqEAAYACC0xOFIQhMIyvORoo_28QIVi4J7Ch1qugKS;met=1;&timestamp=1626937722170;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Requested by
Host: www.themoscowtimes.com
URL: https://www.themoscowtimes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 22 Jul 2021 07:08:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame CAA5 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 22 Jul 2021 07:08:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 17:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=56395
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9357
Expires
Thu, 22 Jul 2021 22:48:41 GMT
khaos.jpg
token.rubiconproject.com/ Frame CAA5 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/jpg

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=27&uid=a7614e7bcdf0eedd8e91233c&gdpr=1&gdpr_consent=
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.4.0&cb=43805712225
Domain
hal9000.redintelligence.net
URL
https://hal9000.redintelligence.net/zone/os3968sx7dh6?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC3JR6bRn5YK_5N4a8gQem5brYBuKw3PBf2_Xv6fcM8C4QASDW5sVYYJGEgID8F8gBCakClVi7BDnIsz6oAwGqBPoBT9AQXP6xR_DZYFjWpfRI1warzTIK2qEBBrCqpKdAGEqYmerxPppi2eBkis8jlsQK71ZC2Pu6MCiApY1ellHonB9t8GUP8gKfNQTYY6eeqkDGtxnue_8HnkzWmqzVnfdEvYxUf-azYPnIStqovZLGTTfbBi0nT6lvmEDP6rhTVFbSQWWOF7L8i1lO7unO4LRQolpVQnYQrM16vh7ZkxujhcQC72crwfhnvf0Xl0OR2EayUT6HORnduXKtFGPC3FTQg68j9f1w1GAtWf69lyVjZP64niTUdiVmokBdqpdhE3HVBj8ziB5CJEa7mJUi1YQTwws2qndnyhCSbsAE2_O999QB4AQDkAYBoAZNgAfr5-heqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi04NzY0ODgzNTM0MzY2ODg3gAoDmAsByAsBgAwBsBOX5bIK0BMA2BMD2BQB0BUBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoF3N0AXm7WwhaoCewt1XRqA%26sig%3DAOD64_3O-afFyjWPAn8yrcDh-iRVXxDNNw%26client%3Dca-pub-2128757167812663%26dbm_c%3DAKAmf-DYX8reRLLdH5S2ataEwQxbF_Cdo3xlgftaDlqhLMmNbgXpJl4_UfAewswKMdNneuIdpg0K84tdYc_kb2EQV5g0oJhbokWdAFM7ku9ntky1DhizvKLsKAjpbz3AB1D7lIaK-f6f48qxq-xbJeYrGDFYPewVwQ%26cry%3D1%26dbm_d%3DAKAmf-DVkfhbMvrF8EpHJCDZ-FHbG_uLJdZP5Dx7XVhnm--T0QoGoO5T3tnK3d05r5YpRnfD1ZywX1mwnv_JDNSo9sODvXwCKJ5AeNOJObrJcQw4ZI2S3mNlIJ3H4ccyaN1J1aQlDmJPcVv-D-a0EAEBOt0gxt8E0Z1vwqKmUOFAMEUslpp0iGR05sb-0IMUatZp0Ti8tUmGP3c_2kTeJqk0lPHWj-uFV2XqzOqaxcfpNGe_-LSSjqGMQAyKITBLeiMf74UbGwnme5dsb4Os7_eMOhGE5gs-kORcNQw1ojXeip31zQkSGLuUpweTlc-T3R4nCmLi-8X_TsmeKVE1y-9UbWJkpNTsEnwLWZ6OhPRJ8f576ILMsph9yTI-9ZQCudXtdKnOKUuAqvPpL4kRkfOlQEt2i3AgEXLEGbuJBki8-bCgKLSW949LRzWv2Vlkp1QG0NB6zZr3VsyBQfsEU-fugadIRKDAsA%26adurl%3D
Domain
ums.acuityplatform.com
URL
https://ums.acuityplatform.com/tum?umid=6
Domain
sync.dmp.kubient.net
URL
https://sync.dmp.kubient.net/match/pubmatic?consent=&gdpr=

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.pubmatic.com/ Name: PugT
Value: 1626937726
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-a8247e8d-eabb-11eb-af53-a315fb130a7e&KRTB&23011-a8247e8d-eabb-11eb-af53-a315fb130a7e

2 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://likevertising.com/stats?i=ozq8lklz3e1znpqig3c&a=87a35e76bc314113496756222bdcb5fa3&cb=0371801626937709525(Line 6)
Message:
element .item-label-href arrived

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

021ccafab8a2d3cfd9640fa010defba3.safeframe.googlesyndication.com
89c29a961882a4877a90f81a20772f0c.safeframe.googlesyndication.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
adada13718edea79a15b496480a0974e.safeframe.googlesyndication.com
ade.googlesyndication.com
ads.betweendigital.com
ads.creative-serving.com
ads.playground.xyz
ads.projectagoraservices.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adservice.google.nl
am-trc-events.taboola.com
ampcid.google.com
ampcid.google.de
aorta.clickagy.com
ap.lijit.com
assets.lemonpi.io
aud.pubmatic.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
bttrack.com
c1.adform.net
cdn-adtrue.com
cdn.adtrue.com
cdn.greenhousegroup.com
cdn.onesignal.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
chimpstatic.com
cm.adgrx.com
cm.g.doubleclick.net
code.createjs.com
code.jquery.com
connect-metrics-collector.s-onetag.com
connect.facebook.net
content.lemonpi.io
cookie-matching.mediarithmics.com
creative-content.lemonpi.io
creative-libraries.lemonpi.io
creativecdn.com
cs.emxdgt.com
csync.loopme.me
d.turn.com
data.adsrvr.org
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
exchange.adtrue.com
f387637b2ec3c1a8dad49e40d947b153.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gslbeacon.lijit.com
gum.criteo.com
hal9000.redintelligence.net
hb.adpone.com
hbopenbid.pubmatic.com
ib.adnxs.com
ice.360yield.com
id.crwdcntrl.net
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
io.narrative.io
jadserve.postrelease.com
likevertising.com
loada.exelator.com
log.lemonpi.io
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mug.criteo.com
onetag-geo.s-onetag.com
p.rfihub.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prg.smartadserver.com
projectagora-483829-hdb.adomik.com
projectagora.net
projectagoralibs.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.owneriq.net
pxdrop.lijit.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.c.appier.net
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssc-cms.33across.com
static.adtruedsp.com
static.criteo.net
static.themoscowtimes.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.dmp.kubient.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.resetdigital.co
sync.srv.stackadapt.com
sync.taboola.com
sync.teads.tv
sync.technoratimedia.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
track.adtruedsp.com
trc.taboola.com
u.ipw.metadsp.co.uk
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
vap7ams1.lijit.com
visitor.fiftyt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.themoscowtimes.com
www.who.int
x.bidswitch.net
bidder.criteo.com
hal9000.redintelligence.net
sync.dmp.kubient.net
ums.acuityplatform.com
104.109.78.125
104.111.233.227
104.111.242.245
104.111.242.53
13.225.74.72
13.225.74.97
13.226.145.116
13.226.145.82
13.248.245.213
139.162.117.143
141.226.224.32
141.226.228.48
142.250.110.157
142.250.185.226
142.250.185.98
142.250.186.66
142.250.186.70
151.101.13.44
151.101.14.49
159.253.128.183
159.65.197.210
162.55.6.212
172.104.105.5
178.250.0.157
178.250.0.163
178.250.0.165
18.156.0.31
18.195.155.181
18.196.123.190
185.184.8.65
185.29.132.144
185.33.221.50
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.249
185.64.190.78
185.64.190.79
185.64.190.81
185.86.138.114
185.86.138.16
185.86.139.104
192.132.33.46
193.0.160.129
193.122.128.135
198.148.27.139
2.18.232.130
2.18.233.180
2.18.234.21
2.19.35.65
2001:4de0:ac18::1:a:2a
2001:678:cb4:bbbb::11
2001:678:cb4:bbbb::13
202.241.208.54
213.19.147.45
213.19.162.61
213.254.244.23
216.52.2.39
216.58.212.162
23.32.243.206
2600:9000:20eb:e800:f:7bbd:36c0:93a1
2600:9000:2182:a400:1f:ac51:e400:93a1
2600:9000:21f3:1e00:11:b35a:f1c0:93a1
2600:9000:21f3:6c00:5:98ca:e7c0:93a1
2606:4700:10::6816:3181
2606:4700:20::681a:b19
2606:4700:3032::6815:356b
2606:4700:3032::ac43:9028
2606:4700:3037::6815:4e07
2606:4700:3038::6815:ea60
2606:4700:3038::6815:ead7
2606:4700::6810:125e
2606:4700::6811:71bc
2606:4700::6812:c05
2606:4700::6812:e134
2a00:1288:110:c305::8000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9c
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00::210:ba19
2a02:26f0:6c00::210:ba2a
2a02:fa8:8806:13::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::300
3.120.83.159
3.122.214.165
3.8.243.222
34.199.13.197
34.240.165.104
34.252.243.79
34.98.107.212
35.201.96.126
35.210.239.72
35.227.248.159
35.244.159.8
35.244.174.68
37.157.4.29
38.27.122.158
38.91.45.7
4.78.226.233
44.232.41.179
45.35.192.162
47.252.78.131
51.79.83.225
51.83.111.34
51.89.21.20
52.205.83.58
52.208.210.171
52.212.225.58
52.3.173.52
52.34.145.6
52.48.248.240
52.57.110.162
52.58.55.232
52.58.57.174
52.95.123.167
54.154.31.58
54.163.239.172
54.209.16.83
54.246.13.173
54.78.254.47
64.202.112.159
66.155.71.150
67.202.110.21
69.173.144.138
69.173.144.139
69.173.144.165
72.251.241.206
72.251.249.13
76.223.111.131
8.43.72.97
85.114.159.118
88.212.252.2
91.228.74.133
95.215.189.11
95.215.189.12
99.83.181.31
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
07ebd531a889d9aaf2e9204e5ff3d7638b41949a479f8f24a3f5cec9724d22df
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0e868ca932480407e63d27e8e868cb1514581142928b9be15ec9039bf5fe348f
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
10519068aa50edc0f5e7756949df5ae21fb6c307d8ff1e556c8d6788ae3608a9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14149249daefaa39c09c0f12f450f9fdd13901a7e5cc42a804174c37b21c786d
15fe9a93ff99b6cde710739566662390ed76fb516dd24b0c4ff274a7e80b4ff8
171b30090a50daafa0dcfdd76e78898e29a776f0134b90d264f6f24848efba9f
19b5eeeb8644a0d2458c87a3853a6fd2733ce574b95a44567337669aa2cd6b19
1b74fc3666be448b57191d1b21d896316748bd0b311eb01e344f2f90d8237954
1c4c5f95ac39592247ba98f6be4c5124d948da7e1ec8210c0e26ec1ad0b9c87f
1d5267ff101258bdb32f038ae3afce268d3674c52e0f2adfc017b8e5a4618322
1f3c4d8d12dc9a6aa89f42c4842379d6e6ae583728bd57a559b0443536719ad9
206bf243e0b1ba7ef7435675de712d76c920dc8b2f1c6799f1ba89d2986e2e20
218185e16ac494150ee145a101be6a0916aae1e4516b5d1b136338e1e42f2f73
234d48220a4763b35e1ad644dba7c68f5119ce179153535f60a20297f3558caa
236ddfb4c7ba17cb430dd68df496bb75143ccfc0a178367056b35605ef0160a0
269eb85c158413a8e1c036fc2f3aa2360f35cdc4999234028be80b94e9ec2389
2b9b3e17a5e8ed75dddf674cf0bba83d502c20903aefac3de435806c356a1357
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
35d7512a41e8773da9d0e75a7c792b2bab3d5af242eace907227a97290e0a5cd
38aa4b1475a1b116166adefc4741bef9c78bfcd1ebb1ee1d12ec71451c61941e
3d582344b18c01128b6e502afb7f61457b007410f324926cfba555b53bffde05
3fd54b4388f4d46c57f1ea0452307f0b54841d4e3ca1320a0408da973765acdc
41a1857e679cc8f0d48f2a256c2f2d712990396469a662c994e77fa09fc4e210
4b355bb9084c9c8997d5e1c529d1c3d2dab373e6228fa472cbc70ba10355d81b
4c8e0676c3b08c39afd59bf47be571a0d2fe37b0ffefb3a11b15be2fee58119a
4ca739a13d804ea8806c9878d5b463d2a2c2a75b61a1b2f8a8e104e9b0daecb5
4d5e8667edc2c8b5f448fdd68f3305b070e34b7ef53bd3c2ae60c5c0d4d6985b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
51d2ca3e2554c558c0638095a604a4a3cdc1a914ca9a5f0ace149245b76804c3
54049b269e5247406b21a3fe7f22a1dac675923d31980d7dc8fad6e2aafb361f
554dbf4e77d7b498ecc94ca1e71aee2b88c7d1bf027fbb1c5be87555d8dff6b5
556b5e9b6751392ef5c74eafd48e3944dcec8047f3b30b1ac79aea5f77a376eb
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
612a8541b1c6e99ca467ee2ef290d23df8c8511b0a9e1ed3f9c1b91cf2df6235
6234a39dcd62bc491dd5783b62b01645cc6c40462e04f5cdf2c938d7bd3a72bc
63031beb1c84a9a3dd906d48438550b3a17d852d46cc4e475d274543a0100423
64aad5f4964aee5ab4d2ce7733eb5be488b443e2a7aa2f0e78a38716633b8dc0
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
6562673fb96a52e4da9a371e001269d44d20745329df31059f776c3fb0e5584c
6730cb64130083f4b3116d7b581a7ee7cd9af6a5e9843b27c825b57ebce7e321
69d22be62170122e61b816e8894bf97250f3e336a734304559ca52f60b78da08
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6f6c910971dd5b42c99835ff5e3d6dcdba3eb9735368bfbefdeeab88c45d5abc
7131e8c212605a563a50ba916ae957382ebacb97d634b0c82aac54a065447bcb
71490e2ffc0e6c966ce1a08e4c6b77df0811d049ad7f36db7f488bf767cbd117
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
7fbae8490c8b8f762a9e3b763e48a65411d3cfc0fe5d61aa867228d2cf47cb5d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
87be3cc965a8ac826f0afb43ec8d447c67253848930f1d4083344f43ab15c042
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
9774f5dd879a2d3385f46ed34e95c91a9c301239dc47e4c085db6c199d507fba
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9ae2862c982de5ca8aa7d0b97b493a0561b30a04a6d7ae249ae8f758e7453842
9f43aa34b620c451290ad923748729c9956da9e7476387b34f860d1131108924
a21374a3f8e02566ede77b6371937fcf2869587e01b38389552193a4ff9ef56c
a351dbfb6f2f3cebb089ead9ac6b2e53a9ec87068a197ce7d52dddeacb21ac05
a3813c9c6054aa37df0101c0fe525e8806b8e402182dba8c99a9dfcceda597eb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab429e4f6e702e0b12a60d49043d17762b3b9bd4531b38e681b0a744a9ead753
ac1e2a8bbd108d79f6df82f70a28a7fbf34cbbf17aa54c962c52861e8fea05d5
aedbcaf59bde05c2647664f984294a63268053d8805a6eef4ae724040779626d
af64a6f3ffc388b91cd70eae25893f7bea7e8e7d84d2c2b41c378cfbe13651ff
b2ce8cd899350a862463d395abc7d4a4e1825ed816e40ffd0cd3d5b65cc40d90
b44d608a5eac718f2863cb143e95d2f4c2b5a4c670964fe0f653caea806017f1
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd18b2f4349c00bc2cd8c034aa828731854ec12d633715efd17fc77f451b619e
bd79e8aab174214bf0ba01cf081ffa90a7f15b40c4b60d42dce0e2466c6de0d8
c0ded025aa80c10d37920521c8de04536a6145d0e42eb4186c57b412fa50eb45
c0fada3fee77dc698adeffcd47f525c0a7b896d16ee64cb77a8e88a5183a3b13
c42c33a6261de03b67177736276f491023560fba20a88a4873df07efaba0c074
c592be4d97d41efe5f50997313c6b840a3f555db91feed0dc5317e6a96e8f91e
c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae
c623e82418aeacccf4b6feed6c69d7aeab0f81ae791e91eb448b8f61a50671c7
ca39e0194b669df0158d736838e13f2061ec04e3bc8e5d2b824dd99990cd3db9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6b73e36406f5b70cfd1c0e98478ce885c72adf41f5166e6d00f97a76bf3156
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc8631ee9fa6f8185d3deaf01a4c2d125e1f29eaea7e894ea27617d762603a71
cde489cf1c7c60eaa7f52a198c1b13cd33471693178874e6414a3fbf010f2652
cff914a6263536c31084b33230dda30127ef98a0f3c8ef138f10f851e859d942
d471fca96620458724db33f0271e221a6117003d4ffb473a472046cff5eae2b8
d5e3e8f955011d3e486acbd01ed6a46e48b685855e0e1e2e14c34789807a0cf9
d7032bca089ded934885262dd86ef3b6381b6a039f00f7644b8699864e995374
d8de34d4bc18a6d5c9c4e9f4ee3e4e5146bd6e7f2becb67994035d9f9748bddb
dd33c93828d94f3d714db8575745d18098ff74224f56b3fb69fd4216a00f5191
ddaabf016a1295656c69c557f9bb2b3fb1b2b79134282ffd05d371432d08e88d
de878ac09635910d6fdc776b259330509502e11a42aee1881a73a59d491e0000
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48c854e6018cf52dc7fbeec9f9b4b45b0b6efa57abe21ae4b3109d65c502042
e496aafa00a2e0f7052bfbe3322badedbddafbeac0769eaa584146fb9bb170e1
ebb9ccd7e633b6add76b5839940681d91b486e8e37f8e9a4709f15904b768175
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef29b7ebed415a06f46ebcc5289bfc54da95fc508a2217449584605bae3e65d6
f06dc6262a9f2bb81e4288a5b9ebc02644d16378f9185259cf8bea2530de97d6
f3847b3773e3f90ee60e73c3fb72d9908fc98ff07ef7d305bc23110755c18b01
f5aa0bae032c4c3eb71cea7f66989d1e8924c593b673199c2a7c89947461e3b4
f630dae15f0a9a6eba59a56002b2c3e44def47a0389b8b8a1a0734c1f105a1d5
f6e4f5edb3194334a199f0bf80b38d92a0b7388330fbce94c8c0fb2f852c171f
f8ca71efa8f9823626b975330f1cd7dde8163230fba36ba1ccf8bf9182ea46cb
f979285e29b7738e79983b46d15f2c865f36ca1033937b4fd938af11798ef40f
faa29af882ddfc0fc714ab1287771fe2d94452b0ed1d6c5d8fc830312860f52e
fc8910a12a56baa8d399a29ea83ff9d09e9326cd7a38be03892a0333df79c931