urlscan.io logo urlscan.io
SecurityTrails logo

www.thetimes.co.uk Open in urlscan Pro
54.230.163.35  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Submission: On May 01 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 127 IPs in 10 countries across 119 domains to perform 441 HTTP transactions. The main IP is 54.230.163.35, located in United States and belongs to AMAZON-02, US. The main domain is www.thetimes.co.uk. The Cisco Umbrella rank of the primary domain is 35245.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 28th 2023. Valid for: a year.
This is the only time www.thetimes.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 54.230.163.35 16509 (AMAZON-02)
8 13.226.22.102 16509 (AMAZON-02)
1 108.138.128.102 16509 (AMAZON-02)
7 2607:f8b0:402... 15169 (GOOGLE)
3 108.138.106.62 16509 (AMAZON-02)
26 2600:9000:212... 16509 (AMAZON-02)
1 52.92.19.113 16509 (AMAZON-02)
13 2607:f8b0:402... 15169 (GOOGLE)
3 52.85.249.178 16509 (AMAZON-02)
1 151.101.2.217 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 34.242.97.228 16509 (AMAZON-02)
1 160.8.255.128 14340 (SALESFORCE)
2 2600:1400:d:4... 20940 (AKAMAI-ASN1)
1 65.8.49.36 16509 (AMAZON-02)
4 99.84.37.16 16509 (AMAZON-02)
5 2607:f8b0:402... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
2 4 65.8.49.95 16509 (AMAZON-02)
3 8 13.249.141.41 16509 (AMAZON-02)
1 151.139.128.10 20446 (STACKPATH...)
1 23.204.106.151 16625 (AKAMAI-AS)
1 23.52.154.235 16625 (AKAMAI-AS)
1 108.138.106.90 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
4 23.33.40.197 20940 (AKAMAI-ASN1)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a04:4e42:200... 54113 (FASTLY)
1 199.232.36.157 54113 (FASTLY)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 2607:f8b0:402... 15169 (GOOGLE)
1 3 172.217.13.198 15169 (GOOGLE)
2 151.101.65.108 54113 (FASTLY)
1 18.164.131.14 16509 (AMAZON-02)
2 43.251.41.15 11054 (LIVEPERSON)
2 104.19.149.54 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 35.201.67.47 396982 (GOOGLE-CL...)
2 35.190.91.160 15169 (GOOGLE)
1 13.33.60.52 16509 (AMAZON-02)
2 13.249.141.96 16509 (AMAZON-02)
2 13.249.141.127 16509 (AMAZON-02)
2 13.249.141.21 16509 (AMAZON-02)
2 34.102.180.215 396982 (GOOGLE-CL...)
1 35.190.59.101 15169 (GOOGLE)
1 13.226.16.121 16509 (AMAZON-02)
3 54.90.76.116 14618 (AMAZON-AES)
2 2607:f8b0:402... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
19 104.18.43.178 13335 (CLOUDFLAR...)
2 3.92.156.8 14618 (AMAZON-AES)
4 8 68.67.160.76 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2620:100:a001... 19750 (AS-CRITEO)
1 2602:803:c002... 26667 (RUBICONPR...)
1 52.45.221.238 14618 (AMAZON-AES)
1 2600:9000:21d... 16509 (AMAZON-02)
1 151.101.129.140 54113 (FASTLY)
9 151.101.0.84 54113 (FASTLY)
3 104.244.42.133 13414 (TWITTER)
4 104.244.42.67 13414 (TWITTER)
3 2607:f8b0:402... 15169 (GOOGLE)
1 2600:9000:21e... 16509 (AMAZON-02)
4 6 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 13.226.21.38 16509 (AMAZON-02)
1 35.241.9.51 15169 (GOOGLE)
17 34.107.254.252 396982 (GOOGLE-CL...)
1 2 2607:f8b0:402... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
2 22 52.46.155.104 16509 (AMAZON-02)
4 2a03:2880:f11... 32934 (FACEBOOK)
3 35.197.204.50 396982 (GOOGLE-CL...)
1 34.194.161.83 14618 (AMAZON-AES)
4 52.2.42.189 14618 (AMAZON-AES)
1 23.54.69.74 16625 (AKAMAI-AS)
3 2001:4998:14:... 14777 (YAHOO)
1 216.200.122.13 6461 (ZAYO-6461)
2 2620:116:800b... 14618 (AMAZON-AES)
4 4 199.127.204.142 26120 (RHYTHMONE)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
1 1 23.52.158.180 16625 (AKAMAI-AS)
1 51.222.239.232 16276 (OVH)
6 6 64.202.112.159 23352 (SERVERCEN...)
1 54.82.3.22 14618 (AMAZON-AES)
3 10 192.40.39.223 27381 (CASALE-MEDIA)
2 5 35.244.159.8 15169 (GOOGLE)
2 2 199.187.193.179 47043 (SMARTADSE...)
5 10 52.6.78.119 14618 (AMAZON-AES)
3 23.54.68.197 16625 (AKAMAI-AS)
1 52.54.178.10 14618 (AMAZON-AES)
1 7 104.127.172.242 16625 (AKAMAI-AS)
1 2600:9000:21d... 16509 (AMAZON-02)
3 6 64.202.112.95 22075 (AS-OUTBRAIN)
2 6 198.148.27.140 19189 (PULSEPOINT)
2 2 34.200.65.202 14618 (AMAZON-AES)
2 2 63.251.114.137 32475 (SINGLEHOP...)
1 6 23.92.190.69 32475 (SINGLEHOP...)
5 13 52.223.22.214 16509 (AMAZON-02)
10 15 172.217.13.162 15169 (GOOGLE)
3 5 2600:1f18:4e9... 14618 (AMAZON-AES)
12 12 3.33.220.150 16509 (AMAZON-02)
2 3 68.67.160.24 29990 (ASN-APPNEX)
1 19 54.87.127.173 14618 (AMAZON-AES)
6 6 35.211.178.172 19527 (GOOGLE-2)
2 2 35.211.233.246 15169 (GOOGLE)
1 74.119.119.150 19750 (AS-CRITEO)
1 1 54.227.251.232 14618 (AMAZON-AES)
1 1 54.160.223.89 14618 (AMAZON-AES)
1 1 2603:c020:400... 31898 (ORACLE-BM...)
2 169.197.150.7 398989 (DEEPINTENT)
2 2 173.223.57.84 16625 (AKAMAI-AS)
3 3 3.230.98.251 14618 (AMAZON-AES)
1 1 199.187.193.182 47043 (SMARTADSE...)
1 1 192.132.33.46 18568 (BIDTELLECT)
2 76.13.32.146 26101 (YAHOO-BF1)
2 2 2606:ae80:145... 25751 (VALUECLICK)
2 2 207.198.113.90 13768 (COGECO-PEER1)
2 2 54.159.252.56 14618 (AMAZON-AES)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
4 34.205.122.225 14618 (AMAZON-AES)
2 2 8.43.72.98 26667 (RUBICONPR...)
1 1 74.121.140.211 30419 (MEDIAMATH...)
1 174.137.133.32 27257 (WEBAIR-IN...)
2 2 151.101.130.49 54113 (FASTLY)
1 1 124.146.215.51 2514 (INFOSPHER...)
2 2 185.167.164.49 198622 (ADFORM)
1 1 141.226.224.48 200478 (TABOOLA-AS)
1 1 80.77.87.161 46636 (NATCOWEB)
4 4 185.184.8.90 204995 (RTB-HOUSE...)
15 2607:f8b0:400... 15169 (GOOGLE)
1 1 213.19.162.90 3356 (LEVEL3)
1 1 35.236.220.17 396982 (GOOGLE-CL...)
1 34.96.105.8 396982 (GOOGLE-CL...)
3 3 54.210.120.215 14618 (AMAZON-AES)
2 2 172.217.13.102 15169 (GOOGLE)
2 2620:100:a001::4 19750 (AS-CRITEO)
8 11 69.173.151.100 26667 (RUBICONPR...)
1 67.220.224.144 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:212... 16509 (AMAZON-02)
8 2600:1f13:800... 16509 (AMAZON-02)
3 208.89.12.91 11054 (LIVEPERSON)
7 208.89.12.90 11054 (LIVEPERSON)
4 178.249.96.141 11054 (LIVEPERSON)
1 151.101.130.137 54113 (FASTLY)
1 104.18.17.195 13335 (CLOUDFLAR...)
3 104.17.209.240 13335 (CLOUDFLAR...)
1 160.8.249.128 14340 (SALESFORCE)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
1 132.145.172.253 31898 (ORACLE-BM...)
1 162.247.241.14 23467 (NEWRELIC-...)
3 2607:f8b0:402... 15169 (GOOGLE)
7 2607:f8b0:402... 15169 (GOOGLE)
1 74.119.119.139 19750 (AS-CRITEO)
6 2607:f8b0:402... 15169 (GOOGLE)
1 160.8.13.0 14340 (SALESFORCE)
2 2 107.21.92.115 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 37.157.4.23 198622 (ADFORM)
1 54.84.233.243 ()
1 1 35.186.253.211 ()
2 2 54.237.185.13 ()
441 127
23    54.230.163.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-35.ewr53.r.cloudfront.net
www.thetimes.co.uk
8    13.226.22.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-22-102.ord51.r.cloudfront.net
cmp.amp.thetimes.co.uk
1    108.138.128.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-102.jfk50.r.cloudfront.net
feeds.thetimes.co.uk
7    2607:f8b0:4020:807::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
news.google.com
3    108.138.106.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-62.jfk50.r.cloudfront.net
ads.thetimes.co.uk
26    2600:9000:212f:fa00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
1    52.92.19.113 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-3-w.amazonaws.com
cfactory-img.s3.amazonaws.com
13    2607:f8b0:4020:805::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
www.googletagservices.com
pagead2.googlesyndication.com
3    52.85.249.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-249-178.ord51.r.cloudfront.net
c.amazon-adsystem.com
1    151.101.2.217 (United States)

ASN54113 (FASTLY, US)
scripts.webcontentassessor.com
1    2606:4700:20::681a:c12 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.brandmetrics.com
1    34.242.97.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-97-228.eu-west-1.compute.amazonaws.com
euasync01.admantx.com
1    160.8.255.128 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl16-ncg0-fra3.la1-c1-fra.salesforceliveagent.com
c.la1-c1-frf.salesforceliveagent.com
2    2600:1400:d:497::1931 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
1    65.8.49.36 (Ft. Pierce, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-49-36.ord52.r.cloudfront.net
qztqzde1.micpn.com
4    99.84.37.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-16.ewr52.r.cloudfront.net
uk-script.dotmetrics.net
5    2607:f8b0:4020:805::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)
pac.thetimes.co.uk
4    65.8.49.95 (Ft. Pierce, United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-49-95.ord52.r.cloudfront.net
sb.scorecardresearch.com
8    13.249.141.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-141-41.ord51.r.cloudfront.net
us.tags.newscgp.com
tags.realtor.com
tags.marketwatch.com
tags.decider.com
tags.thetimes.co.uk
1    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
s.skimresources.com
1    23.204.106.151 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-204-106-151.deploy.static.akamaitechnologies.com
cdn-pci.optimizely.com
1    23.52.154.235 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-154-235.deploy.static.akamaitechnologies.com
a15853140465.cdn-pci.optimizely.com
1    108.138.106.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-90.jfk50.r.cloudfront.net
cdn.decibelinsight.net
2    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    23.33.40.197 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-40-197.deploy.static.akamaitechnologies.com
analytics.tiktok.com
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    199.232.36.157 (New York, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2600:141b:13::17d7:82ab (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    2607:f8b0:4020:806::2008 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    172.217.13.198 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s05-in-f6.1e100.net
9348536.fls.doubleclick.net
2    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    18.164.131.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-131-14.jfk50.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
2    43.251.41.15 (Australia)

ASN11054 (LIVEPERSON, US)
lptag.liveperson.net
2    104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
1    2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    13.33.60.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-52.ewr52.r.cloudfront.net
www.ncaudienceexchange.com
2    13.249.141.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-141-96.ord51.r.cloudfront.net
tags.barrons.com
tags.mansionglobal.com
2    13.249.141.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-141-127.ord51.r.cloudfront.net
tags.wsj.com
tags.pagesix.com
2    13.249.141.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-141-21.ord51.r.cloudfront.net
tags.nypost.com
tags.penews.com
2    34.102.180.215 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 215.180.102.34.bc.googleusercontent.com
v2.pixel.newscgp.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
1    13.226.16.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-16-121.ord51.r.cloudfront.net
aax.amazon-adsystem.com
3    54.90.76.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-76-116.compute-1.amazonaws.com
pixel.adsafeprotected.com
2    2607:f8b0:4020:807::2004 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:824::2003 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.ca
19    104.18.43.178 (None, )

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
2    3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
8    68.67.160.76 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
1    2602:803:c002:200::43 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    52.45.221.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-221-238.compute-1.amazonaws.com
tlx.3lift.com
1    2600:9000:21dd:7600:d:5ce3:a4c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rm-script.dotmetrics.net
1    151.101.129.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
9    151.101.0.84 (United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
3    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
4    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    2607:f8b0:4020:807::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2600:9000:21ec:4400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
6    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    13.226.21.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-21-38.ord51.r.cloudfront.net
cdn.parsely.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co
17    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
googlesync.permutive.com
2    2607:f8b0:4020:804::2002 (Montreal, Canada)

ASN15169 (GOOGLE, US)
adservice.google.ca
1    2607:f8b0:4020:806::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
4e287dc695b12e9d739295a98a20840b.safeframe.googlesyndication.com
22    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    35.197.204.50 (London, United Kingdom)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 50.204.197.35.bc.googleusercontent.com
capig.thetimes.co.uk
1    34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com
p1.parsely.com
4    52.2.42.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-42-189.compute-1.amazonaws.com
logx.optimizely.com
1    23.54.69.74 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-69-74.deploy.static.akamaitechnologies.com
amplify.outbrain.com
3    2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)
s.yimg.com
1    216.200.122.13 (Reno, United States)

ASN6461 (ZAYO-6461, US)
PTR: 216.200.122.13.IPYX-141870-ZYO.zip.zayo.com
ciqtracking.com
2    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
4    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    23.52.158.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-158-180.deploy.static.akamaitechnologies.com
cs.media.net
1    51.222.239.232 (Canada)

ASN16276 (OVH, FR)
PTR: ip232.ip-51-222-239.net
onetag-sys.com
6    64.202.112.159 (Chicago, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    54.82.3.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-3-22.compute-1.amazonaws.com
rtb.gumgum.com
10    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
2    199.187.193.179 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
ssbsync-global.smartadserver.com
10    52.6.78.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-78-119.compute-1.amazonaws.com
match.sharethrough.com
3    23.54.68.197 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-68-197.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    52.54.178.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-178-10.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
7    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
1    2600:9000:21dd:3800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
6    64.202.112.95 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
sync.outbrain.com
6    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    63.251.114.137 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
6    23.92.190.69 (Charlotte, United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
13    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
15    172.217.13.162 (United States)

ASN15169 (GOOGLE, US)
PTR: yul03s04-in-f2.1e100.net
cm.g.doubleclick.net
5    2600:1f18:4e9:5a05:ef7f:1193:3012:ed3a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
12    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    68.67.160.24 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
19    54.87.127.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-127-173.compute-1.amazonaws.com
usersync.gumgum.com
6    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    35.211.233.246 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    54.227.251.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-227-251-232.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    54.160.223.89 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-223-89.compute-1.amazonaws.com
sync.ipredictive.com
1    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    173.223.57.84 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-84.deploy.static.akamaitechnologies.com
stags.bluekai.com
3    3.230.98.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-98-251.compute-1.amazonaws.com
ad.360yield.com
ad2.360yield.com
1    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
2    76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com
sp.analytics.yahoo.com
2    2606:ae80:1451:12::1720 (United States)

ASN25751 (VALUECLICK, US)
pulsepoint-match.dotomi.com
2    207.198.113.90 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    54.159.252.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-252-56.compute-1.amazonaws.com
sync.crwdcntrl.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
4    34.205.122.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-122-225.compute-1.amazonaws.com
ads.yieldmo.com
2    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    124.146.215.51 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
15    2607:f8b0:4006:80d::2006 (New York, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    213.19.162.90 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
1    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
1    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
3    54.210.120.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-120-215.compute-1.amazonaws.com
match.prod.bidr.io
2    172.217.13.102 (United States)

ASN15169 (GOOGLE, US)
PTR: yul02s04-in-f6.1e100.net
ad.doubleclick.net
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
11    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    67.220.224.144 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2600:9000:212f:3200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
8    2600:1f13:800:7782:bb3c:d326:4c11:bdb2 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
3    208.89.12.91 (United States)

ASN11054 (LIVEPERSON, US)
accdn.lpsnmedia.net
7    208.89.12.90 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va-lpcdn.lpsnmedia.net
lpcdn.lpsnmedia.net
4    178.249.96.141 (United States)

ASN11054 (LIVEPERSON, US)
PTR: lo0.v.liveperson.net
lo0.v.liveperson.net
1    151.101.130.137 (United States)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    104.18.17.195 (None, )

ASN13335 (CLOUDFLARENET, US)
www.dianomi.com
3    104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn6y5j1pcz0fpkvop-newsuk.siteintercept.qualtrics.com
siteintercept.qualtrics.com
1    160.8.249.128 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl10-ncg0-fra3.la1-c1-fra.salesforceliveagent.com
d.la1-c1-frf.salesforceliveagent.com
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    132.145.172.253 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
collection.decibelinsight.net
1    162.247.241.14 (Portland, United States)

ASN23467 (NEWRELIC-AS-1, US)
bam.nr-data.net
3    2607:f8b0:4020:807::2001 (Montreal, Canada)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2607:f8b0:4020:807::2003 (Montreal, Canada)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
6    2607:f8b0:4020:806::200e (Montreal, Canada)

ASN15169 (GOOGLE, US)
play.google.com
1    160.8.13.0 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg0-fra3.la3-c1-fra.salesforceliveagent.com
d.la3-c1-fra.salesforceliveagent.com
2    107.21.92.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-92-115.compute-1.amazonaws.com
ads.creative-serving.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
1    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    54.84.233.243 (None, )

ASN- ()
crb.kargo.com
1    35.186.253.211 (None, )

ASN- ()
rtb.openx.net
2    54.237.185.13 (None, )

ASN- ()
ads.avct.cloud
Apex Domain
Subdomains		 Transfer
43 thetimes.co.uk
www.thetimes.co.uk — Cisco Umbrella Rank: 35245
cmp.amp.thetimes.co.uk — Cisco Umbrella Rank: 139828
feeds.thetimes.co.uk — Cisco Umbrella Rank: 104637
ads.thetimes.co.uk — Cisco Umbrella Rank: 118547
pac.thetimes.co.uk — Cisco Umbrella Rank: 108569
tags.thetimes.co.uk — Cisco Umbrella Rank: 218268
capig.thetimes.co.uk — Cisco Umbrella Rank: 189257
2 MB
28 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269
9348536.fls.doubleclick.net — Cisco Umbrella Rank: 212988
stats.g.doubleclick.net — Cisco Umbrella Rank: 166
cm.g.doubleclick.net — Cisco Umbrella Rank: 313
ad.doubleclick.net — Cisco Umbrella Rank: 201
168 KB
27 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 361
aax.amazon-adsystem.com — Cisco Umbrella Rank: 455
s.amazon-adsystem.com — Cisco Umbrella Rank: 376
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 994
77 KB
26 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1219
96 KB
22 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 677
eus.rubiconproject.com — Cisco Umbrella Rank: 798
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1475
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 3036
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1452
token.rubiconproject.com — Cisco Umbrella Rank: 795
pixel.rubiconproject.com — Cisco Umbrella Rank: 447
42 KB
20 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 2335
usersync.gumgum.com — Cisco Umbrella Rank: 2448
6 KB
19 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 8315
23 KB
19 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 3232
api.permutive.com — Cisco Umbrella Rank: 2596
googlesync.permutive.com — Cisco Umbrella Rank: 10623
269 KB
18 google.com
news.google.com — Cisco Umbrella Rank: 7327
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 130
play.google.com — Cisco Umbrella Rank: 74
76 KB
15 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 373
788 KB
14 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 797
eb2.3lift.com — Cisco Umbrella Rank: 535
6 KB
13 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 982
static.adsafeprotected.com — Cisco Umbrella Rank: 820
dt.adsafeprotected.com — Cisco Umbrella Rank: 738
170 KB
13 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 806
ib.adnxs.com — Cisco Umbrella Rank: 319
secure.adnxs.com — Cisco Umbrella Rank: 604
32 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 451
6 KB
11 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1822
ups.analytics.yahoo.com — Cisco Umbrella Rank: 402
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1442
5 KB
10 lpsnmedia.net
accdn.lpsnmedia.net — Cisco Umbrella Rank: 4069
lpcdn.lpsnmedia.net — Cisco Umbrella Rank: 4233
423 KB
10 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 777
6 KB
10 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876
ssum.casalemedia.com
9 KB
9 googlesyndication.com
4e287dc695b12e9d739295a98a20840b.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 129
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
40 KB
9 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 926
3 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 883
ce.lijit.com — Cisco Umbrella Rank: 1417
7 KB
7 gstatic.com
www.gstatic.com
162 KB
7 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2993
tr.outbrain.com — Cisco Umbrella Rank: 2759
sync.outbrain.com — Cisco Umbrella Rank: 987
9 KB
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 733
www.linkedin.com — Cisco Umbrella Rank: 779
px4.ads.linkedin.com — Cisco Umbrella Rank: 6554
4 KB
7 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 4443
t.skimresources.com — Cisco Umbrella Rank: 4223
p.skimresources.com — Cisco Umbrella Rank: 7221
r.skimresources.com — Cisco Umbrella Rank: 4041
15 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 427
3 KB
6 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 866
6 KB
6 openx.net
u.openx.net — Cisco Umbrella Rank: 974
us-u.openx.net — Cisco Umbrella Rank: 707
rtb.openx.net
2 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 813
3 KB
6 liveperson.net
lptag.liveperson.net — Cisco Umbrella Rank: 4121
lo0.v.liveperson.net — Cisco Umbrella Rank: 23914
115 KB
6 optimizely.com
cdn-pci.optimizely.com — Cisco Umbrella Rank: 8185
a15853140465.cdn-pci.optimizely.com — Cisco Umbrella Rank: 45103
logx.optimizely.com — Cisco Umbrella Rank: 1602
3 KB
5 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 9425
ads.yieldmo.com — Cisco Umbrella Rank: 942
3 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 803
dis.criteo.com — Cisco Umbrella Rank: 941
gum.criteo.com — Cisco Umbrella Rank: 442
mug.criteo.com — Cisco Umbrella Rank: 1686
8 KB
5 newscgp.com
us.tags.newscgp.com — Cisco Umbrella Rank: 12053
v2.pixel.newscgp.com — Cisco Umbrella Rank: 12647
47 KB
5 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
5 dotmetrics.net
uk-script.dotmetrics.net — Cisco Umbrella Rank: 4062
rm-script.dotmetrics.net — Cisco Umbrella Rank: 5359
21 KB
4 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 682
1 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
308 B
4 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 912
2 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 519
c.bing.com — Cisco Umbrella Rank: 413
13 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 794
99 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 218
1 KB
3 qualtrics.com
zn6y5j1pcz0fpkvop-newsuk.siteintercept.qualtrics.com — Cisco Umbrella Rank: 244413
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1350
25 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 825
1 KB
3 adform.net
c1.adform.net — Cisco Umbrella Rank: 908
cm.adform.net — Cisco Umbrella Rank: 1622
1 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 812
ad2.360yield.com
875 B
3 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 725
image4.pubmatic.com Failed
17 KB
3 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 5678
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1052
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 2556
692 B
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 875
2 KB
3 yimg.com
s.yimg.com — Cisco Umbrella Rank: 631
7 KB
3 t.co
t.co — Cisco Umbrella Rank: 584
799 B
3 google.ca
www.google.ca — Cisco Umbrella Rank: 8003
adservice.google.ca — Cisco Umbrella Rank: 14238
1 KB
3 salesforceliveagent.com
c.la1-c1-frf.salesforceliveagent.com — Cisco Umbrella Rank: 139553
d.la1-c1-frf.salesforceliveagent.com — Cisco Umbrella Rank: 142958
d.la3-c1-fra.salesforceliveagent.com — Cisco Umbrella Rank: 51676
43 KB
2 avct.cloud
ads.avct.cloud
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 5985
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 763
59 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1020
643 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 695
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1149
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 985
1 KB
2 dotomi.com
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 10516
618 B
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 842
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1528
349 B
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 3496
963 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1478
pixel.quantserve.com — Cisco Umbrella Rank: 1327
9 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3747
p1.parsely.com — Cisco Umbrella Rank: 3160
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 189
178 KB
2 decibelinsight.net
cdn.decibelinsight.net — Cisco Umbrella Rank: 10284
collection.decibelinsight.net — Cisco Umbrella Rank: 7354
74 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 896
18 KB
1 kargo.com
crb.kargo.com
504 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1274
7 KB
1 nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 477
620 B
1 dianomi.com
www.dianomi.com — Cisco Umbrella Rank: 10976
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 776
15 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344
54 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2823
173 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1223
602 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 238
49 KB
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1531
660 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1356
310 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1266
831 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1939
191 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 744
672 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1329
413 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 2037
3 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1318
465 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 1009
888 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1291
1 KB
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1124
149 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 2272
665 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1955
583 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 1341
434 B
1 ciqtracking.com
ciqtracking.com — Cisco Umbrella Rank: 14578
579 B
1 prmutv.co
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co — Cisco Umbrella Rank: 50827
396 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1604
367 B
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1867
157 B
1 4dex.io
mp.4dex.io — Cisco Umbrella Rank: 2960
288 B
1 penews.com
tags.penews.com — Cisco Umbrella Rank: 20878
3 KB
1 pagesix.com
tags.pagesix.com — Cisco Umbrella Rank: 20418
3 KB
1 decider.com
tags.decider.com — Cisco Umbrella Rank: 20986
3 KB
1 nypost.com
tags.nypost.com — Cisco Umbrella Rank: 18796
3 KB
1 wsj.com
tags.wsj.com — Cisco Umbrella Rank: 18350
3 KB
1 marketwatch.com
tags.marketwatch.com — Cisco Umbrella Rank: 20357
3 KB
1 mansionglobal.com
tags.mansionglobal.com — Cisco Umbrella Rank: 20868
3 KB
1 barrons.com
tags.barrons.com — Cisco Umbrella Rank: 20929
3 KB
1 realtor.com
tags.realtor.com — Cisco Umbrella Rank: 17733
3 KB
1 ncaudienceexchange.com
www.ncaudienceexchange.com — Cisco Umbrella Rank: 16806
3 KB
1 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
47 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 1365
5 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 964
15 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1749
8 KB
1 micpn.com
qztqzde1.micpn.com — Cisco Umbrella Rank: 182853
14 KB
1 admantx.com
euasync01.admantx.com — Cisco Umbrella Rank: 28218
443 B
1 brandmetrics.com
cdn.brandmetrics.com — Cisco Umbrella Rank: 3954
3 KB
1 webcontentassessor.com
scripts.webcontentassessor.com — Cisco Umbrella Rank: 4352
98 KB
1 amazonaws.com
cfactory-img.s3.amazonaws.com — Cisco Umbrella Rank: 215651
54 KB
0 districtm.io Failed
dmx.districtm.io Failed
0 knewz.com Failed
tags.knewz.com Failed
441 119
Domain Requested by
26 tags.tiqcdn.com www.thetimes.co.uk
23 www.thetimes.co.uk www.thetimes.co.uk
22 s.amazon-adsystem.com 2 redirects www.thetimes.co.uk
s.amazon-adsystem.com
u.openx.net
rtb.gumgum.com
match.sharethrough.com
bh.contextweb.com
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
ce.lijit.com
eus.rubiconproject.com
19 usersync.gumgum.com 1 redirects rtb.gumgum.com
19 elb.the-ozone-project.com www.thetimes.co.uk
elb.the-ozone-project.com
static.cloudflareinsights.com
16 api.permutive.com www.thetimes.co.uk
15 s0.2mdn.net scripts.webcontentassessor.com
s0.2mdn.net
cdnjs.cloudflare.com
www.thetimes.co.uk
15 cm.g.doubleclick.net 10 redirects u.openx.net
rtb.gumgum.com
eus.rubiconproject.com
eb2.3lift.com
13 eb2.3lift.com 5 redirects www.thetimes.co.uk
eb2.3lift.com
12 match.adsrvr.org 12 redirects
10 match.sharethrough.com 5 redirects s.amazon-adsystem.com
match.sharethrough.com
9 ct.pinterest.com www.thetimes.co.uk
8 dt.adsafeprotected.com www.thetimes.co.uk
8 ib.adnxs.com 4 redirects www.thetimes.co.uk
acdn.adnxs.com
8 cmp.amp.thetimes.co.uk www.thetimes.co.uk
7 www.gstatic.com news.google.com
www.gstatic.com
7 lpcdn.lpsnmedia.net www.thetimes.co.uk
7 pixel.rubiconproject.com 4 redirects eus.rubiconproject.com
7 securepubads.g.doubleclick.net ads.thetimes.co.uk
www.thetimes.co.uk
www.googletagservices.com
7 news.google.com www.thetimes.co.uk
news.google.com
www.gstatic.com
6 play.google.com www.gstatic.com
6 x.bidswitch.net 6 redirects
6 ce.lijit.com 1 redirects s.amazon-adsystem.com
ce.lijit.com
6 bh.contextweb.com 2 redirects s.amazon-adsystem.com
bh.contextweb.com
6 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
rtb.gumgum.com
www.thetimes.co.uk
6 b1sync.zemanta.com 6 redirects
5 pagead2.googlesyndication.com www.googletagservices.com
www.thetimes.co.uk
tpc.googlesyndication.com
5 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
5 pr-bh.ybp.yahoo.com 3 redirects u.openx.net
ssum-sec.casalemedia.com
5 px.ads.linkedin.com 3 redirects eus.rubiconproject.com
eb2.3lift.com
5 www.google-analytics.com www.thetimes.co.uk
www.google-analytics.com
4 lo0.v.liveperson.net www.thetimes.co.uk
4 token.rubiconproject.com 4 redirects
4 creativecdn.com 4 redirects
4 ads.yieldmo.com sync-amz.ads.yieldmo.com
4 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
rtb.gumgum.com
4 logx.optimizely.com www.thetimes.co.uk
4 www.facebook.com www.thetimes.co.uk
4 analytics.twitter.com www.thetimes.co.uk
4 analytics.tiktok.com www.thetimes.co.uk
analytics.tiktok.com
4 sb.scorecardresearch.com 2 redirects www.thetimes.co.uk
4 uk-script.dotmetrics.net www.thetimes.co.uk
3 tpc.googlesyndication.com www.thetimes.co.uk
3 accdn.lpsnmedia.net www.thetimes.co.uk
lpcdn.lpsnmedia.net
3 match.prod.bidr.io 3 redirects
3 sync.outbrain.com 3 redirects
3 secure.adnxs.com 2 redirects www.thetimes.co.uk
3 us-u.openx.net 1 redirects u.openx.net
3 tr.outbrain.com amplify.outbrain.com
9348536.fls.doubleclick.net
3 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
elb.the-ozone-project.com
3 sync.1rx.io 3 redirects
3 s.yimg.com 9348536.fls.doubleclick.net
s.yimg.com
3 capig.thetimes.co.uk www.thetimes.co.uk
3 adservice.google.com 9348536.fls.doubleclick.net
www.thetimes.co.uk
ciqtracking.com
3 t.co www.thetimes.co.uk
3 pixel.adsafeprotected.com www.thetimes.co.uk
scripts.webcontentassessor.com
3 t.skimresources.com www.thetimes.co.uk
3 9348536.fls.doubleclick.net 1 redirects www.thetimes.co.uk
adservice.google.com
3 bat.bing.com www.thetimes.co.uk
3 us.tags.newscgp.com 2 redirects www.thetimes.co.uk
3 pac.thetimes.co.uk www.thetimes.co.uk
3 c.amazon-adsystem.com ads.thetimes.co.uk
www.thetimes.co.uk
3 ads.thetimes.co.uk www.thetimes.co.uk
2 ads.avct.cloud 2 redirects
2 ads.creative-serving.com 2 redirects
2 siteintercept.qualtrics.com www.thetimes.co.uk
2 gum.criteo.com 1 redirects www.thetimes.co.uk
2 static.adsafeprotected.com scripts.webcontentassessor.com
www.thetimes.co.uk
2 static.criteo.net www.thetimes.co.uk
2 ad.doubleclick.net 2 redirects
2 c1.adform.net 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pixel-us-east.rubiconproject.com 2 redirects
2 pixel.tapad.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 sp.analytics.yahoo.com 9348536.fls.doubleclick.net
2 ad.360yield.com 2 redirects
2 stags.bluekai.com 2 redirects
2 match.deepintent.com rtb.gumgum.com
ssum-sec.casalemedia.com
2 a.sportradarserving.com 2 redirects
2 ap.lijit.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 adservice.google.ca 1 redirects www.thetimes.co.uk
2 c2shb.ssp.yahoo.com www.thetimes.co.uk
2 www.google.com www.thetimes.co.uk
2 tags.thetimes.co.uk 1 redirects www.thetimes.co.uk
2 v2.pixel.newscgp.com www.thetimes.co.uk
2 p.skimresources.com www.thetimes.co.uk
2 cdn.permutive.com ads.thetimes.co.uk
www.thetimes.co.uk
2 lptag.liveperson.net www.thetimes.co.uk
2 acdn.adnxs.com www.thetimes.co.uk
2 connect.facebook.net www.thetimes.co.uk
2 s.pinimg.com www.thetimes.co.uk
1 ssum.casalemedia.com 1 redirects
1 ad2.360yield.com 1 redirects
1 rtb.openx.net 1 redirects
1 crb.kargo.com elb.the-ozone-project.com
1 cm.adform.net 1 redirects
1 ssbsync-global.smartadserver.com 1 redirects
1 static.cloudflareinsights.com elb.the-ozone-project.com
1 c.bing.com eb2.3lift.com
1 d.la3-c1-fra.salesforceliveagent.com www.thetimes.co.uk
1 mug.criteo.com
1 bam.nr-data.net www.thetimes.co.uk
1 collection.decibelinsight.net www.thetimes.co.uk
1 d.la1-c1-frf.salesforceliveagent.com www.thetimes.co.uk
1 zn6y5j1pcz0fpkvop-newsuk.siteintercept.qualtrics.com www.thetimes.co.uk
1 www.dianomi.com ads.thetimes.co.uk
1 js-agent.newrelic.com www.thetimes.co.uk
1 cdnjs.cloudflare.com s0.2mdn.net
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 tr.blismedia.com ce.lijit.com
1 um.simpli.fi 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 www.googletagservices.com scripts.webcontentassessor.com
1 cs.admanmedia.com 1 redirects
1 pixel.quantserve.com 9348536.fls.doubleclick.net
1 sync.taboola.com 1 redirects
1 tg.socdm.com 1 redirects
1 sync.adkernel.com rtb.gumgum.com
1 sync.mathtag.com 1 redirects
1 bttrack.com 1 redirects
1 ssbsync.smartadserver.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 dis.criteo.com rtb.gumgum.com
1 googlesync.permutive.com www.thetimes.co.uk
1 rules.quantcount.com secure.quantserve.com
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 ssbsync-us.smartadserver.com 1 redirects
1 rtb.gumgum.com s.amazon-adsystem.com
1 onetag-sys.com s.amazon-adsystem.com
1 cs.media.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 secure.quantserve.com 9348536.fls.doubleclick.net
1 ciqtracking.com 9348536.fls.doubleclick.net
1 amplify.outbrain.com 9348536.fls.doubleclick.net
1 p1.parsely.com www.thetimes.co.uk
1 4e287dc695b12e9d739295a98a20840b.safeframe.googlesyndication.com www.thetimes.co.uk
1 88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co www.thetimes.co.uk
1 cdn.parsely.com www.thetimes.co.uk
1 px4.ads.linkedin.com www.thetimes.co.uk
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io www.thetimes.co.uk
1 alb.reddit.com www.thetimes.co.uk
1 rm-script.dotmetrics.net www.thetimes.co.uk
1 tlx.3lift.com www.thetimes.co.uk
1 fastlane.rubiconproject.com www.thetimes.co.uk
1 bidder.criteo.com www.thetimes.co.uk
1 mp.4dex.io www.thetimes.co.uk
1 www.google.ca www.thetimes.co.uk
1 aax.amazon-adsystem.com www.thetimes.co.uk
1 r.skimresources.com www.thetimes.co.uk
1 tags.penews.com www.thetimes.co.uk
1 tags.pagesix.com www.thetimes.co.uk
1 tags.decider.com www.thetimes.co.uk
1 tags.nypost.com www.thetimes.co.uk
1 tags.wsj.com www.thetimes.co.uk
1 tags.marketwatch.com www.thetimes.co.uk
1 tags.mansionglobal.com www.thetimes.co.uk
1 tags.barrons.com www.thetimes.co.uk
1 tags.realtor.com www.thetimes.co.uk
1 www.ncaudienceexchange.com www.thetimes.co.uk
1 stats.g.doubleclick.net www.thetimes.co.uk
1 d1z2jf7jlzjs58.cloudfront.net www.thetimes.co.uk
1 www.googletagmanager.com www.thetimes.co.uk
1 snap.licdn.com www.thetimes.co.uk
1 static.ads-twitter.com www.thetimes.co.uk
1 www.redditstatic.com www.thetimes.co.uk
1 cdn.decibelinsight.net www.thetimes.co.uk
1 a15853140465.cdn-pci.optimizely.com www.thetimes.co.uk
1 cdn-pci.optimizely.com www.thetimes.co.uk
1 s.skimresources.com www.thetimes.co.uk
1 qztqzde1.micpn.com www.thetimes.co.uk
1 c.la1-c1-frf.salesforceliveagent.com www.thetimes.co.uk
1 euasync01.admantx.com www.thetimes.co.uk
1 cdn.brandmetrics.com ads.thetimes.co.uk
1 scripts.webcontentassessor.com ads.thetimes.co.uk
1 cfactory-img.s3.amazonaws.com www.thetimes.co.uk
1 feeds.thetimes.co.uk www.thetimes.co.uk
0 dmx.districtm.io Failed elb.the-ozone-project.com
0 image4.pubmatic.com Failed sync-amz.ads.yieldmo.com
0 tags.knewz.com Failed www.thetimes.co.uk
441 189
Subject Issuer Validity Valid
*.nukcdn.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-03-28		 a year crt.sh
cdn259.talksport.com
R3		 2023-03-26 -
2023-06-24		 3 months crt.sh
feeds.thetimes.co.uk
Amazon RSA 2048 M02		 2023-04-19 -
2024-05-17		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
ads.thetimes.co.uk
Amazon RSA 2048 M01		 2023-02-24 -
2024-01-04		 10 months crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-17		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
scripts.webcontentassessor.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-08-04 -
2023-09-05		 a year crt.sh
*.brandmetrics.com
GTS CA 1P5		 2023-03-12 -
2023-06-10		 3 months crt.sh
*.admantx.com
SSL.com RSA SSL subCA		 2023-04-18 -
2024-05-18		 a year crt.sh
la1-c1-fra.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-21 -
2023-09-06		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-08-08		 a year crt.sh
*.micpn.com
Amazon RSA 2048 M01		 2023-03-01 -
2024-02-16		 a year crt.sh
*.dotmetrics.net
Amazon RSA 2048 M01		 2023-03-01 -
2023-10-21		 8 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
pac.thetimes.co.uk
GTS CA 1D4		 2023-03-19 -
2023-06-17		 3 months crt.sh
us.tags.newscgp.com
Amazon RSA 2048 M02		 2023-04-20 -
2024-05-17		 a year crt.sh
*.skimresources.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-25 -
2023-11-08		 a year crt.sh
cdn-pci.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-30 -
2024-01-31		 a year crt.sh
*.cdn-pci.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-30 -
2024-01-31		 a year crt.sh
*.decibelinsight.net
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-07 -
2023-05-08		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2023-03-13 -
2024-04-12		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-12 -
2023-10-08		 6 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2023-02-07 -
2024-02-07		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
ncaudienceexchange.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-10-20		 8 months crt.sh
tags.penews.com
Amazon RSA 2048 M02		 2023-04-30 -
2024-05-28		 a year crt.sh
v2.pixel.newscgp.com
GTS CA 1D4		 2023-03-08 -
2023-06-06		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.google.ca
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.the-ozone-project.com
E1		 2023-03-04 -
2023-06-02		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-27 -
2023-06-21		 6 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-31 -
2023-08-31		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-19 -
2023-10-15		 6 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-01 -
2024-02-01		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-31 -
2024-01-30		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-02-24 -
2023-08-06		 5 months crt.sh
*.parsely.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-07-04		 4 months crt.sh
*.prmutv.co
R3		 2023-03-14 -
2023-06-12		 3 months crt.sh
api.permutive.com
R3		 2023-04-17 -
2023-07-16		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
capig.thetimes.co.uk
R3		 2023-03-02 -
2023-05-31		 3 months crt.sh
logx.optimizely.com
Amazon RSA 2048 M01		 2023-02-27 -
2023-08-22		 6 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-10 -
2023-05-31		 2 months crt.sh
*.ciqtracking.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-27 -
2024-04-04		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
gumgum.com
Amazon RSA 2048 M01		 2023-02-17 -
2023-08-05		 6 months crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2		 2022-12-13 -
2024-01-13		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-08-12		 5 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
quantserve.com
R3		 2023-04-14 -
2023-07-13		 3 months crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-01-03 -
2023-06-28		 6 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-04-12 -
2023-07-11		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-27 -
2024-01-27		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-09 -
2023-12-03		 10 months crt.sh
*.lpsnmedia.net
Sectigo RSA Organization Validation Secure Server CA		 2023-01-09 -
2024-01-09		 a year crt.sh
*.v.liveperson.net
Sectigo RSA Organization Validation Secure Server CA		 2023-01-10 -
2024-01-10		 a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-13 -
2024-05-14		 a year crt.sh
dianomi.com
Cloudflare Inc ECC CA-3		 2023-04-03 -
2024-04-02		 a year crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-26		 a year crt.sh
*.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-18 -
2023-12-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
la3-c1-fra.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-10 -
2024-01-10		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-03-07 -
2023-09-07		 6 months crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh

This page contains 61 frames:

Primary Page: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Frame ID: 90833A596039C0C8471EE4E7DCFFE29F
Requests: 231 HTTP requests in this frame

Frame: https://a15853140465.cdn-pci.optimizely.com/client_storage/a15853140465.html
Frame ID: 08BADF8A25A437DFFE8997B9AF91D4CF
Requests: 1 HTTP requests in this frame

Frame: https://9348536.fls.doubleclick.net/activityi;dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388
Frame ID: 17EBBECCC6F2C13F3AD52BF8F136D351
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5414689821565437
Frame ID: 90EDC68A34BF0ADD7F72244DB7357436
Requests: 1 HTTP requests in this frame

Frame: https://www.ncaudienceexchange.com/prod/ncg/cookie.html
Frame ID: 16ED6C33F75C1A7943EA7918521804C9
Requests: 1 HTTP requests in this frame

Frame: https://tags.realtor.com/prod/ncg/cookie.html
Frame ID: 85C2680A60B252D76D6CF3453ECEC227
Requests: 1 HTTP requests in this frame

Frame: https://tags.barrons.com/prod/ncg/cookie.html
Frame ID: E779291285BFEF8573722192FA345CC1
Requests: 1 HTTP requests in this frame

Frame: https://tags.mansionglobal.com/prod/ncg/cookie.html
Frame ID: 51F6FC7C45F50CC0B96B5EF8D71D5622
Requests: 1 HTTP requests in this frame

Frame: https://tags.marketwatch.com/prod/ncg/cookie.html
Frame ID: 6656A9FEAE12EBC740DC0E8A21DD0C06
Requests: 1 HTTP requests in this frame

Frame: https://tags.wsj.com/prod/ncg/cookie.html
Frame ID: 14124834FCBEFFE3D74C70D08792F961
Requests: 1 HTTP requests in this frame

Frame: https://tags.nypost.com/prod/ncg/cookie.html
Frame ID: 0B83B502374A4799F23CFA88E4478357
Requests: 1 HTTP requests in this frame

Frame: https://tags.decider.com/prod/ncg/cookie.html
Frame ID: 2CB704631656AD3D7012A80EF54CC2C9
Requests: 1 HTTP requests in this frame

Frame: https://tags.pagesix.com/prod/ncg/cookie.html
Frame ID: 8F8A1604DB8D12D81E76EDF805042888
Requests: 1 HTTP requests in this frame

Frame: https://tags.knewz.com/prod/ncg/cookie.html
Frame ID: 73BB9B8F7CF704AD8E25EBD9594DAB89
Requests: 1 HTTP requests in this frame

Frame: https://tags.penews.com/prod/ncg/cookie.html
Frame ID: D37295AB4CFD467982702F0AE5D61C08
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Frame ID: B924287CBE8017824D64A12A5AA67AA9
Requests: 1 HTTP requests in this frame

Frame: https://4e287dc695b12e9d739295a98a20840b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: ED3DBF4E6F19FD01BBCC45417A9DAF4B
Requests: 1 HTTP requests in this frame

Frame: https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Frame ID: 330455ED3C90EB4FB83B1D7C85456425
Requests: 13 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Frame ID: 8C2673C8C10378085B981287F851A3A0
Requests: 1 HTTP requests in this frame

Frame: https://ciqtracking.com/p/v/1/60b84d21f8708162a6d3953c/format/iframe
Frame ID: 74E5661343682FBED89AEE1AFE0232C2
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: 84D0CBEB33B61C24062EEDC030D1D185
Requests: 5 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Frame ID: 0C0D858EF2ECCABD2EADFFE6F0ADBB1B
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Frame ID: 26951A7E03365CD9D231DB6AF54448D2
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Frame ID: BF46E6A4C03DA4A1E51D930ADEBF24A0
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8855685741132918785&gdpr=0&gdpr_consent=
Frame ID: 62CA4F91A914DEB51E5A6AFFA7C74C70
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: 64121B02F637229012E335A47E91E643
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Frame ID: 75FF799D9A6C36EFBD071B3E34B77F08
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Frame ID: 348B675E20DE9CBF6D5E2A17AA81D075
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: AAC55D02980A69D44D91F20DB5D9F7CC
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: 3720E9CB4830DACD52CF799BF5CD1C32
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1lQkZNTW01RTJ1SzFpc2hiT0d4bDFRNkJITm01eHhTNH5B&gdpr=0
Frame ID: 493F7BE1FABF0699CB61B8EE8EA24CAD
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=1362917374711887341&ex=appnexus.com&gdpr=0
Frame ID: 0B0512526A32B4E31733DA8729B90941
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Frame ID: 82CE21E08A39DC1DE9A1FC91F2FDBDB3
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1038424304261568538276
Frame ID: BDEAE84401AE2245B3707ACF910D6954
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=b41a644f-0c41-4a00-9039-cb88968c5fc1&gdpr=0&gdpr_consent=
Frame ID: 7DD41F019AD4E1DF3E2721C33A023E10
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=
Frame ID: 031B437A6B0FAA1B9DACE5C3E8F421D2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZE8MQQAGvuokZQBa&gdpr=0&gdpr_consent=&_test=ZE8MQQAGvuokZQBa
Frame ID: E83BD52163B34E12AC6FBABBB9F29930
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wNzZhYzExNy0zNWM3LTRlZTItOTZlNS05Nzc5YWZiYWI2Y2I=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 04E30E6C1C1895D487B5D75E62000145
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: EF5AFC0377A9C729B6C8BFF2242A7F86
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=650de8e5-9d7a-4ec2-a51e-0cfb255c269b
Frame ID: FBC9DAD14C03095ED856E141F953CAC8
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZE8MQsCo8XsAAEgPlC8AAAAA
Frame ID: 80D2DD2543027E065F356CEBFC0AF376
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=20181fc7-c1df-4022-9903-f88e5060e6a7
Frame ID: 4E71B34CFC8580982ED08570452089A5
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 3EE486742E346A3BAC695302CC87F19F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=pzKzKkrsYs7gpgA25VTq&pi=gumgum&tc=1
Frame ID: 3B103343F0A49D0196D8AEF67D0D3162
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuccG7Arwpm8OhKpKtgFQrzBXrF5TrJF2S7rdZ6zPDe3oPrxCGbHELZorTeEW8W53fFn6KQlvqWL0j5GH4vlvU32IX_9dti_mkLdqj3l27wx_toQJxPkKpXJF3EraUN5-xE5S_j4dYly0BcSURmg3ZABY1EHrO1gbkfF_6TbBxQkPGeiWFYCFmP5vcFG-IAymNteqo38oOwBxN5uB7qmfbMeqh-R85TDdyd4NnEIIhYraGngSSnPQRrC8_PWTzeaqFeSzWUGcEjtZ_P8w7YTuZRdQAL_lk0E1X_4vip594ovSazHGDEyuOBObsWaGhl2_S8IS6j41M&sai=AMfl-YQOJ3X6R-6UI2lTPcapoYfoQcyaN_zWTd0YxEZAIl6ySGZx97r6GTug_0uT1DHSnqGEAhAXdG8VwWm-89X3WdRb7_NcWC0oBIC47S5Yk-2_yWUFIQaao5nJLd-seA&sig=Cg0ArKJSzG8u8-wFhf0VEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4A126D76B1B14C89B06FAF45E0926DDB
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: C240C2698C497199A7B460FC73FCBBE9
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: B62E1005FC58D72C3AFD2171E11E173F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
Frame ID: AC2FB6919AD27159995E4B33B9E9F489
Requests: 14 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930174&campId=970x250&pubId=40574214&chanId=62148054&placementId=6236753241&pubCreative=138424706906&pubOrder=398746374&cb=2055518824&adsafe_par&impId=d24a63f1-e7b9-11ed-93b4-0ae2e554fbf5&custom=header&custom2=&custom3=art
Frame ID: 8E81C9F81DF446C64F7BEAF6FBDB1BC6
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 2D5F3BCC799A96CDD2C3F1CA06B5A168
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fwww.thetimes.co.uk&site=75931016&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Frame ID: C5C2FC6ADBECA5126B0FFAD67414BD57
Requests: 2 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1682902085443&publicationId=thetimes.co.uk
Frame ID: D96068AE24E1ED479E14FC93BF9798C3
Requests: 13 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 5C70BC56F3753EC4BA005369DC0432C8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.thetimes.co.uk&gdpr=0&gdpr_consent=
Frame ID: FFB7BC562B80EC8AFF3813E8AEC220DE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9E8FD95661E0340A9513DBA6B43EB0B6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0B1C2176BBB7163D28CEB2141FDFE90B
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: 093E3FEEDE13570C644A0AAE08BF7D0C
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C66527FA6C470146DB7949BD6D093D46
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 214D50BF54E63CA4FB31E0D4A547FB12
Requests: 11 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Frame ID: CF3C125E24A6496E5D9BB171B75D7F80
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: ADCF892DE8DE14B6769EE86649298BC7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

How did the US cyberattack happen and why did no one notice?

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

441
Requests

81 %
HTTPS

26 %
IPv6

119
Domains

189
Subdomains

127
IPs

10
Countries

5912 kB
Transfer

22865 kB
Size

206
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://sb.scorecardresearch.com/c2/6035523/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 79
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035523&ns__t=1682902079612&ns_c=UTF-8&c8=How%20did%20the%20US%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&c7=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035523&ns__t=1682902079612&ns_c=UTF-8&c8=How%20did%20the%20US%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&c7=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&c9=
Request Chain 92
  • https://9348536.fls.doubleclick.net/activityi;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388 HTTP 302
  • https://9348536.fls.doubleclick.net/activityi;dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388
Request Chain 117
  • https://tags.thetimes.co.uk/cs/sync/i HTTP 302
  • https://us.tags.newscgp.com/cs/sync/i?expiry_ts=1745974079&origin=tags.thetimes.co.uk HTTP 302
  • https://us.tags.newscgp.com/cs/bounce/i?expiry_ts=1745974079&origin=tags.thetimes.co.uk&fallback_id=e9d39eb2-9a31-4a27-8490-2a5d1858679d.3.1682902080.1745974079 HTTP 302
  • https://tags.thetimes.co.uk/cs/bounce/i?expiry_ts=1745974079&nuid=e9d39eb2-9a31-4a27-8490-2a5d1858679d.3.1682902080.1745974079
Request Chain 149
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=59197&time=1682902080311&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=59197&time=1682902080311&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D59197%26time%3D1682902080311%26url%3Dhttps%253A%252F%252Fwww.thetimes.co.uk%252Farticle%252Fthe-us-it-hack-your-questions-answered-6rwqkvghq%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=59197&time=1682902080311&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=59197&time=1682902080311&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&cookiesTest=true&liSync=true&e_ipv6=AQLqt2W1aEa_GQAAAYfUx94PaN5nBtgB2QQ6XN05bMxNx2wS88RmA1njH4qyxceUx8ps1Abd
Request Chain 167
  • https://adservice.google.ca/ddm/fls/i/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/ HTTP 302
  • https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Request Chain 172
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Request Chain 186
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1682902081305 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1513443770 HTTP 302
  • https://sync.1rx.io/usersync/turn/8056090845049489858?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-63b51081-17c7-4b37-8f6d-49aea9a399e7-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-63b51081-17c7-4b37-8f6d-49aea9a399e7-005 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-63b51081-17c7-4b37-8f6d-49aea9a399e7-005
Request Chain 187
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3259036811455479000V10
Request Chain 189
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0&s=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=Inc5hTaP5JdkCNQ0xS0T&gdpr=0
Request Chain 191
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Request Chain 192
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0 HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Request Chain 193
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8855685741132918785&gdpr=0&gdpr_consent=
Request Chain 204
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 205
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1lQkZNTW01RTJ1SzFpc2hiT0d4bDFRNkJITm01eHhTNH5B&gdpr=0
Request Chain 206
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1362917374711887341&ex=appnexus.com&gdpr=0
Request Chain 207
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0 HTTP 302
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Request Chain 208
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1038424304261568538276
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=9ea65940-8384-4b18-a83e-9982c5aaaa35 HTTP 302
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEJdArmTZuz0w7pyWRXvdNuI&error=&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=9ea65940-8384-4b18-a83e-9982c5aaaa35&google_cver=1
Request Chain 215
  • https://match.adsrvr.org/track/cmf/openx?oxid=b1ca6d47-4609-3b1a-6b26-36eced5a5e68&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=b1ca6d47-4609-3b1a-6b26-36eced5a5e68&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&ttd_puid=b1ca6d47-4609-3b1a-6b26-36eced5a5e68&gdpr=0&gdpr_consent=
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL805mNPFGi1S2cbLPg7wUA&google_cver=1
Request Chain 218
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1362917374711887341
Request Chain 219
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_076ac117-35c7-4ee2-96e5-9779afbab6cb&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_076ac117-35c7-4ee2-96e5-9779afbab6cb&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e3b3302b-7317-4890-8425-92ddd551e511&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd&gdpr=&gdpr_consent=&us_privacy=
Request Chain 220
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28_NkB6mQ_qhdJ0I8-iwPMc9_UtfX7ih30cFBmd_NHh8qFVYTl8Bg_pA5RQYP73-Q6%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28_NkB6mQ_qhdJ0I8-iwPMc9_UtfX7ih30cFBmd_NHh8qFVYTl8Bg_pA5RQYP73-Q6%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_076ac117-35c7-4ee2-96e5-9779afbab6cb&obuid=ENC(_NkB6mQ_qhdJ0I8-iwPMc9_UtfX7ih30cFBmd_NHh8qFVYTl8Bg_pA5RQYP73-Q6) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3D_NkB6mQ_qhdJ0I8-iwPMc9_UtfX7ih30cFBmd_NHh8qFVYTl8Bg_pA5RQYP73-Q6%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3DGUMGU18H7EL9NI653I7DPEH51%0A%26initiator%3Dplatform
Request Chain 221
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=46f7c937-6e1c-034c-0c5d-2601250a5f2e
Request Chain 222
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0884f7f2-539a-5735-4477-1e0836abd6c2$ip$149.56.153.186
Request Chain 223
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-VwireeZE2pemDRGeNtKeTlxjpHQo9VQ2jGEw~A
Request Chain 224
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=884ec308-9649-4cf8-a8d7-f823a6643e1b
Request Chain 225
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=568200899A48499D9AF846BF5A46F6A4
Request Chain 227
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_076ac117-35c7-4ee2-96e5-9779afbab6cb&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=Inc5hTaP5JdkCNQ0xS0T&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SLOMM2WQVDBKA2UUZDLINHFCMDYKMYFI&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SLOMM2WQVDBKA2UUZDLINHFCMDYKMYFI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Inc5hTaP5JdkCNQ0xS0T
Request Chain 228
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=f98c30ae-0a0c-4204-8127-9f540ceab770
Request Chain 229
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=bCfmehn9xTax&ev=1&pid=558355
Request Chain 230
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8855685741132918785
Request Chain 233
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=1362917374711887341
Request Chain 234
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&gdpr=0&gdpr_consent=
Request Chain 235
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&gdpr=0&gdpr_consent=
Request Chain 236
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=25d060d5-f4bb-434d-b0a0-b8bebf598fc5&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 239
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=Vk5oR2hTb19iNnJSX2JsdjlKa2N5Zw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPdw54NJ5sHvmXZYfJTLvfc&google_cver=1
Request Chain 240
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=38efbe1fac8d1060&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAL0BhHUtUB_QMuiKL_AAAAAAA&expiration=1682988481&nuid=&is_secure=true
Request Chain 241
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3De8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253De8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341%2526gdpr_in_effect%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3De8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253De8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341%2526gdpr_in_effect%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3De8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=e8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3De8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=e8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341&gdpr_in_effect=0&gdpr_consent=
Request Chain 244
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODNFODUxMkQtNkZFOC00Nzc3LUEzNDgtOUI5NjRERUIwNDAz&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D83E8512D-6FE8-4777-A348-9B964DEB0403%26gdpr%3D0%26gdpr_consent%3D
Request Chain 245
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gd50677cf72f9133062d HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gd50677cf72f9133062d HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=650de8e5-9d7a-4ec2-a51e-0cfb255c269b
Request Chain 246
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=1362917374711887341&pn_id=an
Request Chain 247
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LH44G3RR-1N-LL4W
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEMLNEAhKejVwJT6yDejzwok&google_cver=1
Request Chain 249
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=b41a644f-0c41-4a00-9039-cb88968c5fc1&gdpr=0&gdpr_consent=
Request Chain 251
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZE8MQQAGvuokZQBa HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZE8MQQAGvuokZQBa&gdpr=0&gdpr_consent=&_test=ZE8MQQAGvuokZQBa
Request Chain 254
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=650de8e5-9d7a-4ec2-a51e-0cfb255c269b
Request Chain 255
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZE8MQsCo8XsAAEgPlC8AAAAA
Request Chain 257
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE8MQb3mIekCNZr3Q26EZQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFyR1nxPWlMQRgF_CrFSiuo&google_cver=1
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE8MQb3mIekCNZr3Q26EZQAADyAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHCXmEYJZxYP4JrSpFwXjXQ&google_cver=1
Request Chain 260
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&expiration=1685494081&gdpr=0&gdpr_consent=
Request Chain 261
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8211384837442828128&expiration=1684111681
Request Chain 262
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZE8MQb3mIekCNZr3Q26EZQAA%263872&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=88633e23-3e7d-4f5a-bfca-90d4352f6aaa-tuctb4891c1
Request Chain 267
  • https://cs.admanmedia.com/sync/gumgum?puid=u_076ac117-35c7-4ee2-96e5-9779afbab6cb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=20181fc7-c1df-4022-9903-f88e5060e6a7
Request Chain 269
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=pzKzKkrsYs7gpgA25VTq&pi=gumgum&tc=1
Request Chain 275
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=W8L276Qs3zvh5vlJQACe&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 276
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LH44G3RR-1N-LL4W&gdpr=0
Request Chain 277
  • https://um.simpli.fi/lj_match?r=1682902081392&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=0BD52914AE6745F192BC72D16D28A4C2
Request Chain 279
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAApNE7InhkAACQ8h6P5FQ&gdpr=0
Request Chain 280
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 282
  • https://ad.doubleclick.net/ddm/activity/src=10997540;type=invmedia;cat=theti000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=10997540;dc_pre=CMa3oeby0v4CFZq4wAod2woOZA;type=invmedia;cat=theti000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=10997540;dc_pre=CMa3oeby0v4CFZq4wAod2woOZA;type=invmedia;cat=theti000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
Request Chain 283
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LH44G3RR-1N-LL4W HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LH44G3RR-1N-LL4W&ex=d-rubiconproject.com&status=ok&gdpr=0
Request Chain 295
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LBZ-TR0g1Yjmy4vmxPQQp8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0Y3otLxE2oJYI09Idg6OvWe0ASOLxOrqXFPxog--~A
Request Chain 297
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTgxOTVkNmY3NWQ2NWI1YzczN2YxZjBiZGZmYTc2NjI0NTdlZGM5ZA&gdpr=0
Request Chain 298
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kevfUSkAQXiJ5ldpujWAMA&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kevfUSkAQXiJ5ldpujWAMA&gdpr=0
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFaFannM0P82Z4khKAybp2Q&google_cver=1
Request Chain 300
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH44G3RR-1N-LL4W&gdpr=0
Request Chain 301
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&gdpr=0&gdpr_consent=&expires=30
Request Chain 302
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg0NEczUlItMU4tTEw0Vw==&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEDOkubb59wIA-t1jrPJRIcQ&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0NEczUlItMU4tTEw0Vw==&google_push=&gdpr=0
Request Chain 311
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&khaos=LH44G3RR-1N-LL4W HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LH44G3RR-1N-LL4W&gdpr=0&gdpr_consent=undefined
Request Chain 381
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thetimes.co.uk&sn=ChromeSyncframe&so=0&topUrl=www.thetimes.co.uk&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=yUcrrHx6NklmU0hnOG11RUtaSU5ZcFZvaDJ4VzI1dkpIVzlsNVA0QmUrWVpKNXFFeHE5OFRTZk9zY090MXhFTFQ0RmdyM04xSEt5bTVrNS9HRkFjOG1STEJhclRud0RsOTJad2s1NTR5aTdkOFkvTnZsM1VrUU1mclhXZDdUNWhJaU9JbzJybDJrMHVNUW9RSE1vM1JUbEV0Z2NkNFlMNXBJNkFPMzRPVTd1TWpuYmpmZlVCTEpBWDB1WllncG5nakJRSVB6MGF0RFhQSVkzRy9wVGdxNUhFMGNtZHFrWUtpS3RYVnJHdG95YkZ0S1RpVGR2Mm5jVHkySVliSzlVb2N6THFLM0ZUalpUUGYxeStCTnZ3MjJyK1hyUT09fA&cppv=2
Request Chain 404
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 405
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAzODQyNDMwNDI2MTU2ODUzODI3Ng%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 406
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDOCfeKCuEj2NlTdW68bPDM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 407
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAzODQyNDMwNDI2MTU2ODUzODI3Ng%3D%3D
Request Chain 409
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1038424304261568538276&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=c8692fea-9ee3-4154-b2e6-ce8c274bfed4&ssp=triplelift&expires=30&user_group=5&bsw_param=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 411
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1038424304261568538276?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-_AIlhJJE2oRG1B2zQzknGkLjMgGIFwwAqIPSgskPwg--~A&dongle=0883
Request Chain 412
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=Inc5hTaP5JdkCNQ0xS0T&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JFXGGNLIKRQVANKKMRVUGTSRGB4FGMCU&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JFXGGNLIKRQVANKKMRVUGTSRGB4FGMCU HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=Inc5hTaP5JdkCNQ0xS0T
Request Chain 413
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1362917374711887341&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 418
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=650de8e5-9d7a-4ec2-a51e-0cfb255c269b
Request Chain 419
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=1362917374711887341
Request Chain 420
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=8855685741132918785
Request Chain 421
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=8211384837442828128
Request Chain 424
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1038424304261568538276
Request Chain 425
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=3110eada-18f1-45ae-a51e-18c79f0071b5
Request Chain 426
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent= HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LH44G3RR-1N-LL4W&gdpr=0
Request Chain 427
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAApNE7InhkAACQ8h6P5FQ
Request Chain 429
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=8814e288-ff96-08f3-00aa-f6f96c019ce5
Request Chain 430
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=f98c30ae-0a0c-4204-8127-9f540ceab770
Request Chain 431
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-7LyQhARE2uE4fco_K6uVhxhWmKtX2.jUavRS4U8-~A&gdpr=0
Request Chain 432
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd
Request Chain 433
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=01aa7687-b051-45ca-aecf-6a62652c6bb9
Request Chain 438
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GkewbPZHHNtzqceZRK-TAu4q
Request Chain 440
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZE8MQb3mIekCNZr3Q26EZQAA%263872

441 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request the-us-it-hack-your-questions-answered-6rwqkvghq
www.thetimes.co.uk/article/ 		791 KB
99 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
76fd5370d1f98f8db1866374b95a3ba80dab820f7c5de03307dd3ba6ecb06e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=180, stale-if-error=178
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:47:56 GMT
etag
W/"c5a68-Syw9jWBb/wBhrLqrlHebBFEXl6s"
expires
Mon, 01 May 2023 00:50:55 GMT
server
CloudFront
vary
Accept-Encoding
via
1.1 varnish (Varnish/5.2), 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
x-acs-version
2
x-amz-cf-id
F3aD1iLwkrT1qbIxdF6vtKQHEPQUqS35sw5Ka5puc2kcxXDI_LVAqA==
x-amz-cf-pop
EWR53-C3
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ni-statuscode
acsaz-307
x-ni-statusmessage
Teaser pages are enabled for the requested article
x-varnish
17570681
x-xss-protection
0
theTimesBackground-eb98bb2db5.png
www.thetimes.co.uk/d/img/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thetimes.co.uk/d/img/theTimesBackground-eb98bb2db5.png
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
b7924cb5be8c9b9c412d1962df6965b6a2033e7540c2a015186394023bb3504a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 12:46:32 GMT
via
1.1 varnish (Varnish/6.2), 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C3
age
2116883
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
14231
x-xss-protection
0
server
CloudFront
etag
"3797-TLHUY6I65JshnZsUkzDdh9n3D0k"
x-frame-options
SAMEORIGIN
content-type
image/png
x-varnish
4615733 694693
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
cQ1bVQU3WlK5bW-iz0yx7erd-VlecmGG_kner4_f6Lfioawp1PEtiA==
expires
Fri, 05 Apr 2024 12:46:32 GMT
headlineBackground-cabdc9b89a.webp
www.thetimes.co.uk/d/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thetimes.co.uk/d/img/headlineBackground-cabdc9b89a.webp
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
1efd4c65950a67471e8216845e902f721f67669d769728e025e5ec5251c63561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 15:11:11 GMT
via
1.1 varnish (Varnish/6.2), 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C3
age
2799405
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1896
x-xss-protection
0
server
CloudFront
etag
"768-PrkjH0/nGcJI3p8jCfAhE4GLKc4"
x-frame-options
SAMEORIGIN
content-type
binary/octet-stream
x-varnish
200541
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
TQfH0egtQ2RKx9wvGWmsuVZvj-IMmr_xrYkJd7EbV2-hPo6Q2G0UHg==
expires
Thu, 28 Mar 2024 15:11:11 GMT
tnl_custom_snippet.js
www.thetimes.co.uk/assets/optimizely/custom/ 		464 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thetimes.co.uk/assets/optimizely/custom/tnl_custom_snippet.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0114c0b871e1d05b4fc67789205c551f112bd3cb2cafac12d628d671d5722871
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-meta-pci_enabled
True
x-amz-version-id
ZAOlISoSq1KaPlLimmgUp3i3jnehloX1
content-encoding
gzip
via
1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
strict-transport-security
max-age=15768000
date
Mon, 01 May 2023 00:47:52 GMT
x-amz-request-id
5Y9B6KDSHBQTZ1FM
x-amz-cf-pop
EWR53-C3
x-amz-server-side-encryption
AES256
age
4
x-cache
Hit from cloudfront
x-amz-meta-revision
123324
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=HIT, edge; dur=60
alt-svc
h3=":443"; ma=86400
content-length
123826
x-amz-id-2
shhjgHO0suQYiq6US1dzT+/dca1MyEMrArwhGWwl3eR2xOO0qeMHk/VwRrtQ0jbvxWVQIJHlxks=
last-modified
Fri, 28 Apr 2023 15:56:18 GMT
server
AmazonS3
etag
"642696c87b3dca41a11d7be8d7953cd5"
access-control-max-age
86400
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120, stale-if-error=118
x-acs-version
2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
F0Nr56LPLZ9hoPRVQBtZwpSh5XbcYNXPWbSec4XcZz6KTRwjNoV1oQ==
wrapperMessagingWithoutDetection.js
cmp.amp.thetimes.co.uk/unified/ 		122 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.amp.thetimes.co.uk/unified/wrapperMessagingWithoutDetection.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.22.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-22-102.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6edbf7efa384a9d4f15b08d8c9bab7b156db2f24a1849f34d6551a53ce1fd5c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 23:53:45 GMT
content-encoding
br
via
1.1 d6e11dc2ec6f45889d724685e5a0e930.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 15:35:02 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C2
age
3251
x-amz-server-side-encryption
AES256
etag
W/"42d1e9459103c32433cb7a2590755328"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
K9_QFb-IgO212cBomAS-PJ9QUxwNxzcqKwKtBzIuOXiqjViLELsIKw==
mvt.js
feeds.thetimes.co.uk/mvt-assets/www/ 		158 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://feeds.thetimes.co.uk/mvt-assets/www/mvt.js?ts=1402418
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-102.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
720b10529785350c46b8aff6fbfd1a411a7e86319d5d113e29173da8f395d546

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:40:06 GMT
content-encoding
gzip
via
1.1 e8a811941c8b094e985333a44bc18f46.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-nu-aka-acs-version
1.1
age
471
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2019 12:08:24 GMT
server
AmazonS3
etag
W/"bae2724913bb50f92d17ff95840ad6b5"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-credentials
true
access-control-allow-headers
ACS-Managed-Session
x-amz-cf-id
9wKFIW-smK0KeJ91dFqcvoLM7vsRj0dSmCC6s-lGL5QOEU2WJN-srw==
x-amz-meta-buildnumber
639
swg.js
news.google.com/swg/js/v1/ 		199 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9dd3ac5da6732c952d1fcf8130a7e403e4b48c08460e3b2f62f2aed37fe6957
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:36:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
696
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59003
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 17:14:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 01 May 2023 01:26:20 GMT
sundaytimes-white-small-d8581d335c.png
www.thetimes.co.uk/d/img/logos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thetimes.co.uk/d/img/logos/sundaytimes-white-small-d8581d335c.png
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
3ce8ff400b575d5bf19b8e71259b27819d42d6aa35dca28c112e9636e4a5bd5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 23:02:51 GMT
via
1.1 varnish (Varnish/5.2), 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
92707
x-amz-cf-pop
EWR53-C3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
2748
x-xss-protection
0
server
CloudFront
etag
"abc-h++RWYG1ceImQNsJOIF/el1n0DI"
x-frame-options
SAMEORIGIN
content-type
image/png
x-varnish
9104969 8936153
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
w5XzOTTWSvMKHOXIV0bgM9BpQS71rvcXon2-hXkcu8URQ7MVlHnFRA==
expires
Sun, 28 Apr 2024 23:02:51 GMT
%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Fb4c37724-3fbf-11eb-83a7-25db7141c256.png
www.thetimes.co.uk/imageserver/image/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thetimes.co.uk/imageserver/image/%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Fb4c37724-3fbf-11eb-83a7-25db7141c256.png?crop=500%2C500%2C125%2C0
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
752b171f1c407ca35ac5d9de540cf22f6304a3a5cb194090197a73e2513e71e2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:56 GMT
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-C3
access-control-allow-methods
GET,POST
content-type
image/png
x-cache
Miss from cloudfront
cache-control
max-age=86400
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
ACS-Managed-Session
x-amz-cf-id
L9SGBC7m3rJx2h_nwDUdKzqFTMKrZOQ9AlUpGHH1EKPVyi-gKfDM7A==
%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Fda522f2e-3f71-11eb-83a7-25db7141c256.jpg
www.thetimes.co.uk/imageserver/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thetimes.co.uk/imageserver/image/%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Fda522f2e-3f71-11eb-83a7-25db7141c256.jpg?crop=4909%2C2761%2C0%2C256&resize=200&quality=3
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
1870b70c314831c89911304c9935b618c643df0c3b31eb53e2a75bd52b8cbfa3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:57 GMT
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-C3
access-control-allow-methods
GET,POST
content-type
image/jpeg
x-cache
Miss from cloudfront
cache-control
max-age=86400
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
ACS-Managed-Session
x-amz-cf-id
-J3gZLkOwnRfw5N_sM_O8ZMlgtc5iR2A5ko98ZocUhwz9WgHtA7rBA==
%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Fe820f65c-3da6-11eb-87aa-2b872fbc5d91.jpg
www.thetimes.co.uk/imageserver/image/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thetimes.co.uk/imageserver/image/%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Fe820f65c-3da6-11eb-87aa-2b872fbc5d91.jpg?crop=3300%2C1856%2C0%2C172&resize=200&quality=3
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
6ff69233ff54c5f63edfdc350de8659b166d1be3addbf05dd2a3134f088eac91

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:56 GMT
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-C3
access-control-allow-methods
GET,POST
content-type
image/jpeg
x-cache
Miss from cloudfront
cache-control
max-age=86400
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
ACS-Managed-Session
x-amz-cf-id
C9FqY82RfXX4XJnpeW5rbH-9pMNOD08FQLxmNtvG1Jcto6kkSogfaA==
%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Ff7815264-39b3-11eb-9017-abc630b6062b.jpg
www.thetimes.co.uk/imageserver/image/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thetimes.co.uk/imageserver/image/%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Ff7815264-39b3-11eb-9017-abc630b6062b.jpg?crop=5184%2C2916%2C0%2C270&resize=200&quality=3
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
4b588d00465fecdc16e47380940381171d08b579cacd39958e565a839e751fc7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:57 GMT
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-C3
access-control-allow-methods
GET,POST
content-type
image/jpeg
x-cache
Miss from cloudfront
cache-control
max-age=86400
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
ACS-Managed-Session
x-amz-cf-id
WR55X3Qj4aPJI8H10lmzRzQ5at5unDTEsS7M1j4yISPL6cei89MpxA==
teaser-article.init.bundle-2fbc3e2af6.js
www.thetimes.co.uk/d/js/ 		9 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thetimes.co.uk/d/js/teaser-article.init.bundle-2fbc3e2af6.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
60d6bc30ac66bfefa7e84ecda759cb18c1bf8ffc459779e34fe9a1b52e11bce6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 09:45:16 GMT
via
1.1 varnish (Varnish/5.2), 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-encoding
br
age
226961
x-amz-cf-pop
EWR53-C3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
CloudFront
etag
W/"8bf6bf-GevjnWM7gAJUj14RQU7Ti6jRdEc"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-varnish
524701 360463
cache-control
public, max-age=31536000
x-amz-cf-id
C5mUBpd866ts3-DFK9wsWnOxWcG08CrYJc3sSjNRYE9Duhsv4pbthg==
expires
Sat, 27 Apr 2024 09:45:15 GMT
common.react.bundle-d0f7611e5e.js
www.thetimes.co.uk/d/js/ 		819 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thetimes.co.uk/d/js/common.react.bundle-d0f7611e5e.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
ec010adc28229993c7cce19872a1e80189f8d50bd89969b1125c6afcf7242507
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 11:02:12 GMT
via
1.1 varnish (Varnish/6.2), 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-encoding
br
age
913544
x-amz-cf-pop
EWR53-C3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
CloudFront
etag
W/"ccddc-vbNFh35vrPFOuo6/JqjdiAAxlcM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-varnish
3715673 2575348
cache-control
public, max-age=31536000
x-amz-cf-id
lESp_VdHMw6xjoAPhq8tQ642gU9yVEisP8FqMcnaS8P8n_w3Q0nvLw==
expires
Fri, 19 Apr 2024 11:02:12 GMT
article.react.bundle-3c75f34ac3.js
www.thetimes.co.uk/d/js/ 		859 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thetimes.co.uk/d/js/article.react.bundle-3c75f34ac3.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
776487a090565a43fdda03feead3e4ef060694783bdee82b428c9ee52f55dd06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 20 Apr 2023 11:01:58 GMT
via
1.1 varnish (Varnish/6.2), 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-encoding
br
age
913558
x-amz-cf-pop
EWR53-C3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
CloudFront
etag
W/"d6a12-+P0T0ckgFnUR555jxNQxT3XtsOk"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-varnish
3879410 4438053
cache-control
public, max-age=31536000
x-amz-cf-id
QgG1YVeQGf1ydzyj6Pr5Vaw1VhFWMG02XKxsmd9lKsXP8BtMu2pqvw==
expires
Fri, 19 Apr 2024 11:01:58 GMT
dual-masthead-bcc5303ae7.png
www.thetimes.co.uk/d/assets/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thetimes.co.uk/d/assets/dual-masthead-bcc5303ae7.png
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
545868bdc8cdec05b19474adeebe6a65721ac0cce322454d0521b0ebf7104818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 17:55:53 GMT
via
1.1 varnish (Varnish/5.2), 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
4517522
x-amz-cf-pop
EWR53-C3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
12813
x-xss-protection
0
server
CloudFront
etag
"320d-Eptf+fmI8LuVCVfagMLeXt1Fuyk"
x-frame-options
SAMEORIGIN
content-type
image/png
x-varnish
6536543 1313995
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ARZKlbbPUgSqF7Cl_X4GSQ7S_9kmFYiYLGOGQ6trwpn2HNOEV_-UAg==
expires
Fri, 08 Mar 2024 17:55:53 GMT
ipso-f7843bf2cd.png
www.thetimes.co.uk/d/assets/ 		888 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thetimes.co.uk/d/assets/ipso-f7843bf2cd.png
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
e800fd731999653b385c113850e0934e374bb18ad11a48119b8ce1d57b668cf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 09 Mar 2023 14:30:10 GMT
via
1.1 varnish (Varnish/5.2), 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
4529866
x-amz-cf-pop
EWR53-C3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
888
x-xss-protection
0
server
CloudFront
etag
"378-gGjTi5flwl/cx57waDZEtvscth0"
x-frame-options
SAMEORIGIN
content-type
image/png
x-varnish
4314 1279402
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8MHiDiEUuCNvhHiLfMBA40J2PCdfzWEU_ThheioKSZqp7iUcilhJdA==
expires
Fri, 08 Mar 2024 14:30:10 GMT
swg.init.bundle-61cee093cd.js
www.thetimes.co.uk/d/js/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.thetimes.co.uk/d/js/swg.init.bundle-61cee093cd.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
93dac5ae7833e553cfa06dff4323b895b7163cd0f5a7bb740d416a603018f36e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 27 Apr 2023 15:48:36 GMT
via
1.1 varnish (Varnish/5.2), 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-encoding
br
age
291559
x-amz-cf-pop
EWR53-C3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
server
CloudFront
etag
W/"ae28-91RvWmILCGCX9LMDmMKncB4sKjQ"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-varnish
3998728 4489264
cache-control
public, max-age=31536000
x-amz-cf-id
JAy8cW98DnrjKQAHw3PM7f5W9DRXzLK9avWMSE0UB5Z7fcKaLuLPsw==
expires
Fri, 26 Apr 2024 15:48:36 GMT
prebid.times_render.min.js
ads.thetimes.co.uk/ 		322 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.thetimes.co.uk/prebid.times_render.min.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-62.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d87f839649c513d1bce682ec77a65cb3c9f7e4c216cc2d0356e9feab2e62a72b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:42:31 GMT
x-amz-version-id
j7vx6QU__ODOvTd.5UV.0NtgHr6SkfWY
content-encoding
gzip
via
1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
x-amz-request-id
0QH2QY9G0F0C5010
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
age
326
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-id-2
17VBfFRm6PwKqGIQw2Y9F4wYzVcFNYummpCkDlm7313XcozS+V+hfezKl8rEeAKIN3UR54foF0+jxgl9mVUUlA==
last-modified
Mon, 24 Apr 2023 09:18:33 GMT
server
AmazonS3
etag
W/"c053dc585526863953be46ac82664d4a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900,s-maxage=900
x-amz-cf-id
xpq9VtywQhHK6DKyz0VrdmkOXQnhbotFg81yBPWN3PLUDrzKl7DxsA==
ads.times_render.min.js
ads.thetimes.co.uk/ 		174 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.thetimes.co.uk/ads.times_render.min.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-62.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
058fd7c43c6a535079341d5ea8596abcfce4673546f741bba27eee806aa8f1c1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:41:37 GMT
x-amz-version-id
XdnscsbUmbpv3lP1ekctbOQWQW4u3S0O
content-encoding
gzip
via
1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
x-amz-request-id
JKWV82MWHFMP0JSP
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
age
381
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-id-2
JksaSPCmYT9yK1CexUwHVZTyl3M9Uo2urxFUm9AQI2IH0DE0vZNwdwEC/dPDlQgYp22tD6IW5AQ=
last-modified
Mon, 24 Apr 2023 09:18:33 GMT
server
AmazonS3
etag
W/"041e9d8c4c649afdb059b99b8a64042d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900,s-maxage=900
x-amz-cf-id
hWTxpVBKkKLq-K9cPS3-jc8UWFhNg39MSB77B_d6NZ5IhaIzYsamWQ==
truncated
/ 		454 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1bfc0e57295c07ac22117398f6225af301e86a175a07c90a423bceece058469

Request headers

Referer
Origin
https://www.thetimes.co.uk
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		130 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2aecb16609603be8b239c1801a978d51b71af41d30c61bab3365ccf045e2c85a

Request headers

Referer
Origin
https://www.thetimes.co.uk
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		134 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7836a53262b277a567c3badc532c58e82835d3831bc822862d5f9b2f8dff4f90

Request headers

Referer
Origin
https://www.thetimes.co.uk
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/svg+xml
Roboto-Regular-1f6d3cf6d3.woff2
www.thetimes.co.uk/d/fonts/Roboto/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thetimes.co.uk/d/fonts/Roboto/Roboto-Regular-1f6d3cf6d3.woff2
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Origin
https://www.thetimes.co.uk
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 13:56:55 GMT
via
1.1 varnish (Varnish/6.2), 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3408660
x-amz-cf-pop
EWR53-C3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
11028
x-xss-protection
0
server
CloudFront
etag
"2b14-J58wDKLLvfn1A27y9Dhgf783fao"
x-frame-options
SAMEORIGIN
content-type
binary/octet-stream
x-varnish
1180042 32812
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rTP1iMMapscsvPUm-N-k_JFDNIUix7-jz9mqQOPrLLqeX0gMY35oWQ==
expires
Thu, 21 Mar 2024 13:56:55 GMT
TimesModern-Bold-62eb027e67.woff2
www.thetimes.co.uk/d/fonts/TimesModern/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thetimes.co.uk/d/fonts/TimesModern/TimesModern-Bold-62eb027e67.woff2
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
ec62f5520bd021131da7214f7fd03c52c0fee0ac746de82e58640aa2f09b3cd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Origin
https://www.thetimes.co.uk
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 20 Mar 2023 08:32:43 GMT
via
1.1 varnish (Varnish/6.2), 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
3600914
x-amz-cf-pop
EWR53-C3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
22284
x-xss-protection
0
server
CloudFront
etag
"570c-XS335JyGaOafTjqgRKgk22HwpR8"
x-frame-options
SAMEORIGIN
content-type
binary/octet-stream
x-varnish
7193270 203197
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
-Sjy-2wSJzN1PNzeVSB4VABs4oRsQZhiw-uX05a9RSwtAweIiJGlsA==
expires
Tue, 19 Mar 2024 08:32:43 GMT
TimesModern-Regular-f3419df85d.woff2
www.thetimes.co.uk/d/fonts/TimesModern/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thetimes.co.uk/d/fonts/TimesModern/TimesModern-Regular-f3419df85d.woff2
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
97421b0e55d219ad0163eff88ef4c419e0259720362031aecb62dcfa7e249abf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Origin
https://www.thetimes.co.uk
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 13:44:47 GMT
via
1.1 varnish (Varnish/6.2), 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2718189
x-amz-cf-pop
EWR53-C3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
23560
x-xss-protection
0
server
CloudFront
etag
"5c08-k8fsp6S5K/B1uoR6GPyGro3L/Rs"
x-frame-options
SAMEORIGIN
content-type
binary/octet-stream
x-varnish
4889396 468375
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
lJU6J3fsONNzw00ul4N2Yx8_ie8CSpHhIcVIVpVJ_VDvkNTwcK4Oug==
expires
Fri, 29 Mar 2024 13:44:47 GMT
TimesDigitalW04-Regular-dca82eac02.woff2
www.thetimes.co.uk/d/fonts/TimesDigital/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.thetimes.co.uk/d/fonts/TimesDigital/TimesDigitalW04-Regular-dca82eac02.woff2
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
70e30a44c57d9c879ed12cfbd0bea35ee6dca2520aa21fac264ce6fc8a722a19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Origin
https://www.thetimes.co.uk
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Thu, 30 Mar 2023 11:32:58 GMT
via
1.1 varnish (Varnish/6.2), 1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2726099
x-amz-cf-pop
EWR53-C3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
25216
x-xss-protection
0
server
CloudFront
etag
"6280-YTinpk1/dKWsPbntGBnZLycOZM0"
x-frame-options
SAMEORIGIN
content-type
binary/octet-stream
x-varnish
11727616 950401
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xqmkYiCqniWioCWXFA1AD_xqgHB0LJA7TcYOnnsg2UTXUTxvaCMOMA==
expires
Fri, 29 Mar 2024 11:32:57 GMT
ccpa.76009a2b49e794158c69.bundle.js
cmp.amp.thetimes.co.uk/unified/4.8.0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.amp.thetimes.co.uk/unified/4.8.0/ccpa.76009a2b49e794158c69.bundle.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.22.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-22-102.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f724988664f7ff40306c2ae90a9e2b74521fbf937dce65fbc4ad9964008cb083

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 15:36:58 GMT
content-encoding
gzip
via
1.1 d6e11dc2ec6f45889d724685e5a0e930.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 14:54:00 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C2
age
48465
x-amz-server-side-encryption
AES256
etag
W/"a8966a38a0762b86f1b8b67f4adaa091"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
Mp-EUBJloaGS7VKb2o_nqWt0U88fgj8bwbUvwoGKN9Mu8pGB6tM4oA==
gdpr-tcf.c5f25289dc007b62e8a5.bundle.js
cmp.amp.thetimes.co.uk/unified/4.8.0/ 		86 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.amp.thetimes.co.uk/unified/4.8.0/gdpr-tcf.c5f25289dc007b62e8a5.bundle.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.22.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-22-102.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc9e81999967e8bfe66b3337896a3401cc0ed306c99243b4924207df749a012e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 01:41:20 GMT
content-encoding
gzip
via
1.1 d6e11dc2ec6f45889d724685e5a0e930.cloudfront.net (CloudFront)
last-modified
Wed, 12 Apr 2023 14:54:00 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C2
age
83200
x-amz-server-side-encryption
AES256
etag
W/"15f3926a82b36fd8dad9dee4b7bc2b9c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
KNPY0dmbWTpVgmEIVTVXlyfOGVoTAAYs1IMq3R__s65_VCUrBeu21A==
get_site_data
cmp.amp.thetimes.co.uk/mms/v2/ 		202 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.amp.thetimes.co.uk/mms/v2/get_site_data?hasCsp=true&href=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&account_id=259
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.22.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-22-102.ord51.r.cloudfront.net
Software
/
Resource Hash
25c2f763af47d314c67d9f24c8a7ca5dc2f7e596fa86ab55288fb18419604673
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubdomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:56 GMT
strict-transport-security
max-age=15552000; includeSubdomains
x-sp-mms-node
ip-10-128-21-251
via
1.1 0c43b7c17036347829f4f27cf79cf47a.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD51-C2
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
ewD44K3y-mCEu8L7Q7lt30EUAnm4Fu_iGByEgDsSjbYvDrofw0zl4w==
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:16:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1873
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6456
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 21:11:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 01 May 2023 01:06:43 GMT
meta-data
cmp.amp.thetimes.co.uk/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cmp.amp.thetimes.co.uk/wrapper/v2/meta-data?hasCsp=true&accountId=259&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=5049&ch=null&scriptVersion=4.8.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.22.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-22-102.ord51.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.thetimes.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
age
23875
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Sun, 30 Apr 2023 18:10:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 0c43b7c17036347829f4f27cf79cf47a.cloudfront.net (CloudFront)
x-amz-cf-id
ZJp1T6TxPSo3NWgj962JTSLlvY55ofcptN6cncsql1mnOJ49grq_FA==
x-amz-cf-pop
ORD51-C2
x-cache
Hit from cloudfront
x-powered-by
Express
meta-data
cmp.amp.thetimes.co.uk/wrapper/v2/ 		303 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.amp.thetimes.co.uk/wrapper/v2/meta-data?hasCsp=true&accountId=259&env=prod&metadata=%7B%22ccpa%22%3A%7B%7D%2C%22gdpr%22%3A%7B%7D%7D&propertyId=5049&ch=null&scriptVersion=4.8.0&scriptType=unified
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.22.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-22-102.ord51.r.cloudfront.net
Software
/ Express
Resource Hash
3a32a06a70e7f527683c242b7fbb08a9394db6e55d2f3e8742b6fa62900f876a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 01 May 2023 00:24:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 0c43b7c17036347829f4f27cf79cf47a.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD51-C2
age
1436
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
303
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=3600
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
gOf6YPwBrKdf5iizOQ8EoDeg7bLHppqafTTx-1yJ-43fxSvPBxVwQA==
messages
cmp.amp.thetimes.co.uk/wrapper/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cmp.amp.thetimes.co.uk/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A259%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.amp.thetimes.co.uk%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=415860705417254992bce6&scriptVersion=4.8.0&scriptType=unified
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.22.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-22-102.ord51.r.cloudfront.net
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.thetimes.co.uk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin,X-Requested-With,Content-Type,Accept,Authorization,SP_SCRIPT_VERSION
access-control-allow-methods
GET, PUT, POST, DELETE
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=86400, s-maxage=86400
content-length
2
content-type
text/plain; charset=utf-8
date
Mon, 01 May 2023 00:47:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains
vary
Accept-Encoding
via
1.1 0c43b7c17036347829f4f27cf79cf47a.cloudfront.net (CloudFront)
x-amz-cf-id
m7EERvOKbE2lXDjQ9n8SgmNhadOWSSnSBwD00gYLxPNyla3-uqbUkw==
x-amz-cf-pop
ORD51-C2
x-cache
Miss from cloudfront
x-powered-by
Express
messages
cmp.amp.thetimes.co.uk/wrapper/v2/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.amp.thetimes.co.uk/wrapper/v2/messages?hasCsp=true&env=prod&body=%7B%22accountId%22%3A259%2C%22campaignEnv%22%3A%22prod%22%2C%22campaigns%22%3A%7B%22ccpa%22%3A%7B%22alwaysDisplayDNS%22%3Afalse%2C%22hasLocalData%22%3Afalse%2C%22targetingParams%22%3A%7B%7D%7D%2C%22gdpr%22%3A%7B%22consentStatus%22%3A%7B%7D%2C%22targetingParams%22%3A%7B%7D%7D%7D%2C%22clientMMSOrigin%22%3A%22https%3A%2F%2Fcmp.amp.thetimes.co.uk%22%2C%22hasCSP%22%3Atrue%2C%22includeData%22%3A%7B%22localState%22%3A%7B%22type%22%3A%22string%22%7D%2C%22actions%22%3A%7B%22type%22%3A%22RecordString%22%7D%2C%22cookies%22%3A%7B%22type%22%3A%22RecordString%22%7D%7D%2C%22propertyHref%22%3A%22https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq%22%7D&localState=null&metadata=%7B%22ccpa%22%3A%7B%22applies%22%3Afalse%7D%2C%22gdpr%22%3A%7B%22applies%22%3Afalse%7D%7D&nonKeyedLocalState=null&ch=415860705417254992bce6&scriptVersion=4.8.0&scriptType=unified
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.22.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-22-102.ord51.r.cloudfront.net
Software
/ Express
Resource Hash
c7ac6efd84cf38c3e50b3a60f8a6de350577b28db096369938a0ecc0caf21279
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 01 May 2023 00:47:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
via
1.1 0c43b7c17036347829f4f27cf79cf47a.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD51-C2
x-powered-by
Express
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=0, s-maxage=1200
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, SP_SCRIPT_VERSION
x-amz-cf-id
52Q0Pu7pwOjAU-inIZfb02AcnldYE2IT-_6qgxDfsXoxCVqiaYlQOg==
utag.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		90 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/d/js/common.react.bundle-d0f7611e5e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e8ea2bfddde458eaeee93d14e81eb8fa9be537c1a2da44c696f23ac2e50ba4f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
mDiA.t5eFMUsaDE8ArT3by5uaY.SBZEW
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:11 GMT
last-modified
Wed, 26 Apr 2023 13:16:25 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
91
x-amz-server-side-encryption
AES256
etag
W/"de3deb2481b8ec5899d87b8950862ff1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
nZy4LEdgr0u6pSBqZuF50Vzz9ZJXjinDb5_2nXKPuYI9w62hzjbV0Q==
white-bg-logo.png
cfactory-img.s3.amazonaws.com/NUK/9.5/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cfactory-img.s3.amazonaws.com/NUK/9.5/white-bg-logo.png
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.92.19.113 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-3-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a9df214223509eec9c5109398437cd9f473b7823574619e76a347aff2ab1bbd5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:48:00 GMT
x-amz-version-id
SnfVxyT3q9Rlk0agr_bUtICDxuyh8m2l
Last-Modified
Tue, 15 Feb 2022 14:55:28 GMT
Server
AmazonS3
x-amz-request-id
V4NGDD55V8EDEG0P
ETag
"6b29bdc6b1324103f02a0ec8ab84be6a"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
54586
x-amz-id-2
M74pugBFTGV7cesEsFyUTl4xofD977tRRR98/2s/2wT/QqpNMr+3QB0/jFbTtLkmlUcT9/TkWbA=
times_render.json
ads.thetimes.co.uk/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.thetimes.co.uk/times_render.json?callback=jsonp_autokpi
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-62.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c911648f52f11400d8910eb3056541904b490b4980d0169b75471940bf350c74

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:36:41 GMT
x-amz-version-id
2NOeqNwStdVkxjo.1ecbYS25xzj0jKst
content-encoding
gzip
via
1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
x-amz-request-id
W5C14SA3PP9ZD3FB
x-amz-cf-pop
JFK50-P3
x-amz-server-side-encryption
AES256
age
679
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
x-amz-id-2
zyL79ETjzYUPQ7iIc4ZS3CDyq4rxYCdTFIDQ8mitA8MpRsb3gb2AerWehOlrm061y5iPjCPKFOE=
last-modified
Mon, 01 May 2023 00:03:15 GMT
server
AmazonS3
etag
W/"b6620005a761e31f59615ee5eb0a38bc"
vary
Accept-Encoding
content-type
application/json
cache-control
max-age=900,s-maxage=900
x-amz-cf-id
2rTEZ2FQ3YF3EN2p4IQheev_zt-BN6-NHVrp9EmeXiBH2inN-WXdRQ==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.thetimes.co.uk
URL: https://ads.thetimes.co.uk/ads.times_render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8eda5698877243d40aacdbb043256623694fe66ba10c423773d46aecbf299ff1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24754
x-xss-protection
0
server
cafe
etag
17 / 19478 / m202304250101 / config-hash: 17856767610576847833
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 01 May 2023 00:47:59 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		227 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ads.thetimes.co.uk
URL: https://ads.thetimes.co.uk/ads.times_render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.249.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-249-178.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:10:08 GMT
content-encoding
gzip
via
1.1 42d237d1f81f463793c0aa00a59a35aa.cloudfront.net (CloudFront), 1.1 a086167ac002fd278f681a1c44914a46.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 19:15:17 GMT
server
AmazonS3
x-amz-cf-pop
CMH68-P1, ORD51-C4
age
2272
x-amz-server-side-encryption
AES256
etag
W/"644915d59292b7496ff86a0d2c460fce"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
j1ZOBUotLElV_H_dlAL-9fvWOZTGndYFXYEf0Wb4W3-ztJyTiK5iOA==
08f3140e964d35efaaa94ba9f2cdbf9edafbfde6673ba81ffe923565f70bc138
scripts.webcontentassessor.com/scripts/ 		418 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.webcontentassessor.com/scripts/08f3140e964d35efaaa94ba9f2cdbf9edafbfde6673ba81ffe923565f70bc138?dt=1585330388
Requested by
Host: ads.thetimes.co.uk
URL: https://ads.thetimes.co.uk/ads.times_render.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
61b4aad4066bb60d08b74c0abc0b55038b647ca8a9e342d62e5c96758749c035

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
7OdqjCRHWkc3O26rG_BXUEP9.B0MFlwq
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 May 2023 00:47:59 GMT
x-amz-request-id
727520PZ6B4BJ3S6
age
3342
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
100012
x-amz-id-2
IIB/w/Yu1RU5lzy64r4Qs5IsZi2B5q9BVduMUjE5OVRJB3uXMat0yqdO3E5rpRJxNu+8wvWwctg=
x-served-by
cache-yul12832-YUL
last-modified
Sun, 30 Apr 2023 23:49:18 GMT
server
AmazonS3
x-timer
S1682902079.488208,VS0,VE0
etag
"33f42643223ef43ac132b9c8dde4617c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges
bytes
x-cache-hits
53
thetimes.js
cdn.brandmetrics.com/tag/3507d3a478cd4f59b15eb40434141032/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.brandmetrics.com/tag/3507d3a478cd4f59b15eb40434141032/thetimes.js
Requested by
Host: ads.thetimes.co.uk
URL: https://ads.thetimes.co.uk/ads.times_render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:c12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e2cd3d6c1008a3da053ad13ab5bf8f1baac141127adde661bad2f223054ec5e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 01 May 2023 00:33:23 GMT
server
cloudflare
age
876
cf-polished
origSize=5840
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5MluGWmmi02se7%2BOW1VMXgqoMqm5HCkR09onx8G2xHYtno7QeFuT1g4OEVVvvtrRnGZGJCJsEA48FQUxo7JQj1%2Fx24RNJhiVUJJui1UHmFft%2BDoeHASymrlDsJ6U0RaCK9Uxj%2ByWkt4AAqqDL%2B%2BnOrIA"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c04042cceba3fd8-YYZ
request-context
appId=cid-v1:5c986aee-9723-4541-b38e-d4ac73c46937
service
euasync01.admantx.com/admantx/ 		297 B
443 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://euasync01.admantx.com/admantx/service?request=%7B%22key%22%3A%22f1694ae18c17dc1475ee187e4996ad2b484217b1a436cb04b7ac3dd4902180b6%22%2C%22method%22%3A%22descriptor%22%2C%22mode%22%3A%22async%22%2C%22decorator%22%3A%22json%22%2C%22filter%22%3A%22default%22%2C%22type%22%3A%22URL%22%2C%22body%22%3A%22https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq%22%7D
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.97.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-97-228.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d5dd8cba7734d4f3b1321364ef0684448fb6b7f71fc075ed9655e34a312e7b23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:47:59 GMT
strict-transport-security
max-age=31536000
server
nginx
content-length
297
content-type
text/plain; charset=UTF-8
deployment.js
c.la1-c1-frf.salesforceliveagent.com/content/g/js/48.0/ 		42 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.la1-c1-frf.salesforceliveagent.com/content/g/js/48.0/deployment.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.255.128 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl16-ncg0-fra3.la1-c1-fra.salesforceliveagent.com
Software
Jetty /
Resource Hash
0e32ae2b3787eb6c3cb4517d64a747f5bdeeb40c7203ba6de723de30dcfb698f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:48:00 GMT
Cache-Control
max-age=60, must-revalidate
Last-Modified
Fri, 07 Apr 2023 16:46:48 GMT
Server
Jetty
Accept-Ranges
bytes
Content-Length
42736
Content-Type
application/javascript
utag.56.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.56.js?utv=ut4.44.202201311336
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
765c9bcbff0fa2eaa559e422b0412f3fabb3e7ef50bd2ac7b0860a1ce44c1f3f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
8Rtw0OHg5qc3KuoYn8GTdDAnFQUep1Ou
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:44:04 GMT
last-modified
Wed, 26 Apr 2023 13:16:23 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
280
x-amz-server-side-encryption
AES256
etag
W/"77423d69b857e67c45a322fcdd16fabf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
tF2Ku9FHdjcttGJ_YUh60VvwSdCp7My51Qemkk6qEnGnS8NJ98KuEg==
utag.59.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.59.js?utv=ut4.44.202111011542
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22d102f79d862e53f60ac59bc72587078b96bf6753fda0ac410c94dc4879e9c2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
IigZyuIDDYGH8rrWJ.W6yRajEGEjyUvh
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:22 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
142
x-amz-server-side-encryption
AES256
etag
W/"4fd845d42585ace489563d8baca0a396"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
lDj3b5onkh8dkFg-51icF8L7IxW5S86mhNZSeREU0qsnTDwCxu4nwQ==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsinternational/thetimes.2018/202304261315&cb=1682902079522
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Mon, 01 May 2023 00:42:08 GMT
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD51-C1
age
352
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
1QuC7q6C-uMv71E5rxAQm_CF_r02ZQBl8E9fxmq1oWVMjyFNZml-rA==
utag.9.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.9.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17814a3dc543fc91e5cc3c915a81413bec2bc926142f928e4fe06d601b1f7de3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
pNZUE7n5aH6WGt_276Q4IzwMRuY2Y6DM
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:21 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
21
x-amz-server-side-encryption
AES256
etag
W/"7dba04f234958eed5197c161d5121d92"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
vyZfdWnDIhOpzvmo27QWk6tNVTqTL064g7TGscg9mzs_ZsK2wyW5nw==
utag.53.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.53.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86d258469a0e2be3d8476f668bfb93832939460a79963c9f485b2e06842320e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
jKxw1ItJcHL69SU8T.1TUM3hBKDz0b6r
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:44:04 GMT
last-modified
Wed, 26 Apr 2023 13:16:22 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
253
x-amz-server-side-encryption
AES256
etag
W/"356eedc9ddf3c535b4ea220e9cc589fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
zdfMMzVPNWF8O0KBhorhHK12vPR20Y2wjeiAGDdDNnRDeBjW56GCzw==
utag.27.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.27.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27448d5255518b4faf9adfe3d54ce2f80c6e10c31b8972130d6bffd84acb6572

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
nkVc2LKlkjxNcWXxdRb_4WaBLpCThigH
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:23 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
21
x-amz-server-side-encryption
AES256
etag
W/"9c6c65709c376068700a00d7c0bb6dd9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
ktwIvXa4Mdw250z_ElNbrWefBFUAgd7UujrkarJXFV3uN7Q42cLapw==
utag.65.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.65.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4567655d98672bdc5d38b85e60235efb66cda81d80cea05e5bde6f061d7114a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
6LdGEEt9vIwgCY6h3tFd8_ZtbI33iJRx
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:24 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
21
x-amz-server-side-encryption
AES256
etag
W/"5249c20676b1fb85a0a8616c0907d203"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
jKdDkTRa0EBTgTO55jloXaftDbaZ_u8MvNyhXVERgw-XdkGmeGprNg==
utag.83.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.83.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cee0cc1c4b990aeec754dd6e99753a5492b28981f794c32ab00136a0b7d262f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
ZQ.1dyj4v2hK3Etm4BlF2BKfaGv9.l9u
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:44:09 GMT
last-modified
Wed, 26 Apr 2023 13:16:24 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
233
x-amz-server-side-encryption
AES256
etag
W/"800f009b403019c0bae7338179492bdd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
-1F5Phs6-LmyuLq7NhirnB1iQ8fP3M6EBAvqPnwkfWM4IooAnj1fFQ==
utag.54.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.54.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5fdd467f8921f87015b4a8b05e1d3c36e0f03ef02c407cd5db5c1c2a561fae05

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
p0FTmFsZVZINufHFJoQq6S3z_HL33ycD
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:23 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
88
x-amz-server-side-encryption
AES256
etag
W/"dddee10b654c892f23cbae412dbbb63b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
t0e2EUFI-EwlON22F-c1vjtEyLNnZnuyPih1FMV9Kqsmp3geFI2p7w==
utag.38.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.38.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdb560821dfbdc0d82b2c7ee4248e493a0363ad6fa7af0477ff500c91c0d428a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
Nwqv8rEECBiYAWaXkcxQhQcyn349X5F4
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:20 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
64
x-amz-server-side-encryption
AES256
etag
W/"5a3e9bf484d10bd734831eccac14d36b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
bsiSVWt9rhYLHLRgYB0Zxt8blvlmBINW88N7l4hqEU06I4Q7Nv8mkg==
utag.12.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.12.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ffc8878deb006926ded350caf7cd2f7708650463ef6b6b8bd2a23880101a20

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
meHh8B9i5ZshL6nEoV025HiswdnmhBiG
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:20 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
88
x-amz-server-side-encryption
AES256
etag
W/"fea19645bf31c08e56d3eb9dfb2968d2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
R-D3LDMErz5tptkdZy3TFluOZ-7tTg3rTNk6m9PLtpSNV87df54rgw==
utag.32.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.32.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eaa479e54d1162f9d8c844491396f819d7a575398f3ec36e45721f6d9f98af74

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
GmjkmmPx9qBM2Bznqq034vgt7Aou5EN2
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:24 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
88
x-amz-server-side-encryption
AES256
etag
W/"aa2b7f1eb95d63154a7c1caec5e9d8ca"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
inEItlZXLGvgP_BjEfe7LnhVcEnLZPVSMJ9DRfA1XYXmIaxq376c-w==
utag.14.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.14.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34bac748e56dcc3fe9e14817850e80f4d04852e28ef3e19cc9ce4caecfc1e13b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
UDyT5.14Ta9wFJ.7WUo8GQAykyTNBlZC
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:22 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
88
x-amz-server-side-encryption
AES256
etag
W/"cb150e169f52d416c5802a3c10fd53db"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
s5G7aIfzP7iayyEH0hTIjBmUIvE-DhKeig6px1bJlGbkP_hsWiTOtQ==
utag.19.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.19.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79b252a3dd12537e9f2fe4c1b6c6c6ad97addc8bd6cd413b843cc8a7c4605e76

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
5fhqcRsSOdZ9jkDy0ebzxUv85H_mlEM2
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:21 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
88
x-amz-server-side-encryption
AES256
etag
W/"0eaf299ac48018f3d6eeb98c556e6070"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
1piFOROeFinGQEV4rTI-CwSXw5wBZRDRmucECA_4bKYdjeSq9osPhg==
utag.20.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.20.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b0544fc0955efc5604f9ad54a0d86f31246ae65e05276d7121402251e8a05f86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
VsC9IWg8mFwrNR7jEeBCAwP0J3IOE9_i
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:44:09 GMT
last-modified
Wed, 26 Apr 2023 13:16:20 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
233
x-amz-server-side-encryption
AES256
etag
W/"e7f13532bd0c25cd54d57e6094ffe45a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
Scl4Jdz0HuTipLyEoTjIunbZGaAcv9t8tdwyArq61RikN1ELUAo19A==
utag.46.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.46.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
455a15e9b1a732b4f9b954c27b21999593a7d032fd8be920e14aeced645f8138

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
gC4DfvAXciErXsHRrTUhpYjk6_L1py2t
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:24 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
88
x-amz-server-side-encryption
AES256
etag
W/"ec93346bf133abe54db176fc6be6736c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
tGYg-8aHtlLIickJo0QXF765bTIf1aimzKRJ92lbDeE6rxlgy8bayg==
utag.47.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.47.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4bbf46017150cb8927ef74395fc8827aa81e402e867e3f3e9b5c17df5c30c446

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
KJy2YjzQJJV_oAKnlFaRqY4__CYt5ylv
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:23 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
88
x-amz-server-side-encryption
AES256
etag
W/"d55e218e421ebc8ebcceaa775917e3e0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
H5nFYx_CgvK9WyYQWG59lXe-oeQ1kq9FC_FnUe2hBKXwxGEoR_2J4w==
utag.51.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.51.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
baf101944587ee9aece619ab3b3622f2a5e56d889a8e41db5692de384c8fc02c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
oGnsqQ8GPtV.4ZVT8teGw244pXC.b0Nc
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:21 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
65
x-amz-server-side-encryption
AES256
etag
W/"2103727ceb80c9037ef4ffe21cfa6d73"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
ojiF-pKa6XRxfvpnd2HzQ69LvCnJxvt3e2eNPeW_sJxx3ctILTgz0w==
core.js
s.pinimg.com/ct/ 		1 KB
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:497::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"6fe18a21f263bd65310c79df7a66e9b2"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
content-length
484
1.js
qztqzde1.micpn.com/p/js/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qztqzde1.micpn.com/p/js/1.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.8.49.36 Ft. Pierce, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-49-36.ord52.r.cloudfront.net
Software
/
Resource Hash
70a3bfe6e99e8ded842770a711f12769f4930e6923a03efec433e85de0068baf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:47:33 GMT
content-encoding
gzip
via
1.1 9fe631f28ff70aa7e04b8f71c83b9ce0.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD52-C3
age
26
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
p3p
policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
cache-control
no-cache max-age=0
timing-allow-origin
https://www.thetimes.co.uk
x-amz-cf-id
oW2tnbghJ40caHWIBfxvL8HbpJLys4tRVf7VCbHVPeqGSAtDb9k7EA==
x-uuid
e6cd66cd-70c7-405d-84a8-8ce367542bd3
expires
Thu, 01 Dec 1994 16:00:00 GMT
utag.61.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.61.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d19e5066eb2008630b88908843e539863715f69203e991591ea771d3dd36a6cb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
m03XyZ_ZrgrjP4b6sRHkF0vVZHY.2Ty6
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:21 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
88
x-amz-server-side-encryption
AES256
etag
W/"39a3b29a28334c47403e3dcb057b86e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
CC0iQE7l1XdOEiRIuXO9YzvYlfABWhjOegnFmiZqqvhsNldDLHpvRw==
utag.66.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.66.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
765a2aad166775dfe2095a6568a4e4b1347039de2c0945f3f8c30ebad19e0fbf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
SwhihZ4xLVEXbHcdbOQUjZbpV9koq_rv
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:45:17 GMT
last-modified
Wed, 26 Apr 2023 13:16:24 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
168
x-amz-server-side-encryption
AES256
etag
W/"b4954f71c2011c245fe0a2ddcab69e1d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
vm5CW1Rniaf-OYTFHehpgkca6vXT7R5tdwgCOSEHJy39fJmNycgtQA==
utag.67.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		25 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.67.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
599e30549f6af6cc8b8c58f0be5c74ec6ea55382c719e84d98111b2fe9266ec2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
y1lgvtObMWA6ZCE6rIxXusfQoupbL_j.
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:46:25 GMT
last-modified
Wed, 26 Apr 2023 13:16:22 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
98
x-amz-server-side-encryption
AES256
etag
W/"319335dc8e059133e230cab039db0132"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
C4A_UjKI2RM0hMxxzpJ-KG14cSH4MNshE_Bz8BrMTpuLbHC0Bd_3zA==
utag.73.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.73.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a8d9466171e553592dcdff217f0b15573d1c8add9f391a83abec234121b8a44

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
PUxGMTZzcTE989lIq0vcoYDfQ1_xftgQ
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:45:59 GMT
last-modified
Wed, 26 Apr 2023 13:16:22 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
124
x-amz-server-side-encryption
AES256
etag
W/"f9a16398a5c01ee7929b24d643e4740d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
JOaXCFtTvZYMjeV4h2MDqB0kuoPtgg3U3D33OAc2W1xlxyhde_jnxw==
utag.77.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.77.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c91740a2db57373f2d1b23b0d718c9b40ae5c45a595b29c2a95fa58a3738f3fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
48mmV7odr1TqkNSCBUs.miR8YqOpciL4
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:46:25 GMT
last-modified
Wed, 26 Apr 2023 13:16:23 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
107
x-amz-server-side-encryption
AES256
etag
W/"2fd75579f43827a6ff3db78692b86b05"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
ryCBg8MbZoxBDalgFC_2GCveZ5t1BSIAr_hMfu4zq1StGZYgoBNjHA==
utag.80.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.80.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
517dae4fe0d63e5eb0d1f9690b5d24b66635ddb98f5197087198fdde25f188e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
C9dCmmGGWzEuxz9AhEtSPupiq.q8K7fs
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:46:25 GMT
last-modified
Wed, 26 Apr 2023 13:16:22 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
107
x-amz-server-side-encryption
AES256
etag
W/"7dd145b672a27077225d32dcfc32aba2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
tXWDiF_8F4RdpwkfRA3-YhJG1NsH20-ubnR__-rZgLLtexv2RTfGdg==
utag.81.js
tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/newsinternational/thetimes.2018/prod/utag.81.js?utv=ut4.44.202304261315
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:fa00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1642acc39d330f22bd75826f95af299f5f9974234dc561b422378429464fc09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
zSrqoWNVr0A0ACyY2EwfpDDauZJ8WoiV
content-encoding
br
via
1.1 44914fa6421b789193cec8998428f8bc.cloudfront.net (CloudFront)
date
Mon, 01 May 2023 00:46:25 GMT
last-modified
Wed, 26 Apr 2023 13:16:20 GMT
server
AmazonS3
x-amz-cf-pop
ORD51-C1
age
98
x-amz-server-side-encryption
AES256
etag
W/"05a246adf0a0ecc591dc23d0cc4d0665"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
k0A8zT8Bg-q9lTNsLUkvc-GJZK4_DM4OYnyfZPfKRG-nUZ0d5psGVw==
%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Fda522f2e-3f71-11eb-83a7-25db7141c256.jpg
www.thetimes.co.uk/imageserver/image/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thetimes.co.uk/imageserver/image/%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Fda522f2e-3f71-11eb-83a7-25db7141c256.jpg?crop=4909%2C2761%2C0%2C256&resize=366
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
b9fc76e16f4e119af23f68da79bb63ad22acb518d456a54a967f6095d6298559

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-C3
access-control-allow-methods
GET,POST
content-type
image/jpeg
x-cache
Miss from cloudfront
cache-control
max-age=86400
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
ACS-Managed-Session
x-amz-cf-id
bJfD_Sk6CViCi5HWtfxJBlKaDAwj3gJw5Y59W5a7BpOJhEIf7RUyaw==
%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Fe820f65c-3da6-11eb-87aa-2b872fbc5d91.jpg
www.thetimes.co.uk/imageserver/image/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thetimes.co.uk/imageserver/image/%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Fe820f65c-3da6-11eb-87aa-2b872fbc5d91.jpg?crop=3300%2C1856%2C0%2C172&resize=366
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
a5129ba2f2576c1ec17e9308daae979cf20b4a252785785d1b16f5629c18060d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-C3
access-control-allow-methods
GET,POST
content-type
image/jpeg
x-cache
Miss from cloudfront
cache-control
max-age=86400
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
ACS-Managed-Session
x-amz-cf-id
b2WsgP9vrR-VX2Xsz6fiHjowocCvcbQE3lmBlXcskusFE2Z6mI2b6A==
%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Ff7815264-39b3-11eb-9017-abc630b6062b.jpg
www.thetimes.co.uk/imageserver/image/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.thetimes.co.uk/imageserver/image/%2Fmethode%2Ftimes%2Fprod%2Fweb%2Fbin%2Ff7815264-39b3-11eb-9017-abc630b6062b.jpg?crop=5184%2C2916%2C0%2C270&resize=366
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
CloudFront /
Resource Hash
3478d0c8d359e6143b17946b99136e0216f3d56cbba527eac86c31253de68566

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-C3
access-control-allow-methods
GET,POST
content-type
image/jpeg
x-cache
Miss from cloudfront
cache-control
max-age=86400
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
access-control-allow-headers
ACS-Managed-Session
x-amz-cf-id
ZmzlKj-TyfJv00L77RnvUilNGXC0vmhUH2AuVHrpROBpj2TJrNVDUw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/ 		398 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304250101/pubads_impl.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 13:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
42112
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126109
x-xss-protection
0
server
cafe
etag
6695821980177688499
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 29 Apr 2024 13:06:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		71 B
81 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thetimes.co.uk
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a54858968222821106328f92f23568fc539c3d25b35de3e21b1d1fb5385b1a28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57
x-xss-protection
0
expires
Mon, 01 May 2023 00:47:59 GMT
door.js
uk-script.dotmetrics.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/door.js?d=www.thetimes.co.uk&t=world
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-16.ewr52.r.cloudfront.net
Software
Kestrel /
Resource Hash
bebd3edb751b25002931216071f43f4f677267e3375f8d76909a9803ba35e69a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
content-encoding
br
via
1.1 f5a11ff9652a64f1fcf7e2671d944f46.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
EWR52-C4
etag
".www.thetimes.co.uk.world.224.2023050100"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
WOVROPDwqqRzuL2WJOv8TwM35sfWBATfPC8YJEMvEledlWrgqsWNdg==
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Apr 2023 23:54:31 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3208
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Mon, 01 May 2023 01:54:31 GMT
track
pac.thetimes.co.uk/ 		0
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pac.thetimes.co.uk/track?et=0&n=tnl&p=thetimes&pu=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&pn=article%3Ahow%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&ai=2dd94710-3fbb-11eb-83a7-25db7141c256&an=how%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&sn=world&cs_id=0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08&d1=the%20times%20and%20sunday%20times&d2=0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08&d3=1682902079443&d4=etc%2Funknown&d5=landscape&d6=logged%20out&d7=2023%2F05%2F01%2000%3A47%20monday&d8=1600x1200%7C1600x1200%7C1&d37=2dd94710-3fbb-11eb-83a7-25db7141c256&d38=article&d41=tom%20knowles&pvi=nuk%3A970b507e-02c6-4aca-ac03-4f02980cda84&d46=1682902079525&d47=1&d56=denied&d58=%5B%5D&d60=united%20states&d65=NONE&d66=2020%2F12%2F17%2000%3A00%20thursday&d67=the%20times&d68=locked&d81=no%20flag&d82=standard%20template&d88=denied&d91=%5B%5D
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
0
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
x-download-options
noopen
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035523/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Server
65.8.49.95 Ft. Pierce, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-49-95.ord52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:44:45 GMT
via
1.1 cc99d70eb21145e5ef464d134671481e.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
ORD52-C3
age
195
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
mkjqDNM2PCNiDuiHJiDscXGqxOlN24jMbfMErJ3NpOSmyi86gs-UTQ==

Redirect headers

date
Mon, 01 May 2023 00:47:59 GMT
via
1.1 cc99d70eb21145e5ef464d134671481e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ORD52-C3
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
FX5CVXGE45Brl5pG0lMhQRFMtDf3W0sKSUnAswGDkZxmxtS8PecG2A==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035523&ns__t=1682902079612&ns_c=UTF-8&c8=How%20did%20the%20US%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&c7=https%3A%2F%2Fwww.thetim...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035523&ns__t=1682902079612&ns_c=UTF-8&c8=How%20did%20the%20US%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&c7=https%3A%2F%2Fwww.theti...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035523&ns__t=1682902079612&ns_c=UTF-8&c8=How%20did%20the%20US%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&c7=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&c9=
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Server
65.8.49.95 Ft. Pierce, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-8-49-95.ord52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
via
1.1 cc99d70eb21145e5ef464d134671481e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ORD52-C3
x-amz-cf-id
8EHFVsEiC6i8rcOKoxfW48GdPWYp0QZmuOcKiNyhJ3Rkguj1X-UCTQ==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 01 May 2023 00:47:59 GMT
via
1.1 cc99d70eb21145e5ef464d134671481e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
ORD52-C3
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=6035523&ns__t=1682902079612&ns_c=UTF-8&c8=How%20did%20the%20US%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&c7=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&c9=
content-length
0
x-amz-cf-id
QiEp3ABAb9YyPBr7sCfv9KaRpYUbEjM98jJ4tnLjWJ2I4F2_c9HIPg==
ncg.js
us.tags.newscgp.com/prod/ncg/ 		163 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://us.tags.newscgp.com/prod/ncg/ncg.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.141.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-141-41.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cce4ed0f75fe50cb7431c44d94643bdeb12fcf7b8c04af83d76f24fc875a704c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 06:05:13 GMT
Content-Encoding
gzip
Via
1.1 a625757367106dcbcbb3061170ce34d8.cloudfront.net (CloudFront)
Last-Modified
Tue, 07 Mar 2023 11:33:22 GMT
Server
AmazonS3
X-Amz-Cf-Pop
ORD51-C1
Age
67369
x-amz-server-side-encryption
AES256
ETag
W/"cbffeacd747e453a50b3116e019da258"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
c9OzQ130dxrbTNHYTutJ-nZlw9B-yEeKybTErbxG-K2yAbwi3SUdHg==
34784X1550488.skimlinks.js
s.skimresources.com/js/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/34784X1550488.skimlinks.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
8c8024713505b4bd8e568fbd6e24e643f1a42315df1bc8d1a56a90e3f4186c0f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:11:00 GMT
server
AmazonS3
x-amz-request-id
FKQCQJ657ZKH7E2H
etag
"e296aa4574c7a022274002ab5abeb014"
x-hw
1682902079.cds031.dc2.hn,1682902079.cds044.dc2.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
13775
x-amz-id-2
Y6aB13qKKNJDMwJ+C6OfCjURwsjlO67eAGiVMfnetFYc9QsbbR2wRN+r+qB2Y3TS2/K1H8M0zZU=
geo4.js
cdn-pci.optimizely.com/js/ 		311 B
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-pci.optimizely.com/js/geo4.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.204.106.151 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-204-106-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0a30c5ec830f681475c4c449fcbbba7a8fb41aea89bd974a1f7e45b9eb7981a4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
OAjfW2hsfUCB6ky0IKAo94yDIUDQOyvh
date
Mon, 01 May 2023 00:47:59 GMT
server
AmazonS3
x-amz-request-id
KB7W2C48TWF50FBR
etag
"ab711da6d329d2f9dabaf111028b5243"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
x-amz-replication-status
COMPLETED
timing-allow-origin
*
access-control-allow-headers
*
content-length
311
x-amz-id-2
ti9agpDfeccBCTjAtWMFZTEIpWvXAp+uWV7H3qQKCqtT8GuvOGB+BtcmTEb/4vSXd3cntNicKFI=
a15853140465.html
a15853140465.cdn-pci.optimizely.com/client_storage/ Frame 08BA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a15853140465.cdn-pci.optimizely.com/client_storage/a15853140465.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.154.235 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-154-235.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
222b2d6c5671c98fa6f4c38cc2958e665e5ea444ccf368f8c8bd86695de8325f

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
892
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:47:59 GMT
etag
"ed1b5bc3a5f9a184c8cdde87a405d18b"
last-modified
Sat, 29 Apr 2023 08:30:07 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-id-2
U3Zv3mqCz9JvMYIu0eFGGjWcTVQ8GFj95pRYirXJUwtK1ZbFrEE7JBYdUsAbjlmTFWWTB71E3Ik=
x-amz-meta-pci_enabled
True
x-amz-replication-status
COMPLETED
x-amz-request-id
2EBNB0BN4NK5T21F
x-amz-server-side-encryption
AES256
x-amz-version-id
nq8_OcaTLST.oCZo3DXxQvn80HmcoKOL
di.js
cdn.decibelinsight.net/i/13830/227744/ 		173 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.decibelinsight.net/i/13830/227744/di.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-90.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
6ffcdfbe05a366a0e710b94d74987902b4844961a080dce80a23ba99b6253424
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 e7e95bff6b1d430c678b4f86ab211a1a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
server
nginx
etag
W/000073783-187CFF00331
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=5400
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
x-amz-cf-id
6Xx91cRGykzXSgpkhBMlWyTWbU9ElJ3gLkOMb_n9TizdwJSeWPzzTQ==
fbevents.js
connect.facebook.net/en_US/ 		107 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 May 2023 00:47:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27967
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
HW0gvuY5PHA1wQ9KL64HC14fuaxOpxlf4U57TBiJZ6NsX0eZGQbJXM6xyndhahAs7b9zlgROhosk1vpZWT1HSg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C8U9GNN1G3DM8EHQ7C4G&lib=ttq
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.197 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-197.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9245830f6bc8a2df18fe813e10ad49bc38693b592bfb1539f4f7338f79935a6c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id
19c49a78
date
Mon, 01 May 2023 00:47:59 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-216-133-5.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=12
content-length
1151
pragma
no-cache
server
nginx
x-tt-logid
20230501004759B28E7A8C162BB919459D
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,23.216.133.5
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0dec1487ae5a161dd259f81bd315caa1f5951ea1da51f59831c9c1ffa25532499894cbd83daea9dd5dbdaa31e84f7a2464129d2612d510928682be6dcac0cc69fb1bbef789e93dda0ec2a12f992b5eca1647
expires
Mon, 01 May 2023 00:47:59 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Mon, 01 May 2023 00:47:59 GMT
last-modified
Thu, 20 Apr 2023 19:01:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2CF6C1026A344506B8F1D88738E4798D Ref B: YMQ01EDGE0610 Ref C: 2023-05-01T00:47:59Z
etag
"808c558fba73d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12036
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Mon, 23 Jan 2023 21:56:14 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7356
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.36.157 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 15:55:14 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100040-IAD, cache-lga21965-LGA
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=83403
accept-ranges
bytes
content-length
4777
js
www.googletagmanager.com/gtag/ 		119 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9348536
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e14cada4c57838533ec6e9e9de1f1fee109149f32fb6ccd0863464b9fb26e89b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47230
x-xss-protection
0
last-modified
Mon, 01 May 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 May 2023 00:47:59 GMT
activityi;dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388
9348536.fls.doubleclick.net/ Frame 17EB
Redirect Chain
  • https://9348536.fls.doubleclick.net/activityi;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388?
  • https://9348536.fls.doubleclick.net/activityi;dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388?
495 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9348536.fls.doubleclick.net/activityi;dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388?
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
cafe /
Resource Hash
b376922d6ffe819667325abcef0f36f59560ebe7e43e291c0af97350c3d50e10
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
265
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:47:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:47:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9348536.fls.doubleclick.net/activityi;dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixie.js
acdn.adnxs.com/dmp/up/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires
Fri, 27 Jan 2023 02:11:02 GMT
Date
Mon, 01 May 2023 00:47:59 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
81229
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21930-LGA, cache-yul12829-YUL
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1682902080.917728,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
40171, 13709
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.131.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-131-14.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 12:48:32 GMT
Via
1.1 812385435e4a24499dabb443924e6b50.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P7
Age
43167
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
DZwldz9eVcmmZGrxjkoS7cF6534EUolajJiA234sQF4tMpaumB821Q==
Expires
Mon, 01 May 2023 12:48:32 GMT
main.da2a1c8f.js
s.pinimg.com/ct/lib/ 		57 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.da2a1c8f.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:497::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"b3fc8cf847afb7d5cf4f05e5407d05a3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
17556
tag.js
lptag.liveperson.net/tag/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/tag/tag.js?site=75931016
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.251.41.15 , Australia, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
last-modified
Wed, 07 Dec 2022 20:20:28 GMT
server
ws
etag
"6390f58c-1da4"
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length
7588
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
cdn.permutive.com/ 		662 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-web.js
Requested by
Host: ads.thetimes.co.uk
URL: https://ads.thetimes.co.uk/ads.times_render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3e2f556415d52b99d166b9847d6c54c1a448c5585032b44ab5e84a1b87f98c9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad
age
0
x-guploader-uploadid
ADPycdsf4aEQY_e1X7YkzZEqi3R7lVbJC7l3tXbap0ah5c4Q2QOprhRjQXtiMvDc8RY2Iz1jTYTqm5cB-4g07lDqPmb2G2Pj8GA8
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 27 Apr 2023 16:55:01 GMT
server
cloudflare
etag
W/"b0e878da4b874995f191b2f33163f93d"
vary
Accept-Encoding
x-goog-generation
1682614501455086
content-type
application/javascript
x-goog-hash
crc32c=uUBtBA==, md5=sOh42kuHSZXxkbLzMWP5PQ==
cache-control
public, max-age=900
x-goog-stored-content-length
212718
timing-allow-origin
*
cf-ray
7c04042febf753e9-YYZ
expires
Mon, 01 May 2023 01:03:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.249.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-249-178.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
ZtsI5FMPcYjgnUSe6fFwOoK3szNfqbqS
content-encoding
gzip
via
1.1 9c0f6c031cf4ffc52f89552ee0df160c.cloudfront.net (CloudFront)
date
Sun, 30 Apr 2023 23:47:36 GMT
x-amz-cf-pop
ORD51-C4
age
3659
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 27 Apr 2023 23:46:51 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
zg64bd0cNMbyBUiDjYWAjDcTJ4ggksdumeLor3-p8Og3Xrut9xxaog==
config
c.amazon-adsystem.com/cdn/prod/ 		0
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3360&u=https%3A%2F%2Fwww.thetimes.co.uk
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.249.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-249-178.ord51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 20:11:43 GMT
via
1.1 a086167ac002fd278f681a1c44914a46.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ORD51-C4
age
16575
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.thetimes.co.uk
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
hLGHTFUKZMLT9xOuQW2uI0TEQQukAd3iJ2U_pZqkNTokcyxM0YTHSA==
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-100401456-13&cid=959910921.1682902080&jid=1898700231&gjid=627916664&_gid=1961967714.1682902080&_u=YGBAgAABBAAAAEACIg~&z=1866752373
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 01 May 2023 00:47:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.thetimes.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1752853579&t=pageview&ds=web&_s=1&dl=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&dp=%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&dh=www.thetimes.co.uk&ul=en-us&de=UTF-8&dt=article%3Ahow%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAABBAAAAAACIg~&jid=1898700231&gjid=627916664&cid=959910921.1682902080&tid=UA-100401456-13&_gid=1961967714.1682902080&cg1=world&cd1=the%20times%20and%20sunday%20times&cd2=article%3Ahow%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&cd3=world&cd7=article&cd12=uk&cd13=restricted&cd51=2dd94710-3fbb-11eb-83a7-25db7141c256&cd52=methode&cd53=how%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&cd54=tom%20knowles&cd55=2020%2F12%2F17%2000%3A00%20thursday&cd56=2020%2F12%2F17&cd57=865%3A00%3A47%3A00&cd63=how%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&cd100=guest&cd102=0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08&cd105=1682902079443&cd106=1&cd109=2023%2F05%2F01%2000%3A47%20monday&cd110=2023-04-26%2013%3A15%20%5Bthetimes.2018%5D&cd111=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F112.0.5615.121%20safari%2F537.36&cd113=landscape&cd116=maincomment%20(huge)%20(react)&cd121=times%20mvt%7Cw26%3A0-w27%3A0-w28%3A0-w30%3A1&cd124=2dd94710-3fbb-11eb-83a7-25db7141c256&cd145=NONE&cd150=current%20edition&cd152=the%20times&cd154=logged%20out&cd155=united%20states&cd174=denied&cd176=%5B%5D&cd128=0&cd146=nuk%3A970b507e-02c6-4aca-ac03-4f02980cda84&cd147=1682902079525&cd66=locked&cd184=no%20flag&cd185=standard%20template&cd188=denied&cd190=%5B%5D&z=1694985931
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 03:28:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
76788
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
robots.txt
t.skimresources.com/api/v2/ Frame 90ED 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5414689821565437
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
via
1.1 google
server
Python/3.10 aiohttp/3.8.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=7.398454060283027
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 01 May 2023 00:48:00 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=7.398454060283027
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 01 May 2023 00:48:00 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
cookie.html
www.ncaudienceexchange.com/prod/ncg/ Frame 16ED 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ncaudienceexchange.com/prod/ncg/cookie.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-52.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
61936
content-encoding
gzip
content-type
text/html
date
Sun, 30 Apr 2023 07:35:44 GMT
etag
W/"27a77bbc87eed7c50fbccf9c936e316d"
last-modified
Wed, 28 Aug 2019 23:03:03 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 30aeb6ef25a393db74fabfc78bbd79e2.cloudfront.net (CloudFront)
x-amz-cf-id
lylPGznBhujxsHhN_-7FuFHQy9VbignbNzbhHTeVTA7Z_OdEmSxzVQ==
x-amz-cf-pop
EWR52-C1
x-cache
Hit from cloudfront
cookie.html
tags.realtor.com/prod/ncg/ Frame 85C2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.realtor.com/prod/ncg/cookie.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.141.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-141-41.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
40099
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 30 Apr 2023 13:39:43 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 8947f739c9a373d1bcab90a3dfa13970.cloudfront.net (CloudFront)
X-Amz-Cf-Id
QiYzVbBns3zlSE1mJuvilIDzTuWmh9ASXgq-8a9S6VmEYDJwWrI0Tw==
X-Amz-Cf-Pop
ORD51-C1
X-Cache
Hit from cloudfront
cookie.html
tags.barrons.com/prod/ncg/ Frame E779 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.barrons.com/prod/ncg/cookie.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.141.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-141-96.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
40099
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 30 Apr 2023 13:39:43 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 c9bb13136100bc969a43d76962ec0704.cloudfront.net (CloudFront)
X-Amz-Cf-Id
FufoYJK56DuFH6-sCFeAigMZGyDoqhkpfzZxb2Is6Qg2dBgQZe6Hwg==
X-Amz-Cf-Pop
ORD51-C1
X-Cache
Hit from cloudfront
cookie.html
tags.mansionglobal.com/prod/ncg/ Frame 51F6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.mansionglobal.com/prod/ncg/cookie.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.141.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-141-96.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
40099
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 30 Apr 2023 13:39:43 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 33a89f27becabefce49116de5fab23d8.cloudfront.net (CloudFront)
X-Amz-Cf-Id
XdcisHox1r5K5yuKmdHjP03ftdHayN1Del3ngnRPzVLKapk29TLdZA==
X-Amz-Cf-Pop
ORD51-C1
X-Cache
Hit from cloudfront
cookie.html
tags.marketwatch.com/prod/ncg/ Frame 6656 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.marketwatch.com/prod/ncg/cookie.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.141.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-141-41.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
40099
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 30 Apr 2023 13:39:43 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 33a89f27becabefce49116de5fab23d8.cloudfront.net (CloudFront)
X-Amz-Cf-Id
pYizmjpzyz3QsdeMI2KaVB_3IkX0kBP-lnwAF_6axZDyRtpFE-g8pw==
X-Amz-Cf-Pop
ORD51-C1
X-Cache
Hit from cloudfront
cookie.html
tags.wsj.com/prod/ncg/ Frame 1412 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.wsj.com/prod/ncg/cookie.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.141.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-141-127.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
40099
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 30 Apr 2023 13:39:43 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 7430a54821bbaeddfc77b56ba1b84eae.cloudfront.net (CloudFront)
X-Amz-Cf-Id
QzKmnbRhWUFsab5sKHU8H8heMkV-YBpIN5PWyAnFLEwEVHkc6iqzsA==
X-Amz-Cf-Pop
ORD51-C1
X-Cache
Hit from cloudfront
cookie.html
tags.nypost.com/prod/ncg/ Frame 0B83 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.nypost.com/prod/ncg/cookie.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.141.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-141-21.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
40099
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 30 Apr 2023 13:39:43 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 16a12520cb84572aced3b0a8e5f80bae.cloudfront.net (CloudFront)
X-Amz-Cf-Id
hYUCFhZEBwN1h-7uOoPQcFMiCIAS4PlOtviHciLx-GUVwKExHCFe3Q==
X-Amz-Cf-Pop
ORD51-C1
X-Cache
Hit from cloudfront
cookie.html
tags.decider.com/prod/ncg/ Frame 2CB7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.decider.com/prod/ncg/cookie.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.141.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-141-41.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
40099
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 30 Apr 2023 13:39:43 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 141029b3e261b8fcf3df752d67bae9ba.cloudfront.net (CloudFront)
X-Amz-Cf-Id
r_cOiw30fwk8Swu7oJ-91GowheHWeXJJFttSKx5CFsE06VBxxtOlIA==
X-Amz-Cf-Pop
ORD51-C1
X-Cache
Hit from cloudfront
cookie.html
tags.pagesix.com/prod/ncg/ Frame 8F8A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.pagesix.com/prod/ncg/cookie.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.141.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-141-127.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
40099
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 30 Apr 2023 13:39:43 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 5971d213ff39e16c310a05523f08e120.cloudfront.net (CloudFront)
X-Amz-Cf-Id
MFVaOsGy2KaQnvInD4pexOZQI9F0wGIOmP-wD4VLtfSFd_5ea9kmFw==
X-Amz-Cf-Pop
ORD51-C1
X-Cache
Hit from cloudfront
cookie.html
tags.knewz.com/prod/ncg/ Frame 73BB 		0
0
cookie.html
tags.penews.com/prod/ncg/ Frame D372 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.penews.com/prod/ncg/cookie.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.249.141.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-141-21.ord51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
78124
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Sun, 30 Apr 2023 05:08:13 GMT
ETag
W/"27a77bbc87eed7c50fbccf9c936e316d"
Last-Modified
Wed, 28 Aug 2019 23:03:03 GMT
Server
AmazonS3
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 e9dbb62af8eec6cb13379a137374c506.cloudfront.net (CloudFront)
X-Amz-Cf-Id
xOVrVz6t9mQyKeMViVTEY3zTR27B2Q43H2O7LklVukRaSen3__tEMw==
X-Amz-Cf-Pop
ORD51-C1
X-Cache
Hit from cloudfront
i
v2.pixel.newscgp.com/ 		43 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v2.pixel.newscgp.com/i?stm=1682902079908&e=se&se_ca=aka&se_ac=link%3Adomain&se_la=99422757-6746-467e-a72b-afb118d148f9&se_pr=thetimes.co.uk&eid=08ba30df-b7e7-4ab5-8538-94f016ef00ef&tv=js-3.4.0&tna=_ncg__0&aid=newsconnect-global&p=web&cookie=1&cs=UTF-8&lang=en-US&res=1600x1200&cd=24&tz=Etc%2FUnknown&dtm=1682902079900&vp=1600x1200&ds=1600x2461&vid=1&sid=00f2ba6e-6c62-4534-8aa8-c53afae9bb96&duid=99422757-6746-467e-a72b-afb118d148f9&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiJmNDBhNjg2My1jMWY0LTQ0NGQtYjE5YS1mNTcwNWE4ZWNlMTMifX1dfQ
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.180.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.180.102.34.bc.googleusercontent.com
Software
akka-http/10.2.7 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
via
1.1 google
server
akka-http/10.2.7
content-type
image/gif
access-control-allow-origin
https://www.thetimes.co.uk
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
i
tags.thetimes.co.uk/cs/bounce/
Redirect Chain
  • https://tags.thetimes.co.uk/cs/sync/i
  • https://us.tags.newscgp.com/cs/sync/i?expiry_ts=1745974079&origin=tags.thetimes.co.uk
  • https://us.tags.newscgp.com/cs/bounce/i?expiry_ts=1745974079&origin=tags.thetimes.co.uk&fallback_id=e9d39eb2-9a31-4a27-8490-2a5d1858679d.3.1682902080.1745974079
  • https://tags.thetimes.co.uk/cs/bounce/i?expiry_ts=1745974079&nuid=e9d39eb2-9a31-4a27-8490-2a5d1858679d.3.1682902080.1745974079
43 B
813 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.thetimes.co.uk/cs/bounce/i?expiry_ts=1745974079&nuid=e9d39eb2-9a31-4a27-8490-2a5d1858679d.3.1682902080.1745974079
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Server
13.249.141.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-141-41.ord51.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:48:00 GMT
Via
1.1 e9dbb62af8eec6cb13379a137374c506.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
ORD51-C1
X-Cache
LambdaGeneratedResponse from cloudfront
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
0L30dK7qhpkiu270-M9qru6yyYzjK-RQR8rumwfDd1vtLP_qd8I3Jg==

Redirect headers

Date
Mon, 01 May 2023 00:48:00 GMT
Via
1.1 a625757367106dcbcbb3061170ce34d8.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
ORD51-C1
X-Cache
LambdaGeneratedResponse from cloudfront
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Location
https://tags.thetimes.co.uk/cs/bounce/i?expiry_ts=1745974079&nuid=e9d39eb2-9a31-4a27-8490-2a5d1858679d.3.1682902080.1745974079
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
ormwDvX4U_KgIJcyJaXK5jX2rTrDnfONUYq5L6DJN54cfL_tHz7UUQ==
/
r.skimresources.com/api/ 		176 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.19.9.1 /
Resource Hash
4c765c88e6db1f3f2a8654af74c9bb4caaa48a6dbde14464766f47d7ec0a524b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
server
openresty/1.19.9.1
via
1.1 google
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thetimes.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
bid
aax.amazon-adsystem.com/e/dtb/ 		216 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3360&u=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&pid=4iZDvINvwcWlK&cb=0&ws=1600x1200&v=23.426.459&t=2000&slots=%5B%7B%22sd%22%3A%22ad-header%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F3048%2Fd.thetimes.co.uk%22%2C%22kv%22%3A%7B%7D%7D%5D&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.16.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-16-121.ord51.r.cloudfront.net
Software
Server /
Resource Hash
e51d7fb409401fc264d0d333269b7501575be43191481a8f3e8d9fc52b595a08
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 4e3af59e287241316180a892b963fa84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ORD51-C2
x-amz-rid
TFSWJT2Q4SN35N6NH5N0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.thetimes.co.uk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
216
x-amz-cf-id
Szf95s6liFScn7MjD8FA5YEQvyDPSWtPZkTFPvjDExIElk27M4KKeQ==
pub
pixel.adsafeprotected.com/services/ 		293 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=930174&slot=%7Bid:ad-header,ss:%5B970.250,970.90,728.90%5D,p:3048/d.thetimes.co.uk/world%7D&wr=1600.1200&sr=1600.1200&url=https%253A%252F%252Fwww.thetimes.co.uk%252Farticle%252Fthe-us-it-hack-your-questions-answered-6rwqkvghq
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.76.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-76-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f2c185399ca48db09ac7fcef63b0307546f68ea8ae693dd5c9c2546d65ea29ec

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
server
nginx
x-server-name
app22.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.thetimes.co.uk
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-100401456-13&cid=959910921.1682902080&jid=1898700231&_u=YGBAgAABBAAAAEACIg~&z=775142600
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-100401456-13&cid=959910921.1682902080&jid=1898700231&_u=YGBAgAABBAAAAEACIg~&z=775142600
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
auction
elb.the-ozone-project.com/openrtb2/ 		304 B
669 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
479d52748acfee904db3c9d5e03dcb695a9233989f2ecb550acf7998ca0ad845

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thetimes.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c0404312d6e54d9-YYZ
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691fc0173733320f834dbc4a80029&pos=8a9691fc0173733320f834dcc826002e&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
3e69f6a55fe9b7116dc923e2171a2d0eb1a830515b5c4854e0bf3cdcb51ce693

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimes.co.uk
access-control-allow-credentials
true
content-length
78
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691fc0173733320f834dbc4a80029&pos=8a9691fc0173733320f834dc76ee002d&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7d82542628d06b83ca8f910c7b2f322ab86a15164f2277f7c223096275750bbb

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
gzip
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.thetimes.co.uk
access-control-allow-credentials
true
content-length
80
prebid
ib.adnxs.com/ut/v3/ 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c06d9ffa6caae0705a90c8b627994bbe69323a254fd1aadecf685fe008f53c17
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:00 GMT
AN-X-Request-Uuid
744770d7-db63-4d82-9011-884f84d0febc
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thetimes.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
mp.4dex.io/ 		0
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:00 GMT
x-err
Parsing the Prebid Request. adstxt lines or seller entries are incomplete
x-version
3.0.0-gcp-las
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-origin
https://www.thetimes.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c0404310ada4bcb-YUL
expires
0
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.22.0&cb=30087632338&lsavail=0
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thetimes.co.uk
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
fastlane.json
fastlane.rubiconproject.com/a/api/ 		256 B
819 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=7753&site_id=76518&zone_id=448756&size_id=2&alt_size_ids=55%2C57&gdpr=0&us_privacy=1---&rf=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&tk_flint=pbjs_lite_v7.22.0&x_source.tid=92767ce7-a02f-4d71-a805-81e2071adfa3&l_pb_bid_id=13c6769c31a0d21&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.45882763183417086
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::43 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5d8316d3da532dbd804b706b9a29545f21301fe3782f377c3fdb5cc58830538f

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thetimes.co.uk
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
256
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.22.0&referrer=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&tmax=1500&gdpr=false&us_privacy=1---
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.221.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-221-238.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:00 GMT
accept-ch
sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thetimes.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hit.gif
uk-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uk-script.dotmetrics.net/hit.gif?id=5922&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&dom=www.thetimes.co.uk&r=1682902080131&pvs=1&pvid=09ebef16-77a5-4046-9bc7-a435a654ae52&c=true&tzOffset=0&doorUrl=http%3a%2f%2fuk-script.dotmetrics.net%2fdoor.js%3fd%3dwww.thetimes.co.uk%26t%3dworld
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-16.ewr52.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
dotmetrics-hit-status
01 OK
via
1.1 f5a11ff9652a64f1fcf7e2671d944f46.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
EWR52-C4
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
vMjpVrXIJuh0YO1q9ywPmMVgkVTEldEGRwPLFQS33BX3KeD1UTeK8w==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=5922&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&dom=www.thetimes.co.uk&r=1682902080131&pvs=1&pvid=09ebef16-77a5-4046-9bc7-a435a654ae52&c=true&tzOffset=0
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:7600:d:5ce3:a4c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 05:44:01 GMT
via
1.1 2772ea7c91d6d2b9d83ea6d082faecc8.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
68640
x-amz-server-side-encryption
AES256
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
_Enh9KqS3owXKpLn6DsGa8mQWBgPC4m3NWZ7AmcYVbNujDsbT0szZw==
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1682902080151&id=t2_t4sl0k0h&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=38b05913-71b2-4ca2-8221-ec940b11eef1&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
/
ct.pinterest.com/user/ 		534 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2614380761124&ov=%7B%22page_name%22%3A%22How%20did%20the%20US%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F%22%2C%22page_category%22%3A%22%22%7D&pd=%7B%22np%22%3A%22tealium%22%7D&cb=1682902080158&dep=2%2CPAGE_LOAD
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2e1b30d479bed158addbe02be1f056924b0f4b4c6afc73e14a7aa7b8821f884e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pin-unauth
dWlkPVpUSmlObUptTUdFdFlUazRNQzAwTlROaUxUbGtaamd0WldOaFl6Qm1OVEEwTjJVMg
pragma
no-cache
content-encoding
gzip
referrer-policy
origin
date
Mon, 01 May 2023 00:48:01 GMT
x-cdn
fastly
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thetimes.co.uk
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
x-pinterest-rid
4100291474803679
content-length
375
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/user/ 		534 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=PageVisit&ed=%7B%7D&tid=2614380761124&cb=1682902080160&dep=5%2CEVENT_TAGS_ABSENT
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2e1b30d479bed158addbe02be1f056924b0f4b4c6afc73e14a7aa7b8821f884e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pin-unauth
dWlkPVlXTTJZekJtWlRFdE16WTBaaTAwWmpjd0xXSXlORGN0T1dJeU1UZGhabVkzTVRZeQ
pragma
no-cache
content-encoding
gzip
referrer-policy
origin
date
Mon, 01 May 2023 00:48:00 GMT
x-cdn
fastly
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thetimes.co.uk
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
x-pinterest-rid
8657613119809063
content-length
375
expires
Sat, 01 Jan 2000 00:00:00 GMT
1281528678605750
connect.facebook.net/signals/config/ 		516 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1281528678605750?v=2.9.102&r=stable
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4e377564864adc28310ac97a268533bc6d3ae499977d2ec8f577a404c73256e7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 May 2023 00:48:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
152533
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
YydRU4CFjPsnWUaVVOpYo3jj7rg7isS+38t8SyK+zZPRvd2adicId08RmCebKDciXvUp3V87n/bfyS95d3aF5w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
40000059.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/40000059.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Mon, 01 May 2023 00:47:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 1F5443127C504AC58C72CB427E8CCE1C Ref B: YMQ01EDGE0610 Ref C: 2023-05-01T00:48:00Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=40000059&Ver=2&mid=6c396dbc-cc69-4ed0-8174-4ce18807a99e&sid=d250eb00e7b911eda58861756934c519&vid=d25136b0e7b911ed8335bd856bfdb935&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=How%20did%20the%20US%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&p=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&r=&lt=4158&evt=pageLoad&sv=1&rn=803937
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 01 May 2023 00:47:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 84F88C94E2844C1FA40ABA43BC9E5F36 Ref B: YMQ01EDGE0610 Ref C: 2023-05-01T00:48:00Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/1/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=cf8a872a-db93-45be-8c20-5c37afb662df&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=20485655-e628-417c-8770-185fce5fdd0c&tw_document_href=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&tw_iframe_status=0&txn_id=nxepr&type=javascript&version=2.3.29
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
5
date
Mon, 01 May 2023 00:47:59 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
ecc1d49b6e0a6365
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ebed59b06aaa7f715e70c1800970adbf39c79db9f8c247d173e858df5797f153
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=cf8a872a-db93-45be-8c20-5c37afb662df&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=20485655-e628-417c-8770-185fce5fdd0c&tw_document_href=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&tw_iframe_status=0&txn_id=nxepr&type=javascript&version=2.3.29
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
7
date
Mon, 01 May 2023 00:47:59 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
2cd13f61b78cc66d
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
dddf2e1588772ee8915f9f4cd4c6f82b2e842db4645bc4afa7a7ac94396716e2
content-length
43
adsct
t.co/1/i/ 		43 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=ef38d89e-2831-44a0-901d-7d348e3b7d66&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=20485655-e628-417c-8770-185fce5fdd0c&tw_document_href=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&tw_iframe_status=0&txn_id=o40wa&type=javascript&version=2.3.29
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
6
date
Mon, 01 May 2023 00:48:00 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
5ed0c96bc208951b
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ebed59b06aaa7f715e70c1800970adbf39c79db9f8c247d173e858df5797f153
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=ef38d89e-2831-44a0-901d-7d348e3b7d66&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=20485655-e628-417c-8770-185fce5fdd0c&tw_document_href=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&tw_iframe_status=0&txn_id=o40wa&type=javascript&version=2.3.29
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
7
date
Mon, 01 May 2023 00:47:59 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
4de4dfafe6fecd65
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
dddf2e1588772ee8915f9f4cd4c6f82b2e842db4645bc4afa7a7ac94396716e2
content-length
43
adsct
t.co/1/i/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1a77d634-95c9-452d-b71f-264cb6137912&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=20485655-e628-417c-8770-185fce5fdd0c&tw_document_href=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&tw_iframe_status=0&txn_id=o0l9e&type=javascript&version=2.3.29
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
6
date
Mon, 01 May 2023 00:47:59 GMT
strict-transport-security
max-age=0
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
3a07782a71aa64ef
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ebed59b06aaa7f715e70c1800970adbf39c79db9f8c247d173e858df5797f153
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=1a77d634-95c9-452d-b71f-264cb6137912&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=20485655-e628-417c-8770-185fce5fdd0c&tw_document_href=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&tw_iframe_status=0&txn_id=o0l9e&type=javascript&version=2.3.29
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
5
date
Mon, 01 May 2023 00:47:59 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
6fe961c3c8f6d299
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
dddf2e1588772ee8915f9f4cd4c6f82b2e842db4645bc4afa7a7ac94396716e2
content-length
43
/
adservice.google.com/ddm/fls/i/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.t... Frame B924 		494 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Requested by
Host: 9348536.fls.doubleclick.net
URL: https://9348536.fls.doubleclick.net/activityi;dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9285d05aeb59059b7f589af51800c30a9acf7a917b0dde69ddbf7a442304a152
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9348536.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
264
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:48:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
ct.pinterest.com/v3/ 		35 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2614380761124&ov=%7B%22page_name%22%3A%22How%20did%20the%20US%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F%22%2C%22page_category%22%3A%22%22%7D&pd=%7B%22np%22%3A%22tealium%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22da2a1c8f%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1682902080303
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:00 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
x-pinterest-rid
5674866271100222
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixie
ib.adnxs.com/ 		42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=LandingPage&registration_type=logged%20out&page_type=article&page_section=world&page_name=article%3Ahow%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&customer_type=guest&article_topic_tags=united%20states&article_author=tom%20knowles&pi=1dfbc2ed-5292-42fd-adb8-7c8d24add7b4&it=1682902080307&v=0.0.20&u=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&st=1682902080307&et=1682902080308&if=0
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:48:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
token
cdn.linkedin.oribi.io/partner/59197/domain/thetimes.co.uk/ 		36 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/59197/domain/thetimes.co.uk/token
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:4400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:31:35 GMT
content-encoding
gzip
via
1.1 f2a089fdf9c4d9b8b64603e525d1fdf4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK51-C1
age
985
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
yBJexmEiWZb9gRZxe46PubHscYqNoWVkUQvttmoenX1q5jMWvodg7Q==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=59197&time=1682902080311&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=59197&time=1682902080311&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D59197%26time%3D1682902080311%26url%3Dhttps%253A%252F%252Fwww.thetimes.co.uk%252Fa...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=59197&time=1682902080311&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&cookiesTest=true&liSync...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=59197&time=1682902080311&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&cookiesTest=true&liSyn...
0
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=59197&time=1682902080311&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&cookiesTest=true&liSync=true&e_ipv6=AQLqt2W1aEa_GQAAAYfUx94PaN5nBtgB2QQ6XN05bMxNx2wS88RmA1njH4qyxceUx8ps1Abd
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 41A7472661C54FBF9543CF90B8040B28 Ref B: YMQ01EDGE0622 Ref C: 2023-05-01T00:48:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6lyy9npt4rWAAhcLaRw==

Redirect headers

date
Mon, 01 May 2023 00:48:00 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D3AF05F5089546B6BA55CD2F083D72BC Ref B: YMQ01EDGE0807 Ref C: 2023-05-01T00:48:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=59197&time=1682902080311&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&cookiesTest=true&liSync=true&e_ipv6=AQLqt2W1aEa_GQAAAYfUx94PaN5nBtgB2QQ6XN05bMxNx2wS88RmA1njH4qyxceUx8ps1Abd
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6lyy7Va9hSxdUX1bHvg==
main.MTYwYzA3NDgwMA.js
analytics.tiktok.com/i18n/pixel/static/ 		242 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MTYwYzA3NDgwMA.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.197 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-197.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3eaca54ea2a5e3554ee0f3710e40ea7730b006ef43c1ed5f386fe10d6087fc56

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id
19c49e02
date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230425123101153FEB79803D26AEEA75
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-216-133-5.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01b77a6711ea6a4df87f20dd4d5c86f8cafe8a62341dd3c88167c45e9afd3a93699eed907eb463ddc03d4e95365049a7ef97d3719a4a1d7fb74a0c6c9060aaa2ee9956941dcba7d3d1186ebe89a42b831ecfda327e8e28a9ac02876727f694bd51
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=16
content-length
67319
script.js
uk-script.dotmetrics.net/Scripts/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/Scripts/script.js?v=224
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-16.ewr52.r.cloudfront.net
Software
Kestrel /
Resource Hash
69bc6a7d93e0fb524d0872c1be88834c14147d5ae7da3c71fdeb7574359ea9ae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
br
via
1.1 f5a11ff9652a64f1fcf7e2671d944f46.cloudfront.net (CloudFront)
last-modified
Fri, 21 Apr 2023 07:17:58 GMT
server
Kestrel
x-amz-cf-pop
EWR52-C4
etag
"1d97421661c9589"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
-ey8uSIUu5YYwqmB-DvgTMAWtPyAbOtvbf5jBZ1NocibCdjNnoqX2g==
p.js
cdn.parsely.com/keys/thetimes.co.uk/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/thetimes.co.uk/p.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.21.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-21-38.ord51.r.cloudfront.net
Software
nginx /
Resource Hash
ce91e55368eb860c6b3171ce0a33be74f06ed9f7e792800b685383154bdc9ab3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
public
date
Sun, 30 Apr 2023 15:20:13 GMT
content-encoding
gzip
via
1.1 6970aae0c617a1b9b328fc27b7cb6e3c.cloudfront.net (CloudFront)
last-modified
Wed, 01 Jun 2022 18:16:50 GMT
server
nginx
x-amz-cf-pop
ORD51-C2
age
34113
etag
W/"6297ad12-11e86"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
2mm27-igRf0bk3JV7hDf5xXPX9VwoqhmQFOQkLtiI-t8kXxU2kQdGw==
expires
Mon, 01 May 2023 15:19:27 GMT
pxid
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co/v2.0/ 		46 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co/v2.0/pxid?k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
0aa923d774875a360e6cdb1f91c5c77ec6559d2dc27510f94b08962237ab92d9

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thetimes.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		29 B
995 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9db2490149e4ff77354a701941812dbf6d9ff57cc8edd7d85708e0f22888de9a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:00 GMT
AN-X-Request-Uuid
64c6e420-c7d6-46e6-8e88-8671928f5c38
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.thetimes.co.uk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
29
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-models.bin
cdn.permutive.com/models/v2/ 		107 KB
75 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/88a66e5c-8fe8-48af-9c6c-3ec3f4983aad-models.bin
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9e679e0532e6fc834055bebea3f4c7fbbf908b801af9e58919f4e584202c8d6

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad
age
0
x-guploader-uploadid
ADPycdufyeh3YOFltXreSrNyX-Z3H6RyOqzUCn91yeDo6B-I-5fFW2OXCrwK5MUKkHkSmvK1CdlekEvjKzIHJpssWYGn_yNEhuHu
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
75875
last-modified
Sun, 30 Apr 2023 06:02:07 GMT
server
cloudflare
etag
"7e84ed1e4a4b85800afc4289c3a9a2aa"
vary
Accept-Encoding
x-goog-generation
1682834527477002
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=lrc0wA==, md5=foTtHkpLhYAK/EKJw6miqg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
75875
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c040432cfeba214-YYZ
expires
Mon, 01 May 2023 00:26:31 GMT
geoip
api.permutive.com/v2.0/ 		249 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
65e46732d0930db4f321ac805a0838672ce0345e7590a32b66c6ef879fd65147

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thetimes.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
178
page
t.skimresources.com/api/v2/ 		22 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:00 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.thetimes.co.uk
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
link
t.skimresources.com/api/v2/ 		22 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.10 aiohttp/3.8.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:00 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.10 aiohttp/3.8.4
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://www.thetimes.co.uk
warning
299 - "Deprecated API"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
82a6efc0-3204-4e97-a906-9d3ad1a9047a
https://www.thetimes.co.uk/ 		302 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thetimes.co.uk/82a6efc0-3204-4e97-a906-9d3ad1a9047a
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d763b98abd5f30318783630261c960afce132a1c8eec032f7e1832861934e783

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
308977
Content-Type
8c369589-bfc5-4cd0-a561-225c4c93e573
https://www.thetimes.co.uk/ 		302 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.thetimes.co.uk/8c369589-bfc5-4cd0-a561-225c4c93e573
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d763b98abd5f30318783630261c960afce132a1c8eec032f7e1832861934e783

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length
308977
Content-Type
i
v2.pixel.newscgp.com/ 		43 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://v2.pixel.newscgp.com/i?stm=1682902080529&e=pv&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&page=Page-View&eid=ad02b9f7-4bb2-4e29-aaf0-5e33793d3068&tv=js-3.4.0&tna=_ncg__0&aid=newsconnect-global&p=web&cookie=1&cs=UTF-8&lang=en-US&res=1600x1200&cd=24&tz=Etc%2FUnknown&dtm=1682902080527&vp=1600x1200&ds=1600x2461&vid=1&sid=00f2ba6e-6c62-4534-8aa8-c53afae9bb96&duid=99422757-6746-467e-a72b-afb118d148f9&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ubmV3c2NncC9ha2EvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsidXNlcl9pZCI6IiIsInVzZXJfcHJvdmlkZXIiOiIiLCJ1c2VyX21lbXR5cGUiOiJhbm9ueW1vdXMiLCJ1c2VyX25ld3NsZXR0ZXJfaWQiOiIiLCJ1c2VyX25ld3NsZXR0ZXJfcHJvdmlkZXIiOiIiLCJicm93c2VyX2RtcF9pZCI6IjllYTY1OTQwLTgzODQtNGIxOC1hODNlLTk5ODJjNWFhYWEzNSIsImJyb3dzZXJfZG1wX3Byb3ZpZGVyIjoicGVybXV0aXZlIiwiYnJvd3Nlcl9hZHNfcHBpZCI6IjAxODdkNGM3ZDdkMjAwOWVmNjNlN2Y1ZDlmNzAwMzA3NDAwNTMwNmMwMGIwOCIsImJyb3dzZXJfYWRzX3Byb3ZpZGVyIjoidGVhbGl1bSIsImJyb3dzZXJfYW5hbHl0aWNzX2lkIjoiIiwiYnJvd3Nlcl9hbmFseXRpY3NfcHJvdmlkZXIiOiIiLCJicm93c2VyX25jZ19pZCI6IiJ9fSx7InNjaGVtYSI6ImlnbHU6Y29tLm5ld3NjZ3AvYXJ0aWNsZS9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6eyJhcnRpY2xlX2lkIjoiMmRkOTQ3MTAtM2ZiYi0xMWViLTgzYTctMjVkYjcxNDFjMjU2IiwiYXJ0aWNsZV9zb3VyY2UiOiIiLCJhcnRpY2xlX3B1Ymxpc2hlZF90aW1lIjoiMjAyMC8xMi8xNyAwMDowMCB0aHVyc2RheSIsImNvbnRlbnRfdHlwZSI6ImFydGljbGUiLCJzZWN0aW9uIjoid29ybGQiLCJzdWJzZWN0aW9uIjoiYXJ0aWNsZSIsInN1YnN1YnNlY3Rpb24iOiJ0aGUtdXMtaXQtaGFjay15b3VyLXF1ZXN0aW9ucy1hbnN3ZXJlZC02cndxa3ZnaHEiLCJzdWJzdWJzdWJzZWN0aW9uIjoiIiwic3Vic3Vic3Vic3Vic2VjdGlvbiI6IiIsImFydGljbGVfcGFpZF9jb250ZW50X3R5cGUiOiJyZXN0cmljdGVkIn19LHsic2NoZW1hIjoiaWdsdTpjb20uc25vd3Bsb3dhbmFseXRpY3Muc25vd3Bsb3cvd2ViX3BhZ2UvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiaWQiOiJmNDBhNjg2My1jMWY0LTQ0NGQtYjE5YS1mNTcwNWE4ZWNlMTMifX1dfQ
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.180.215 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
215.180.102.34.bc.googleusercontent.com
Software
akka-http/10.2.7 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:59 GMT
via
1.1 google
server
akka-http/10.2.7
content-type
image/gif
access-control-allow-origin
https://www.thetimes.co.uk
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
/
ct.pinterest.com/v3/ 		35 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%7D&tid=2614380761124&cb=1682902080530&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22tealium%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22da2a1c8f%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:00 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
6
x-pinterest-rid
1742821634865072
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.thetimes.co.uk
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:804::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.thetimes.co.uk
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3237086424066840&correlator=1274533956795528&eid=31072878%2C31073385%2C31073561&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=3048%2Cd.thetimes.co.uk%2Cworld&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=320x50%2C320x50%2C1x1%2C2x2&fluid=height%2Cheight%2C0%2C0&ifi=1&adks=3502671567%2C3502671566%2C3050982958%2C1876562555&sfv=1-0-40&prev_scp=pos%3Dadvert-inarticle-native-1%26sg%3DTNLnative%7Cpos%3Dadvert-inarticle-native-2%26sg%3DTNLnative%7Cpos%3Dpixel%26sg%3DDirect%7Cpos%3DpixelSticky%26sg%3DDirect&eri=1&cust_params=poll%3D1%26admProcessResponseError%3D1%26admDataSetForGPT%3D714%26pageviewId%3D0721edc2-7d74-455e-b49e-0ee632275721%26refresh%3Dfalse%26pw%3D1%26path%3D%252Farticle%252Fthe-us-it-hack-your-questions-answered-6rwqkvghq%26section%3Dworld%26cont_type%3Dart%26aid%3D2dd94710-3fbb-11eb-83a7-25db7141c256%26testgroup%3D50%26alReferrerCat%3Ddirect%26skins%3Dfull%26gptSlotsReady%3D718.1000022888184%26zephr%3DNO_ACCESS%26permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1682902080619&lmt=1682902080&dlt=1682902076378&idt=3578&adxs=468%2C800%2C800%2C0&adys=1050%2C1050%2C1921%2C0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&frm=20&vis=1&psz=663x120%7C663x120%7C1180x0%7C1600x2461&msz=331x41%7C331x41%7C0x0%7C1x-1&fws=0%2C0%2C0%2C516&ohw=0%2C0%2C0%2C1&ga_vid=959910921.1682902080&ga_sid=1682902081&ga_hid=1752853579&ga_fc=true
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8762c80c3a747479407023dcbacd458df1d1b5ce79f7b5102225ca0fac5c126e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
441
x-xss-protection
0
google-lineitem-id
-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thetimes.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4e287dc695b12e9d739295a98a20840b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame ED3D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4e287dc695b12e9d739295a98a20840b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:48:00 GMT
expires
Tue, 30 Apr 2024 00:48:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https:... Frame 3304
Redirect Chain
  • https://adservice.google.ca/ddm/fls/i/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https:...
  • https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~ore...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
cafe /
Resource Hash
59715566fcea47314ddb5750cd7727e829dee939a3f0733f2dbbb40064458171
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
1272
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:48:00 GMT
expires
Mon, 01 May 2023 00:48:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:48:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		36 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3237086424066840&correlator=1274533956795528&eid=31072878%2C31073385%2C31073561&output=ldjh&gdfp_req=1&vrg=202304250101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=3048%2Cd.thetimes.co.uk%2Cworld&enc_prev_ius=0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=5&adks=3669364404&sfv=1-0-40&prev_scp=pos%3Dheader%26sg%3DDirect%26lazyLoad%3Dtrue%26pcnt%3D5%26amznbid%3D2%26amznp%3D2%26id%3Dd24a63f1-e7b9-11ed-93b4-0ae2e554fbf5%26pub%3D40%2C50%26grm%3D40%2C50%2C60%2C70%2C80%26vw%3D40%2C50%2C60%2C70%2C80%26fr%3Dfalse%26drg%3DveryLow%26vio%3DveryLow%26off%3DveryLow%26hat%3DveryLow%26dlm%3DveryLow%26alc%3DveryLow%26adt%3DveryLow&eri=1&cust_params=poll%3D1%26admProcessResponseError%3D1%26admDataSetForGPT%3D714%26pageviewId%3D0721edc2-7d74-455e-b49e-0ee632275721%26refresh%3Dfalse%26pw%3D1%26path%3D%252Farticle%252Fthe-us-it-hack-your-questions-answered-6rwqkvghq%26section%3Dworld%26cont_type%3Dart%26aid%3D2dd94710-3fbb-11eb-83a7-25db7141c256%26testgroup%3D50%26alReferrerCat%3Ddirect%26skins%3Dfull%26gptSlotsReady%3D718.1000022888184%26zephr%3DNO_ACCESS%26permutive%3D&sc=1&cookie_enabled=1&abxe=1&dt=1682902080711&lmt=1682902080&dlt=1682902076378&idt=3578&adxs=315&adys=50&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&frm=20&vis=1&psz=1180x250&msz=970x0&fws=0&ohw=0&ga_vid=959910921.1682902080&ga_sid=1682902081&ga_hid=1752853579&ga_fc=true
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1276be501dcb68ebb06f93c555ba511f2cf6cb03f6ed55cca0ba88bebb99376c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13794
x-xss-protection
0
google-lineitem-id
6236753241
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138424706906
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.thetimes.co.uk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify
api.permutive.com/v2.0/ 		50 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
ba89ee5a4362485da5bfa827b1fb1e3a8fd556a47753835beb28afa48179e757

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thetimes.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
identify_79a0c.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_79a0c.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.197 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-197.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id
19c4a20b
date
Mon, 01 May 2023 00:48:00 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20230425123105153FEB79803D26AEEBBB
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-216-133-5.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
017b37cca9e7f93c489f32e1df044c6a8cb29ac15e47d16b71785a8c117d7844c772a8d1b3902b2258b39599c0cd5b35dfc2f101568186a5f31f8e31f042aaf684878d4e970c3190dcf2afee9ade81b7717c3bcbe08a4dfb236b398d3dd5088d80
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length
30747
pixel
analytics.tiktok.com/api/v2/ 		0
549 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTYwYzA3NDgwMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.40.197 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-40-197.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:00 GMT
x-akamai-request-id
19c4a29c
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202305010048007ABEC84F3F1BF7242E92
x-cache
TCP_MISS from a23-216-133-5.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
37,23.216.133.5
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0dec1487ae5a161dd259f81bd315caa1f595921d24fd2fae9d68f727fd0dcb89f3099b344ac2dfd7d76ab375caffbdc3eaf7a909d0f2eda33416dcf6ae46e6607b48c4d65a328f58e4f081bea08cf1ce894d
server-timing
inner; dur=26, cdn-cache; desc=MISS, edge; dur=5, origin; dur=37
content-length
0
expires
Mon, 01 May 2023 00:48:00 GMT
iu3
s.amazon-adsystem.com/ Frame 8C26
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
386 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e7b380576ba7b0cb5ff51a2291f22bd56153822dce9b4ac4f08028393d50e829
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
386
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
5YT2W4YNQ2WAXDJWBS8N

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 01 May 2023 00:48:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
JN0GBAD2GXYSD5XDFQ26
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1281528678605750&ev=PageView&dl=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&rl=&if=false&ts=1682902080899&cd[content_name]=article%3Ahow%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&cd[content_ids]=%5B%222dd94710-3fbb-11eb-83a7-25db7141c256%22%5D&cd[content_category]=article&cd[ce_segment]=&cd[page_section]=world&cd[page_section_2]=&cd[customer_type]=guest&cd[tpw_zephr_status]=denied&cd[tpw_views_allowed]=&cd[tpw_views_remaining]=&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=0&o=30&cs_est=true&fbp=fb.2.1682902080893.1396805622&eid=ob3_plugin-set_1b12b80e9147f1515ede87e59428cc3a39b3423b7cf43f30e4adce8fd9b409a3&it=1682902080172&coo=false&rqm=GET
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 01 May 2023 00:48:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1281528678605750&ev=ViewContent&dl=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&rl=&if=false&ts=1682902080902&cd[content_name]=article%3Ahow%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&cd[content_ids]=%5B%222dd94710-3fbb-11eb-83a7-25db7141c256%22%5D&cd[content_category]=article&cd[ce_segment]=&cd[page_section]=world&cd[page_section_2]=&cd[customer_type]=guest&cd[tpw_zephr_status]=denied&cd[tpw_views_allowed]=&cd[tpw_views_remaining]=&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.2.1682902080893.1396805622&eid=ob3_plugin-set_745a47336112cfcd63c4927d7bdb553074ed4f3cc245fb79e0f63756484d1762&it=1682902080172&coo=false&rqm=GET
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 01 May 2023 00:48:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
events
capig.thetimes.co.uk/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capig.thetimes.co.uk/events
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.197.204.50 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.204.197.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thetimes.co.uk
date
Mon, 01 May 2023 00:48:01 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
0
vary
origin
events
capig.thetimes.co.uk/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capig.thetimes.co.uk/events
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.197.204.50 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.204.197.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thetimes.co.uk
date
Mon, 01 May 2023 00:48:01 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
0
vary
origin
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1682902080937&plid=67227097&idsite=thetimes.co.uk&url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22registration_type%22%3A%22logged+out%22%2C%22article_locked_status%22%3A%22locked%22%2C%22customer_type%22%3A%22guest%22%2C%22page_section%22%3A%22world%22%2C%22page_section_2%22%3A%22%22%2C%22page_section_3%22%3A%22%22%2C%22page_section_4%22%3A%22%22%2C%22campaign_internal%22%3A%22%22%7D&sid=1&surl=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&sref=&sts=1682902080922&slts=0&title=How+did+the+US+cyberattack+happen+and+why+did+no+one+notice%3F&date=Mon+May+01+2023+00%3A48%3A00+GMT%2B0000+(GMT)&action=pageview&pvid=34917301&u=pid%3D406d7ae099ac52cb2e7a536ffb48b036
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-161-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:48:01 GMT
Cache-Control
no-cache
Last-Modified
Monday, 01-May-2023 00:48:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
events
logx.optimizely.com/v1/ 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.42.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-42-189.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 01 May 2023 00:48:01 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.thetimes.co.uk
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
a83aae28-c704-4cd8-9a22-9ebb0f0e2331
obtp.js
amplify.outbrain.com/cp/ Frame 3304 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: 9348536.fls.doubleclick.net
URL: https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.69.74 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-69-74.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5a62982f68f482f811e87d3bdeb4785ddf70e787def294f21e0a5748a27179d5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9348536.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:48:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Apr 2023 09:42:03 GMT
Server
AkamaiNetStorage
ETag
"838e9c2ec6e148b2af141d9d77d0f660:1680601864.72"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
NA
Cache-Control
max-age=1200
X-CC
CA
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6771
Expires
Mon, 01 May 2023 01:08:01 GMT
ytc.js
s.yimg.com/wi/ Frame 3304 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: 9348536.fls.doubleclick.net
URL: https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9348536.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:47:50 GMT
x-amz-version-id
JGW8wXvjjj83MVu5c5k1Bd2u8_DD2rYy
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
K734HJJZQFK5NT4C
age
12
x-amz-server-side-encryption
AES256
x-amz-id-2
ma+BLykVC5fHDnd3aq4/l9IQwT78yhEQwc06kEtcBtYIo9WXlihmMwtYXczhuHEMu2ruji5YlB8=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 31 May 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 26 Apr 2023 11:08:30 GMT
server
ATS
etag
"e896178ac557f4e393e0a05405c33633-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
iframe
ciqtracking.com/p/v/1/60b84d21f8708162a6d3953c/format/ Frame 74E5 		289 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ciqtracking.com/p/v/1/60b84d21f8708162a6d3953c/format/iframe?
Requested by
Host: 9348536.fls.doubleclick.net
URL: https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
216.200.122.13 Reno, United States, ASN6461 (ZAYO-6461, US),
Reverse DNS
216.200.122.13.IPYX-141870-ZYO.zip.zayo.com
Software
/
Resource Hash
5dc1627a009412348a2f4d1203990b22123e7498fbe395f8858a8e784d7512f7

Request headers

Referer
https://9348536.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Content-Language
en-CA
Content-Type
text/html;charset=UTF-8
Date
Mon, 01 May 2023 00:48:00 GMT
Transfer-Encoding
chunked
quant.js
secure.quantserve.com/ Frame 3304 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: 9348536.fls.doubleclick.net
URL: https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9348536.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
content-encoding
gzip
etag
"DUHyBE1e2vdA+NAhXV6BXg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 08 May 2023 00:48:01 GMT
audiences
api.permutive.com/audience-matching/v1/id/9ea65940-8384-4b18-a83e-9982c5aaaa35/ 		12 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/9ea65940-8384-4b18-a83e-9982c5aaaa35/audiences?k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:48:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
SiteEvent.dotmetrics
uk-script.dotmetrics.net/ 		398 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uk-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6NTkyMiwiZmwiOnRydWUsImRvbSI6Ind3dy50aGV0aW1lcy5jby51ayIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cudGhldGltZXMuY28udWsvYXJ0aWNsZS90aGUtdXMtaXQtaGFjay15b3VyLXF1ZXN0aW9ucy1hbnN3ZXJlZC02cndxa3ZnaHEiLCJydXJsIjoiIiwicHZpZCI6IjA5ZWJlZjE2LTc3YTUtNDA0Ni05YmM3LWE0MzVhNjU0YWU1MiIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1682902081052
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.37.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-37-16.ewr52.r.cloudfront.net
Software
Kestrel /
Resource Hash
9d4ac932020c81c7c79779a2e3a7e3ea661212bdd494336d63d49d4bb9849b65

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
content-encoding
br
via
1.1 f5a11ff9652a64f1fcf7e2671d944f46.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
EWR52-C4
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://uk-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
QrZSTipYmjAgxJNfJfMXJqu_WtfqOMlbrHeE67uDsFdXF0nDYtnItg==
pr
s.amazon-adsystem.com/v3/ Frame 84D0 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
4d5200c20146bdaffa7d06464a9ef334d81107eaa99c222583cd3d583c07cb25
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
4262
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
VZ31MZE45N1QM36ZH15S
ecm3
s.amazon-adsystem.com/ Frame 84D0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&gdpr=0
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&zcc=1&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D&cb=1682902081305
  • https://ad.turn.com/r/cs?pid=45&rndcb=1513443770
  • https://sync.1rx.io/usersync/turn/8056090845049489858?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-63b51081-17c7-4b37-8f6d-49aea9a399e7-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3DRX-63b51081-17c7-4b37-8f6d-49ae...
  • https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-63b51081-17c7-4b37-8f6d-49aea9a399e7-005
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-63b51081-17c7-4b37-8f6d-49aea9a399e7-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SFX4361DCTA3W9M8HRYJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rhythmone.com&id=RX-63b51081-17c7-4b37-8f6d-49aea9a399e7-005
Date
Mon, 01 May 2023 00:48:02 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RX63b5108117c74b378f6d49aea9a399e7005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
ecm3
s.amazon-adsystem.com/ Frame 84D0
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3259036811455479000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3259036811455479000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YGTCVGS3030WD7QD6ED8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3259036811455479000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Mon, 01 May 2023 00:48:01 GMT
/
onetag-sys.com/match/ Frame 84D0 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.239.232 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip232.ip-51-222-239.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame 84D0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0
  • https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__&gdpr=0&s=2
  • https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=Inc5hTaP5JdkCNQ0xS0T&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=Inc5hTaP5JdkCNQ0xS0T&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AJAG7PQ2JSMKY35WMEE8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=Inc5hTaP5JdkCNQ0xS0T&gdpr=0
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
112
Expires
Thu, 01 Dec 1994 16:00:00 GMT
amzns2s
rtb.gumgum.com/usync/ Frame 0C0D 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.82.3.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-82-3-22.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b9fe52c28662e0199bb271e05dc396f9ca16d7153148ed8096f7e522b79a77d3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 01 May 2023 00:48:01 GMT
etag
W/"084ef9c971c83cd920ea7ec763e83e22c"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 2695
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
0eea10245361e0c7ab42efb5cf846318ac56e97948427633550d1d079c6afdc9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1758
Content-Type
text/html
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
cm
u.openx.net/w/1.0/ Frame BF46
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
693 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
56b0e5c081cd9f7c1fedf273e8d5d18850c388b9e93be5c7097c81a57c3ef826

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
397
content-type
text/html
date
Mon, 01 May 2023 00:48:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 01 May 2023 00:48:01 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 62CA
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8855685741132918785&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8855685741132918785&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
62T4V8VTFRHSWY140AZD

Redirect headers

content-length
0
date
Mon, 01 May 2023 00:48:00 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8855685741132918785&gdpr=0&gdpr_consent=
/
match.sharethrough.com/jwumXNuB/v1/ Frame 6412 		427 B
934 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
a24d467fa15a9e8166919e5758e12104d6a17270bd5097b68bd969a581589b12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-length
427
date
Mon, 01 May 2023 00:48:01 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 75FF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31418
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:48:01 GMT
expires
Mon, 01 May 2023 09:31:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame 348B 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.178.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-178-10.compute-1.amazonaws.com
Software
/
Resource Hash
16c8620bd7b5359dd4d06c73f0ce970c2ece7d85a2645496a375ee106685c565

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 01 May 2023 00:48:01 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame AAC5 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:48:01 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rules-p-d8LZwWjQpIX_w.js
rules.quantcount.com/ Frame 3304 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-d8LZwWjQpIX_w.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:3800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9639d71137599432fcbc648f438c73a87b68f02555d9e50cc74b825063e4bbba

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9348536.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:11:46 GMT
content-encoding
gzip
via
1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2180
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 13 Jan 2023 17:03:39 GMT
server
AmazonS3
etag
W/"21e422c534fd4b8cbca38d55d0caabb1"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
TPBmrWwhih7C3OYhbGhi_xjlbui2VegZDxVAsd6unHnkqMQ7w2cThQ==
10153621.json
s.yimg.com/wi/config/ Frame 3304 		2 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10153621.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9348536.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:30:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
0SMGVGJQA62BKW33
age
1039
content-length
2
x-amz-id-2
wDR0zOy/hi/Vy7TIqjRlmUhkI/mt2ti+a5VG5DK2g5tq5vwoAIJy+xEX2XWszxbpgFO/HhKbgqg=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
10157130.json
s.yimg.com/wi/config/ Frame 3304 		2 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10157130.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9348536.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:30:42 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
0SMH7S1GPX0Q2APB
age
1039
content-length
2
x-amz-id-2
PCV68jIFgNxpz+DXD0h4fVwgnjhU05q28gHlK1qCONz2bEQZrZA8F1pJYySnCGTW0OHsBKCGkQN8uXX1tyz4d0HUXFfROUcqZXQcz9naolc=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
cachedClickId
tr.outbrain.com/ Frame 3304 		35 B
194 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=002fb29295a1b8f265c63cdbdaaae355e5
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9348536.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:48:01 GMT
X-TraceId
b864095700fa5a2a52761bf50fb84707
Content-Length
35
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ Frame 3304 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=023892399308492185&referrer=https%3A%2F%2Fadservice.google.com%2F&marketerId=002fb29295a1b8f265c63cdbdaaae355e5&name=PAGE_VIEW&dl=https%3A%2F%2F9348536.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMHlpuXy0v4CFUNVDQodN6sALQ%3Bsrc%3D9348536%3Btype%3Dtheti0%3Bcat%3Dtimes00%3BU11%3Dworld%3BU12%3Dguest%3Bu7%3Dlogged%2520out%3Bu8%3Dunited%2520states%3Bord%3D6402444603650.388%3B~oref%3Dhttps%3A%2F%2Fwww.thetimes.co.uk%2F&g=0&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: 9348536.fls.doubleclick.net
URL: https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:48:01 GMT
Cache-Control
no-cache
X-TraceId
1d23cec46d1226e1ae5b01c0d838ec1e
Content-Length
53
Content-Type
image/gif;
unifiedPixel
tr.outbrain.com/ Frame 3304 		53 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?optOut=false&bust=024007971591620803&referrer=https%3A%2F%2Fadservice.google.com%2F&marketerId=002fb29295a1b8f265c63cdbdaaae355e5&name=Editorial%20Page%20View&dl=https%3A%2F%2F9348536.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMHlpuXy0v4CFUNVDQodN6sALQ%3Bsrc%3D9348536%3Btype%3Dtheti0%3Bcat%3Dtimes00%3BU11%3Dworld%3BU12%3Dguest%3Bu7%3Dlogged%2520out%3Bu8%3Dunited%2520states%3Bord%3D6402444603650.388%3B~oref%3Dhttps%3A%2F%2Fwww.thetimes.co.uk%2F&g=0&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: 9348536.fls.doubleclick.net
URL: https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.95 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:48:01 GMT
Cache-Control
no-cache
X-TraceId
f7f59e4ef8d31537cae223cebda17f0a
Content-Length
53
Content-Type
image/gif;
visitormatch
bh.contextweb.com/ Frame 3720
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
f850464cd762b53b54904f344a91c4da07de9064f9ef44cf608aa3dc33589137
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
930
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-6c7cb7447-kf2z5
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-6c7cb7447-kf2z5
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 493F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1lQkZNTW01RTJ1SzFpc2hiT0d4bDFRNkJITm01eHhTNH5B&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1lQkZNTW01RTJ1SzFpc2hiT0d4bDFRNkJITm01eHhTNH5B&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
7QG3JMAEZD7M0VBVXY7K

Redirect headers

age
0
content-length
0
date
Mon, 01 May 2023 00:48:01 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1lQkZNTW01RTJ1SzFpc2hiT0d4bDFRNkJITm01eHhTNH5B&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame 0B05
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=1362917374711887341&ex=appnexus.com&gdpr=0
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=1362917374711887341&ex=appnexus.com&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
VJPPPR788XGVFMC0JZ2P

Redirect headers

AN-X-Request-Uuid
73eaad65-55b0-458a-a847-a2c68654d9eb
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=1362917374711887341&ex=appnexus.com&gdpr=0
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
amazon
ce.lijit.com/beacon/ Frame 82CE
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0
  • https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.92.190.69 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
999d0116ff2bab9503ab0b3fcd98eba289d38ebe667b2d8700f3b42d8ee0699a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
448
Content-Type
text/html
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap3ewr1

Redirect headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Length
0
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Location
https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap3ewr1
ecm3
s.amazon-adsystem.com/ Frame BDEA
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1038424304261568538276
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1038424304261568538276
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_rx_n-MediaNet_ox-db5_smrt_n-sharethrough_n-onetag_pm-db5_ym_rbd_ppt_n-vmg_an-db5_sovrn_3lift_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
DVX5CD6008SA4E0PXEE7

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 01 May 2023 00:48:01 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1038424304261568538276
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
googlesync.permutive.com/v2.0/px/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=9ea65940-8384-4b18-a83e-9982c5aaaa35
  • https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEJdArmTZuz0w7pyWRXvdNuI&error=&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=9ea65940-8384-4b18-a83e-9982c5aaaa35&google_cver=1
35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEJdArmTZuz0w7pyWRXvdNuI&error=&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=9ea65940-8384-4b18-a83e-9982c5aaaa35&google_cver=1
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
vary
Origin
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEJdArmTZuz0w7pyWRXvdNuI&error=&type=ddp&k=6d4308de-b940-4b9d-aeda-a62d7637d513&u=9ea65940-8384-4b18-a83e-9982c5aaaa35&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
segment
api.permutive.com/adv/v2/ 		30 B
44 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:48:01 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30
content-type
application/json
usync.js
eus.rubiconproject.com/ Frame AAC5 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ad153145535384b64b055ab14a32c0078416de71e27b9097e0bb027a5b823a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:48:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Apr 2023 15:25:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52695
Connection
keep-alive
Content-Length
10020
Expires
Mon, 01 May 2023 15:26:16 GMT
ecm3
s.amazon-adsystem.com/ Frame BF46 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=e91c113a-5aa3-80e0-ab28-b47b85699588
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BHY934F6JEG4N172CJ77
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
250d0b03-d6a5-a953-5af1-2019120d9321
pr-bh.ybp.yahoo.com/sync/openx/ Frame BF46 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/250d0b03-d6a5-a953-5af1-2019120d9321?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:ef7f:1193:3012:ed3a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame BF46 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=e91c113a-5aa3-80e0-ab28-b47b85699588
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
AZRT5G3AB750SQR4RP2A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BF46
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=b1ca6d47-4609-3b1a-6b26-36eced5a5e68&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=b1ca6d47-4609-3b1a-6b26-36eced5a5e68&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&ttd_puid=b1ca6d47-4609-3b1a-6b26-36eced5a5e68&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&ttd_puid=b1ca6d47-4609-3b1a-6b26-36eced5a5e68&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&ttd_puid=b1ca6d47-4609-3b1a-6b26-36eced5a5e68&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
pixel
cm.g.doubleclick.net/ Frame BF46 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OWRhNWJlOGQtOGY3ZS02NWJlLTdlYzYtNmM1NTI3Yjg5MDA4
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BF46
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL805mNPFGi1S2cbLPg7wUA&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL805mNPFGi1S2cbLPg7wUA&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEL805mNPFGi1S2cbLPg7wUA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0C0D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1362917374711887341
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1362917374711887341
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Date
Mon, 01 May 2023 00:48:01 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
88cbf696-2ce6-4a27-993e-02874f45a089
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://usersync.gumgum.com/usersync?b=apn&i=1362917374711887341
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0C0D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_076ac117-35c7-4ee2-96e5-9779afbab6cb&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_076ac117-35c7-4ee2-96e5-9779afbab6cb&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e3b3302b-7317-4890-8425-92ddd551e511&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:48:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 01 May 2023 00:48:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 0C0D
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28_NkB6mQ_qhdJ0I8-iwPMc9_UtfX7ih30cFBmd_NHh8qFVYTl8Bg_pA5RQYP73-Q6%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_076ac117-35c7-4ee2-96e5-9779afbab6cb&obuid=ENC(_NkB6mQ_qhdJ0I8-iwPMc9_UtfX7ih30cFBmd_NHh8qFVYTl8Bg_pA5RQYP73-Q6)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3D_NkB6mQ_qhdJ0I8-iwPMc...
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3D_NkB6mQ_qhdJ0I8-iwPMc9_UtfX7ih30cFBmd_NHh8qFVYTl8Bg_pA5RQYP73-Q6%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3DGUMGU18H7EL9NI653I7DPEH51%0A%26initiator%3Dplatform
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
646809
expires
Mon, 01 May 2023 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3D_NkB6mQ_qhdJ0I8-iwPMc9_UtfX7ih30cFBmd_NHh8qFVYTl8Bg_pA5RQYP73-Q6%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3DGUMGU18H7EL9NI653I7DPEH51%0A%26initiator%3Dplatform
Date
Mon, 01 May 2023 00:48:01 GMT
X-TraceId
77fbc3172196df60252fe10183854fed
Content-Length
0
usersync
usersync.gumgum.com/ Frame 0C0D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=46f7c937-6e1c-034c-0c5d-2601250a5f2e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=46f7c937-6e1c-034c-0c5d-2601250a5f2e
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 01 May 2023 00:48:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=46f7c937-6e1c-034c-0c5d-2601250a5f2e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 0C0D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-0884f7f2-539a-5735-4477-1e0836abd6c2$ip$149.56.153.186
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-0884f7f2-539a-5735-4477-1e0836abd6c2$ip$149.56.153.186
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-0884f7f2-539a-5735-4477-1e0836abd6c2$ip$149.56.153.186
Date
Mon, 01 May 2023 00:48:01 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 0C0D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-VwireeZE2pemDRGeNtKeTlxjpHQo9VQ2jGEw~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-VwireeZE2pemDRGeNtKeTlxjpHQo9VQ2jGEw~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 01 May 2023 00:48:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-VwireeZE2pemDRGeNtKeTlxjpHQo9VQ2jGEw~A
content-length
0
usersync
usersync.gumgum.com/ Frame 0C0D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync...
  • https://usersync.gumgum.com/usersync?b=vnt&i=884ec308-9649-4cf8-a8d7-f823a6643e1b
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=884ec308-9649-4cf8-a8d7-f823a6643e1b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=884ec308-9649-4cf8-a8d7-f823a6643e1b
Date
Mon, 01 May 2023 00:48:01 GMT
Connection
keep-alive
X-CI-RTID
abff8274-154f-47fb-a97e-1a6010f9ba8c
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 0C0D
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=568200899A48499D9AF846BF5A46F6A4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=568200899A48499D9AF846BF5A46F6A4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 01 May 2023 00:48:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
43959829
location
https://usersync.gumgum.com/usersync?b=snc&i=568200899A48499D9AF846BF5A46F6A4
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 0C0D 		0
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:48:00 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 0C0D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_076ac117-35c7-4ee2-96e5-9779afbab6cb&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=Inc5hTaP5JdkCNQ0xS0T&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2SLOMM2WQVDBKA2UUZDLINHFCMDYKMYFI
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Inc5hTaP5JdkCNQ0xS0T
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Inc5hTaP5JdkCNQ0xS0T
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=Inc5hTaP5JdkCNQ0xS0T
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
103
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0C0D
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=f98c30ae-0a0c-4204-8127-9f540ceab770
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=f98c30ae-0a0c-4204-8127-9f540ceab770
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=f98c30ae-0a0c-4204-8127-9f540ceab770
access-control-allow-origin
*
date
Mon, 01 May 2023 00:48:01 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 0C0D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=bCfmehn9xTax&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=bCfmehn9xTax&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://usersync.gumgum.com/usersync?b=pln&i=bCfmehn9xTax&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-kf2z5
expires
-1
usersync
usersync.gumgum.com/ Frame 0C0D
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8855685741132918785
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8855685741132918785
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8855685741132918785
date
Mon, 01 May 2023 00:48:00 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 0C0D 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_076ac117-35c7-4ee2-96e5-9779afbab6cb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K916BQ00ZNA8JTZ4NKFR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 6412 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=3110eada-18f1-45ae-a51e-18c79f0071b5
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4FHNTG3TVB0FH22RNGNP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 6412
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=1362917374711887341
68 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=1362917374711887341
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Date
Mon, 01 May 2023 00:48:01 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d63a2f13-6c1f-40a2-a67e-551199337f6e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=1362917374711887341
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 6412
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&gdpr=0&gdpr_consent=
68 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 6412
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&gdpr=0&gdpr_consent=
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame 6412
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://bttrack.com/pixel/cookiesync?source=d0afdff5-c51e-4a8d-b07b-b52a29015170&secure=1
  • https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=25d060d5-f4bb-434d-b0a0-b8bebf598fc5&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
68 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=25d060d5-f4bb-434d-b0a0-b8bebf598fc5&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.6.78.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-78-119.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Mon, 01 May 2023 00:47:44 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://match.sharethrough.com/sync/v1?source_id=FGhqNjC2WnFmmvNpTL32LMME&source_user_id=25d060d5-f4bb-434d-b0a0-b8bebf598fc5&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control
private,no-cache
content-length
296
expires
-1
sp.pl
sp.analytics.yahoo.com/ Frame 3304 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2001%20May%202023%2000%3A48%3A01%20GMT&n=0&.yp=10157130&f=https%3A%2F%2F9348536.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMHlpuXy0v4CFUNVDQodN6sALQ%3Bsrc%3D9348536%3Btype%3Dtheti0%3Bcat%3Dtimes00%3BU11%3Dworld%3BU12%3Dguest%3Bu7%3Dlogged%2520out%3Bu8%3Dunited%2520states%3Bord%3D6402444603650.388%3B~oref%3Dhttps%3A%2F%2Fwww.thetimes.co.uk%2F&e=https%3A%2F%2Fadservice.google.com%2F&enc=UTF-8&yv=1.14.0&isIframe=1&et=custom&ea=alleditorial
Requested by
Host: 9348536.fls.doubleclick.net
URL: https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spdc.pbp.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9348536.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Mon, 01 May 2023 00:48:01 GMT
sp.pl
sp.analytics.yahoo.com/ Frame 3304 		43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&.yp=10153621&f=https%3A%2F%2F9348536.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMHlpuXy0v4CFUNVDQodN6sALQ%3Bsrc%3D9348536%3Btype%3Dtheti0%3Bcat%3Dtimes00%3BU11%3Dworld%3BU12%3Dguest%3Bu7%3Dlogged%2520out%3Bu8%3Dunited%2520states%3Bord%3D6402444603650.388%3B~oref%3Dhttps%3A%2F%2Fwww.thetimes.co.uk%2F&e=https%3A%2F%2Fadservice.google.com%2F&enc=UTF-8&yv=1.14.0&isIframe=1
Requested by
Host: 9348536.fls.doubleclick.net
URL: https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
spdc.pbp.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9348536.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Mon, 01 May 2023 00:48:01 GMT
rtset
bh.contextweb.com/bh/ Frame 3720
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=Vk5oR2hTb19iNnJSX2JsdjlKa2N5Zw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPdw54NJ5sHvmXZYfJTLvfc&google_cver=1
49 B
812 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPdw54NJ5sHvmXZYfJTLvfc&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-kf2z5
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEPdw54NJ5sHvmXZYfJTLvfc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 3720
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=38efbe1fac8d1060&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAL0BhHUtUB_QMuiKL_AAAAAAA&expiration=1682988481&nuid=&is_secure=true
49 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAL0BhHUtUB_QMuiKL_AAAAAAA&expiration=1682988481&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-kf2z5
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAL0BhHUtUB_QMuiKL_AAAAAAA&expiration=1682988481&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rtset
bh.contextweb.com/bh/ Frame 3720
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=e8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=e8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=e8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd...
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=e8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341&gdpr_in_effect=0&gdpr_consent=
49 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=e8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341&gdpr_in_effect=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6c7cb7447-kf2z5
expires
-1

Redirect headers

date
Mon, 01 May 2023 00:48:02 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=e8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341&gdpr_in_effect=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 3720 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=bCfmehn9xTax&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VJF3QG5AHA67MATHW6JP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 348B 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=gd50677cf72f9133062d&gdpr=0
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
R5Q9NPMB8D1S6657YPNS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 348B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODNFODUxMkQtNkZFOC00Nzc3LUEzNDgtOUI5NjRERUIwNDAz&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D83E8512D-6FE8-4777-A348-9B964DEB0403%26gdpr%3D0%26gdpr_consent%3D
0
0
sync
ads.yieldmo.com/v000/ Frame 348B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gd50677cf72f9133062d
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=gd50677cf72f9133062d
  • https://ads.yieldmo.com/v000/sync?tdid=650de8e5-9d7a-4ec2-a51e-0cfb255c269b
43 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=650de8e5-9d7a-4ec2-a51e-0cfb255c269b
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.205.122.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-122-225.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ads.yieldmo.com/v000/sync?tdid=650de8e5-9d7a-4ec2-a51e-0cfb255c269b
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
181
sync
ads.yieldmo.com/v000/ Frame 348B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=1362917374711887341&pn_id=an
43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=1362917374711887341&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.205.122.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-122-225.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Mon, 01 May 2023 00:48:01 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
57e248d1-2df5-46c7-9cfd-e57abdd0de6e
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://ads.yieldmo.com/v000/sync?userid=1362917374711887341&pn_id=an
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.yieldmo.com/ Frame 348B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LH44G3RR-1N-LL4W
43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LH44G3RR-1N-LL4W
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.205.122.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-122-225.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LH44G3RR-1N-LL4W
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
sync
ads.yieldmo.com/v000/ Frame 348B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c
  • https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEMLNEAhKejVwJT6yDejzwok&google_cver=1
43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEMLNEAhKejVwJT6yDejzwok&google_cver=1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
34.205.122.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-122-225.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.yieldmo.com/v000/sync?pn_id=c&google_gid=CAESEMLNEAhKejVwJT6yDejzwok&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
299
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 7DD4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=b41a644f-0c41-4a00-9039-cb88968c5fc1&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=b41a644f-0c41-4a00-9039-cb88968c5fc1&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
Mon, 01 May 2023 00:48:00 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 830 785530e master iad-pixel-x31 config_version:"unknown"
location
https://usersync.gumgum.com/usersync?b=mmh&i=b41a644f-0c41-4a00-9039-cb88968c5fc1&gdpr=0&gdpr_consent=
user-sync
sync.adkernel.com/ Frame 031B 		21 B
191 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
21
Date
Mon, 01 May 2023 00:48:01 GMT
Pragma
no-cache
Server
nginx
usersync
usersync.gumgum.com/ Frame E83B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZE8MQQAGvuokZQBa
  • https://usersync.gumgum.com/usersync?b=atm&i=ZE8MQQAGvuokZQBa&gdpr=0&gdpr_consent=&_test=ZE8MQQAGvuokZQBa
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZE8MQQAGvuokZQBa&gdpr=0&gdpr_consent=&_test=ZE8MQQAGvuokZQBa
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 01 May 2023 00:48:01 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZE8MQQAGvuokZQBa&gdpr=0&gdpr_consent=&_test=ZE8MQQAGvuokZQBa
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yul12825-YUL
x-timer
S1682902081.455676,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 04E3 		170 B
232 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wNzZhYzExNy0zNWM3LTRlZTItOTZlNS05Nzc5YWZiYWI2Y2I=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:48:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EF5A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31418
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:48:01 GMT
expires
Mon, 01 May 2023 09:31:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame FBC9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=650de8e5-9d7a-4ec2-a51e-0cfb255c269b
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=650de8e5-9d7a-4ec2-a51e-0cfb255c269b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Mon, 01 May 2023 00:48:01 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=650de8e5-9d7a-4ec2-a51e-0cfb255c269b
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 80D2
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZE8MQsCo8XsAAEgPlC8AAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZE8MQsCo8XsAAEgPlC8AAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 01 May 2023 00:48:02 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 01 May 2023 00:48:02 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZE8MQsCo8XsAAEgPlC8AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
25
X-SO-Cluster-ID
0
X-SO-HostName
m-ad307.dc4p.scaleout.jp
X-SO-IP
149.56.153.186
X-SO-Key
ZE8MQsCo8XsAAEgPlC8AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"149.56.153.186","key":"ZE8MQsCo8XsAAEgPlC8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad307"}
X-SO-LB-Hostname
m-tgng23.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad307
events
api.permutive.com/v2.0/ 		1 KB
902 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/events?enrich=true&sdkp=true&k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
688bfba0a78245a81f8b5647d5ad07888b22817f65bb6aae1b7d93817ce56cbc

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thetimes.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
884
crum
dsum-sec.casalemedia.com/ Frame 2695
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZE8MQb3mIekCNZr3Q26EZQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFyR1nxPWlMQRgF_CrFSiuo&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFyR1nxPWlMQRgF_CrFSiuo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFyR1nxPWlMQRgF_CrFSiuo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 2695
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZE8MQb3mIekCNZr3Q26EZQAADyAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHCXmEYJZxYP4JrSpFwXjXQ&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHCXmEYJZxYP4JrSpFwXjXQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHCXmEYJZxYP4JrSpFwXjXQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 2695 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZE8MQb3mIekCNZr3Q26EZQAADyAAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8AGCVBXB5V553NQFJJSK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 2695
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&expiration=1685494081&gdpr=0&gdpr_consent=
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&expiration=1685494081&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&expiration=1685494081&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 2695
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8211384837442828128&expiration=1684111681
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8211384837442828128&expiration=1684111681
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8211384837442828128&expiration=1684111681
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
dsum-sec.casalemedia.com/ Frame 2695
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZE8MQb3mIekCNZr3Q26EZQAA%263872&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=88633e23-3e7d-4f5a-bfca-90d4352f6aaa-tuctb4891c1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=88633e23-3e7d-4f5a-bfca-90d4352f6aaa-tuctb4891c1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=88633e23-3e7d-4f5a-bfca-90d4352f6aaa-tuctb4891c1
date
Mon, 01 May 2023 00:48:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
22316
113
match.deepintent.com/usersync/ Frame 2695 		0
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:48:00 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
ZE8MQb3mIekCNZr3Q26EZQAADyAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2695 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZE8MQb3mIekCNZr3Q26EZQAADyAAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a05:ef7f:1193:3012:ed3a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ecm3
s.amazon-adsystem.com/ Frame 2695 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZE8MQb3mIekCNZr3Q26EZQAADyAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&gdpr=0&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JC3WEZJEFA2DVE2R1JH4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel;r=1900125666;labels=_fp.event.Default%202;event=refresh;rf=0;a=p-d8LZwWjQpIX_w;url=https%3A%2F%2F9348536.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMHlpuXy0v4CFUNVDQodN6sALQ%3Bsrc%3D9348...
pixel.quantserve.com/ Frame 3304 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1900125666;labels=_fp.event.Default%202;event=refresh;rf=0;a=p-d8LZwWjQpIX_w;url=https%3A%2F%2F9348536.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCMHlpuXy0v4CFUNVDQodN6sALQ%3Bsrc%3D9348536%3Btype%3Dtheti0%3Bcat%3Dtimes00%3BU11%3Dworld%3BU12%3Dguest%3Bu7%3Dlogged%2520out%3Bu8%3Dunited%2520states%3Bord%3D6402444603650.388%3B~oref%3Dhttps%3A%2F%2Fwww.thetimes.co.uk%2F;ref=https%3A%2F%2Fadservice.google.com%2F;uht=2;fpan=1;fpa=P0-1346176941-1682902081189;pbc=;ns=1;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;d=9348536.fls.doubleclick.net;dst=0;et=1682902081376;tzo=0;ogl=;ses=44ef15db-4df0-4291-b49f-76028d86a822
Requested by
Host: 9348536.fls.doubleclick.net
URL: https://9348536.fls.doubleclick.net/ddm/fls/r/dc_pre=CMHlpuXy0v4CFUNVDQodN6sALQ;src=9348536;type=theti0;cat=times00;U11=world;U12=guest;u7=logged%20out;u8=united%20states;ord=6402444603650.388;~oref=https://www.thetimes.co.uk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://9348536.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4E71
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_076ac117-35c7-4ee2-96e5-9779afbab6cb&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=20181fc7-c1df-4022-9903-f88e5060e6a7
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=20181fc7-c1df-4022-9903-f88e5060e6a7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=20181fc7-c1df-4022-9903-f88e5060e6a7
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
X-Frame-Options
DENY
usermatchredir
ssum-sec.casalemedia.com/ Frame 3EE4 		43 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame 3B10
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=pzKzKkrsYs7gpgA25VTq&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=pzKzKkrsYs7gpgA25VTq&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 01 May 2023 00:48:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 01 May 2023 00:48:01 GMT Mon, 01 May 2023 00:48:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=pzKzKkrsYs7gpgA25VTq&pi=gumgum&tc=1
pragma
no-cache
view
securepubads.g.doubleclick.net/pcs/ Frame 4A12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuccG7Arwpm8OhKpKtgFQrzBXrF5TrJF2S7rdZ6zPDe3oPrxCGbHELZorTeEW8W53fFn6KQlvqWL0j5GH4vlvU32IX_9dti_mkLdqj3l27wx_toQJxPkKpXJF3EraUN5-xE5S_j4dYly0BcSURmg3ZABY1EHrO1gbkfF_6TbBxQkPGeiWFYCFmP5vcFG-IAymNteqo38oOwBxN5uB7qmfbMeqh-R85TDdyd4NnEIIhYraGngSSnPQRrC8_PWTzeaqFeSzWUGcEjtZ_P8w7YTuZRdQAL_lk0E1X_4vip594ovSazHGDEyuOBObsWaGhl2_S8IS6j41M&sai=AMfl-YQOJ3X6R-6UI2lTPcapoYfoQcyaN_zWTd0YxEZAIl6ySGZx97r6GTug_0uT1DHSnqGEAhAXdG8VwWm-89X3WdRb7_NcWC0oBIC47S5Yk-2_yWUFIQaao5nJLd-seA&sig=Cg0ArKJSzG8u8-wFhf0VEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62349019_946fe0ba11753ee1ebe11d7b28a63d14_creative_def.js
s0.2mdn.net/ads/richmedia/studio/creative/62290915/ Frame 4A12 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/creative/62290915/62349019_946fe0ba11753ee1ebe11d7b28a63d14_creative_def.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/08f3140e964d35efaaa94ba9f2cdbf9edafbfde6673ba81ffe923565f70bc138?dt=1585330388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27604154a2380ce1be393129d220ee741d29f7a6583c69c39443bdb09a069649
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 07:33:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62054
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1389
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 15:46:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 07:33:47 GMT
html_inpage_rendering_lib_200_260.js
s0.2mdn.net/879366/ Frame 4A12 		183 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_260.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/08f3140e964d35efaaa94ba9f2cdbf9edafbfde6673ba81ffe923565f70bc138?dt=1585330388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61aa815692e9edf603f12550ad0976ccde355df6e118e42f018a691738997d40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 20:31:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15375
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64774
x-xss-protection
0
last-modified
Wed, 31 Jul 2019 21:01:39 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 20:31:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4A12 		158 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/08f3140e964d35efaaa94ba9f2cdbf9edafbfde6673ba81ffe923565f70bc138?dt=1585330388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49538
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1682508732222081"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 May 2023 00:48:01 GMT
ecm3
s.amazon-adsystem.com/ Frame 82CE 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=GkewbPZHHNtzqceZRK-TAu4q&ex=sovrn.com&gdpr=0&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4ANYEBX78YZSAE139N49
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 82CE
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=W8L276Qs3zvh5vlJQACe&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=W8L276Qs3zvh5vlJQACe&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=W8L276Qs3zvh5vlJQACe&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT, Mon, 01 May 2023 00:48:01 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame 82CE
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LH44G3RR-1N-LL4W&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LH44G3RR-1N-LL4W&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LH44G3RR-1N-LL4W&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
Expires
0
merge
ce.lijit.com/ Frame 82CE
Redirect Chain
  • https://um.simpli.fi/lj_match?r=1682902081392&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=2&3pid=0BD52914AE6745F192BC72D16D28A4C2
43 B
862 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=0BD52914AE6745F192BC72D16D28A4C2
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date
Mon, 01 May 2023 00:48:01 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=0BD52914AE6745F192BC72D16D28A4C2
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 30 Apr 2023 00:48:01 GMT
sovrn
tr.blismedia.com/v1/api/sync/ Frame 82CE 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame 82CE
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AAApNE7InhkAACQ8h6P5FQ&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAApNE7InhkAACQ8h6P5FQ&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID&ex=sovrn.com&gdpr=0&dnr=1
Protocol
HTTP/1.1
Server
23.92.190.69 Charlotte, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:02 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAApNE7InhkAACQ8h6P5FQ&gdpr=0
Date
Mon, 01 May 2023 00:48:02 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usync.html
eus.rubiconproject.com/ Frame C240
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:48:01 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 01 May 2023 00:48:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
/
www.facebook.com/tr/ Frame B62E 		0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.thetimes.co.uk
Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.thetimes.co.uk
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:48:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
src=10997540;dc_pre=CMa3oeby0v4CFZq4wAod2woOZA;type=invmedia;cat=theti000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
adservice.google.com/ddm/fls/z/ Frame 74E5
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=10997540;type=invmedia;cat=theti000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;o...
  • https://ad.doubleclick.net/ddm/activity/src=10997540;dc_pre=CMa3oeby0v4CFZq4wAod2woOZA;type=invmedia;cat=theti000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr...
  • https://adservice.google.com/ddm/fls/z/src=10997540;dc_pre=CMa3oeby0v4CFZq4wAod2woOZA;type=invmedia;cat=theti000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=10997540;dc_pre=CMa3oeby0v4CFZq4wAod2woOZA;type=invmedia;cat=theti000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
Requested by
Host: ciqtracking.com
URL: https://ciqtracking.com/p/v/1/60b84d21f8708162a6d3953c/format/iframe?
Protocol
H3
Server
2607:f8b0:4020:807::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ciqtracking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/src=10997540;dc_pre=CMa3oeby0v4CFZq4wAod2woOZA;type=invmedia;cat=theti000;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame AAC5
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LH44G3RR-1N-LL4W
  • https://s.amazon-adsystem.com/ecm3?id=LH44G3RR-1N-LL4W&ex=d-rubiconproject.com&status=ok&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LH44G3RR-1N-LL4W&ex=d-rubiconproject.com&status=ok&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VE9XGF7AE8RC7NX8Y944
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LH44G3RR-1N-LL4W&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6734403d2cb3625dc1fef1bbd4a17cf3
Expires
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 02 May 2023 00:48:01 GMT
.jsonp
lptag.liveperson.net/lptag/api/account/75931016/configuration/applications/taglets/ 		289 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lptag.liveperson.net/lptag/api/account/75931016/configuration/applications/taglets/.jsonp?v=2.0&df=undefined&s=world&b=undefined
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.251.41.15 , Australia, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
1acc8a3a20905bbd624bf295bee03ba88859c02c2e1f89eab27619cf4554060f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
server
ws
x-cache-status
HIT
access-control-allow-methods
GET, POST, PATCH
content-type
application/x-javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
public, max-age=630
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
errors
api.permutive.com/sdk-errors/v2/ 		0
10 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/sdk-errors/v2/errors?k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:48:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
geoip
api.permutive.com/v2.0/ 		271 B
216 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
ed83ec6c16b2a45b71401d5add525dabb437a6eb9e095a65ff46c02e6c3ab389

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thetimes.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1281528678605750&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&rl=&if=false&ts=1682902081867&cd[segment_id]=24137&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=3&o=30&fbp=fb.2.1682902080893.1396805622&eid=ob3_plugin-set_06bae256d8bb939e3fbb64fb88d24ea2bb91785a05bd310cdd97e6b98b83072d&it=1682902080172&coo=false&rqm=GET
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 01 May 2023 00:48:01 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
seg
secure.adnxs.com/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=23764849&t=1
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:01 GMT
AN-X-Request-Uuid
d9661b4f-9e02-4234-b046-a7e0ede7dfbb
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/javascript; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adsct
analytics.twitter.com/i/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?txn_id=o4mw4&p_id=Twitter
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-response-time
5
date
Mon, 01 May 2023 00:48:01 GMT
strict-transport-security
max-age=631138519
server
tsa_b
content-type
image/gif;charset=utf-8
x-transaction-id
136d4c21c721e8f4
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
dddf2e1588772ee8915f9f4cd4c6f82b2e842db4645bc4afa7a7ac94396716e2
content-length
43
events
capig.thetimes.co.uk/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capig.thetimes.co.uk/events
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.197.204.50 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.204.197.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.thetimes.co.uk
date
Mon, 01 May 2023 00:48:01 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
0
vary
origin
segment
api.permutive.com/clm/v1/ 		37 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
7ad17c28602d20f73e266aaf3b6c0040b819f1a5b6140f67990e1e321e8936ae

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:48:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
content-type
application/json
segment
api.permutive.com/clm/v1/ 		37 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
7ad17c28602d20f73e266aaf3b6c0040b819f1a5b6140f67990e1e321e8936ae

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:48:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
content-type
application/json
usync.js
eus.rubiconproject.com/ Frame C240 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ad153145535384b64b055ab14a32c0078416de71e27b9097e0bb027a5b823a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:48:02 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Apr 2023 15:25:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52694
Connection
keep-alive
Content-Length
10020
Expires
Mon, 01 May 2023 15:26:16 GMT
tap.php
pixel.rubiconproject.com/ Frame AAC5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LBZ-TR0g1Yjmy4vmxPQQp8n5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0Y3otLxE2oJYI09Idg6OvWe0ASOLxOrqXFPxog--~A
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0Y3otLxE2oJYI09Idg6OvWe0ASOLxOrqXFPxog--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 01 May 2023 00:48:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-0Y3otLxE2oJYI09Idg6OvWe0ASOLxOrqXFPxog--~A
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame AAC5 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D7XDVQBH26EJ2F6YAREJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AAC5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTgxOTVkNmY3NWQ2NWI1YzczN2YxZjBiZGZmYTc2NjI0NTdlZGM5ZA&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTgxOTVkNmY3NWQ2NWI1YzczN2YxZjBiZGZmYTc2NjI0NTdlZGM5ZA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTgxOTVkNmY3NWQ2NWI1YzczN2YxZjBiZGZmYTc2NjI0NTdlZGM5ZA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame AAC5
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=kevfUSkAQXiJ5ldpujWAMA&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kevfUSkAQXiJ5ldpujWAMA&gdpr=0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kevfUSkAQXiJ5ldpujWAMA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
ERVKMAHVA7ZSGKM898W3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=kevfUSkAQXiJ5ldpujWAMA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AAC5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFaFannM0P82Z4khKAybp2Q&google_cver=1
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFaFannM0P82Z4khKAybp2Q&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEFaFannM0P82Z4khKAybp2Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame AAC5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH44G3RR-1N-LL4W&gdpr=0
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH44G3RR-1N-LL4W&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:01 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 35752348D11B42BE8B856929A5C3D20F Ref B: YMQ01EDGE0807 Ref C: 2023-05-01T00:48:02Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6lyzMImCKeag4ZItBGg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LH44G3RR-1N-LL4W&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame AAC5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&gdpr=0&gdpr_consent=&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame AAC5
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEg0NEczUlItMU4tTEw0Vw==&gdpr=0
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=0&google_gid=CAESEDOkubb59wIA-t1jrPJRIcQ&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0NEczUlItMU4tTEw0Vw==&google_push=&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0NEczUlItMU4tTEw0Vw==&google_push=&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEg0NEczUlItMU4tTEw0Vw==&google_push=&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/ Frame AC2F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/08f3140e964d35efaaa94ba9f2cdbf9edafbfde6673ba81ffe923565f70bc138?dt=1585330388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50085b5398bbc05fdca14fe92490081d503ef972b2e76da13de8ffba927e5732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
gzip
content-length
1312
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:48:02 GMT
expires
Tue, 02 May 2023 00:48:02 GMT
last-modified
Fri, 17 Feb 2023 12:03:26 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 4A12 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxcmUagY2WtrzwIegmIv-Wp8G2Gyp8wMksqiDyf5NuElo-Mtq6-vFRpzmgWaZWB7idr7dDsJu7be91Tr6W8s_oTiUPoLryIQRLuCFiuufcrx5J7EUFFB2irYY99MGnPHJ8H6j7Cs-WZTh-FossmVX50NRfC27HJeN-TKVk3FINKgdKlk4oQ0uy8hgiSUYP3zMaSFIMn7rP-K1M0wjRPOfwRAzNz78QzVmswPAk_0sKmyX3F4yuZJzFG93923MzfT98JjcE2Y15jtjFwk16Jh2wiPRddyXLnwr76Nk24FdX7b0RtWFXm-qifgRb5QVorj3gefOQ45OPlQ&sai=AMfl-YROedo0jDxdXgjaOgTFoGrJHOhS7MaAzE8T2tp8taKznx8AEsLdOG5_GfX6Z7mTeulA8yOYXkiuf_Jf_eAFrtHzUyvOzjaElYgdY0u1ERbYOREx0-uLCmbHDGj1WQ&sig=Cg0ArKJSzH6xwQOnAe3eEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 01 May 2023 00:48:02 GMT
truncated
/ Frame 4A12 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
40efaae8698c1c8d1114bc2d7911a2bf141bb1d7e42aedada78ee80fbc262ce0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 8E81 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930174&campId=970x250&pubId=40574214&chanId=62148054&placementId=6236753241&pubCreative=138424706906&pubOrder=398746374&cb=2055518824&adsafe_par&impId=d24a63f1-e7b9-11ed-93b4-0ae2e554fbf5&custom=header&custom2=&custom3=art
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/08f3140e964d35efaaa94ba9f2cdbf9edafbfde6673ba81ffe923565f70bc138?dt=1585330388
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.76.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-76-116.compute-1.amazonaws.com
Software
/
Resource Hash
2482c5c1e86098f7530aa9e5bba012d30dad7a3bc94c04bb23b4504a08eeeae5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:02 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
lottie.min.js
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.6/ Frame AC2F 		256 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.6/lottie.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4db144321efbe62d33923077d356ee2fdc097848ebba3f1e1396027122b2d48
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:02 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2102486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54976
last-modified
Sun, 17 Jan 2021 03:02:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6003a8bd-3ffb4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnlm3w62A%2BvkWZQotM9MzmDOj2YSbc9YRPot24Zwzz5MZWCjsvWh5WMrW2%2FfBvktXik4UggOuAlZ8Q0Js6InjkgtVytR%2FpwKCm10CH2OFY%2FAbighSaXlaUcLhPT8tZzexR81HcBpNCZQSNMn%2Fr6w%2FcXd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c04043d5a597136-YUL
expires
Sat, 20 Apr 2024 00:48:02 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame AC2F 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 19:56:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 19:56:58 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 02 May 2023 00:48:02 GMT
main.19.8.400.js
static.adsafeprotected.com/ Frame 8E81 		200 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.400.js
Requested by
Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/08f3140e964d35efaaa94ba9f2cdbf9edafbfde6673ba81ffe923565f70bc138?dt=1585330388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f97a39d86834a134b359233cc1b720a106b910d8eab5a5c28aea34400c6d7ff0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Tue, 21 Mar 2023 20:30:42 GMT
x-amz-version-id
9BUnpPANWGwKG0lesMwpAnHwbT.x8zbq
content-encoding
gzip
via
1.1 3236cbfeb05b5e6a80bfe05dfc656558.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD51-C1
age
3471441
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 21 Mar 2023 18:43:44 GMT
server
AmazonS3
etag
W/"2e8e5f6f251e442e71ad1eeec0beab78"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
iPojjWKaA7e_j16whX9auO2zHoREbCL7G33h84jF3hNLu0PEcGf3Hg==
usersync
usersync.gumgum.com/ Frame C240
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&gdpr_consent=undefined&gdpr=0&khaos=LH44G3RR-1N-LL4W
  • https://usersync.gumgum.com/usersync?b=mag&i=LH44G3RR-1N-LL4W&gdpr=0&gdpr_consent=undefined
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LH44G3RR-1N-LL4W&gdpr=0&gdpr_consent=undefined
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D&gdpr=0
Protocol
HTTP/1.1
Server
54.87.127.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-127-173.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 01 May 2023 00:48:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LH44G3RR-1N-LL4W&gdpr=0&gdpr_consent=undefined
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
Expires
0
970x250.json
s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/ Frame AC2F 		189 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/970x250.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.6/lottie.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
415c66367ee2da56fdae392c65cb08f4944d670fc24bfc83c1968b068a7884c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81465
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14956
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 12:03:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 02:10:17 GMT
img_0.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/ Frame AC2F 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/img_0.jpg
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c1a887d75ed4b7f2f822367034a5b8f362741c2da7806940797a4ca4cf4c410
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 15:37:54 GMT
x-content-type-options
nosniff
age
33008
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59501
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 12:03:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 15:37:54 GMT
img_1.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/ Frame AC2F 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/img_1.jpg
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03c5264f1a46b384f457b275949bba131eb1c655112bddf81e1739bbaf0d6cff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 09:21:45 GMT
x-content-type-options
nosniff
age
55577
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51226
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 12:03:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 09:21:45 GMT
img_2.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/ Frame AC2F 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/img_2.jpg
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1191e8e01394f6c7d5f13d6058db3995506bff4267e28956f82b3cff8de521ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 13:06:22 GMT
x-content-type-options
nosniff
age
42100
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35570
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 12:03:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 13:06:22 GMT
img_3.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/ Frame AC2F 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/img_3.jpg
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75cb2c2ea203afe42bfd11176d4823579c5765528d60e606111fff835b4490f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 07:24:32 GMT
x-content-type-options
nosniff
age
62610
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39849
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 12:03:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 07:24:32 GMT
img_4.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/ Frame AC2F 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/img_4.jpg
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b44d132a3c1d5522fb733ba2e60b9054dca1c615a4b51f266588a0b8f3dc1028
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 11:13:13 GMT
x-content-type-options
nosniff
age
48889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73343
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 12:03:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 11:13:13 GMT
img_5.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/ Frame AC2F 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/img_5.jpg
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d08d495b95311618bcfc2ad52f5fd3b53a1cc89b242c4b38675051899dc238d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:11:25 GMT
x-content-type-options
nosniff
age
2197
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56665
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 12:03:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 02 May 2023 00:11:25 GMT
img_6.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/ Frame AC2F 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/img_6.jpg
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6571d715da1c9c411441b1e2a90541020a801bca4ee8dd71debb05a6746a33fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 11:13:13 GMT
x-content-type-options
nosniff
age
48889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
116859
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 12:03:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 11:13:13 GMT
img_7.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/ Frame AC2F 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/img_7.jpg
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
facc5b7ef9d9913f2383932f693d09924f0d5fa362951377667db68d73c247e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 02:10:17 GMT
x-content-type-options
nosniff
age
81465
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49072
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 12:03:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 02:10:17 GMT
img_8.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/ Frame AC2F 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/img_8.jpg
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
651954c4c31ae996c304e8142490ae4718e1a3c95092b1b96b841d6e1f4caf95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 11:13:13 GMT
x-content-type-options
nosniff
age
48889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44012
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 12:03:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 11:13:13 GMT
img_9.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/ Frame AC2F 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/img_9.jpg
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98ea5a636581d2a35deb38ac8c43777c39d523dacb96ff49ef62d2771a48aefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/62290915/20230217040326571/970x250/index.html?e=69&leftOffset=0&topOffset=0&c=vjieAs2jfK&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 11:11:49 GMT
x-content-type-options
nosniff
age
48973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
156101
x-xss-protection
0
last-modified
Fri, 17 Feb 2023 12:03:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 May 2023 11:11:49 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame 2D5F 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:212f:3200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Fri, 09 Dec 2022 12:07:19 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 3236cbfeb05b5e6a80bfe05dfc656558.cloudfront.net (CloudFront)
x-amz-cf-pop
ORD51-C1
age
12314444
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
_3GcVbk13v03lIVdDbSnWkH3SKovjS4PfeoGcI7tTyUDNrTO8rW3gg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930174&campId=970x250&pubId=40574214&chanId=62148054&placementId=6236753241&pubCreative=138424706906&pubOrder=398746374&cb=2055518824&adsafe_par&impId=d24a63f1-e7b9-11ed-93b4-0ae2e554fbf5&custom=header&custom2=&custom3=art&adsafe_url=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.thetimes.co.uk%2F&adsafe_type=f&adsafe_jsinfo=,id:e7077004-833c-707c-a587-9c093235ea07,c:bjRagS,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-7b4bc67668-zjm7f,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:315.50.970.250,am:i,cc:315.50.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:225,mot:0,app:0,maw:0,fm:tCXHDc8+11%7C12%7C13%7C14111%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m111%7C1m112%7C1m113%7C1m114%7C1m115%7C1m116%7C1m117%7C1m118%7C1m119%7C1m11a%7C1m11b%7C1m12%7C1m13%7C1m14%7C1m15%7C1m16%7C1m17%7C1m18%7C1m19%7C1m1a%7C1m1b%7C1m1c%7C1m1d%7C1n*.930174%7C1n1%7C1n2,idMap:1n*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:259,oid:d37995ba-e7b9-11ed-8b76-f298e33964db,v:19.8.400,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.76.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-76-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:02 GMT
server
nginx
x-server-name
app16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930174&asId=e7077004-833c-707c-a587-9c093235ea07&tv=%7Bc:bjRagU,pingTime:-8,time:260,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:261,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:257,wc:0.0.1600.1200,ac:315.50.970.250,am:i,cc:315.50.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B31~100%5D,as:%5B31~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tCXHDc8+11%7C12%7C13%7C14111%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m111%7C1m112%7C1m113%7C1m114%7C1m115%7C1m116%7C1m117%7C1m118%7C1m119%7C1m11a%7C1m11b%7C1m12%7C1m13%7C1m14%7C1m15%7C1m16%7C1m17%7C1m18%7C1m19%7C1m1a%7C1m1b%7C1m1c%7C1m1d%7C1n*.930174%7C1n1%7C1n2,idMap:1n*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:260%7D&br=c
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:bb3c:d326:4c11:bdb2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:02 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930174&asId=e7077004-833c-707c-a587-9c093235ea07&tv=%7Bc:bjRahw,pingTime:0,time:298,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:258%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:298,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:257,wc:0.0.1600.1200,ac:315.50.970.250,am:i,cc:315.50.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~100%5D,as:%5B68~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tCXHDc8+11%7C12%7C13%7C14111%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m111%7C1m112%7C1m113%7C1m114%7C1m115%7C1m116%7C1m117%7C1m118%7C1m119%7C1m11a%7C1m11b%7C1m12%7C1m13%7C1m14%7C1m15%7C1m16%7C1m17%7C1m18%7C1m19%7C1m1a%7C1m1b%7C1m1c%7C1m1d%7C1n*.930174%7C1n1%7C1n2,idMap:1n*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:260%7D&br=c
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:bb3c:d326:4c11:bdb2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:02 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
events
api.permutive.com/v2.0/batch/ 		801 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
be28a92f43af3f9c18aa898b3f55d8ccb5c2c7b7394d9a46e29461fc4b885729

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:48:02 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thetimes.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
275
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930174&asId=e7077004-833c-707c-a587-9c093235ea07&tv=%7Bc:bjRai2,pingTime:-2,time:330,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:87,beZ:89,mfA:313,cmA:314,inA:315,inZ:321,prA:321,prZ:336,si:347,poA:349,poZ:376,cmZ:376,mfZ:376,loA:397,loZ:401,ltA:417,ltZ:417,mdA:90,mdZ:262%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---,newUser:true,dateCreated:2023-05-01T00:47:58.159Z,gpcEnabled:false%7D,gca2:true,gcd2:%7Bappl:0,cnst:na%7D%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:258%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:330,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:257,wc:0.0.1600.1200,ac:315.50.970.250,am:i,cc:315.50.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B100~100%5D,as:%5B100~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tCXHDc8+11%7C12%7C13%7C14111%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m111%7C1m112%7C1m113%7C1m114%7C1m115%7C1m116%7C1m117%7C1m118%7C1m119%7C1m11a%7C1m11b%7C1m12%7C1m13%7C1m14%7C1m15%7C1m16%7C1m17%7C1m18%7C1m19%7C1m1a%7C1m1b%7C1m1c%7C1m1d%7C1n*.930174%7C1n1%7C1n2,idMap:1n*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:260,slid:%5Bgoogle_ads_iframe_3048/d.thetimes.co.uk/world_0,google_ads_iframe_3048/d.thetimes.co.uk/world_0__container__,ad-header,article-main,js-react-container,main-container%5D,sinceFw:68,readyFired:true%7D&br=c
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:bb3c:d326:4c11:bdb2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:02 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930174&asId=e7077004-833c-707c-a587-9c093235ea07&tv=%7Bc:bjRand,pingTime:-10,time:651,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEyLjAuNTYxNS4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1682902082798%7C%7Cff078ec0842db19cb0b977de8a5228c6%7C%7Cd7e4f3761ec4d518bf16fea4156937e7%7C%7C1c0c4ea377708e4c22781e90006dd078%7C%7C1f261ea9080bae3f17a5b0cc9440ce58%7C%7C5415effefa5614a0ecec74b291b58e9a%7C%7Ccbee18938fe9577a18d7950fc087481c%7C%7Cd0e4945829fd292f7eaf7b5a7ff2214c%7C%7C1663701684%7D
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:bb3c:d326:4c11:bdb2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:02 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:48:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
events
logx.optimizely.com/v1/ 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.42.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-42-189.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 01 May 2023 00:48:02 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.thetimes.co.uk
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
943732b2-f77f-4af9-b706-c8dc30f28c18
segment
api.permutive.com/clm/v1/ 		37 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
7ad17c28602d20f73e266aaf3b6c0040b819f1a5b6140f67990e1e321e8936ae

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:48:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
content-type
application/json
identify
api.permutive.com/v2.0/ 		50 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
ba89ee5a4362485da5bfa827b1fb1e3a8fd556a47753835beb28afa48179e757

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:48:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thetimes.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
activeview
pagead2.googlesyndication.com/pcs/ Frame 4A12 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFC0ofERwHxFhtrSF60okHmULLqcEbNcuBjIwZJrDEzTyuJ1EWsHjGmdl24FDkBEFZJhNWXPztavhZnIvtHat6jaFix2NRtMOCYQdxrwKmik5ucG1N&sig=Cg0ArKJSzKB7tvAA-WdFEAE&id=lidar2&mcvt=1000&p=50,315,300,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230426&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3669364404&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1682902081520&rpt=529&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
segment
api.permutive.com/clm/v1/ 		37 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/clm/v1/segment?k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
7ad17c28602d20f73e266aaf3b6c0040b819f1a5b6140f67990e1e321e8936ae

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:48:03 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
content-type
application/json
/
accdn.lpsnmedia.net/api/account/75931016/configuration/setting/accountproperties/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/75931016/configuration/setting/accountproperties/?cb=accountSettingsCB
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
e5e067e2ba717f1b6ee0e7cd3e452d036e77c4527dd5e5dcfc62224841459e03
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:03 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.vakube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Mon, 01 May 2023 00:49:03 GMT
ui-framework.js
lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/ui-framework.js?version=10.26.0.0-release_5560
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 07 Apr 2023 01:10:00 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Tue, 30 Apr 2024 00:48:03 GMT
UMSClientAPI.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/UMSClientAPI.min.js?version=10.26.0.0-release_5560
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 07 Apr 2023 01:09:58 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Tue, 30 Apr 2024 00:48:03 GMT
lpChatV3.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/ 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/lpChatV3.min.js?version=10.26.0.0-release_5560
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 07 Apr 2023 01:09:59 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Tue, 30 Apr 2024 00:48:03 GMT
surveylogicinstance.min.js
lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/surveylogicinstance.min.js?version=10.26.0.0-release_5560
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 07 Apr 2023 01:10:00 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Tue, 30 Apr 2024 00:48:03 GMT
zones
accdn.lpsnmedia.net/api/account/75931016/configuration/le-campaigns/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/75931016/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
c7e1ad7a01b4008dc80a4b207929378ab839b4e0fa27d911143b1159a97c1ffa
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:03 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.vakube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Mon, 01 May 2023 00:49:03 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930174&asId=e7077004-833c-707c-a587-9c093235ea07&tv=%7Bc:bjRaxF,pingTime:1,time:1299,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:258%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1299,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:257,wc:0.0.1600.1200,ac:315.50.970.250,am:i,cc:315.50.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1069~100%5D,as:%5B1069~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:94,fm:tCXHDc8+11%7C12%7C13%7C14111%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m111%7C1m112%7C1m113%7C1m114%7C1m115%7C1m116%7C1m117%7C1m118%7C1m119%7C1m11a%7C1m11b%7C1m12%7C1m13%7C1m14%7C1m15%7C1m16%7C1m17%7C1m18%7C1m19%7C1m1a%7C1m1b%7C1m1c%7C1m1d%7C1n*.930174%7C1n1%7C1n2,idMap:1n*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:260,sis:346%7D&br=c
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:bb3c:d326:4c11:bdb2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:03 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930174&asId=e7077004-833c-707c-a587-9c093235ea07&tv=%7Bc:bjRaxG,pingTime:1,time:1300,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:258%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1300,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:257,wc:0.0.1600.1200,ac:315.50.970.250,am:i,cc:315.50.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1070~100%5D,as:%5B1070~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:94,fm:tCXHDc8+11%7C12%7C13%7C14111%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m111%7C1m112%7C1m113%7C1m114%7C1m115%7C1m116%7C1m117%7C1m118%7C1m119%7C1m11a%7C1m11b%7C1m12%7C1m13%7C1m14%7C1m15%7C1m16%7C1m17%7C1m18%7C1m19%7C1m1a%7C1m1b%7C1m1c%7C1m1d%7C1n*.930174%7C1n1%7C1n2,idMap:1n*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:260,sis:346,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:bb3c:d326:4c11:bdb2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:03 GMT
server
nginx
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930174&asId=e7077004-833c-707c-a587-9c093235ea07&tv=%7Bc:bjRaxG,pingTime:1,time:1300,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:258%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1300,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:257,wc:0.0.1600.1200,ac:315.50.970.250,am:i,cc:315.50.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1070~100%5D,as:%5B1070~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:94,fm:tCXHDc8+11%7C12%7C13%7C14111%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m111%7C1m112%7C1m113%7C1m114%7C1m115%7C1m116%7C1m117%7C1m118%7C1m119%7C1m11a%7C1m11b%7C1m12%7C1m13%7C1m14%7C1m15%7C1m16%7C1m17%7C1m18%7C1m19%7C1m1a%7C1m1b%7C1m1c%7C1m1d%7C1n*.930174%7C1n1%7C1n2,idMap:1n*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:260,sis:346,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:bb3c:d326:4c11:bdb2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:03 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
desktopEmbedded.js
lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/ 		976 KB
305 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_unified_window/10.26.0.0-release_5560/desktopEmbedded.js?version=10.26.0.0-release_5560
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
ee154a894141cd3c4b00a7538eaba115b66356dadc2f72425a72b6b6ba395a7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 07 Apr 2023 01:09:58 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Tue, 30 Apr 2024 00:48:03 GMT
storage.secure.min.html
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ Frame C5C2 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fwww.thetimes.co.uk&site=75931016&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-allow-methods
GET, POST, PATCH
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
content-encoding
gzip
content-type
text/html
date
Mon, 01 May 2023 00:48:03 GMT
expires
Tue, 30 Apr 2024 00:48:03 GMT
last-modified
Fri, 17 Mar 2023 01:15:38 GMT
server
ws
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
x-cache-status
HIT
x-content-type-options
nosniff
storage.secure.min.js
lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.js?loc=https%3A%2F%2Fwww.thetimes.co.uk&site=75931016&force=1&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.90 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
va-lpcdn.lpsnmedia.net
Software
ws /
Resource Hash
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 17 Mar 2023 01:15:38 GMT
server
ws
x-cache-status
HIT
vary
Origin
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
cache-control
max-age=31536000
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
expires
Tue, 30 Apr 2024 00:48:03 GMT
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
09b7540b021174384cd2e796468af2ef02baeb862d10bebb9c2a6ad83cbfe200

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 01 May 2023 00:48:03 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.thetimes.co.uk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
refererrestrictions
accdn.lpsnmedia.net/api/account/75931016/configuration/domainprotection/ Frame C5C2 		711 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accdn.lpsnmedia.net/api/account/75931016/configuration/domainprotection/refererrestrictions?cb=lpCb4934x69574
Requested by
Host: lpcdn.lpsnmedia.net
URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.20.0.0-release_5080/storage.secure.min.html?loc=https%3A%2F%2Fwww.thetimes.co.uk&site=75931016&env=prod&isCrossDomain=true&accdn=accdn.lpsnmedia.net
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.89.12.91 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software
ws /
Resource Hash
dc1375ce71d88e98933d56ce7aef44840f5f33ca1f3a5386473611080ae61bf6
Security Headers
Name Value
Strict-Transport-Security max-age=99999999999; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://lpcdn.lpsnmedia.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:03 GMT
x-envoy-decorator-operation
lp-accdn-app.default.svc.vakube01.int.liveperson.net:8080/*
x-content-type-options
nosniff
strict-transport-security
max-age=99999999999; includeSubDomains
content-encoding
gzip
server
ws
x-cache-status
EXPIRED
vary
Accept
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
x-envoy-upstream-service-time
0
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires
Mon, 01 May 2023 00:49:03 GMT
75931016
lo0.v.liveperson.net/api/js/ 		238 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo0.v.liveperson.net/api/js/75931016?&cb=lpCb20030x54913&t=sp&ts=1682902083935&pid=6495452215&tid=4477865033&pt=How%20did%20the%20US%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&u=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&sec=%5B%22world%22%5D&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.96.141 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo0.v.liveperson.net
Software
ws /
Resource Hash
92a3cfafea87444483464e2dbc6765378e64123c53f2984afee68239bc615b67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=false&k=6d4308de-b940-4b9d-aeda-a62d7637d513
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 01 May 2023 00:48:04 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
75931016
lo0.v.liveperson.net/api/js/ 		41 B
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lo0.v.liveperson.net/api/js/75931016?sid=fmN-MqUTQ_ScAbCjAzq7lQ&cb=lpCb8336x78992&t=uc&ts=1682902083301&pid=6495452215&tid=4477865033&sdes=%5B%7B%22type%22%3A%22ctmrinfo%22%2C%22info%22%3A%7B%22cstatus%22%3A%22logged-out%22%7D%7D%2C%7B%22type%22%3A%22mrktInfo%22%2C%22info%22%3A%7B%22affiliate%22%3A%22www.thetimes.co.uk%22%7D%7D%5D&vid=FkMzVjYjJkOGUzZTkwNDg2
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.96.141 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo0.v.liveperson.net
Software
ws /
Resource Hash
232eb72dd3d447cfa982c9ae5ed84a633f2250dcc9aacfb8041b07c88cb1c97b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
75931016
lo0.v.liveperson.net/api/js/ 		42 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lo0.v.liveperson.net/api/js/75931016?sid=fmN-MqUTQ_ScAbCjAzq7lQ&cb=lpCb25475x72165&t=uc&ts=1682902083302&pid=6495452215&tid=4477865033&sdes=%5B%7B%22type%22%3A%22ctmrinfo%22%2C%22info%22%3A%7B%22storeNumber%22%3A%22www.thetimes.co.uk%22%7D%7D%5D&vid=FkMzVjYjJkOGUzZTkwNDg2
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.96.141 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo0.v.liveperson.net
Software
ws /
Resource Hash
501bf9b276dfb989a7fabdad26cbdf309b6f327ab1e9010cb94579c43cde6dd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
75931016
lo0.v.liveperson.net/api/js/ 		111 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lo0.v.liveperson.net/api/js/75931016?sid=fmN-MqUTQ_ScAbCjAzq7lQ&cb=lpCb25393x86464&t=pl&ts=1682902083945&pid=6495452215&tid=4477865033&vid=FkMzVjYjJkOGUzZTkwNDg2
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.249.96.141 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS
lo0.v.liveperson.net
Software
ws /
Resource Hash
efcec3b118e883badfdf05a6f3fee6267e3d5b952a61f0ee3db06b0058a55c52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
ws
access-control-allow-methods
GET, POST, PATCH
content-type
application/javascript
access-control-expose-headers
X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control
no-store
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
nr-spa-1198.min.js
js-agent.newrelic.com/ 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1198.min.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ec272b76ebdf8756da8e60cbec342b26e1e314d223b828e34b02aedea5d6d5a
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 varnish
date
Mon, 01 May 2023 00:48:05 GMT
strict-transport-security
max-age=300
x-amz-request-id
H3JE32SZ1YCNJ07Z
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
14594
x-amz-id-2
87076QVdQMDFzOGpmUTOwOzLivxRiC4uE/hNE07FCoN9aUIP8yhjkpnBDW+C6igXBw7qgtDCf6A=
x-served-by
cache-yul12834-YUL
last-modified
Fri, 29 Jan 2021 19:19:10 GMT
server
AmazonS3
x-timer
S1682902085.461380,VS0,VE0
etag
"498f8d87fcfe5e90fda6a3ae4c47c6b0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
26
/
ct.pinterest.com/user/ 		35 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=PageVisit&ed=%7B%7D&tid=2614380761124&pd=%7B%22np%22%3A%22tealium%22%2C%22pin_unauth%22%3A%22dWlkPVpUSmlObUptTUdFdFlUazRNQzAwTlROaUxUbGtaamd0WldOaFl6Qm1OVEEwTjJVMg%22%7D&cb=1682902085429&dep=4%2CTAGS_RECEIVED&stc=true
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pin-unauth
dWlkPVlUUTNZVFV6TmpFdFpHUTJNeTAwT0dKaExXSXdZakF0TTJOak0yVXpNR0UyTTJVeQ
pragma
no-cache
date
Mon, 01 May 2023 00:48:05 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://www.thetimes.co.uk
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-pinterest-rid
9454139762587562
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1752853579&t=event&ni=1&ds=web&_s=2&dl=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&dp=%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&dh=www.thetimes.co.uk&ul=en-us&de=UTF-8&dt=article%3Athe-us-it-hack-your-questions-answered-6rwqkvghq&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=user%20interactions&ea=flash%20sale%20popup%20modal%3Adisplayed&_u=aHBAgAABBAAAAEACIg~&jid=&gjid=&cid=959910921.1682902080&tid=UA-100401456-13&_gid=1961967714.1682902080&cg1=world&cd1=the%20times%20and%20sunday%20times&cd2=article%3Athe-us-it-hack-your-questions-answered-6rwqkvghq&cd3=world&cd7=article&cd12=uk&cd13=restricted&cd51=2dd94710-3fbb-11eb-83a7-25db7141c256&cd52=methode&cd53=how%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&cd54=tom%20knowles&cd55=2020%2F12%2F17%2000%3A00%20thursday&cd56=2020%2F12%2F17&cd57=865%3A00%3A47%3A00&cd63=how%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&cd100=guest&cd102=0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08&cd105=1682902079443&cd106=1&cd109=2023%2F05%2F01%2000%3A48%20monday&cd110=2023-04-26%2013%3A15%20%5Bthetimes.2018%5D&cd111=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F112.0.5615.121%20safari%2F537.36&cd113=landscape&cd116=maincomment%20(huge)%20(react)&cd121=times%20mvt%7Cw26%3A0-w27%3A0-w28%3A0-w30%3A1&cd124=2dd94710-3fbb-11eb-83a7-25db7141c256&cd145=NONE&cd150=current%20edition&cd152=the%20times&cd154=logged%20out&cd155=united%20states&cd174=denied&cd176=%5B%5D&cd128=0&cd146=nuk%3A970b507e-02c6-4aca-ac03-4f02980cda84&cd147=1682902085421&cd188=denied&cd190=%5B%5D&cd30=flash%20sale%20popup%20modal%3Adisplayed&cd31=automated&cd104=e9d39eb2-9a31-4a27-8490-2a5d1858679d.3.1682902080.1745974079&cm51=1&cd148=0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08&z=1113300617
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 06:37:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
65452
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
pac.thetimes.co.uk/ 		0
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pac.thetimes.co.uk/track?et=1&n=tnl&p=thetimes&pu=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&pn=article%3Athe-us-it-hack-your-questions-answered-6rwqkvghq&ai=2dd94710-3fbb-11eb-83a7-25db7141c256&an=how%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&sn=world&cs_id=0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08&ec=user%20interactions&ea=flash%20sale%20popup%20modal%3Adisplayed&d1=the%20times%20and%20sunday%20times&d2=0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08&d3=1682902079443&d4=etc%2Funknown&d5=landscape&d6=logged%20out&d7=2023%2F05%2F01%2000%3A48%20monday&d8=1600x1200%7C1600x1200%7C1%7C0%25&d28=flash%20sale%20popup%20modal%3Adisplayed&d29=automated&d37=2dd94710-3fbb-11eb-83a7-25db7141c256&d38=article&d40=true&d41=tom%20knowles&pvi=nuk%3A970b507e-02c6-4aca-ac03-4f02980cda84&d46=1682902085421&d47=1&d48=0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08&d56=denied&d58=%5B%5D&d60=united%20states&d65=NONE&d66=2020%2F12%2F17%2000%3A00%20thursday&d67=the%20times&d88=denied&d91=%5B%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:05 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
0
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
x-download-options
noopen
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:43:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 01 May 2023 01:33:44 GMT
serviceiframe
news.google.com/swg/ui/v1/ Frame D960 		16 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1682902085443&publicationId=thetimes.co.uk
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
400f366af1f561b64371841fff45ee4307446311f587122e9f3bbaa89c3e784d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-erMhMHqs0vYGrUDB_OgZfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-erMhMHqs0vYGrUDB_OgZfA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy
same-site
date
Mon, 01 May 2023 00:48:05 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
contextfeed.js
www.dianomi.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dianomi.com/js/contextfeed.js
Requested by
Host: ads.thetimes.co.uk
URL: https://ads.thetimes.co.uk/ads.times_render.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.17.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
/
zn6y5j1pcz0fpkvop-newsuk.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn6y5j1pcz0fpkvop-newsuk.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_6y5J1Pcz0fPKvop&Q_LOC=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&t=1682902085452
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9e1cc6a03d1845c0973e4b7047464d64944066db627ac16a01bb95ef4d16989
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
174385
cf-polished
origSize=9051
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"235b-N1cDrquxKcIJtJ2sClL5Ne935s8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7c0404529bd6a1d8-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
MultiNoun.jsonp
d.la1-c1-frf.salesforceliveagent.com/chat/rest/System/ 		226 B
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la1-c1-frf.salesforceliveagent.com/chat/rest/System/MultiNoun.jsonp?nouns=VisitorId,Settings&VisitorId.prefix=Visitor&Settings.prefix=Visitor&Settings.buttonIds=[573200000008PeP]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572200000008PIT&org_id=00D20000000COG5&version=48
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.249.128 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg0-fra3.la1-c1-fra.salesforceliveagent.com
Software
/
Resource Hash
3cf8e8199a4a55ceba1720d09ca70063550e4907c68f921394cc5534a4721038
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304250101&st=env
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6bafff76e94b85fdca9ac7ea6974039879323a2b7786748591a0aa23ad2fea59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11275
x-xss-protection
0
ct.html
ct.pinterest.com/ Frame 5C70 		565 B
399 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:48:05 GMT
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
0
x-pinterest-rid
1027257247842003
syncframe
gum.criteo.com/ Frame FFB7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.thetimes.co.uk&gdpr=0&gdpr_consent=
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:48:05 GMT
server
Kestrel
server-processing-duration-in-ticks
350683
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
ct.pinterest.com/v3/ 		35 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%7D&tid=2614380761124&pd=%7B%22np%22%3A%22tealium%22%2C%22pin_unauth%22%3A%22dWlkPVpUSmlObUptTUdFdFlUazRNQzAwTlROaUxUbGtaamd0WldOaFl6Qm1OVEEwTjJVMg%22%7D&cb=1682902085471&dep=4%2CTAGS_RECEIVED&stc=true&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22da2a1c8f%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:05 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
14
x-pinterest-rid
1331726551031731
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
article
news.google.com/swg/_/api/v1/publication/thetimes.co.uk/ 		324 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/thetimes.co.uk/article
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a7c108921aec53b21ed74d3979f9c1aea55ae72d724ff49d4e66bef21431c1c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.thetimes.co.uk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
c.json
collection.decibelinsight.net/i/13830/227744/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://collection.decibelinsight.net/i/13830/227744/c.json
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
132.145.172.253 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
9fb5fd2c824393b2efde594936a07f5b60abe4df5a4daf1da56588a79fab3904
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:05 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
etag
W/000068368-187D4C7EFED
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.thetimes.co.uk
cache-control
private, max-age=1800
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-HTTP-Method-Override
alt-svc
h3=":443"; ma=2592000, h2=":443"; ma=2592000
95106251f5
bam.nr-data.net/1/ 		49 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/95106251f5?a=31906524&sa=1&v=1198.fe6ec20&t=Unnamed%20Transaction&rst=10580&ck=1&ref=https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq&be=1500&fe=10504&dc=4157&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1682902074912,%22n%22:0,%22f%22:1,%22dn%22:3,%22dne%22:19,%22c%22:19,%22s%22:37,%22ce%22:59,%22rq%22:60,%22rp%22:1462,%22rpe%22:1490,%22dl%22:1466,%22di%22:1541,%22ds%22:4158,%22de%22:4158,%22dc%22:10504,%22l%22:10504,%22le%22:10555%7D,%22navigation%22:%7B%7D%7D&fp=1532&fcp=1682&ja=%7B%22ncuAd-branch%22:%22master%22,%22ncuAd-brand%22:%22times_render%22,%22ncuAd-version%22:%22v1.137.622%22%7D&jsonp=NREUM.setToken
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.247.241.14 Portland, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:48:05 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Transfer-Encoding
chunked
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
Connection
keep-alive
CF-Ray
7c040452becf17f9-EWR
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 01 May 2023 00:48:05 GMT
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame D960 		0
27 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-XrYX_krTEdBCnAxOm7ywXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=1682902085443&publicationId=thetimes.co.uk
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 01 May 2023 00:48:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-XrYX_krTEdBCnAxOm7ywXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=serviceiframeview,_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/ed=1/rs=ABXTjI4QWEPRvzQGURnmvRAPRWGC8RROcA/ Frame D960 		521 B
967 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/ed=1/rs=ABXTjI4QWEPRvzQGURnmvRAPRWGC8RROcA/m=serviceiframeview,_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1682902085443&publicationId=thetimes.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:31:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112591
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
311
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 19:05:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/css; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 17:31:34 GMT
m=_b,_tp,_r
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1... Frame D960 		198 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI45RlxIBhJZLPv_Pkrop3pmbJbX-Q/m=_b,_tp,_r
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1682902085443&publicationId=thetimes.co.uk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9862d720a7bf84f9af0796630be7018e1dc90f9d4177dafe02b42a951d8fc89c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 10:10:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139038
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71505
x-xss-protection
0
last-modified
Wed, 19 Apr 2023 02:50:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 10:10:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E8F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
102994
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 29 Apr 2023 20:11:31 GMT
expires
Sun, 28 Apr 2024 20:11:31 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0B1C 		783 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
97a3c56a4fd65b065e6ef0e01297038b0a1696a30f18da3efca50ad0226ecb0d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-X79oN9OZwZcoNU3QCGUCug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-X79oN9OZwZcoNU3QCGUCug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 May 2023 00:48:05 GMT
expires
Mon, 01 May 2023 00:48:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
10.2e1cdb4f7469aa007c8a.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/10.2e1cdb4f7469aa007c8a.chunk.js?Q_CLIENTVERSION=1.90.0&Q_CLIENTTYPE=web&Q_BRANDID=www.thetimes.co.uk
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de28ac7907308ef497da86c8e54eac75a9fc8342f18493978d1cc17ebe7252ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
426665
cf-polished
origSize=66398
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 24 Apr 2023 23:27:23 GMT
cf-bgj
minify
server
cloudflare
etag
W/"1035e-187b597e378"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
7c0404534cfaa1d8-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
link
www.thetimes.co.uk/swg/ 		50 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.thetimes.co.uk/swg/link
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
54.230.163.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-35.ewr53.r.cloudfront.net
Software
/
Resource Hash
7d64e879f003deb519e6e584a351cb0eafb88806ac535a22771aec601d58b918

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:05 GMT
content-encoding
gzip
via
1.1 a6cca18455d155ffa87e5da1963e8d88.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-cache
Miss from cloudfront
content-type
application/json
alt-svc
h3=":443"; ma=86400
content-length
55
apigw-requestid
EN7a-ihAjoEEM9Q=
x-amz-cf-id
eaNNHnQpOXm9wEoQ56m79Y1Ef3qGuxvXfowL9FI6rIrjdH5VbJQ--g==
wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
pagead2.googlesyndication.com/bg/ Frame 9E8F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wWfSKEvm5m71ncvuKkb75n2aRSa4xnPTVaXx3Fl3SgU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 20:09:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
362329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Tue, 25 Apr 2023 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 20:09:16 GMT
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_6y5J1Pcz0fPKvop&Q_CLIENTVERSION=1.90.0&Q_CLIENTTYPE=web
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c133c00b3c4cea3ca3721cba2e6af26f79fa4667420644227d0fb1ec3ebe4f15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 01 May 2023 00:48:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.thetimes.co.uk
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
27a91cb10e62f9f2
cf-ray
7c040454bff3a1d8-YYZ
timing-allow-origin
*
sid
mug.criteo.com/ Frame FFB7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=thetimes.co.uk&sn=ChromeSyncframe&so=0&topUrl=www.thetimes.co.uk&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=yUcrrHx6NklmU0hnOG11RUtaSU5ZcFZvaDJ4VzI1dkpIVzlsNVA0QmUrWVpKNXFFeHE5OFRTZk9zY090MXhFTFQ0RmdyM04xSEt5bTVrNS9HRkFjOG1STEJhclRud0RsOTJad2s1NTR5aTdkOFkvTnZsM1VrUU1mclhXZD...
436 B
653 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=yUcrrHx6NklmU0hnOG11RUtaSU5ZcFZvaDJ4VzI1dkpIVzlsNVA0QmUrWVpKNXFFeHE5OFRTZk9zY090MXhFTFQ0RmdyM04xSEt5bTVrNS9HRkFjOG1STEJhclRud0RsOTJad2s1NTR5aTdkOFkvTnZsM1VrUU1mclhXZDdUNWhJaU9JbzJybDJrMHVNUW9RSE1vM1JUbEV0Z2NkNFlMNXBJNkFPMzRPVTd1TWpuYmpmZlVCTEpBWDB1WllncG5nakJRSVB6MGF0RFhQSVkzRy9wVGdxNUhFMGNtZHFrWUtpS3RYVnJHdG95YkZ0S1RpVGR2Mm5jVHkySVliSzlVb2N6THFLM0ZUalpUUGYxeStCTnZ3MjJyK1hyUT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b75818d1aaf0984b6c23d4edde6c7396f36d4b52d2b208463c318851176a9567
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2786775
expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=yUcrrHx6NklmU0hnOG11RUtaSU5ZcFZvaDJ4VzI1dkpIVzlsNVA0QmUrWVpKNXFFeHE5OFRTZk9zY090MXhFTFQ0RmdyM04xSEt5bTVrNS9HRkFjOG1STEJhclRud0RsOTJad2s1NTR5aTdkOFkvTnZsM1VrUU1mclhXZDdUNWhJaU9JbzJybDJrMHVNUW9RSE1vM1JUbEV0Z2NkNFlMNXBJNkFPMzRPVTd1TWpuYmpmZlVCTEpBWDB1WllncG5nakJRSVB6MGF0RFhQSVkzRy9wVGdxNUhFMGNtZHFrWUtpS3RYVnJHdG95YkZ0S1RpVGR2Mm5jVHkySVliSzlVb2N6THFLM0ZUalpUUGYxeStCTnZ3MjJyK1hyUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
526639
content-length
0
expires
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0B1C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304250101&jk=3237086424066840&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,mUDFmf,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,W93Wdc
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L... Frame D960 		124 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6gPBIjTMOKlIGafq2dUhW_JdiApA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,mUDFmf,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,W93Wdc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI45RlxIBhJZLPv_Pkrop3pmbJbX-Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce7421f5862e407365973442ea5e7e98575b6f179ed23ad2c8d6c1ab7c9a8d41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 09:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42737
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 19:05:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 09:53:05 GMT
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L... Frame D960 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=COQbmf,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6gPBIjTMOKlIGafq2dUhW_JdiApA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI45RlxIBhJZLPv_Pkrop3pmbJbX-Q/m=_b,_tp,_r
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13ee1534cd1c1ee75c6cc66bf9a090aaea63c0018e66190675071723b7a8b6b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:35:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
112344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7427
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 19:05:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 17:35:41 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1752853579&t=event&ni=1&ds=web&_s=3&dl=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&dp=%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&dh=www.thetimes.co.uk&ul=en-us&de=UTF-8&dt=article%3Athe-us-it-hack-your-questions-answered-6rwqkvghq&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Decibel%20Insight&ea=Session&_u=aHBAgAABBAAAAEACIg~&jid=&gjid=&cid=959910921.1682902080&tid=UA-100401456-13&_gid=1961967714.1682902080&cd117=di-227744-87DA17E28E32AE83DD24AA13B382BFFDD9&z=875679545
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 06:37:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
65452
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L... Frame D960 		1 KB
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6gPBIjTMOKlIGafq2dUhW_JdiApA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI45RlxIBhJZLPv_Pkrop3pmbJbX-Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa42b353a1443b510839625deac9428844a80039d8bd6f1ad45b9caea9f64d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:14:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
113612
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
711
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 19:05:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 17:14:33 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L... Frame D960 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6gPBIjTMOKlIGafq2dUhW_JdiApA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI45RlxIBhJZLPv_Pkrop3pmbJbX-Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
808515d245d7d80e18a680941807e7e7827d30b947b283cbd85c52f8eec41d04
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 09:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5097
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 19:05:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 09:53:06 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame D960 		160 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-4962784845058430816&bl=boq_subscribewithgoogleclientserver_20230419.03_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=2886&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI45RlxIBhJZLPv_Pkrop3pmbJbX-Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00ba142327bbb157b799425614f16e3a0ca21fcf0b2898c6d0d24723597a2396
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 01 May 2023 00:48:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to
{"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type
application/json; charset=utf-8
x-frame-options
SAMEORIGIN
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires
Mon, 01 Jan 1990 00:00:00 GMT
events
logx.optimizely.com/v1/ 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.42.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-42-189.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 01 May 2023 00:48:06 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.thetimes.co.uk
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
518c6f7b-7065-4dd0-9098-6a7e3a86af09
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L... Frame D960 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.obpTAUHlBDA.L.B1.O/am=YOcGAAQ/d=1/exm=COQbmf,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,RqjULd,U0aPgd,W93Wdc,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,mUDFmf,ovKuLd,ws9Tlc,xUdipf,yDVVkb/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI6gPBIjTMOKlIGafq2dUhW_JdiApA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;xqZiqf:wmnU7d;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;Me32dd:MEeYgc;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/ujg=1/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI45RlxIBhJZLPv_Pkrop3pmbJbX-Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2003 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ccf03ca5b6fdbc712ccbb0278cdbc4d6aba50772229fa54f6be27371d13fa6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 17:07:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114057
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36778
x-xss-protection
0
last-modified
Tue, 18 Apr 2023 19:05:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 17:07:09 GMT
log
play.google.com/ Frame D960 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI45RlxIBhJZLPv_Pkrop3pmbJbX-Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 01 May 2023 00:48:06 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 May 2023 00:48:06 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 01 May 2023 00:48:06 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame D960 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI45RlxIBhJZLPv_Pkrop3pmbJbX-Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 01 May 2023 00:48:06 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 May 2023 00:48:06 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 01 May 2023 00:48:06 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame D960 		131 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.e7wkp6TnG5k.es5.O/am=YOcGAAQ/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI45RlxIBhJZLPv_Pkrop3pmbJbX-Q/m=_b,_tp,_r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 01 May 2023 00:48:06 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 May 2023 00:48:06 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4020:806::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 01 May 2023 00:48:06 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 9E8F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?JSLGoQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:807::2001 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
Settings.jsonp
d.la3-c1-fra.salesforceliveagent.com/chat/rest/Visitor/ 		415 B
708 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la3-c1-fra.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?sid=6db78976-3db9-46e7-a403-0a18786be2c2&Settings.prefix=Visitor&Settings.buttonIds=[573200000008PeP]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572200000008PIT&org_id=00D20000000COG5&version=48
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.13.0 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-fra3.la3-c1-fra.salesforceliveagent.com
Software
/
Resource Hash
8648d65a741f20d606f28ab220a747c151044a23ebe907cb02c3d2015e38070e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
usync.html
eus.rubiconproject.com/ Frame 093E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 01 May 2023 00:48:06 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame C665 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
63202
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 01 May 2023 00:48:06 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 17 Apr 2023 07:14:20 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
56, 373933
X-Served-By
cache-lga13626-LGA, cache-yul12829-YUL
X-Timer
S1682902087.526932,VS0,VE0
sync
eb2.3lift.com/ Frame 214D 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
0cc7506db417b02c16e09fa9dfeb6f26e9f97bcc89c3b0431185d128daf13bc6

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1114
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:48:06 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
load-cookie.html
elb.the-ozone-project.com/static/ Frame CF3C 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51009e35df2ccf8eab8b44e10b17869bbb7896c256da2b64a8e3efe91d50d384

Request headers

Referer
https://www.thetimes.co.uk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7c040458ded054d9-YYZ
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 01 May 2023 00:48:06 GMT
expires
0
last-modified
Wed, 19 Apr 2023 06:58:35 GMT
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 093E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
3ad153145535384b64b055ab14a32c0078416de71e27b9097e0bb027a5b823a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Mon, 01 May 2023 00:48:06 GMT
Content-Encoding
gzip
Last-Modified
Sun, 30 Apr 2023 15:25:48 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=52690
Connection
keep-alive
Content-Length
10020
Expires
Mon, 01 May 2023 15:26:16 GMT
xuid
eb2.3lift.com/ Frame 214D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:48:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=650de8e5-9d7a-4ec2-a51e-0cfb255c269b&dongle=0cfd&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
251
ebda
eb2.3lift.com/ Frame 214D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAzODQyNDMwNDI2MTU2ODUzODI3Ng%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 214D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDOCfeKCuEj2NlTdW68bPDM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDOCfeKCuEj2NlTdW68bPDM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:48:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDOCfeKCuEj2NlTdW68bPDM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 214D
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAzODQyNDMwNDI2MTU2ODUzODI3Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAzODQyNDMwNDI2MTU2ODUzODI3Ng%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
172.217.13.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTAzODQyNDMwNDI2MTU2ODUzODI3Ng%3D%3D
date
Mon, 01 May 2023 00:48:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 214D 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1038424304261568538276&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:06 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5D248809CF1F440080E3D4689EAC341B Ref B: YMQ01EDGE0807 Ref C: 2023-05-01T00:48:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX6ly0Qaf509zf3wduslQ==
xuid
eb2.3lift.com/ Frame 214D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1038424304261568538276&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=triplelift&bsw_custom_parameter=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=c8692fea-9ee3-4154-b2e6-ce8c274bfed4&ssp=triplelift&expires=30&user_group=5&bsw_param=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd
  • https://eb2.3lift.com/xuid?mid=2409&xuid=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:48:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 01 May 2023 00:48:06 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 214D 		42 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1038424304261568538276&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:06 GMT
last-modified
Mon, 24 Apr 2023 16:43:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6A8BEB032EB04205B8C1C59DC81100E1 Ref B: YMQ01EDGE0610 Ref C: 2023-05-01T00:48:06Z
etag
"97b0d0f2cb76d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 214D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1038424304261568538276?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-_AIlhJJE2oRG1B2zQzknGkLjMgGIFwwAqIPSgskPwg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-_AIlhJJE2oRG1B2zQzknGkLjMgGIFwwAqIPSgskPwg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:48:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 01 May 2023 00:48:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-_AIlhJJE2oRG1B2zQzknGkLjMgGIFwwAqIPSgskPwg--~A&dongle=0883
content-length
0
xuid
eb2.3lift.com/ Frame 214D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=Inc5hTaP5JdkCNQ0xS0T&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5JFXGGNLIKRQVA...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=Inc5hTaP5JdkCNQ0xS0T
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=Inc5hTaP5JdkCNQ0xS0T
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:48:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:06 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=Inc5hTaP5JdkCNQ0xS0T
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 214D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=1362917374711887341&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=1362917374711887341&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 01 May 2023 00:48:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Mon, 01 May 2023 00:48:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
8c8b4d38-0188-40df-854d-a89c23c80d1f
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=1362917374711887341&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C665 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:06 GMT
AN-X-Request-Uuid
856f5c04-91d1-41f6-ae4c-86f508ffb2a4
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ Frame CF3C 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
https://elb.the-ozone-project.com/
Origin
https://elb.the-ozone-project.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:06 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7c040459aec333ef-YUL
cookie_sync
elb.the-ozone-project.com/ Frame CF3C 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cookie_sync
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ab306a7d35d22ab67b28412f6b2ec5cfe440416bbc4020b106b3d2f29dda03b

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:06 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://elb.the-ozone-project.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7c0404597fea54d9-YYZ
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304250101&jk=3237086424066840&bg=!W1ilWAzNAAb9Sbh13Uk7ADkAdvg8WgGxx2CFeMyFknH3KBmWtDkn_hLHTBfLmZA4_y7AWvixRm0bIie3fvytCaKZ6TBQWi_ueIkCAAAAxVIAAAADaAEHmQLfbZMgPXwLy_olDIHXXD9esspZDlyKUqHXshWwMuhxhr9mh_Wzny5iR7qzxt7fGhEg5Av0solAVXPgllIgk3B9r3Mll2pavQLKXWx_LNGH8auK6tK-aWvec0fRoulGa3kzszkGcu47im21dZgc2GVuRuAm39jZnezL4Dcs4qNTKfxA_cAlYfkuKkZVZdLNs10dtgSmvr4PDs6dpZZEdGSNDYcWCPg5qpSHrLgINdv5rjo4PJ5Lfk_0ZhXOJCQ525Pb9mcPqVE2HE4NcyFbndcJK4fdMwqvHW9scGJ4jOjowK8FZ5BzaN-WT-gk4zuk9bsjYQ12FIdIq5X1X6UsCMGnrKVJ3LNVYB6J3oI8OBhs4DETpJWBHHEpMoRk7rurIUqIMxOCOJ255m9xHQWZ7waVMHkBrk2QyjMu9mForvoK_Y-dUTsrvv-07p2yK_LFRWNknCPDoUsWqfn_Iq2qUwuDotv57KoA-Tnv63VE4MnbVSWHY3745e2hoJ1zTzjxGs6PpEHjp73jjT-IwSEluuHkIoh_Qvx7tAR00JO-EWJLEgmDhh-18EvS2vGHuOnqF1Notc8YHvIXE4e5DNv9bxNZAEqeVhJwNf_HwuFb3bbSZDObTdYQgO5yo5zueAMXJoC506qR30_qz8jnEsxL-pLUVkIEDesF5gWCAJUJiWGj3ahwqUWHchZVh197aWUUWBXOcsGCkIc-eHVwrJjtAE1RXo4pgKfGjm7yYMF_anJrEwAY8HFEipVO7Tc_6dcfCpG_IRAWEAv5SyW4Ug4mE724dB9PwK6MFQ7fnq2Uz75ARCYDuJs0tlvV_sczKFwoDFemm74jb_Jk0Kd5ttmYgniCazQr9em_vigz4L0A5yiTBbIDK3gySDGpSaMBH5wSIrxoEl502SlethnfVefSlORK2--SScMC_HPywv1Lg_XMj6rf_hpEmlGC5R1oEVoxYlEvLD_Jlqk0FJTCR3RRz91_
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::2002 Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=650de8e5-9d7a-4ec2-a51e-0cfb255c269b
0
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=650de8e5-9d7a-4ec2-a51e-0cfb255c269b
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c04045a08ea54d9-YYZ
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://elb.the-ozone-project.com/setuid?bidder=ttd&uid=650de8e5-9d7a-4ec2-a51e-0cfb255c269b
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
215
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=1362917374711887341
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=1362917374711887341
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c04045a89c454d9-YYZ
content-length
0
expires
0

Redirect headers

Date
Mon, 01 May 2023 00:48:06 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
2bccda91-dcb6-469b-9994-0d74b46b6a34
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=1362917374711887341
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
  • https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=8855685741132918785
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=8855685741132918785
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c04045c2c0654d9-YYZ
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=8855685741132918785
date
Mon, 01 May 2023 00:48:06 GMT
content-length
0
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=8211384837442828128
0
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=8211384837442828128
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c04045ec85e54d9-YYZ
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=8211384837442828128
date
Mon, 01 May 2023 00:48:07 GMT
server
nginx
content-length
0
content-type
text/plain
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930174&asId=e7077004-833c-707c-a587-9c093235ea07&tv=%7Bc:bjRbAb,pingTime:5,time:5299,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:258%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5299,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:257,wc:0.0.1600.1200,ac:315.50.970.250,am:i,cc:315.50.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5069~100%5D,as:%5B5069~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:94,fm:tCXHDc8+11%7C12%7C13%7C14111%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j%7C1k%7C1l%7C1m111%7C1m112%7C1m113%7C1m114%7C1m115%7C1m116%7C1m117%7C1m118%7C1m119%7C1m11a%7C1m11b%7C1m12%7C1m13%7C1m14%7C1m15%7C1m16%7C1m17%7C1m18%7C1m19%7C1m1a%7C1m1b%7C1m1c%7C1m1d%7C1n*.930174%7C1n1%7C1n2,idMap:1n*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:260,sis:346%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7782:bb3c:d326:4c11:bdb2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:07 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
101995
dmx.districtm.io/s/v1/img/s/ Frame CF3C 		0
0
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1038424304261568538276
0
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1038424304261568538276
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c04045f696254d9-YYZ
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=1038424304261568538276
date
Mon, 01 May 2023 00:48:07 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=3110eada-18f1-45ae-a51e-18c79f0071b5
0
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=3110eada-18f1-45ae-a51e-18c79f0071b5
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c0404600a6b54d9-YYZ
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=sharethrough&gdpr=0&gdpr_consent=&uid=3110eada-18f1-45ae-a51e-18c79f0071b5
date
Mon, 01 May 2023 00:48:07 GMT
content-length
0
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
  • https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LH44G3RR-1N-LL4W&gdpr=0
0
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LH44G3RR-1N-LL4W&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c0404609b3654d9-YYZ
content-length
0
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://elb.the-ozone-project.com/setuid?bidder=rubicon&uid=LH44G3RR-1N-LL4W&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
Expires
0
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAApNE7InhkAACQ8h6P5FQ
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAApNE7InhkAACQ8h6P5FQ
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:07 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c0404617c6b54d9-YYZ
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AAApNE7InhkAACQ8h6P5FQ
Date
Mon, 01 May 2023 00:48:07 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
PrebidServer
crb.kargo.com/api/v1/dsync/ Frame CF3C 		43 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.233.243 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:08 GMT
X-Accel-Expires
0
Vary
Origin
Content-Type
image/gif
Cache-Control
no-cache, no-store, must-revalidate, private, max-age=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 UTC
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=openx&uid=8814e288-ff96-08f3-00aa-f6f96c019ce5
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=8814e288-ff96-08f3-00aa-f6f96c019ce5
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c040462feac54d9-YYZ
content-length
0
expires
0

Redirect headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:08 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=8814e288-ff96-08f3-00aa-f6f96c019ce5
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
b0pl6f4h85skk0oubbe7fo8fpaaqkh90
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
  • https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=f98c30ae-0a0c-4204-8127-9f540ceab770
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=f98c30ae-0a0c-4204-8127-9f540ceab770
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c040463f81f54d9-YYZ
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=f98c30ae-0a0c-4204-8127-9f540ceab770
access-control-allow-origin
*
date
Mon, 01 May 2023 00:48:08 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58737/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
  • https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-7LyQhARE2uE4fco_K6uVhxhWmKtX2.jUavRS4U8-~A&gdpr=0
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-7LyQhARE2uE4fco_K6uVhxhWmKtX2.jUavRS4U8-~A&gdpr=0
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c040464c94b54d9-YYZ
content-length
0
expires
0

Redirect headers

location
https://elb.the-ozone-project.com/setuid?bidder=yahoossp&uid=y-7LyQhARE2uE4fco_K6uVhxhWmKtX2.jUavRS4U8-~A&gdpr=0
date
Mon, 01 May 2023 00:48:08 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
  • https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c0404655a3954d9-YYZ
content-length
0
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd
Date
Mon, 01 May 2023 00:48:08 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
  • https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%...
  • https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=01aa7687-b051-45ca-aecf-6a62652c6bb9
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=01aa7687-b051-45ca-aecf-6a62652c6bb9
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c040466ac1654d9-YYZ
content-length
0
expires
0

Redirect headers

Location
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=01aa7687-b051-45ca-aecf-6a62652c6bb9
Date
Mon, 01 May 2023 00:48:08 GMT
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
Content-Length
151
Content-Type
text/html; charset=utf-8
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.thetimes.co.uk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/ 		35 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?event=PageVisit&ed=%7B%7D&tid=2614380761124&pd=%7B%22np%22%3A%22tealium%22%2C%22pin_unauth%22%3A%22dWlkPVpUSmlObUptTUdFdFlUazRNQzAwTlROaUxUbGtaamd0WldOaFl6Qm1OVEEwTjJVMg%22%7D&cb=1682902088813&dep=4%2CTAGS_RECEIVED&stc=true
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pin-unauth
dWlkPVlUUTNZVFV6TmpFdFpHUTJNeTAwT0dKaExXSXdZakF0TTJOak0yVXpNR0UyTTJVeQ
pragma
no-cache
date
Mon, 01 May 2023 00:48:08 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
https://www.thetimes.co.uk
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
x-envoy-upstream-service-time
35
x-pinterest-rid
5696414679261486
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
track
pac.thetimes.co.uk/ 		0
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pac.thetimes.co.uk/track?et=1&n=tnl&p=thetimes&pu=https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq&pn=article%3Ahow%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&ai=2dd94710-3fbb-11eb-83a7-25db7141c256&an=how%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F&sn=world&cs_id=0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08&ec=user%20interactions&ea=teaser%20popup%20show%20ra%3Amarketing-loggedout-article&d1=the%20times%20and%20sunday%20times&d2=0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08&d3=1682902079443&d4=etc%2Funknown&d5=landscape&d6=logged%20out&d7=2023%2F05%2F01%2000%3A48%20monday&d8=1600x1200%7C1600x1200%7C1%7C0%25&d28=teaser%20popup%20show%20ra%3Amarketing-loggedout-article&d29=automated&d37=2dd94710-3fbb-11eb-83a7-25db7141c256&d38=article&d40=true&d41=tom%20knowles&pvi=nuk%3A970b507e-02c6-4aca-ac03-4f02980cda84&d46=1682902088803&d47=1&d48=0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08&d56=denied&d58=%5B%5D&d60=united%20states&d65=NONE&d66=2020%2F12%2F17%2000%3A00%20thursday&d67=the%20times&d88=denied&d91=%5B%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Mon, 01 May 2023 00:48:08 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 google
x-permitted-cross-domain-policies
none
x-dns-prefetch-control
off
content-length
0
x-xss-protection
0
referrer-policy
no-referrer
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
vary
Origin
content-type
image/gif
x-download-options
noopen
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
0
/
ct.pinterest.com/v3/ 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?event=PageVisit&ed=%7B%7D&tid=2614380761124&pd=%7B%22np%22%3A%22tealium%22%2C%22pin_unauth%22%3A%22dWlkPVpUSmlObUptTUdFdFlUazRNQzAwTlROaUxUbGtaamd0WldOaFl6Qm1OVEEwTjJVMg%22%7D&cb=1682902088815&dep=4%2CTAGS_RECEIVED&stc=true&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22da2a1c8f%22%2C%22is_eu%22%3Afalse%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.thetimes.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:08 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
6
x-pinterest-rid
2381738513475535
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GkewbPZHHNtzqceZRK-TAu4q
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GkewbPZHHNtzqceZRK-TAu4q
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:08 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c0404676d2354d9-YYZ
content-length
0
expires
0

Redirect headers

Date
Mon, 01 May 2023 00:48:08 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://elb.the-ozone-project.com/setuid?bidder=sovrn&gdpr=0&gdpr_consent=&uid=GkewbPZHHNtzqceZRK-TAu4q
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame ADCF 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&predirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.54.68.197 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-54-68-197.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer
https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=31411
content-encoding
gzip
content-length
5554
content-type
text/html
date
Mon, 01 May 2023 00:48:08 GMT
expires
Mon, 01 May 2023 09:31:39 GMT
last-modified
Fri, 16 Dec 2022 06:36:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
elb.the-ozone-project.com/ Frame CF3C
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
  • https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZE8MQb3mIekCNZr3Q26EZQAA%263872
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZE8MQb3mIekCNZr3Q26EZQAA%263872
Requested by
Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
Protocol
H2
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://elb.the-ozone-project.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 May 2023 00:48:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin, Accept-Encoding
cache-control
no-cache, no-store, must-revalidate
cf-ray
7c0404686e6d54d9-YYZ
content-length
0
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 01 May 2023 00:48:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=ZE8MQb3mIekCNZr3Q26EZQAA%263872
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
events
logx.optimizely.com/v1/ 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: www.thetimes.co.uk
URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.42.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-42-189.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.thetimes.co.uk/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Mon, 01 May 2023 00:48:09 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.thetimes.co.uk
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
6589b56c-33be-47f2-824d-aea34b8ed0e6
rum
elb.the-ozone-project.com/cdn-cgi/ Frame CF3C 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.43.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=1---&publisherId=OZONENUK0001&siteId=4204204203&cb=1682902080511&bidder=ozone
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
content-type
application/json

Response headers

date
Mon, 01 May 2023 00:48:09 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://elb.the-ozone-project.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7c040468df2854d9-YYZ

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tags.knewz.com
URL
https://tags.knewz.com/prod/ncg/cookie.html
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D83E8512D-6FE8-4777-A348-9B964DEB0403%26gdpr%3D0%26gdpr_consent%3D
Domain
dmx.districtm.io
URL
https://dmx.districtm.io/s/v1/img/s/101995

Verdicts & Comments Add Verdict or Comment

225 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 boolean| credentialless object| NREUM object| newrelic function| __nr_require object| nuk function| OptanonWrapper object| __TIMES_ACCESS_AND_IDENTITY__ object| __TIMES_STATE__ function| _typeof function| __tcfapi function| __uspapi object| _sp_queue object| _sp_ boolean| optimizely_feature_flag string| optimizely_cdn object| optimizely object| __TIMES_CONFIG__ function| spotimLogout object| __APOLLO_STATE__ undefined| _ number| startTime number| duration string| nuk_mvt_$ object| _sp_wp_jsonp object| SUBSCRIPTIONS object| SWG object| webpackJsonp function| Zepto function| $ function| init function| listenForChange function| addQuery function| removeQuery function| triggerCallbacks function| addEvent function| getPreviousContext function| getContext function| _inArray function| _indexOf object| MQ object| callbacks string| context string| new_context object| regeneratorRuntime object| scCGSHMRCache function| filterCSS function| filterXSS object| paywallComponent function| setImmediate function| clearImmediate object| __STORYBOOK_ADDONS object| utag_cfg_ovrd object| pbjs object| _pbjsGlobals object| ADAGIO object| newsUkAdLibraryPartners number| nukprt object| newsUkAdLibrary boolean| newsUkAuctionManager boolean| newsUkCMPExecution object| newsUkAdLibraryConfig object| googletag boolean| utag_condload object| wl object| utag object| utag_data object| nukt_cmp object| utag_newsuk function| tealiumTrack object| nukt_data function| tealium_sourcepoint object| newsUkAdLibraryAutoKPI function| n function| pintrk string| MovableInkTrack function| mitr object| psplit object| psplit2 number| year number| month number| day number| hour number| minutes object| publish_date object| brandmetrics function| __assign object| ggeac object| google_tag_data object| google_js_reporting_queue object| dm string| GoogleAnalyticsObject function| ga object| ns_ object| ns_p function| udm_ function| ns_order function| ns_onclick object| e object| ncg_data object| _da_ string| DecibelInsight function| decibelInsight function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq object| uetq function| rdt function| twq object| _linkedin string| _linkedin_data_partner_id function| tealium_liveperson_lib object| lpTag string| gtagRename object| dataLayer function| gtag function| pixie object| PARSELY object| permutive boolean| vpaid string| cmsid boolean| apstagLOADED object| apstag object| _aps object| apscustom object| gaplugins object| gaGlobal object| gaData function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| nb object| GlobalSnowplowNamespace function| _ncg_snowplow undefined| google_measure_js_timing object| Criteo boolean| DotMetricsInitScript object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| UET function| UET_init function| UET_push object| ueto_d92513a671 object| _di_max_id object| _da_crcTable object| twttr function| lintrk boolean| _already_called_lintrk object| google_tag_manager object| DotMetricsSettings object| tagConfig boolean| liveAgentDeployment object| liveagent object| _laq object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| DotmetricsJSON object| DotMetricsObj object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 function| _extends object| lpTaglogListeners object| proxyless object| lpMTagConfig function| createFrameworkGlobals object| liveperson function| SurveyManager function| _stateChanged object| STORAGE object| proto string| QUESTION_ERROR_TYPE object| lpIntlTelInputUtils object| lpIntlTelInputGlobals object| GoogleGcLKhOms object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.90.0 boolean| decibelInsight_initiated object| di_cloneId object| _qsie object| google_image_requests

206 Cookies

Domain/Path Name / Value
.decibelinsight.net/i/13830/ Name: da_lid
Value: -B4E924D19A72EA184875BB99F180F5F66A|0|0|0
.decibelinsight.net/i/13830/ Name: da_sid
Value: 87DA17E28E32AE83DD24AA13B382BFFDD9|3|0|3
www.thetimes.co.uk/article Name: nuk_ni_statuscode
Value: acsaz-307
.3lift.com/sync Name: sync
Value: CgoIoQEQh-efpv0wCgoI4gEQh-efpv0wCgoI5gEQh-efpv0wCgoIhwIQh-efpv0wCgkICRCH55-m_TAKCQg6EIfnn6b9MAoJCAsQh-efpv0wCgoIjAIQh-efpv0wCgkIXxCH55-m_TAKCQgfEIfnn6b9MA==
.www.thetimes.co.uk/ Name: anon_article_international
Value: 2
.thetimes.co.uk/ Name: nuk_customer_location_hint
Value: GLOBAL
www.thetimes.co.uk/ Name: nuk_zephr_decisions
Value: eyJ1bmxvY2stYnktdXJsLS0tZnJlbmNoLWVsZWN0aW9uIjoiTk9fQUNDRVNTIiwidW5sb2NrLWJ5LXVybCI6Ik5PX0FDQ0VTUyIsInRpbWVzLXRyYXZlbC11bmxvY2stYXBpIjoiTk9fQUNDRVNTIiwib3Blbi1wYXl3YWxsLWZvci1zcGFpbiI6Ik5PX0FDQ0VTUyIsIm5ldy1ob3QtY29sZC1wYXl3YWxsIjoiTk9fQUNDRVNTIiwiY29ycG9yYXRlLWlwLWFjY2VzcyI6Ik5PX0FDQ0VTUyJ9
.thetimes.co.uk/ Name: nuk_customer_country_code
Value: CA
.thetimes.co.uk/ Name: nuk_customer_region_code
Value: QC
.thetimes.co.uk/ Name: dnsDisplayed
Value: undefined
.thetimes.co.uk/ Name: ccpaApplies
Value: false
.thetimes.co.uk/ Name: signedLspa
Value: undefined
.thetimes.co.uk/ Name: _sp_su
Value: false
www.thetimes.co.uk/ Name: nukt_sp_consent_global
Value: NONE
.thetimes.co.uk/ Name: nukt_lv
Value: 1682902079443|||2dd94710-3fbb-11eb-83a7-25db7141c256
.thetimes.co.uk/ Name: nukt_mem
Value: s=1682902079443|ppn=article%3Ahow%20did%20the%20us%20cyberattack%20happen%20and%20why%20did%20no%20one%20notice%3F|ppt=article|pps=world
.thetimes.co.uk/ Name: optimizelyEndUserId
Value: oeu1682902079696r0.6433009543613528
.thetimes.co.uk/ Name: nuPixelApp
Value: j%3A%7B%22id%22%3A%22d20a2680-e7b9-11ed-b598-7b25b51636c9%22%7D
pac.thetimes.co.uk/ Name: nuPixelAppSession
Value: j%3A%7B%22id%22%3A%22d20a2681-e7b9-11ed-b598-7b25b51636c9%22%7D
.thetimes.co.uk/ Name: rc_id1
Value: 0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08
.thetimes.co.uk/ Name: rc_id2
Value: 0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08
.thetimes.co.uk/ Name: _ga
Value: GA1.3.959910921.1682902080
.thetimes.co.uk/ Name: _gid
Value: GA1.3.1961967714.1682902080
.thetimes.co.uk/ Name: _gat_tealium_0
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1F2a6ed3abab9269bf70cf31682902079
.thetimes.co.uk/ Name: _ncg_sp_ses.ff8a
Value: *
.thetimes.co.uk/ Name: _ncg_id_
Value: 99422757-6746-467e-a72b-afb118d148f9
.tiktok.com/ Name: _ttp
Value: 2PAZvnZxkiOsD3ecur75PgaUvsz
www.thetimes.co.uk/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.thetimes.co.uk/ Name: _pubcid
Value: 0f4a42dc-4e1d-4b85-b202-b89ea7a2bed3
.newscgp.com/ Name: sp
Value: e9d39eb2-9a31-4a27-8490-2a5d1858679d
.thetimes.co.uk/ Name: _rdt_uuid
Value: 1682902080149.38b05913-71b2-4ca2-8221-ec940b11eef1
.thetimes.co.uk/ Name: _ncg_domain_id_
Value: 99422757-6746-467e-a72b-afb118d148f9.1.1682902079.1745974079
.thetimes.co.uk/ Name: _uetsid
Value: d250eb00e7b911eda58861756934c519
.thetimes.co.uk/ Name: _uetvid
Value: d25136b0e7b911ed8335bd856bfdb935
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=84e63fea-c77c-43fb-a145-509a3eef50f4&Created=05/01/2023 00:48:00&UserMode=0&guid=c18c8d07-7f0e-4706-b4f9-885aaa4d12f6&ver=1
.bing.com/ Name: MUID
Value: 35B5EBF2BFEB63863983F8F6BED06276
.bat.bing.com/ Name: MR
Value: 0
.yahoo.com/ Name: A3
Value: d=AQABBEAMT2QCEJrixUd8kM8-iJaO_kkd-W8FEgEBAQFdUGRYZAAAAAAA_eMAAA&S=AQAAAiiPltOe_RGg2WRGrtNeZYw
.adnxs.com/ Name: icu
Value: ChgIj5gwEAoYASABKAEwwJi8ogY4AUABSAEQwJi8ogYYAA..
.adnxs.com/ Name: uuid2
Value: 1362917374711887341
.t.co/ Name: muc_ads
Value: 616005c9-abc8-4708-87f1-4cf8b260a1ec
.twitter.com/ Name: guest_id_marketing
Value: v1%3A168290208032417638
.twitter.com/ Name: guest_id_ads
Value: v1%3A168290208032417638
.twitter.com/ Name: personalization_id
Value: "v1_I0vUDxxBOsIE1S+nX2GyjQ=="
.twitter.com/ Name: guest_id
Value: v1%3A168290208032417638
.newscgp.com/ Name: _ncg_g_id_
Value: e9d39eb2-9a31-4a27-8490-2a5d1858679d.3.1682902080.1745974079
.thetimes.co.uk/ Name: permutive-id
Value: 9ea65940-8384-4b18-a83e-9982c5aaaa35
.rubiconproject.com/ Name: khaos
Value: LH44G3RR-1N-LL4W
.the-ozone-project.com/ Name: __cf_bm
Value: C47yHX.LhqWN6c07aKoEIAcw6q4EleH.c3dr1GZJs70-1682902080-0-AVoj7/LWbnXcippNdCPe2ei7cJrir+CJ7k9iV3Flyp17IgAU3RLWUpxzi0QE24IK8pn325v20g+b1S3YhusfyYs=
.linkedin.com/ Name: li_sugr
Value: f2c7a0ef-6278-482d-8697-d4f77d1163fb
.linkedin.com/ Name: bcookie
Value: "v=2&b29330ae-021b-41b4-8772-785d3bb8d647"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=3052:u=1:x=1:i=1682902080:t=1682988480:v=2:sig=AQHlXNnZaxzDQoIu5XUBLo_MuO3zuElD"
.thetimes.co.uk/ Name: _gcl_au
Value: 1.1.139512476.1682902080
www.thetimes.co.uk/ Name: ln_or
Value: eyI1OTE5NyI6ImQifQ%3D%3D
.thetimes.co.uk/ Name: _ncg_sp_id.ff8a
Value: 99422757-6746-467e-a72b-afb118d148f9.1682902080.1.1682902081.1682902080.00f2ba6e-6c62-4534-8aa8-c53afae9bb96
.88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co/ Name: pxid
Value: 11b69993-694a-4436-9415-ad2658e174ac
.linkedin.com/ Name: UserMatchHistory
Value: AQLZuDd4TuWkugAAAYfUx9wmItanpdlpp9HU5kZnsLgS7pLoukdzTDfntOBb8b7X8Av_sV9IQYIa2Q
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJFZx0OHuPdewAAAYfUx9wniaqZVfsXYzSXqOGJlxStmmOO3smwCy_FqadQBcoGf_kS6PdpBcebJ7piJjfvAw
.thetimes.co.uk/ Name: _ncg_g_id_
Value: e9d39eb2-9a31-4a27-8490-2a5d1858679d.3.1682902080.1745974079
.thetimes.co.uk/ Name: _tt_enable_cookie
Value: 1
.thetimes.co.uk/ Name: _ttp
Value: L6pVP4tnEBoiSlHKk1IMfnFe2_Q
.thetimes.co.uk/ Name: _fbp
Value: fb.2.1682902080893.1396805622
.thetimes.co.uk/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq%22%2C%22sref%22:%22%22%2C%22sts%22:1682902080922%2C%22slts%22:0}
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230501004800ff4ee415-8a14-4bcf-8759-1f755406a551AQHBXLNNcavFsoYue3tnXX4UP2R-OwpN"
.thetimes.co.uk/ Name: _parsely_visitor
Value: {%22id%22:%22pid=406d7ae099ac52cb2e7a536ffb48b036%22%2C%22session_count%22:1%2C%22last_session_ts%22:1682902080922}
.amazon-adsystem.com/ Name: ad-id
Value: AynVVgUaHUauv5YgDGkgDm0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
www.thetimes.co.uk/ Name: DM_SitId1090
Value: 1
www.thetimes.co.uk/ Name: DM_SitId1090SecId5922
Value: 1
uk-script.dotmetrics.net/ Name: AWSALBCORS
Value: okyvdfAIP7YAeJoXEd6hD78zM8P/vhuqhEaIQ4Pyuz1jsYJI1pfAdVEs4F4AGKDPMBHdlgHSC39r9XpHGEjT+OhKSZhgpo6ACxKbkh6fxEWvyJFgtIZHLIuOCv/K
.openx.net/ Name: i
Value: 6266521e-ef8e-04ed-31f0-fe04897d6d95|1682902081
.zemanta.com/ Name: zuid
Value: Inc5hTaP5JdkCNQ0xS0T
.contextweb.com/ Name: V
Value: bCfmehn9xTax
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 34d351aea82dc4ff
.openx.net/ Name: pd
Value: v2|1682902081|vMgavPkWgy
.gumgum.com/ Name: vst
Value: u_076ac117-35c7-4ee2-96e5-9779afbab6cb
.sharethrough.com/ Name: stx_user_id
Value: 3110eada-18f1-45ae-a51e-18c79f0071b5
.media.net/ Name: visitor-id
Value: 3259036811455479000V10
.analytics.yahoo.com/ Name: IDSYNC
Value: 18y3~2be0
.casalemedia.com/ Name: CMID
Value: ZE8MQb3mIekCNZr3Q26EZQAA
.casalemedia.com/ Name: CMPS
Value: 3872
.casalemedia.com/ Name: CMPRO
Value: 3872
.3lift.com/ Name: tluid
Value: 1038424304261568538276
.yieldmo.com/ Name: yieldmo_id
Value: gd50677cf72f9133062d%7C1682902081296%7C0%7C
.ads.yieldmo.com/ Name: rptr
Value: rc%3D1169522%7Cc%3D1169522%7Ct%3D1169522%7Cpub%3D1169522%7Can%3D1169522
.smartadserver.com/ Name: pid
Value: 8855685741132918785
.thetimes.co.uk/ Name: _pin_unauth
Value: dWlkPVpUSmlObUptTUdFdFlUazRNQzAwTlROaUxUbGtaamd0WldOaFl6Qm1OVEEwTjJVMg
.lijit.com/ Name: ljt_reader
Value: GkewbPZHHNtzqceZRK-TAu4q
.quantserve.com/ Name: mc
Value: 644f0c41-5fcf8-c40c1-74a12
.lijit.com/ Name: ljtrtbexp
Value: eJyrVjJSsjI0szAxNASShjpKFsZofFM0vhkq39IEmV8LAIhJEB0%3D
.doubleclick.net/ Name: IDE
Value: AHWqTUlc286EPvlqkT92ZTEFjMTBnYK25twD_1JUxbDREg5nXw6IflaDPkimo6rkGVI
.bidswitch.net/ Name: tuuid
Value: 85785ab4-abf5-4f1d-a72f-8ab6cf5a47cd
.bidswitch.net/ Name: c
Value: 1682902081
.bidswitch.net/ Name: tuuid_lu
Value: 1682902081
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.outbrain.com/ Name: obuid
Value: 8b409041-0736-4d29-bd5e-a41eb22fd706
.adsrvr.org/ Name: TDID
Value: 650de8e5-9d7a-4ec2-a51e-0cfb255c269b
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZE8MQQAGvuokZQBa
.technoratimedia.com/ Name: tads_uidp_88
Value: 848434730014415633723
.technoratimedia.com/ Name: tads_uidp_44
Value: LH2UNJ0D-11-I4FG
.technoratimedia.com/ Name: tads_uidp_77
Value: UQZ2Q6HZcRk7nq3bTYZk4bEnb0-uAzwa0SlIWJvu8lM
.technoratimedia.com/ Name: tads_uidp_45
Value: EF0F4970-4A41-469D-9D34-BA15B1A53E0E
.technoratimedia.com/ Name: tads_uidp_46
Value: 6812978323417459240
.technoratimedia.com/ Name: tads_uidp_79
Value: 0264bf1d-7b08-4b6f-8a8e-4ae035b57724
.technoratimedia.com/ Name: tads_uidp_37
Value: a1772a10-494b-3d37-a75f-04a78e71d2e7
.technoratimedia.com/ Name: tads_uidp_48
Value: c6e62f36-eaa5-4e58-a311-dbcd5140d564
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAB8cKYUpP8kAMJiTWIAAAAAAA
.technoratimedia.com/ Name: tads_uidp_7
Value: f69af121-9cbb-4bc3-bb1f-97cccb9d1a52
.technoratimedia.com/ Name: tads_uidp_80
Value: y-fbiA6LFE2uEB8Ig1CXUzKPnPzMoWPF6d~A
.technoratimedia.com/ Name: tads_uidp_70
Value: 1673948501052-981480834937-007220-006-006384
.technoratimedia.com/ Name: tads_uidp_82
Value: ZE3fzJzbDxeIlhYvWWXiLwAA&031
.technoratimedia.com/ Name: tads_uidp_50
Value: 3bad6227-9571-02db-0c82-85a07e2d9d51
.technoratimedia.com/ Name: tads_uidp_61
Value: 212153247736372
.technoratimedia.com/ Name: tads_uidp_73
Value: AAFH7E7InhgAACRY4D9tTg
.technoratimedia.com/ Name: tads_uidp_62
Value: 3258267651455343000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: tVykJqdJA7o1UpcW-2rKLwjgdd1y3pew
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-8925c9cf-862d-47c3-9323-2fb8a199c063-005
.technoratimedia.com/ Name: tads_uid
Value: 568200899A48499D9AF846BF5A46F6A4
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230331110957+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.deepintent.com/ Name: CDIUSER
Value: di_592b7421ff124bfba2a27
.mathtag.com/ Name: uuid
Value: b41a644f-0c41-4a00-9039-cb88968c5fc1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-0884f7f2-539a-5735-4477-1e0836abd6c2.5Whc7en4Nv1PFWDzhbu8cQTCBtDzCDFmuWE%2FuohCoGE
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ACIT38lOaVzVEdx4INqvWwpU4mbo.F%2Bqr7F02HYD8CG7k7KbPTXvrXMkQEBLNhUUBWQs%2Fq7I
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ACIT38lOaVzVEdx4INqvWwpU4mbo.F%2Bqr7F02HYD8CG7k7KbPTXvrXMkQEBLNhUUBWQs%2Fq7I
.ipredictive.com/ Name: cu
Value: 884ec308-9649-4cf8-a8d7-f823a6643e1b|1682902081462
.thetimes.co.uk/ Name: __gads
Value: ID=3cadd1861e3f3eb9:T=1682902080:S=ALNI_MYun3zkyePKR8Du6l7b3NM6QqshfA
.dotomi.com/ Name: DotomiTest
Value: 38efbe1fac8d1060
ciqtracking.com/ Name: kwsu
Value: 644f0c41cc00f7422e9f70f4
.thetimes.co.uk/ Name: __gpi
Value: UID=00000be6d5f99a50:T=1682902080:RT=1682902080:S=ALNI_MZO8KJbFo5usti3y0fi9NQ-Yg5jTw
.admanmedia.com/ Name: admtr
Value: 20181fc7-c1df-4022-9903-f88e5060e6a7
.admanmedia.com/ Name: ac_r
Value: CS71
.taboola.com/ Name: t_gid
Value: 88633e23-3e7d-4f5a-bfca-90d4352f6aaa-tuctb4891c1
.sitescout.com/ Name: ssi
Value: e8097614-f558-4079-a3ca-ab01f380737b#1682902081530
.adform.net/ Name: C
Value: 1
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwW7H-D9fQ8DX1WCCnI4nQzPIUMIQTtscAi61YOz45pQmI0sJWr2q-nv7JQC4TM1
.360yield.com/ Name: tuuid
Value: f98c30ae-0a0c-4204-8127-9f540ceab770
.360yield.com/ Name: tuuid_lu
Value: 1682902081
.turn.com/ Name: uid
Value: 8056090845049489858
.bluekai.com/ Name: bku
Value: ikG99WW1EtxHJwX8
.creativecdn.com/ Name: ts
Value: 1682902081
.pubmatic.com/ Name: SyncRTB3
Value: 1684108800%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 83E8512D-6FE8-4777-A348-9B964DEB0403
.openx.net/ Name: univ_id
Value: 537072971|650de8e5-9d7a-4ec2-a51e-0cfb255c269b|1682902081804634
.creativecdn.com/ Name: u
Value: W8L276Qs3zvh5vlJQACe
.adform.net/ Name: uid
Value: 8211384837442828128
.ads.yieldmo.com/ Name: ptran
Value: 1362917374711887341
.ads.yieldmo.com/ Name: ptrc
Value: CAESEMLNEAhKejVwJT6yDejzwok
.sitescout.com/ Name: _ssuma
Value: eyIyNyI6MTY4MjkwMjA4MTgxMSwiMzkiOjE2ODI5MDIwODE4MTEsIjciOjE2ODI5MDIwODE4MTF9
match.sharethrough.com/ Name: AWSALBCORS
Value: 51MrGrmE9eWkUEYn0bDuSDvx4fNaWisOZJUZxwqCkN/kCiGx653omn03aVTLsk2qiBbJRVkh9+RyYLbpfd+Z/MyfCYNnXM9DMv68UKJ+yQYepS+0pPrIfd1w4Cd1
.ads.yieldmo.com/ Name: ptrrc
Value: LH44G3RR-1N-LL4W
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-63b51081-17c7-4b37-8f6d-49aea9a399e7-005%22%7D
.ads.yieldmo.com/ Name: ptrt
Value: 650de8e5-9d7a-4ec2-a51e-0cfb255c269b
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2Hb:sb+7d!@wnf-Te9(>wL5L!!'M9$h:W'
.blismedia.com/ Name: b
Value: 644F0C419C1F1BFBB127AA5DBLIS
.simpli.fi/ Name: suid
Value: 0BD52914AE6745F192BC72D16D28A4C2
.sportradarserving.com/ Name: zuuid
Value: e3b3302b-7317-4890-8425-92ddd551e511
.sportradarserving.com/ Name: c
Value: 1682902082
.sportradarserving.com/ Name: zuuid_lu
Value: 1682902082
.lijit.com/ Name: _ljtrtb_2
Value: 0BD52914AE6745F192BC72D16D28A4C2
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-63b51081-17c7-4b37-8f6d-49aea9a399e7-005%22%7D
.bidr.io/ Name: bito
Value: AAApNE7InhkAACQ8h6P5FQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: pi
Value: 160648:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.lijit.com/ Name: _ljtrtb_86
Value: W8L276Qs3zvh5vlJQACe
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 4b696625a6f8f4959ddd7c4db84b342a
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMEkyszQzMzJNNEuzSDOxNLVMSUkxTzZJSbIwSTI2MUpkAIIUfx4nEA0FAEpzCfg%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI8edxAlJQAAAM8wEC"
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1682902082
.lijit.com/ Name: _ljtrtb_85
Value: AAApNE7InhkAACQ8h6P5FQ
.tapad.com/ Name: TapAd_TS
Value: 1682902082185
.tapad.com/ Name: TapAd_DID
Value: 8bdd6c9a-2322-43e7-8340-9ed94e5e384c
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1kbv|2N.0.AAAL0BhHUtUB_QMuiKL_AAAAAAA|3oy.0.e8097614-f558-4079-a3ca-ab01f380737b-644f0c41-4341|4is.0.CAESEPdw54NJ5sHvmXZYfJTLvfc|7bq.0.1|7TY.0
.socdm.com/ Name: SOC
Value: ZE8MQsCo8XsAAEgPlC8AAAAA
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bGkl1HuGK9R+u1WuCoMxA8a+JUixCbOKdpLfYM1RPAn/EIylJ/eJCAf1459dsd0zyIaaWtAu2UTn65VlyPYUyd7amxbpISyDasI56oX8OfgKg==
.lijit.com/ Name: ljtrtb
Value: eJwVysEKQEAQANB%2FmbODHTuzy23sUiTZky9QWySl9kD%2BHef3bkCoIK89Yam0NGw0tarE2hn0ij1a0Q4hA0vfE5FjbEy3x1XEBRt5ojb8yp%2FOdkDD4SyuFCltfRC3wPMCcIkYwQ%3D%3D
.lijit.com/ Name: _ljtrtb_83
Value: LH44G3RR-1N-LL4W
.thetimes.co.uk/ Name: LPVID
Value: FkMzVjYjJkOGUzZTkwNDg2
.thetimes.co.uk/ Name: LPSID-75931016
Value: fmN-MqUTQ_ScAbCjAzq7lQ
.thetimes.co.uk/ Name: utag_main
Value: v_id:0187d4c7d7d2009ef63e7f5d9f7003074005306c00b08$_sn:1$_ss:0$_st:1682903885419$ses_id:1682902079443%3Bexp-session$_pn:1%3Bexp-session
www.thetimes.co.uk/ Name: liveagent_oref
Value:
.ct.pinterest.com/ Name: _pinterest_ct_ua
Value: "TWc9PSZQT0kwWDd4aHd1ZnMyUlpVMUVSNnFNd25UV2lsN2d1SXVLbXFXUHJQbjZnMFZySnNrelZpbjNUZ3ZoZjg1bTlBTmJ0UThqYVJvMlVGNm1BOHZXWVFKQ2Y1MjArc0JWc1FpenkwSGJnODlFbz0mUTdmRzlWa3dtOEkwa3J2WDZwZy9qMUZnUEFvPQ=="
.nr-data.net/ Name: JSESSIONID
Value: e38d0961e6314a26
.thetimes.co.uk/ Name: da_sid
Value: 87DA17E28E32AE83DD24AA13B382BFFDD9|3|0|3
.thetimes.co.uk/ Name: da_lid
Value: B4E924D19A72EA184875BB99F180F5F66A|0|0|0
.thetimes.co.uk/ Name: da_intState
Value:
.criteo.com/ Name: uid
Value: 9eeb3ff7-d5ea-4acd-ba6a-224da5c3bbf6
www.thetimes.co.uk/ Name: QSI_HistorySession
Value: https%3A%2F%2Fwww.thetimes.co.uk%2Farticle%2Fthe-us-it-hack-your-questions-answered-6rwqkvghq~1682902085998
www.thetimes.co.uk/ Name: liveagent_sid
Value: 6db78976-3db9-46e7-a403-0a18786be2c2
www.thetimes.co.uk/ Name: liveagent_vc
Value: 2
www.thetimes.co.uk/ Name: liveagent_ptid
Value: 6db78976-3db9-46e7-a403-0a18786be2c2
.thetimes.co.uk/ Name: cto_bundle
Value: vAz3wF9lb2pHQjRlTktGSEVnVjc5WVM0QnR6Tzdib2ZWJTJCSEMlMkZsdU9tUHVpVlRIOTlXN1UlMkJEVmlseEF5WCUyQmpOMVJBbThCV0pkcHExaUN4bUlqNzNBamdJWVhjRTFYWXNLaXRFMjFEWVAwcGJGMGFwalRTa0YyOVZhOFhRVDZsazJpemxlRUVSRWlRQTZWaURFaDBIeDNGa0c3QSUzRCUzRA
.google.com/ Name: NID
Value: 511=UAiU-Z-zhSW_tcQTBfedzR6G923qYI07RT5W3LoKkxPQzZ9CLUO0owr-lP3kD9iJ1Z7P2OLRvBTVmvMEkvxlYysZcsh0YI_rF8spl7AZphbWcuIKAkF0dwVZdWPaKCiKkRF8kNW8ZHuzAgHKlRT51tFFpy0R8N4ZIDhDovBV-ZI
.c.bing.com/ Name: MR
Value: 0
.the-ozone-project.com/ Name: ozone_uid
Value: 2PAZwg6ba4zFXi9CJXe66a2T0JI
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsIqvaF-ff55DsQBRIWCgdydWJpY29uEgsI0PqL_vf55DsQBRIWCgdzdng5dDUwEgsIyPbyqfj55DsQBRgBIAEoAjILCO6YmNiO-uQ7EAU4AVoHdTQwY3B1d2AC
.creative-serving.com/ Name: tuuid
Value: c8692fea-9ee3-4154-b2e6-ce8c274bfed4
.creative-serving.com/ Name: c
Value: 1682902086
.creative-serving.com/ Name: tuuid_lu
Value: 1682902086
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiODIxMTM4NDgzNzQ0MjgyODEyOCIsImV4cGlyZXMiOiIyMDIzLTA1LTE1VDAwOjQ4OjA3LjUwOTk4OThaIiwic291cmNlIjoiY29va2llIn0sImFkbnhzIjp7InVpZCI6IjEzNjI5MTczNzQ3MTE4ODczNDEiLCJleHBpcmVzIjoiMjAyMy0wNS0xNVQwMDo0ODowNi44MzM4Nzc2NDFaIiwic291cmNlIjoiY29va2llIn0sInNtYXJ0Ijp7InVpZCI6Ijg4NTU2ODU3NDExMzI5MTg3ODUiLCJleHBpcmVzIjoiMjAyMy0wNS0xNVQwMDo0ODowNy4wOTQzMjQ2M1oiLCJzb3VyY2UiOiJjb29raWUifSwidHRkIjp7InVpZCI6IjY1MGRlOGU1LTlkN2EtNGVjMi1hNTFlLTBjZmIyNTVjMjY5YiIsImV4cGlyZXMiOiIyMDIzLTA1LTE1VDAwOjQ4OjA2Ljc1MTMwODM3OFoiLCJzb3VyY2UiOiJjb29raWUifX0sImJkYXkiOiIyMDIzLTA1LTAxVDAwOjQ4OjA2Ljc1MTMwNjQ4NVoifQ==

16 Console Messages

Source Level URL
Text
rendering error URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq(Line 1258)
Message:
Error: <svg> attribute height: Expected length, "auto".
rendering error URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq(Line 1258)
Message:
Error: <svg> attribute height: Expected length, "auto".
rendering error URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq(Line 1258)
Message:
Error: <svg> attribute height: Expected length, "auto".
rendering error URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq(Line 1258)
Message:
Error: <svg> attribute height: Expected length, "auto".
rendering error URL: https://www.thetimes.co.uk/d/js/common.react.bundle-d0f7611e5e.js(Line 67)
Message:
Error: <svg> attribute height: Expected length, "auto".
rendering error URL: https://www.thetimes.co.uk/d/js/common.react.bundle-d0f7611e5e.js(Line 67)
Message:
Error: <svg> attribute height: Expected length, "auto".
rendering error URL: https://www.thetimes.co.uk/d/js/common.react.bundle-d0f7611e5e.js(Line 67)
Message:
Error: <svg> attribute height: Expected length, "auto".
rendering error URL: https://www.thetimes.co.uk/d/js/common.react.bundle-d0f7611e5e.js(Line 67)
Message:
Error: <svg> attribute height: Expected length, "auto".
security error URL: https://us.tags.newscgp.com/prod/ncg/ncg.js(Line 3)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.ncaudienceexchange.com') does not match the recipient window's origin ('https://www.thetimes.co.uk').
security error URL: https://us.tags.newscgp.com/prod/ncg/ncg.js(Line 3)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://tags.knewz.com') does not match the recipient window's origin ('null').
network error URL: https://sync.adkernel.com/user-sync?zone=181093&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dmdp%26i%3D%5BUID%5D&gdpr=0&gdpr_consent=&ccpa=
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D83E8512D-6FE8-4777-A348-9B964DEB0403%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://www.dianomi.com/js/contextfeed.js
Message:
Failed to load resource: the server responded with a status of 403 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://dmx.districtm.io/s/v1/img/s/101995
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript warning URL: https://www.thetimes.co.uk/article/the-us-it-hack-your-questions-answered-6rwqkvghq
Message:
The resource https://www.thetimes.co.uk/d/img/headlineBackground-cabdc9b89a.webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4e287dc695b12e9d739295a98a20840b.safeframe.googlesyndication.com
88a66e5c-8fe8-48af-9c6c-3ec3f4983aad.prmutv.co
9348536.fls.doubleclick.net
a.sportradarserving.com
a15853140465.cdn-pci.optimizely.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
accdn.lpsnmedia.net
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ad2.360yield.com
ads.avct.cloud
ads.creative-serving.com
ads.pubmatic.com
ads.thetimes.co.uk
ads.yieldmo.com
adservice.google.ca
adservice.google.com
alb.reddit.com
amplify.outbrain.com
analytics.tiktok.com
analytics.twitter.com
ap.lijit.com
api.permutive.com
b1sync.zemanta.com
bam.nr-data.net
bat.bing.com
bh.contextweb.com
bidder.criteo.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c.la1-c1-frf.salesforceliveagent.com
c1.adform.net
c2shb.ssp.yahoo.com
capig.thetimes.co.uk
cdn-pci.optimizely.com
cdn.brandmetrics.com
cdn.decibelinsight.net
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.permutive.com
cdnjs.cloudflare.com
ce.lijit.com
cfactory-img.s3.amazonaws.com
ciqtracking.com
cm.adform.net
cm.g.doubleclick.net
cmp.amp.thetimes.co.uk
collection.decibelinsight.net
connect.facebook.net
crb.kargo.com
creativecdn.com
cs.admanmedia.com
cs.media.net
ct.pinterest.com
d.la1-c1-frf.salesforceliveagent.com
d.la3-c1-fra.salesforceliveagent.com
d1z2jf7jlzjs58.cloudfront.net
dis.criteo.com
dmx.districtm.io
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
elb.the-ozone-project.com
euasync01.admantx.com
eus.rubiconproject.com
fastlane.rubiconproject.com
feeds.thetimes.co.uk
googlesync.permutive.com
gum.criteo.com
ib.adnxs.com
image4.pubmatic.com
js-agent.newrelic.com
lo0.v.liveperson.net
logx.optimizely.com
lpcdn.lpsnmedia.net
lptag.liveperson.net
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
mug.criteo.com
news.google.com
onetag-sys.com
p.skimresources.com
p1.parsely.com
pac.thetimes.co.uk
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
play.google.com
pr-bh.ybp.yahoo.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px4.ads.linkedin.com
qztqzde1.micpn.com
r.skimresources.com
rm-script.dotmetrics.net
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.pinimg.com
s.skimresources.com
s.yimg.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.webcontentassessor.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
siteintercept.qualtrics.com
snap.licdn.com
sp.analytics.yahoo.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.co
t.skimresources.com
tags.barrons.com
tags.decider.com
tags.knewz.com
tags.mansionglobal.com
tags.marketwatch.com
tags.nypost.com
tags.pagesix.com
tags.penews.com
tags.realtor.com
tags.thetimes.co.uk
tags.tiqcdn.com
tags.wsj.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
tr.outbrain.com
u.openx.net
uk-script.dotmetrics.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
us.tags.newscgp.com
usersync.gumgum.com
v2.pixel.newscgp.com
www.dianomi.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.ncaudienceexchange.com
www.redditstatic.com
www.thetimes.co.uk
x.bidswitch.net
zn6y5j1pcz0fpkvop-newsuk.siteintercept.qualtrics.com
dmx.districtm.io
image4.pubmatic.com
tags.knewz.com
104.127.172.242
104.17.209.240
104.18.17.195
104.18.43.178
104.19.149.54
104.244.42.133
104.244.42.67
107.21.92.115
108.138.106.62
108.138.106.90
108.138.128.102
124.146.215.51
13.107.42.14
13.226.16.121
13.226.21.38
13.226.22.102
13.249.141.127
13.249.141.21
13.249.141.41
13.249.141.96
13.33.60.52
132.145.172.253
141.226.224.48
151.101.0.84
151.101.129.140
151.101.130.137
151.101.130.49
151.101.2.217
151.101.65.108
151.139.128.10
160.8.13.0
160.8.249.128
160.8.255.128
162.247.241.14
169.197.150.7
172.217.13.102
172.217.13.162
172.217.13.198
173.223.57.84
174.137.133.32
178.249.96.141
18.164.131.14
185.167.164.49
185.184.8.90
192.132.33.46
192.40.39.223
198.148.27.140
199.127.204.142
199.187.193.179
199.187.193.182
199.232.36.157
2001:4860:4802:32::15
2001:4998:14:800::1000
207.198.113.90
208.89.12.90
208.89.12.91
213.19.162.90
216.200.122.13
23.204.106.151
23.33.40.197
23.52.154.235
23.52.158.180
23.54.68.197
23.54.69.74
23.92.190.69
2600:1400:d:497::1931
2600:141b:13::17d7:82ab
2600:1f13:800:7782:bb3c:d326:4c11:bdb2
2600:1f18:4e9:5a05:ef7f:1193:3012:ed3a
2600:9000:212f:3200:8:48e:53c0:93a1
2600:9000:212f:fa00:7:2bfb:7c00:93a1
2600:9000:21dd:3800:6:44e3:f8c0:93a1
2600:9000:21dd:7600:d:5ce3:a4c0:93a1
2600:9000:21ec:4400:2:53b2:240:93a1
2602:803:c002:200::43
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:20::681a:c12
2606:4700::6810:3965
2606:4700::6811:180e
2606:4700::6812:372
2606:ae80:1451:12::1720
2607:f8b0:4004:c17::9c
2607:f8b0:4006:80d::2006
2607:f8b0:4006:824::2003
2607:f8b0:4020:804::2002
2607:f8b0:4020:805::2002
2607:f8b0:4020:805::200e
2607:f8b0:4020:806::2001
2607:f8b0:4020:806::2008
2607:f8b0:4020:806::200e
2607:f8b0:4020:807::2001
2607:f8b0:4020:807::2002
2607:f8b0:4020:807::2003
2607:f8b0:4020:807::2004
2607:f8b0:4020:807::200e
2620:100:a001::18
2620:100:a001::4
2620:112:f002:bbbb::21
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2620:1ec:c11::200
2a02:2638:d::d
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:200::396
3.230.98.251
3.33.220.150
3.92.156.8
34.102.180.215
34.107.254.252
34.111.113.62
34.194.161.83
34.200.65.202
34.205.122.225
34.242.97.228
34.96.105.8
35.186.253.211
35.190.59.101
35.190.91.160
35.197.204.50
35.201.67.47
35.211.178.172
35.211.233.246
35.236.220.17
35.241.9.51
35.244.159.8
37.157.4.23
43.251.41.15
51.222.239.232
52.2.42.189
52.223.22.214
52.45.221.238
52.46.155.104
52.54.178.10
52.6.78.119
52.85.249.178
52.92.19.113
54.159.252.56
54.160.223.89
54.210.120.215
54.227.251.232
54.230.163.35
54.237.185.13
54.82.3.22
54.84.233.243
54.87.127.173
54.90.76.116
63.251.114.137
64.202.112.159
64.202.112.95
65.8.49.36
65.8.49.95
67.220.224.144
68.67.160.24
68.67.160.76
69.173.151.100
74.119.119.139
74.119.119.150
74.121.140.211
76.13.32.146
8.43.72.98
80.77.87.161
99.84.37.16
00ba142327bbb157b799425614f16e3a0ca21fcf0b2898c6d0d24723597a2396
0114c0b871e1d05b4fc67789205c551f112bd3cb2cafac12d628d671d5722871
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03c5264f1a46b384f457b275949bba131eb1c655112bddf81e1739bbaf0d6cff
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058fd7c43c6a535079341d5ea8596abcfce4673546f741bba27eee806aa8f1c1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b
09b7540b021174384cd2e796468af2ef02baeb862d10bebb9c2a6ad83cbfe200
0a30c5ec830f681475c4c449fcbbba7a8fb41aea89bd974a1f7e45b9eb7981a4
0aa923d774875a360e6cdb1f91c5c77ec6559d2dc27510f94b08962237ab92d9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438
0cc7506db417b02c16e09fa9dfeb6f26e9f97bcc89c3b0431185d128daf13bc6
0d08d495b95311618bcfc2ad52f5fd3b53a1cc89b242c4b38675051899dc238d
0e32ae2b3787eb6c3cb4517d64a747f5bdeeb40c7203ba6de723de30dcfb698f
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e8ea2bfddde458eaeee93d14e81eb8fa9be537c1a2da44c696f23ac2e50ba4f
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0eea10245361e0c7ab42efb5cf846318ac56e97948427633550d1d079c6afdc9
1191e8e01394f6c7d5f13d6058db3995506bff4267e28956f82b3cff8de521ff
1276be501dcb68ebb06f93c555ba511f2cf6cb03f6ed55cca0ba88bebb99376c
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
13ee1534cd1c1ee75c6cc66bf9a090aaea63c0018e66190675071723b7a8b6b7
16c8620bd7b5359dd4d06c73f0ce970c2ece7d85a2645496a375ee106685c565
17814a3dc543fc91e5cc3c915a81413bec2bc926142f928e4fe06d601b1f7de3
1870b70c314831c89911304c9935b618c643df0c3b31eb53e2a75bd52b8cbfa3
1acc8a3a20905bbd624bf295bee03ba88859c02c2e1f89eab27619cf4554060f
1c1a887d75ed4b7f2f822367034a5b8f362741c2da7806940797a4ca4cf4c410
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1efd4c65950a67471e8216845e902f721f67669d769728e025e5ec5251c63561
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
222b2d6c5671c98fa6f4c38cc2958e665e5ea444ccf368f8c8bd86695de8325f
22d102f79d862e53f60ac59bc72587078b96bf6753fda0ac410c94dc4879e9c2
232eb72dd3d447cfa982c9ae5ed84a633f2250dcc9aacfb8041b07c88cb1c97b
2482c5c1e86098f7530aa9e5bba012d30dad7a3bc94c04bb23b4504a08eeeae5
25c2f763af47d314c67d9f24c8a7ca5dc2f7e596fa86ab55288fb18419604673
27448d5255518b4faf9adfe3d54ce2f80c6e10c31b8972130d6bffd84acb6572
27604154a2380ce1be393129d220ee741d29f7a6583c69c39443bdb09a069649
287cdbeac6168db5e2e7a1320b41059ca7969631f4b2d048dc8faa37d5e8fb48
2aecb16609603be8b239c1801a978d51b71af41d30c61bab3365ccf045e2c85a
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2dfa655a4dbae3f8bb3335d14a977a99a2afe4b148bfff2b2be230f9a6db94d6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e1b30d479bed158addbe02be1f056924b0f4b4c6afc73e14a7aa7b8821f884e
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
3478d0c8d359e6143b17946b99136e0216f3d56cbba527eac86c31253de68566
34bac748e56dcc3fe9e14817850e80f4d04852e28ef3e19cc9ce4caecfc1e13b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37e314bfd8e8cb9262b5ea01059377cea510e23b2215fc93de8b34a5726284a8
3a32a06a70e7f527683c242b7fbb08a9394db6e55d2f3e8742b6fa62900f876a
3ad153145535384b64b055ab14a32c0078416de71e27b9097e0bb027a5b823a3
3ccf03ca5b6fdbc712ccbb0278cdbc4d6aba50772229fa54f6be27371d13fa6c
3ce8ff400b575d5bf19b8e71259b27819d42d6aa35dca28c112e9636e4a5bd5d
3cf8e8199a4a55ceba1720d09ca70063550e4907c68f921394cc5534a4721038
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983
3e69f6a55fe9b7116dc923e2171a2d0eb1a830515b5c4854e0bf3cdcb51ce693
3eaca54ea2a5e3554ee0f3710e40ea7730b006ef43c1ed5f386fe10d6087fc56
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400f366af1f561b64371841fff45ee4307446311f587122e9f3bbaa89c3e784d
40efaae8698c1c8d1114bc2d7911a2bf141bb1d7e42aedada78ee80fbc262ce0
415c66367ee2da56fdae392c65cb08f4944d670fc24bfc83c1968b068a7884c6
43e96d451b13a80f769c106908376c94b31beb9aac6566498c5c60f0059ca4f1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
455a15e9b1a732b4f9b954c27b21999593a7d032fd8be920e14aeced645f8138
4567655d98672bdc5d38b85e60235efb66cda81d80cea05e5bde6f061d7114a4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
476d60955514d59fff612bff247149d6c3d8040247ec574886143d08163e1717
479d52748acfee904db3c9d5e03dcb695a9233989f2ecb550acf7998ca0ad845
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a8d9466171e553592dcdff217f0b15573d1c8add9f391a83abec234121b8a44
4b588d00465fecdc16e47380940381171d08b579cacd39958e565a839e751fc7
4bbf46017150cb8927ef74395fc8827aa81e402e867e3f3e9b5c17df5c30c446
4c765c88e6db1f3f2a8654af74c9bb4caaa48a6dbde14464766f47d7ec0a524b
4d5200c20146bdaffa7d06464a9ef334d81107eaa99c222583cd3d583c07cb25
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e377564864adc28310ac97a268533bc6d3ae499977d2ec8f577a404c73256e7
50085b5398bbc05fdca14fe92490081d503ef972b2e76da13de8ffba927e5732
501bf9b276dfb989a7fabdad26cbdf309b6f327ab1e9010cb94579c43cde6dd1
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51009e35df2ccf8eab8b44e10b17869bbb7896c256da2b64a8e3efe91d50d384
517dae4fe0d63e5eb0d1f9690b5d24b66635ddb98f5197087198fdde25f188e0
5336e341bf88d1798de998944eb812582d4f522583b3be6fe4b366f6bb9426a6
545868bdc8cdec05b19474adeebe6a65721ac0cce322454d0521b0ebf7104818
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5624aeb2703037c9b669b4903e1961a38778408edcd3bea47e370e5de9f6c571
56b0e5c081cd9f7c1fedf273e8d5d18850c388b9e93be5c7097c81a57c3ef826
57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8
5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02
59715566fcea47314ddb5750cd7727e829dee939a3f0733f2dbbb40064458171
599e30549f6af6cc8b8c58f0be5c74ec6ea55382c719e84d98111b2fe9266ec2
5a62982f68f482f811e87d3bdeb4785ddf70e787def294f21e0a5748a27179d5
5d8316d3da532dbd804b706b9a29545f21301fe3782f377c3fdb5cc58830538f
5dc1627a009412348a2f4d1203990b22123e7498fbe395f8858a8e784d7512f7
5e2cd3d6c1008a3da053ad13ab5bf8f1baac141127adde661bad2f223054ec5e
5fdd467f8921f87015b4a8b05e1d3c36e0f03ef02c407cd5db5c1c2a561fae05
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60d6bc30ac66bfefa7e84ecda759cb18c1bf8ffc459779e34fe9a1b52e11bce6
61aa815692e9edf603f12550ad0976ccde355df6e118e42f018a691738997d40
61b4aad4066bb60d08b74c0abc0b55038b647ca8a9e342d62e5c96758749c035
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
651954c4c31ae996c304e8142490ae4718e1a3c95092b1b96b841d6e1f4caf95
6571d715da1c9c411441b1e2a90541020a801bca4ee8dd71debb05a6746a33fc
65e46732d0930db4f321ac805a0838672ce0345e7590a32b66c6ef879fd65147
688bfba0a78245a81f8b5647d5ad07888b22817f65bb6aae1b7d93817ce56cbc
69bc6a7d93e0fb524d0872c1be88834c14147d5ae7da3c71fdeb7574359ea9ae
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bafff76e94b85fdca9ac7ea6974039879323a2b7786748591a0aa23ad2fea59
6edbf7efa384a9d4f15b08d8c9bab7b156db2f24a1849f34d6551a53ce1fd5c9
6ff69233ff54c5f63edfdc350de8659b166d1be3addbf05dd2a3134f088eac91
6ffcdfbe05a366a0e710b94d74987902b4844961a080dce80a23ba99b6253424
70a3bfe6e99e8ded842770a711f12769f4930e6923a03efec433e85de0068baf
70e30a44c57d9c879ed12cfbd0bea35ee6dca2520aa21fac264ce6fc8a722a19
720b10529785350c46b8aff6fbfd1a411a7e86319d5d113e29173da8f395d546
72750dc5cdcaa538491728c6a58d6d1d97d28024f227ce7f13e63ddeba908226
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
752b171f1c407ca35ac5d9de540cf22f6304a3a5cb194090197a73e2513e71e2
75cb2c2ea203afe42bfd11176d4823579c5765528d60e606111fff835b4490f8
765a2aad166775dfe2095a6568a4e4b1347039de2c0945f3f8c30ebad19e0fbf
765c9bcbff0fa2eaa559e422b0412f3fabb3e7ef50bd2ac7b0860a1ce44c1f3f
76fd5370d1f98f8db1866374b95a3ba80dab820f7c5de03307dd3ba6ecb06e82
776487a090565a43fdda03feead3e4ef060694783bdee82b428c9ee52f55dd06
7836a53262b277a567c3badc532c58e82835d3831bc822862d5f9b2f8dff4f90
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
79b252a3dd12537e9f2fe4c1b6c6c6ad97addc8bd6cd413b843cc8a7c4605e76
7a7c108921aec53b21ed74d3979f9c1aea55ae72d724ff49d4e66bef21431c1c
7ab306a7d35d22ab67b28412f6b2ec5cfe440416bbc4020b106b3d2f29dda03b
7ad17c28602d20f73e266aaf3b6c0040b819f1a5b6140f67990e1e321e8936ae
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7cee0cc1c4b990aeec754dd6e99753a5492b28981f794c32ab00136a0b7d262f
7d64e879f003deb519e6e584a351cb0eafb88806ac535a22771aec601d58b918
7d82542628d06b83ca8f910c7b2f322ab86a15164f2277f7c223096275750bbb
7dc34bc082196f1951e9f73b3ad1c681cb38ea1d261031b8f65812db383b057a
808515d245d7d80e18a680941807e7e7827d30b947b283cbd85c52f8eec41d04
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8648d65a741f20d606f28ab220a747c151044a23ebe907cb02c3d2015e38070e
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86d258469a0e2be3d8476f668bfb93832939460a79963c9f485b2e06842320e9
8762c80c3a747479407023dcbacd458df1d1b5ce79f7b5102225ca0fac5c126e
8c8024713505b4bd8e568fbd6e24e643f1a42315df1bc8d1a56a90e3f4186c0f
8ec272b76ebdf8756da8e60cbec342b26e1e314d223b828e34b02aedea5d6d5a
8eda5698877243d40aacdbb043256623694fe66ba10c423773d46aecbf299ff1
9245830f6bc8a2df18fe813e10ad49bc38693b592bfb1539f4f7338f79935a6c
9285d05aeb59059b7f589af51800c30a9acf7a917b0dde69ddbf7a442304a152
92a3cfafea87444483464e2dbc6765378e64123c53f2984afee68239bc615b67
93dac5ae7833e553cfa06dff4323b895b7163cd0f5a7bb740d416a603018f36e
9639d71137599432fcbc648f438c73a87b68f02555d9e50cc74b825063e4bbba
97421b0e55d219ad0163eff88ef4c419e0259720362031aecb62dcfa7e249abf
97a3c56a4fd65b065e6ef0e01297038b0a1696a30f18da3efca50ad0226ecb0d
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
9862d720a7bf84f9af0796630be7018e1dc90f9d4177dafe02b42a951d8fc89c
98ea5a636581d2a35deb38ac8c43777c39d523dacb96ff49ef62d2771a48aefd
99821e61fa5a34c0b5b4b5473ef3dd30c7d7aebc28dc12a44d726d710d77a3b7
999d0116ff2bab9503ab0b3fcd98eba289d38ebe667b2d8700f3b42d8ee0699a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d4ac932020c81c7c79779a2e3a7e3ea661212bdd494336d63d49d4bb9849b65
9db2490149e4ff77354a701941812dbf6d9ff57cc8edd7d85708e0f22888de9a
9fb5fd2c824393b2efde594936a07f5b60abe4df5a4daf1da56588a79fab3904
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a24d467fa15a9e8166919e5758e12104d6a17270bd5097b68bd969a581589b12
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a3e2f556415d52b99d166b9847d6c54c1a448c5585032b44ab5e84a1b87f98c9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5129ba2f2576c1ec17e9308daae979cf20b4a252785785d1b16f5629c18060d
a54858968222821106328f92f23568fc539c3d25b35de3e21b1d1fb5385b1a28
a729f36b3c8810b6c5d3de55e61ee4e1737f8e09ccbfc9c6a27a153e8fcf5d48
a9df214223509eec9c5109398437cd9f473b7823574619e76a347aff2ab1bbd5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b0544fc0955efc5604f9ad54a0d86f31246ae65e05276d7121402251e8a05f86
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b376922d6ffe819667325abcef0f36f59560ebe7e43e291c0af97350c3d50e10
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b44d132a3c1d5522fb733ba2e60b9054dca1c615a4b51f266588a0b8f3dc1028
b75818d1aaf0984b6c23d4edde6c7396f36d4b52d2b208463c318851176a9567
b7924cb5be8c9b9c412d1962df6965b6a2033e7540c2a015186394023bb3504a
b9dd3ac5da6732c952d1fcf8130a7e403e4b48c08460e3b2f62f2aed37fe6957
b9e679e0532e6fc834055bebea3f4c7fbbf908b801af9e58919f4e584202c8d6
b9fc76e16f4e119af23f68da79bb63ad22acb518d456a54a967f6095d6298559
b9fe52c28662e0199bb271e05dc396f9ca16d7153148ed8096f7e522b79a77d3
ba89ee5a4362485da5bfa827b1fb1e3a8fd556a47753835beb28afa48179e757
baf101944587ee9aece619ab3b3622f2a5e56d889a8e41db5692de384c8fc02c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9e81999967e8bfe66b3337896a3401cc0ed306c99243b4924207df749a012e
bdb560821dfbdc0d82b2c7ee4248e493a0363ad6fa7af0477ff500c91c0d428a
be28a92f43af3f9c18aa898b3f55d8ccb5c2c7b7394d9a46e29461fc4b885729
be33c364e784f14ebca2c4a7caba16a3b32046c6f0dedc1f1caf0d05d280a9c4
bebd3edb751b25002931216071f43f4f677267e3375f8d76909a9803ba35e69a
c06d9ffa6caae0705a90c8b627994bbe69323a254fd1aadecf685fe008f53c17
c133c00b3c4cea3ca3721cba2e6af26f79fa4667420644227d0fb1ec3ebe4f15
c167d2284be6e66ef59dcbee2a46fbe67d9a4526b8c673d355a5f1dc59774a05
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4db144321efbe62d33923077d356ee2fdc097848ebba3f1e1396027122b2d48
c7ac6efd84cf38c3e50b3a60f8a6de350577b28db096369938a0ecc0caf21279
c7e1ad7a01b4008dc80a4b207929378ab839b4e0fa27d911143b1159a97c1ffa
c911648f52f11400d8910eb3056541904b490b4980d0169b75471940bf350c74
c91740a2db57373f2d1b23b0d718c9b40ae5c45a595b29c2a95fa58a3738f3fd
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cce4ed0f75fe50cb7431c44d94643bdeb12fcf7b8c04af83d76f24fc875a704c
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
ce7421f5862e407365973442ea5e7e98575b6f179ed23ad2c8d6c1ab7c9a8d41
ce91e55368eb860c6b3171ce0a33be74f06ed9f7e792800b685383154bdc9ab3
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d19e5066eb2008630b88908843e539863715f69203e991591ea771d3dd36a6cb
d5dd8cba7734d4f3b1321364ef0684448fb6b7f71fc075ed9655e34a312e7b23
d5ffc8878deb006926ded350caf7cd2f7708650463ef6b6b8bd2a23880101a20
d763b98abd5f30318783630261c960afce132a1c8eec032f7e1832861934e783
d87f839649c513d1bce682ec77a65cb3c9f7e4c216cc2d0356e9feab2e62a72b
d9e1cc6a03d1845c0973e4b7047464d64944066db627ac16a01bb95ef4d16989
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dc1375ce71d88e98933d56ce7aef44840f5f33ca1f3a5386473611080ae61bf6
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de28ac7907308ef497da86c8e54eac75a9fc8342f18493978d1cc17ebe7252ab
e14cada4c57838533ec6e9e9de1f1fee109149f32fb6ccd0863464b9fb26e89b
e1bfc0e57295c07ac22117398f6225af301e86a175a07c90a423bceece058469
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51d7fb409401fc264d0d333269b7501575be43191481a8f3e8d9fc52b595a08
e5e067e2ba717f1b6ee0e7cd3e452d036e77c4527dd5e5dcfc62224841459e03
e7b380576ba7b0cb5ff51a2291f22bd56153822dce9b4ac4f08028393d50e829
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e800fd731999653b385c113850e0934e374bb18ad11a48119b8ce1d57b668cf1
eaa479e54d1162f9d8c844491396f819d7a575398f3ec36e45721f6d9f98af74
ec010adc28229993c7cce19872a1e80189f8d50bd89969b1125c6afcf7242507
ec62f5520bd021131da7214f7fd03c52c0fee0ac746de82e58640aa2f09b3cd7
ed83ec6c16b2a45b71401d5add525dabb437a6eb9e095a65ff46c02e6c3ab389
ee154a894141cd3c4b00a7538eaba115b66356dadc2f72425a72b6b6ba395a7b
eec5c0b7f3736c064a5c93fb61f419fe7d3f7c1815c81004312fd349fd43be2c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcec3b118e883badfdf05a6f3fee6267e3d5b952a61f0ee3db06b0058a55c52
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f1642acc39d330f22bd75826f95af299f5f9974234dc561b422378429464fc09
f2c185399ca48db09ac7fcef63b0307546f68ea8ae693dd5c9c2546d65ea29ec
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f724988664f7ff40306c2ae90a9e2b74521fbf937dce65fbc4ad9964008cb083
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f850464cd762b53b54904f344a91c4da07de9064f9ef44cf608aa3dc33589137
f97a39d86834a134b359233cc1b720a106b910d8eab5a5c28aea34400c6d7ff0
fa42b353a1443b510839625deac9428844a80039d8bd6f1ad45b9caea9f64d35
facc5b7ef9d9913f2383932f693d09924f0d5fa362951377667db68d73c247e8
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf