buzzstormer.com Open in urlscan Pro
141.193.213.11 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Submission: On January 23 via manual (January 23rd 2024, 9:13:06 pm UTC) from US — Scanned from US

Summary HTTP 126 Redirects Behaviour Indicators

Summary

This website contacted 32 IPs in 1 countries across 18 domains to perform 126 HTTP transactions. The main IP is 141.193.213.11, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is buzzstormer.com. The Cisco Umbrella rank of the primary domain is 192468.

This is the only time buzzstormer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	141.193.213.11 141.193.213.11	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 ^_^) (CDN77 ^_^)
5	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:5870	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
8	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
26	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
3	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
4	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
1 2	142.251.41.6 142.251.41.6	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.163.100.58 54.163.100.58	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
7	2620:100:a001::9 2620:100:a001::9	19750 (AS-CRITEO) (AS-CRITEO)
3	74.119.118.147 74.119.118.147	19750 (AS-CRITEO) (AS-CRITEO)
4	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:806::2002	15169 (GOOGLE) (GOOGLE)
2	72.21.81.64 72.21.81.64	15133 (EDGECAST) (EDGECAST)
2	23.192.41.210 23.192.41.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.34.100 13.226.34.100	16509 (AMAZON-02) (AMAZON-02)
1	18.154.227.73 18.154.227.73	16509 (AMAZON-02) (AMAZON-02)
2	3.211.194.210 3.211.194.210	() ()
8	23.56.162.52 23.56.162.52	() ()
1	2600:9000:261... 2600:9000:261f:a600:a:deb0:3380:93a1	() ()
1	2600:141b:e80... 2600:141b:e800:2a::1721:2c86	() ()
1	2607:f8b0:400... 2607:f8b0:4006:822::2006	() ()
1	44.215.176.30 44.215.176.30	() ()
4	130.211.115.4 130.211.115.4	() ()
126	32

13 141.193.213.11 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

buzzstormer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:809::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:809::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:5870 (United States)

ASN13335 (CLOUDFLARENET, US)

trkrcom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81c::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80e::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.6 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.163.100.58 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-100-58.compute-1.amazonaws.com

rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States)

ASN54113 (FASTLY, US)

displayf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:100:a001::9 (United States)

ASN19750 (AS-CRITEO, US)

imageproxy.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.118.147 (United States)

ASN19750 (AS-CRITEO, US)

rtb.da.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.2.49 (United States)

ASN54113 (FASTLY, US)

statsf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:806::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.81.64 (United States)

ASN15133 (EDGECAST, US)

playtime.tubemogul.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.192.41.210 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-192-41-210.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.34.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-100.ewr53.r.cloudfront.net

ajs-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.154.227.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-227-73.iad55.r.cloudfront.net

agen-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.211.194.210 (None, )

ASN- ()

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.56.162.52 (None, )

ASN- ()

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:261f:a600:a:deb0:3380:93a1 (None, )

ASN- ()

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:e800:2a::1721:2c86 (None, )

ASN- ()

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.215.176.30 (None, )

ASN- ()

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 130.211.115.4 (None, )

ASN- ()

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 csm.us.criteo.net — Cisco Umbrella Rank: 3277 imageproxy.us.criteo.net — Cisco Umbrella Rank: 3202	318 KB
13	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 954 d9.flashtalking.com cdn.flashtalking.com ad-events.flashtalking.com stat.flashtalking.com secure.flashtalking.com Failed	212 KB
13	buzzstormer.com buzzstormer.com — Cisco Umbrella Rank: 192468	171 KB
10	googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	39 KB
10	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 163	63 KB
9	criteo.com ads.us.criteo.com — Cisco Umbrella Rank: 3179 cat.va.us.criteo.com — Cisco Umbrella Rank: 3347 rtb.da.us.criteo.com — Cisco Umbrella Rank: 9644	99 KB
6	everesttech.net rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net — Cisco Umbrella Rank: 8706 displayf-tm.everesttech.net — Cisco Umbrella Rank: 7079 statsf-tm.everesttech.net — Cisco Umbrella Rank: 5475	7 KB
5	ad-score.com js.ad-score.com data.ad-score.com	161 KB
5	gstatic.com fonts.gstatic.com	135 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	259 KB
2	ftstatic.com ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1744 agen-assets.ftstatic.com — Cisco Umbrella Rank: 1473	29 KB
2	tubemogul.com playtime.tubemogul.com — Cisco Umbrella Rank: 7280	31 KB
2	plausible.io plausible.io — Cisco Umbrella Rank: 9632	2 KB
1	2mdn.net s0.2mdn.net	27 KB
1	createjs.com code.createjs.com	63 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	5 KB
1	trkrcom.com trkrcom.com — Cisco Umbrella Rank: 184255	699 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	3 KB
126	18

	Domain	Requested by
26	static.criteo.net	ads.us.criteo.com cdnjs.cloudflare.com static.criteo.net
13	buzzstormer.com	buzzstormer.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	buzzstormer.com googleads.g.doubleclick.net
7	imageproxy.us.criteo.net	ads.us.criteo.com
6	cdn.flashtalking.com	ajs-assets.ftstatic.com cdn.flashtalking.com
5	fonts.gstatic.com	fonts.googleapis.com
4	data.ad-score.com	js.ad-score.com
4	statsf-tm.everesttech.net	googleads.g.doubleclick.net
4	csm.us.criteo.net	ads.us.criteo.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	rtb.da.us.criteo.com	buzzstormer.com googleads.g.doubleclick.net
3	cat.va.us.criteo.com	ads.us.criteo.com
3	ads.us.criteo.com	googleads.g.doubleclick.net
2	stat.flashtalking.com
2	d9.flashtalking.com	ajs-assets.ftstatic.com d9.flashtalking.com
2	servedby.flashtalking.com	blank
2	playtime.tubemogul.com	displayf-tm.everesttech.net playtime.tubemogul.com
2	pagead2.googlesyndication.com	www.googletagservices.com
2	ad.doubleclick.net	1 redirects ads.us.criteo.com
2	plausible.io	buzzstormer.com plausible.io
1	ad-events.flashtalking.com
1	s0.2mdn.net	cdn.flashtalking.com
1	code.createjs.com	cdn.flashtalking.com
1	js.ad-score.com	ajs-assets.ftstatic.com
1	agen-assets.ftstatic.com	ajs-assets.ftstatic.com
1	ajs-assets.ftstatic.com	servedby.flashtalking.com
1	displayf-tm.everesttech.net	googleads.g.doubleclick.net
1	rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.us.criteo.com
1	trkrcom.com	buzzstormer.com
1	fonts.googleapis.com	buzzstormer.com
0	secure.flashtalking.com Failed
126	33

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
plausible.io R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
buzzstormer.com E1	`2024-01-23` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-12` - `2024-04-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.va.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-25` - `2024-02-22`	3 months	crt.sh
*.us.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.tmogul.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2024-06-11`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-11` - `2024-09-11`	a year	crt.sh
*.da.us.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-14` - `2024-04-11`	3 months	crt.sh
*.tubemogul.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-14` - `2024-06-13`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.ftstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-03-08`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2023-07-19` - `2024-08-19`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh

This page contains 12 frames:

Primary Page: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Frame ID: F7540DF60AA848C382AD5CBF02CAFF4E
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Frame ID: 67D3CB1B3F20565247277F03834ADB76
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Frame ID: 15C83F0BBDD8F42DE221C23708C53EFD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Frame ID: FDFF9503CB6E9951A1435C7AF36E9097
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Frame ID: 9B849F01DD73B2E269F2D635A051B43E
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbAr3AAI2dwD5_x0AAEaToIc8yHKiXZx3lKDBA&u=%7CSdnFM9rFZ0oUdlrda6FhlpbuOi%2F30MgNNnQpqJDsv08%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-pdBd4Yn-iAyg0RfPc5NXLXF37ShTWqW3hSdb39GT3zCuL_e9vqUNcAiAMpzF1TyESJT_G6BQExVXLtOwjUnlCh6hch66WNtYRoH5NVgg0z_f8SuBtA6THrSCphb340DAoYhws7cY6HWjHF7NP5PMVC0AmbXkN9f2sxDmpobH3Za3ciDk-CM9MbhEwcQ2j4pOGPUxVbKZWePSz71s4HTZVjRFgcchk0IDiAWbpImU8Vwh8JCejay4QF13Opl-RO3FSCw0j1eQR2NZq7JKTZpz13BeCgUs_OLgFobVRlvcVsH2qB5fqArro9xRNB3lA41LzenS0RkU3xgOnT5YZoYxjNPxI6rz-GERiW-BDdj3T6fYU-5_nyw1PhhDktWhleBAGt-bq_ShdVUpuZctI6bift33lBtVfd5ABy8LGd8hvJRfTPN6Ced2MBzntVExDAlywXFA43G-dUz-4KDBI71jPFCuN8cPi3L5cVxzcwLy-IvmBSY9caj0eBT9ElPH5hQ1q3iFcqR1AZiiHHNU_k4e94T1yCzR_ZPoq4LwqcbpRpnJ7Qtc3giOx5jIQyk6HjEh-IFePhw0-c7BWolUg0GLwUbwpz4EQP97QKbJUkOANGzRJx74ORFSTtp2rD_MGW9r1UXfD4HeA4E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpekN3CuwZdyzI_T4n88PzrSEyAScge-wXKLKp6p0wI23ARABIABg5QKCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0L69gpsZOGaDIBtyNJLCRLIVkdZhDcSskIrLLq-ibY1YAQsF6rPieyZB3MOu0X08mI6PuAMagFdhp2_-9trFriYT9svcfPKzKzLZlG_D4RJaPlkLoHKAf-NFzqGtjYpnbWf9QzwPt5CCtS2_rEOUf9yN2j3ekj-3x8d6qGeG1KbSV2yp0DZPttX_fcanxhhq1Wn-o_5y080brBnGCqc0v94D9OoCp61JrjRGpH6NhFJ8vip0z_TS7KB_iDEVMzszSwoU-MoEK7sRqf2W9iNxmEhWg8mOpRwWA0yuN54TstotjYAGiKHur8vVqKuEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljb7ZfKtvSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0U5MKz1tfN55C1zcXntyMcrFqynQ%26client%3Dca-pub-7820916800218761%26adurl%3D
Frame ID: F5DD7A9389034DD832019AB22C26658C
Requests: 25 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbAr3AAIxbgD5-HMAAJVeRU4m9rEYUHYOqZHWw&u=%7CSdnFM9rFZ0pnpgqaZBBVRiBC2%2Fr82pAybeDF89M7kiA%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlWc3MYdrkve1GbtzIi6xyQbfx-1qVFCuWEFRz6TLq9zujYV4SEbEmLPsgi83i_bQDxQiXuWpKVS01VeVX9gyFibTkFBxDiv3nM15JfVMlCJ3SZgkrUw_1yTDRqTQdZoXT4hCH8IvvdFlHGKIFX8jsR-snmWdWxicMI3DPxMOJH8NVMT55Q5itcK651C2Qbl2esUkC9yLp7LZSDNY8m1iamuBSDwbLP28P8WXl1-Qaj6qAEQLbGlkYRIU9_4FuhXKU00SfpsvdC2x6Ba8IOHuAoik2nV4BAagupGi9ntcm0u_TnfzKdlrwNImHi8ibWjWz1jjbbNfWb2P8crxMNH8YrZOiijw2UgNe_29yE_Ei2INbcUEo33Ew2eKCvcw0CLOLBIYrjzZE4XPgS0vzxOYlxweia1zkriMiDH20fBjVdcfhhyvyxOf3ZBm9Gpf5s4F53dpIAviYD-nmSmOgSfdzsz3tkwJ1OsTvk14HhI50llkhPocNyYdnsf7MrHCBIDVHReyednmH5t9uq7F4497ItOtYn-1Ne3uRS_MUKihT76s-fPz5yim9noEV-0iCnsvqvJx_sDkv0F1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF5wj3CuwZbiLI8zDn88P-aqJgA6cge-wXKLKp6p0wI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0MoPGTkV5-1jkPw29UiKUDdEGLpc90T8atROv9thdHjeXVlRezJsC5KNaHqKODfK8Lzht68DjcFYjZc9YHHacBYviI2NpXVQtpSHQ9vPORrIyCY-qPSB2aliyg_Tx2jySjQWFfAzlh3cZ3L3zo9Tj6IuwisiE9BmpAO-_7rFRDE0XRh_zyxWjnyW2ephJ7N7ydtEPPHbUg58FG2wyYL5tDxViuuE7TfK05CfutMkKlZNZHSivce3GXYyboIaqL_YLLoi_7jb7GeVSf2LPun04O95D6T8HfK7DZbv-2a0js7y5oAGwJuJmZCLporaAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljPzZfKtvSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11V_qeu5jE4dPIUVKRZUL_FX3gYw%26client%3Dca-pub-7820916800218761%26adurl%3D
Frame ID: 485ACE6BE1B161B25F958B95B3FA68BB
Requests: 10 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbAr3AAIv5UD5-J-AAPAzJBJbIImoNfnMHXXtQ&u=%7CSdnFM9rFZ0odLPq8LVFP0UWbFPoNjDTmAtIFf672x1I%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaKkqjJg35npvJEksAgg3fKVJnQb7YAztWXNjTHBlL3i4sevADxmhzLXJifhAOH3pZp1geiSI8o1fZm74hKjUzwkCMwBO-ua1XeAGVp5Zf3Kb8EulLhMhJC-Pa53Y2jrAsgtdOPhMByr7AY2xhVd_FVAHsqTuWQrvwCHi2ImLzbp7ysne6v7QTbslmZ6uHo3dNN35nIb4kpUgU22NCzgMh43R6JfLqpqSqar7DFcahRYkBt4ZKynhbihVw2YDSzu6PFkURGav7ExDlSGHHRNHXQnCSLsRgPs4u4P2Ingt0f73qRYjFYuEGqfwQqOYKzOWYRgRpK_q5JDX52InsXw1s0Rr1uSKf9fPgfl1XLP0So8iD2ffmrwiBdqzDCn6sporrik5_IGuMaBmVYtdGLrqWpNigB8Jt3vmbv1mISu3Fmfp10YpE-gm9IV1cC5YRSIGbrF0CIT2gSPL-w7Hl78PoUv5NDxV0kB51Qanvgip2_1GeeammfciPraiXOnb3RMmNkkPJxjByXXd2RkwTSeJFe_UFaIeXtedFHaXimMy3f8gvNpOY9WJIpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_FZW3CuwZZX_Iv7En88PzIGPwAKcge-wXKLKp6p0wI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0MVt6gS2SvDZ72a2Kn2scbP6NYK_-eUOgcaaeSQsWGVm51cSqx7VMiGZwfPUi_zULPAflfPFmVkGtbHRrwD9LRReVoIknx0cjt-xiq6_wFZHQQ2MjME0Olvz2r0VuJ2HjLbRe5jxzCXize9s8lTOOO7YaI1ajnl9rZ2-WKHvmy8xpU9QgxfdFwX0WD51Xylz_mIqvEaj87-5oAAtxs77EJ9j6bVbTlLFaS12JSoBRN8sVt6PABwXahEK_wuQxtMjSdcVEg9M0Re6N-ul58XFOnhbGSeLTYVfS39wHm0uy8nSJYAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNa-l8q29IMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2oyIDX6L9PJwV2JE52-V4PdMaDgA%26client%3Dca-pub-7820916800218761%26adurl%3D
Frame ID: 0D696E43C5430E0FD8EBF58C29EAAA5A
Requests: 10 HTTP requests in this frame

Frame: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB
Frame ID: CCA5C4C8E1635962C641F86E3E769BEB
Requests: 5 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/imp/8/225407;8026171;201;jsappend;AdobeAdCloud;AdCloudFY24AcrobatDemandGenPSPAudExDGVersatileUSDSKBAN300x600/?ft_custom=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&us_privacy=${US_PRIVACY}&ftClick=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=GuelttCccMtMpf5SyWco&mpKey=Xf6e2yqPYRavegdigOp6&adKey=SXHyvlAetOIRGjUJB7xy&sessId=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&seller_id=pub-7820916800218761&psId=HM0m9MWSkXJ9ZTd6IN2t&sId=0&dur=15&date=&auth=&did=&didtype=UNK&stch_id=&conn=ethernet&env=site&bi=B09DMYkfW2HK2phsQkm4im18C5HG5ItpEMYiuamLttcpJtsuyiJ4qTTXsvo9kTRKrFKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uSJXvDFjagJXdmU0KWl411cW3w0Re9OaybUTHmqGN2t9w&PG=F&s=H4sIAAAAAAAAAAEAAf_-8vbwgQtBf5xEaTLeRzHzO09KC_bnQNewSLbL3zC5iMeTUqYB9ASH_4xr3CcqxVx7QPRNlStngDYhKzhAyRiVk5Df8o5JX0vo6ixrJbWp40Ce_U-376lq794NO9iC7u_n1zOsJahi_Hy3FjNgrsRVZpl_PJGCp41epbIseesh-tgAXAXp22PCIJQCVDWfzbC6JU5-pa6VPWTdf4R6GrfR52mt8kuSDHIMNt_E-vEr70HNSY8TmB0TCdjjUjJwWsnG7A9NN2b0qG44ybn_bOp76pRKt5oyGPPWUJIoPlKZ-192PITxyuI4X8TuauNDylnkKHf5DbkSlv5kaM63E7LnlEIbfUQAAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCUgb93CuwZff6I82Ln88Phbeb4Aa835z0XK6C25dSwI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0BJckP2cWeslNqJYbzKe4h2xlNAoPSkWg9K6E-DLMtsrb4lmhwzkZtarDBQLJHHTno6Husiul21jv-_mYhfEhd8PZrO8l7yyA-jaS8seCauff8xSlgM1vtFJjeWLwsC3ZCQQqbneNB1LKagsgXHM_eeru6X7wUQoWbhG1oRHoNMOgkcMhz7jmNKM0-v8TIHmuYA920_Jwbz6n-nbY8TZOgdRwGgbFh4pOMcMDL1bQ1TliiX5mpsfNaHGCJVGS11jbrhmaZJS1N9LGlXzb6hd6jLj28QJ-xfjrkRBxb607r-wrIAG1u7ksr2Xqtv9AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljns5jKtvSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0LWsYtntm-W6h-hIhlv62HytWx0w%26client%3Dca-pub-7820916800218761%26adurl%3D&ft_partnerimpid=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&site_url=lolwot.com&cachebuster=680866.0127483674
Frame ID: 9BD15A85E57FEAA1CCABD4F4B67EEF84
Requests: 23 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/172799/4251820/adobe_contractor_300x600.html
Frame ID: 58FE15A4617A06471140C063FADAABEE
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: FCAEA5EF41CBA354BAFD826FA3008DCB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rummage Through Your Basement – You May Be Sitting On A Baseball Card Treasure Chest! – BuzzStormer

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

126
Requests

87 %
HTTPS

52 %
IPv6

18
Domains

33
Subdomains

32
IPs

1
Countries

1623 kB
Transfer

3980 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b02bdc95fdd61939299c1b9f07ca5a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CKvhwcq29IMDFZsKaAgdMX4N-Q;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b02bdc95fdd61939299c1b9f07ca5a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

126 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/ 66 KB
14 KB 697ms
634ms Document
text/html 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / WP Engine
Resource Hash: a8a24d49b555dc6f18bcdb6c270e3c575611bc45a2c35952cd5e20ef89075e50

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 84a309b77a426aed-BUF
Cache-Control: max-age=600, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 23 Jan 2024 21:12:59 GMT
Link: <https://buzzstormer.com/wp-json/>; rel="https://api.w.org/" <https://buzzstormer.com/wp-json/wp/v2/posts/16796>; rel="alternate"; type="application/json" <https://buzzstormer.com/?p=16796>; rel=shortlink
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
X-Cache: HIT: 1
X-Cache-Group: normal
X-Cacheable: SHORT
X-Pingback: http://buzzstormer.com/xmlrpc.php
alt-svc: h3=":443"; ma=86400
cf-edge-cache: cache,platform=wordpress
x-powered-by: WP Engine

GET
H2 200 css
fonts.googleapis.com/ 54 KB
3 KB 103ms
44ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CMerriweather%3A300%2C400%2C700%2C900%7CQuicksand%3A400%7CLato%3A300%2C400%2C700%7CPassion%20One%3A400%2C700%7CWork%20Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A400%2C700%7COpen%20Sans%20Condensed%3A300%2C700%7COpen%20Sans%3A400%2C700%2C800%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMerriweather%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese&display=swap

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2187439774ebd6e0d1f4c1b6a100a34f6bd6f28a90bd48d50b894b9b92651e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 23 Jan 2024 21:12:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 23 Jan 2024 21:12:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 23 Jan 2024 21:12:59 GMT

GET
H/1.1 200
OK style.min.css
buzzstormer.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 678ms
675ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:13:00 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sun, 05 Nov 2023 19:40:32 GMT
Server: cloudflare
ETag: W/"6547efb0-1add3"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a309bb7fd16aed-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK styles.css
buzzstormer.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
2 KB 488ms
473ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:12:59 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 25 Nov 2023 14:23:29 GMT
Server: cloudflare
ETag: W/"65620361-b4e"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a309bb995b4bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK style.css
buzzstormer.com/wp-content/themes/click-mag/ 82 KB
14 KB 699ms
685ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/themes/click-mag/style.css?ver=6.4.2
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7d8ba3f70422ccb7ae935a2eec8300a0d50eae89c28d6f8f8b607947e592725

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:13:00 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 25 Nov 2023 14:05:39 GMT
Server: cloudflare
ETag: W/"6561ff33-14931"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a309bb99f84bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK reset.css
buzzstormer.com/wp-content/themes/click-mag/css/ 1 KB
1 KB 486ms
471ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/themes/click-mag/css/reset.css?ver=6.4.2
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:12:59 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 27 Sep 2023 13:03:36 GMT
Server: cloudflare
ETag: W/"65142828-434"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a309bb99f94bc3-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK all.css
buzzstormer.com/wp-content/themes/click-mag/font-awesome/css/ 72 KB
14 KB 485ms
470ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/themes/click-mag/font-awesome/css/all.css?ver=6.4.2
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:12:59 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 27 Sep 2023 13:03:36 GMT
Server: cloudflare
ETag: W/"65142828-11f69"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a309bb9b7a4bcc-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK media-queries.css
buzzstormer.com/wp-content/themes/click-mag/css/ 48 KB
5 KB 481ms
467ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/themes/click-mag/css/media-queries.css?ver=6.4.2
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4acc7ff03019c152c16ddbbe3e5fc6e351fbbebbdc5824d7f898f33846caf066

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:12:59 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Wed, 27 Sep 2023 13:03:36 GMT
Server: cloudflare
ETag: W/"65142828-c164"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a309bb995c4bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK style.css
buzzstormer.com/wp-content/themes/click-mag-child/ 15 KB
4 KB 948ms
466ms Stylesheet
text/css 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/themes/click-mag-child/style.css?ver=2
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01a6d44f7420fa491c7af252f08b57de4ac1c9cdae68032fcec67c304719e604

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:13:00 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 11 Dec 2023 12:50:08 GMT
Server: cloudflare
ETag: W/"65770580-3beb"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a309be7cad4bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK jquery.min.js Show response
buzzstormer.com/wp-includes/js/jquery/ 86 KB
31 KB 683ms
682ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:13:00 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Mon, 28 Aug 2023 17:14:23 GMT
Server: cloudflare
ETag: W/"64ecd5ef-15601"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a309be880d4bcc-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 script.js Show response
plausible.io/js/ 1 KB
1 KB 133ms
28ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/script.js

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:12:59 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 885
cdn-cachedat: 01/23/2024 18:03:43
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.1.2
alt-svc: h3=":443"; ma=2592000
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, must-revalidate, max-age=86400
permissions-policy: interest-cohort=()
cdn-requestid: f440bc5f05706c2959342a7eaf49e9e5
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK lazyload.min.js Show response
buzzstormer.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
4 KB 462ms
461ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: http://buzzstormer.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: HTTP/1.1
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:13:00 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
Last-Modified: Sat, 25 Nov 2023 14:24:07 GMT
Server: cloudflare
ETag: W/"65620387-22bc"
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
CF-RAY: 84a309be8cb44bbd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 6b9438e029a212f3d01de48e6a0ddcce.js Show response
buzzstormer.com/wp-content/cache/min/1/ 159 KB
51 KB 1162ms
1124ms Script
application/javascript 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://buzzstormer.com/wp-content/cache/min/1/6b9438e029a212f3d01de48e6a0ddcce.js
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee0919ad2985025ead5321f5f125c138ec80dbf6037c35402e2b37ff4eb37c31

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 Jan 2024 02:00:20 GMT
server: cloudflare
etag: W/"659ca8b4-27a0d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84a309bbd8eb4bc6-BUF
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efa7044b61673336fe621b90c74f48402854cde97bac5256680d8fadb8359510

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v19/ 49 KB
50 KB 91ms
33ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CMerriweather%3A300%2C400%2C700%2C900%7CQuicksand%3A400%7CLato%3A300%2C400%2C700%7CPassion%20One%3A400%2C700%7CWork%20Sans%3A200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMontserrat%3A400%2C700%7COpen%20Sans%20Condensed%3A300%2C700%7COpen%20Sans%3A400%2C700%2C800%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CMerriweather%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CWork%20Sans%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://buzzstormer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:25:06 GMT
x-content-type-options: nosniff
age: 373674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50668
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:13:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:25:06 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 137ms
79ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://buzzstormer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 01:10:29 GMT
x-content-type-options: nosniff
age: 590551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 01:10:29 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 84ms
26ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://buzzstormer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 06:44:05 GMT
x-content-type-options: nosniff
age: 570535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19752
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:46:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 06:44:05 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
19 KB 131ms
73ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://buzzstormer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:13:11 GMT
x-content-type-options: nosniff
age: 374389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:13:11 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 121ms
64ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://buzzstormer.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:15:15 GMT
x-content-type-options: nosniff
age: 374265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 18 Jan 2025 13:15:15 GMT

GET
H2 200 logo-nav.png
buzzstormer.com/wp-content/uploads/2023/09/ 808 B
1 KB 25ms
24ms Image
image/webp 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buzzstormer.com/wp-content/uploads/2023/09/logo-nav.png
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14376c90b1f807adf65110e16fccb21e57f814a8ba20ef658841aade579a3c45

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:00 GMT
cf-cache-status: HIT
age: 111961
cf-polished: origFmt=png, origSize=1863
content-disposition: inline; filename="logo-nav.webp"
alt-svc: h3=":443"; ma=86400
content-length: 808
cf-bgj: imgq:100,h2pri
last-modified: Thu, 28 Sep 2023 04:50:13 GMT
server: cloudflare
etag: "65150605-747"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84a309c1d85f4bc6-BUF

GET
H2 200 Rummage-Through-Your-Basement-You-May-Be-Sitting-On-a-Baseball-Card-Treasure-Chest.jpg.webp
buzzstormer.com/wp-content/uploads/2023/11/ 15 KB
15 KB 31ms
31ms Image
image/webp 141.193.213.11
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buzzstormer.com/wp-content/uploads/2023/11/Rummage-Through-Your-Basement-You-May-Be-Sitting-On-a-Baseball-Card-Treasure-Chest.jpg.webp
Requested by: Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.193.213.11 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c66974170914676bcda77d5f5087dba48899a24cc38d3fe3be1c6b6da33d2cbe

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:00 GMT
cf-cache-status: HIT
last-modified: Sat, 25 Nov 2023 04:01:27 GMT
server: cloudflare
age: 17733
etag: "65617197-3b9e"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84a309c1d85d4bc6-BUF
alt-svc: h3=":443"; ma=86400
content-length: 15262

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 67D3 36 KB
15 KB 651ms
591ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

228d6f118f951f8685da56ca4b71cb1a0438a529ae37a8b86e5358e2f3beb79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://buzzstormer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14834
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 21:13:01 GMT
expires: Tue, 23 Jan 2024 21:13:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 15C8 43 KB
17 KB 706ms
646ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec9052d8748086849ee85660f196dfc094a1a2e688b6f37ede36fb75e2b8d331

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://buzzstormer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16752
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 21:13:01 GMT
expires: Tue, 23 Jan 2024 21:13:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FDFF 36 KB
15 KB 401ms
341ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

909a75e03f7fab31955917653fd5f39871e10b0da781ac8c1808e10ae5a37440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://buzzstormer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14851
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 21:13:00 GMT
expires: Tue, 23 Jan 2024 21:13:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B84 36 KB
15 KB 388ms
329ms Document
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a95f465dfc8a6c6476a2b5c1259b8af885039129d80c71cbb6fd5181b97b13a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://buzzstormer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14806
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 21:13:00 GMT
expires: Tue, 23 Jan 2024 21:13:00 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 202 event Show response
plausible.io/api/ 2 B
500 B 174ms
117ms XHR
text/plain 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: http://buzzstormer.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 23 Jan 2024 21:13:00 GMT
cdn-edgestorageid: 885
cdn-cachedat: 01/23/2024 21:13:00
cdn-pullzone: 682664
application: 10.0.1.5
alt-svc: h3=":443"; ma=2592000
content-length: 2
x-request-id: F60WU0U3_LMz_tsXH1yD
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: 9057964c140787e3a5f74bf384ff700a
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H/1.1 200
OK d6048fc680606999ea95addd858beb72ebe52982_pv Show response
trkrcom.com/api/ 21 B
699 B 483ms
428ms Fetch
application/json 2606:4700:3037::6815:5870
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://trkrcom.com/api/d6048fc680606999ea95addd858beb72ebe52982_pv
Requested by: Host: buzzstormer.com
URL: https://buzzstormer.com/wp-content/cache/min/1/6b9438e029a212f3d01de48e6a0ddcce.js
Protocol: HTTP/1.1
Server: 2606:4700:3037::6815:5870 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03faea081300341c1ec3959c72d2b53b75562ee9870a3020829e2b1f14683c5d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:13:01 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSoNlGcbLQkpZBUoiJJ0h1yK%2FoceOcfagwIe9OdaAx9o9oEQ1xnpEUk3KMLCZnyU5YkbdRn86pGd2IFZMt5SmUdjw8okLBCGO%2BlC3%2FSKDFRNL8zDSBELiDhsaVL4%2BR%2BdUX4B7cGgpDqK%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
CF-RAY: 84a309c3788a4bcd-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame F5DD 209 KB
59 KB 159ms
96ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZbAr3AAI2dwD5_x0AAEaToIc8yHKiXZx3lKDBA&u=%7CSdnFM9rFZ0oUdlrda6FhlpbuOi%2F30MgNNnQpqJDsv08%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-pdBd4Yn-iAyg0RfPc5NXLXF37ShTWqW3hSdb39GT3zCuL_e9vqUNcAiAMpzF1TyESJT_G6BQExVXLtOwjUnlCh6hch66WNtYRoH5NVgg0z_f8SuBtA6THrSCphb340DAoYhws7cY6HWjHF7NP5PMVC0AmbXkN9f2sxDmpobH3Za3ciDk-CM9MbhEwcQ2j4pOGPUxVbKZWePSz71s4HTZVjRFgcchk0IDiAWbpImU8Vwh8JCejay4QF13Opl-RO3FSCw0j1eQR2NZq7JKTZpz13BeCgUs_OLgFobVRlvcVsH2qB5fqArro9xRNB3lA41LzenS0RkU3xgOnT5YZoYxjNPxI6rz-GERiW-BDdj3T6fYU-5_nyw1PhhDktWhleBAGt-bq_ShdVUpuZctI6bift33lBtVfd5ABy8LGd8hvJRfTPN6Ced2MBzntVExDAlywXFA43G-dUz-4KDBI71jPFCuN8cPi3L5cVxzcwLy-IvmBSY9caj0eBT9ElPH5hQ1q3iFcqR1AZiiHHNU_k4e94T1yCzR_ZPoq4LwqcbpRpnJ7Qtc3giOx5jIQyk6HjEh-IFePhw0-c7BWolUg0GLwUbwpz4EQP97QKbJUkOANGzRJx74ORFSTtp2rD_MGW9r1UXfD4HeA4E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpekN3CuwZdyzI_T4n88PzrSEyAScge-wXKLKp6p0wI23ARABIABg5QKCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0L69gpsZOGaDIBtyNJLCRLIVkdZhDcSskIrLLq-ibY1YAQsF6rPieyZB3MOu0X08mI6PuAMagFdhp2_-9trFriYT9svcfPKzKzLZlG_D4RJaPlkLoHKAf-NFzqGtjYpnbWf9QzwPt5CCtS2_rEOUf9yN2j3ekj-3x8d6qGeG1KbSV2yp0DZPttX_fcanxhhq1Wn-o_5y080brBnGCqc0v94D9OoCp61JrjRGpH6NhFJ8vip0z_TS7KB_iDEVMzszSwoU-MoEK7sRqf2W9iNxmEhWg8mOpRwWA0yuN54TstotjYAGiKHur8vVqKuEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljb7ZfKtvSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0U5MKz1tfN55C1zcXntyMcrFqynQ%26client%3Dca-pub-7820916800218761%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

625152d270ca31a0c26f7f1215d453c1590d752be20f254aaf26a3abf4f5b64d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 21:13:00 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=4g3y8nNOTIMBreBXfSrR0usks_HG_B7VjD3i4Deb4s_XD_R8cJiU0h0bxXg3ioL2mUMPNR5mKIUmqBVjYo0ytGjooekoX5WoPKGJNs3xH05W-FNGtbunZcsYJLmVVTtWkZn5HUStdb0rHcERZfu4m5SrxewTBWL5n0fisem1tGRUHzNrnbzpbAK8zQVzpaXA4nYJvNWJ-_6dSyGNjo4rT74gsI7sZNsXQrl_VG8bNgSgnI5JffhOLURjh_PsNKQvf0DurA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 56389595
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9B84 3 KB
1 KB 96ms
32ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 9B84 20 KB
9 KB 88ms
24ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B84 205 KB
65 KB 106ms
42ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 21:13:00 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 485A 51 KB
19 KB 100ms
53ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZbAr3AAIxbgD5-HMAAJVeRU4m9rEYUHYOqZHWw&u=%7CSdnFM9rFZ0pnpgqaZBBVRiBC2%2Fr82pAybeDF89M7kiA%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlWc3MYdrkve1GbtzIi6xyQbfx-1qVFCuWEFRz6TLq9zujYV4SEbEmLPsgi83i_bQDxQiXuWpKVS01VeVX9gyFibTkFBxDiv3nM15JfVMlCJ3SZgkrUw_1yTDRqTQdZoXT4hCH8IvvdFlHGKIFX8jsR-snmWdWxicMI3DPxMOJH8NVMT55Q5itcK651C2Qbl2esUkC9yLp7LZSDNY8m1iamuBSDwbLP28P8WXl1-Qaj6qAEQLbGlkYRIU9_4FuhXKU00SfpsvdC2x6Ba8IOHuAoik2nV4BAagupGi9ntcm0u_TnfzKdlrwNImHi8ibWjWz1jjbbNfWb2P8crxMNH8YrZOiijw2UgNe_29yE_Ei2INbcUEo33Ew2eKCvcw0CLOLBIYrjzZE4XPgS0vzxOYlxweia1zkriMiDH20fBjVdcfhhyvyxOf3ZBm9Gpf5s4F53dpIAviYD-nmSmOgSfdzsz3tkwJ1OsTvk14HhI50llkhPocNyYdnsf7MrHCBIDVHReyednmH5t9uq7F4497ItOtYn-1Ne3uRS_MUKihT76s-fPz5yim9noEV-0iCnsvqvJx_sDkv0F1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF5wj3CuwZbiLI8zDn88P-aqJgA6cge-wXKLKp6p0wI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0MoPGTkV5-1jkPw29UiKUDdEGLpc90T8atROv9thdHjeXVlRezJsC5KNaHqKODfK8Lzht68DjcFYjZc9YHHacBYviI2NpXVQtpSHQ9vPORrIyCY-qPSB2aliyg_Tx2jySjQWFfAzlh3cZ3L3zo9Tj6IuwisiE9BmpAO-_7rFRDE0XRh_zyxWjnyW2ephJ7N7ydtEPPHbUg58FG2wyYL5tDxViuuE7TfK05CfutMkKlZNZHSivce3GXYyboIaqL_YLLoi_7jb7GeVSf2LPun04O95D6T8HfK7DZbv-2a0js7y5oAGwJuJmZCLporaAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljPzZfKtvSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11V_qeu5jE4dPIUVKRZUL_FX3gYw%26client%3Dca-pub-7820916800218761%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

1aa2bff23635960c962d55382102b8ede80d3d231c7c7ed2602627445fa12c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 21:13:00 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=VtnNv3NOTIMBreBXg7R8YqJ5S6YHA2PxCDw-Hs0Wxsebs2R1oCnDagKK8bCQ-gVUEhdgcbcrRB69fHzl8WbPZaEbhxbqmtuLAqxdLypEdN1xsWJL1gOoXiRG4R0bqVygVOl5NDgoHTgKw0pjcVDWaZ_K2HhnuNZ73ZKGmHSTcJTmiCO1SnkYvXoNXU3dfjPs6rfNy8_7wxn3ulXrvIRkPiUovCNZFpNYlCi2uE8v0_1mPZpHnkWgUAu25l9b_4xxT5UKzISVXSpbFHG1"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 6005623
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame FDFF 3 KB
1 KB 82ms
33ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame FDFF 20 KB
8 KB 76ms
27ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35498
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDFF 205 KB
65 KB 133ms
86ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 21:13:00 GMT

GET
DATA 200
OK truncated
/ Frame 9B84 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a814a3ed70bdbaad9012f811b5a4e764fddcfd2e5655479690f0f24d91966e4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FDFF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 035c8608c67dff282950cdfeb41ad77bdfefd86b6405b7a98876401082a774ca

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 485A 2 KB
1 KB 89ms
28ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbAr3AAIxbgD5-HMAAJVeRU4m9rEYUHYOqZHWw&u=%7CSdnFM9rFZ0pnpgqaZBBVRiBC2%2Fr82pAybeDF89M7kiA%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlWc3MYdrkve1GbtzIi6xyQbfx-1qVFCuWEFRz6TLq9zujYV4SEbEmLPsgi83i_bQDxQiXuWpKVS01VeVX9gyFibTkFBxDiv3nM15JfVMlCJ3SZgkrUw_1yTDRqTQdZoXT4hCH8IvvdFlHGKIFX8jsR-snmWdWxicMI3DPxMOJH8NVMT55Q5itcK651C2Qbl2esUkC9yLp7LZSDNY8m1iamuBSDwbLP28P8WXl1-Qaj6qAEQLbGlkYRIU9_4FuhXKU00SfpsvdC2x6Ba8IOHuAoik2nV4BAagupGi9ntcm0u_TnfzKdlrwNImHi8ibWjWz1jjbbNfWb2P8crxMNH8YrZOiijw2UgNe_29yE_Ei2INbcUEo33Ew2eKCvcw0CLOLBIYrjzZE4XPgS0vzxOYlxweia1zkriMiDH20fBjVdcfhhyvyxOf3ZBm9Gpf5s4F53dpIAviYD-nmSmOgSfdzsz3tkwJ1OsTvk14HhI50llkhPocNyYdnsf7MrHCBIDVHReyednmH5t9uq7F4497ItOtYn-1Ne3uRS_MUKihT76s-fPz5yim9noEV-0iCnsvqvJx_sDkv0F1w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCF5wj3CuwZbiLI8zDn88P-aqJgA6cge-wXKLKp6p0wI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0MoPGTkV5-1jkPw29UiKUDdEGLpc90T8atROv9thdHjeXVlRezJsC5KNaHqKODfK8Lzht68DjcFYjZc9YHHacBYviI2NpXVQtpSHQ9vPORrIyCY-qPSB2aliyg_Tx2jySjQWFfAzlh3cZ3L3zo9Tj6IuwisiE9BmpAO-_7rFRDE0XRh_zyxWjnyW2ephJ7N7ydtEPPHbUg58FG2wyYL5tDxViuuE7TfK05CfutMkKlZNZHSivce3GXYyboIaqL_YLLoi_7jb7GeVSf2LPun04O95D6T8HfK7DZbv-2a0js7y5oAGwJuJmZCLporaAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljPzZfKtvSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_11V_qeu5jE4dPIUVKRZUL_FX3gYw%26client%3Dca-pub-7820916800218761%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:01 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 485A 2 KB
1 KB 120ms
60ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:01 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 485A 308 B
636 B 119ms
60ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 17 Jan 2025 21:13:01 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 485A 293 B
621 B 88ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 17 Jan 2025 21:13:01 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 485A 43 B
348 B 101ms
33ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=lRUNsw8aWYOeEkLqOlf00RiT_9aifkGF8M7SP2kXIqokYtC2OtIHUp1v9I3Olql81zykqqi9ScnLEIZhCSNljZ3bMchj55PSiH0gfq56FO0M5l8nUgrEj5dhaagv_l7Ut1G_eFA4Ky5FtxFSKtniZrcE1bXIMjcWKAh6uNQSRmoe-n937r0rP7flpEtzrWiUe-PWXzd7DemmHWo7uL-W76_NUIz6yuMelbhxAZcKqy6E6klZtJv7HHO3Udqp1BpSOY8oZENENmxSfc9ntGZMPhW_S43LEY_Ffpi6k4JCPZqOPG4LT2nhrg3qRdurJUevWNABQ0zQRaaESxYH2Af0p48aE_7gsk2I-otfUias5t9YZYUZ21RliNVBpyOxIv8hRptz3WWd4vVPLLgxR2nffIMASTDjeQXJutpJ7594Q5DYjR278EnwpAKbX_SVXOKoenkblw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 21:13:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3801487
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 5788f1c96b2541b49fbb0346a38a4dbb_image_ad_300x250.jpeg
static.criteo.net/design/dt/108887/5134360/ Frame 485A 17 KB
17 KB 114ms
55ms Image
image/jpeg 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/108887/5134360/5788f1c96b2541b49fbb0346a38a4dbb_image_ad_300x250.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

c6d8d5a3b5915c145fca94fd00a881bbe941d591525725af8583b111a7006a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 23 Nov 2023 10:42:35 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "655f2c9b-42e9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 17129
expires: Fri, 17 Jan 2025 21:13:01 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 485A 0
128 B 89ms
29ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=VtnNv3NOTIMBreBXg7R8YqJ5S6YHA2PxCDw-Hs0Wxsebs2R1oCnDagKK8bCQ-gVUEhdgcbcrRB69fHzl8WbPZaEbhxbqmtuLAqxdLypEdN1xsWJL1gOoXiRG4R0bqVygVOl5NDgoHTgKw0pjcVDWaZ_K2HhnuNZ73ZKGmHSTcJTmiCO1SnkYvXoNXU3dfjPs6rfNy8_7wxn3ulXrvIRkPiUovCNZFpNYlCi2uE8v0_1mPZpHnkWgUAu25l9b_4xxT5UKzISVXSpbFHG1&sds=2&rev=90272.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 23 Jan 2024 21:13:00 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 485A 2 KB
1 KB 97ms
59ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:01 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 485A 2 KB
1 KB 31ms
31ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:01 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame F5DD 2 KB
1 KB 36ms
34ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbAr3AAI2dwD5_x0AAEaToIc8yHKiXZx3lKDBA&u=%7CSdnFM9rFZ0oUdlrda6FhlpbuOi%2F30MgNNnQpqJDsv08%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-pdBd4Yn-iAyg0RfPc5NXLXF37ShTWqW3hSdb39GT3zCuL_e9vqUNcAiAMpzF1TyESJT_G6BQExVXLtOwjUnlCh6hch66WNtYRoH5NVgg0z_f8SuBtA6THrSCphb340DAoYhws7cY6HWjHF7NP5PMVC0AmbXkN9f2sxDmpobH3Za3ciDk-CM9MbhEwcQ2j4pOGPUxVbKZWePSz71s4HTZVjRFgcchk0IDiAWbpImU8Vwh8JCejay4QF13Opl-RO3FSCw0j1eQR2NZq7JKTZpz13BeCgUs_OLgFobVRlvcVsH2qB5fqArro9xRNB3lA41LzenS0RkU3xgOnT5YZoYxjNPxI6rz-GERiW-BDdj3T6fYU-5_nyw1PhhDktWhleBAGt-bq_ShdVUpuZctI6bift33lBtVfd5ABy8LGd8hvJRfTPN6Ced2MBzntVExDAlywXFA43G-dUz-4KDBI71jPFCuN8cPi3L5cVxzcwLy-IvmBSY9caj0eBT9ElPH5hQ1q3iFcqR1AZiiHHNU_k4e94T1yCzR_ZPoq4LwqcbpRpnJ7Qtc3giOx5jIQyk6HjEh-IFePhw0-c7BWolUg0GLwUbwpz4EQP97QKbJUkOANGzRJx74ORFSTtp2rD_MGW9r1UXfD4HeA4E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCpekN3CuwZdyzI_T4n88PzrSEyAScge-wXKLKp6p0wI23ARABIABg5QKCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0L69gpsZOGaDIBtyNJLCRLIVkdZhDcSskIrLLq-ibY1YAQsF6rPieyZB3MOu0X08mI6PuAMagFdhp2_-9trFriYT9svcfPKzKzLZlG_D4RJaPlkLoHKAf-NFzqGtjYpnbWf9QzwPt5CCtS2_rEOUf9yN2j3ekj-3x8d6qGeG1KbSV2yp0DZPttX_fcanxhhq1Wn-o_5y080brBnGCqc0v94D9OoCp61JrjRGpH6NhFJ8vip0z_TS7KB_iDEVMzszSwoU-MoEK7sRqf2W9iNxmEhWg8mOpRwWA0yuN54TstotjYAGiKHur8vVqKuEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljb7ZfKtvSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0U5MKz1tfN55C1zcXntyMcrFqynQ%26client%3Dca-pub-7820916800218761%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:01 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame F5DD 2 KB
1 KB 30ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:01 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame F5DD 308 B
636 B 29ms
29ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 17 Jan 2025 21:13:01 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame F5DD 293 B
621 B 28ms
28ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 17 Jan 2025 21:13:01 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame F5DD 43 B
347 B 33ms
32ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=DBCT73vqoctmlVFUqHcOjhNRgtn1ZwgS6bn7DPm31d9npm7L7OGp3w1Uk5nnCRlpL7kxC01VAGlR5LPJCv6H3tKEw4oEmBSlCAfZgLXnyxpeT04McrmKse7KbxiNZcEOlidMj37WyWL5wIXnuJEYRTjnVTlhQmzGYmrhMfw5MM93J1xmKUhsQYIIyL6r-NaYUYU5iWiq3XfdXFDPFghdCThlAvy0IyArY0Ui4OrXAB91-u1JfeWrVYzOAhYwTyRBdv0vbZTxR7h1JAIfytYuX-DodNPEHdj65Y5Y87rYOgDPiKg-34qJZ9lWr7EGSSC0WQ9dVetNAfM9tIk_0q4bZ9oNpJ5l6su1n6YAmO59CRNM8ichr6c5PcVcnU1ncqv3-KOpKn5ngA4lEAVWzuCRIOcxUfFfmpUW-PqyfmNr16meAPwY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 21:13:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3025672
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

B24217808.274313803;dc_pre=CKvhwcq29IMDFZsKaAgdMX4N-Q;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b02bdc95fdd61939299c1b9f07ca5a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/ Frame F5DD
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b02bdc95fdd61939299c1b9f07ca5a;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CKvhwcq29IMDFZsKaAgdMX4N-Q;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b02bdc95fdd61939299c1b9f07ca5a;dc_la...

42 B
475 B

65ms
62ms

Image
image/gif

142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CKvhwcq29IMDFZsKaAgdMX4N-Q;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b02bdc95fdd61939299c1b9f07ca5a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Protocol

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 21:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 23 Jan 2024 21:13:01 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N5192.154378CRITEO/B24217808.274313803;dc_pre=CKvhwcq29IMDFZsKaAgdMX4N-Q;dc_trk_aid=468619750;dc_trk_cid=132945847;ord=65b02bdc95fdd61939299c1b9f07ca5a;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame F5DD 12 KB
5 KB 2953ms
2893ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5407296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88PuUU0J421nVUzMt%2Bbf2mOxdwqk5B6tNTalkowrkxfrt2G5yMQvurnkcMezZ6naNQiOtfIEhmmxhKxtwnMsKIERYbAxmtqj0OdTBIHre8Gwhpthj69KHZJuCuG6h0UkswJNKSJxUSTCzl%2FwNzkkBRwR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84a309c6ac244bc0-BUF
expires: Sun, 12 Jan 2025 21:13:01 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame F5DD 12 KB
6 KB 35ms
34ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 67D3 3 KB
1 KB 29ms
27ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 67D3 20 KB
8 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67D3 205 KB
65 KB 54ms
53ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 21:13:01 GMT

GET
H2 200 58387fca10ec4862886cccc4d3d4e79e_mark+simonson+-+proxima+nova+alt+regular-webfont.woff
static.criteo.net/design/dt/ Frame F5DD 24 KB
24 KB 2958ms
2889ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/58387fca10ec4862886cccc4d3d4e79e_mark+simonson+-+proxima+nova+alt+regular-webfont.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

e9fdc188060ed6e1f88c478d14ec18de88aa08f8a04920a03c707b158b91bb41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Dec 2018 15:42:02 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c09434a-5e6c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:04 GMT

GET
H2 200 e.png
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/ Frame 15C8 85 B
236 B 3014ms
43ms Image
image/png 54.163.100.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net/rtb/e.png?e=win&aid=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&cp=2651803&slot=1&x_price=ZbAr3AAI_XcD58XNAAbbhYepyUC1LN7OTs_0ZQ&ets=1706044380763&tz=America%2FNew_York&source=google&country=US&region=NY&mc=48&ap=0&ut=0&vis=UNKNOWN&site=HM0m9MWSkXJ9ZTd6IN2t&bp=24063&curr=USD&exr=1.0&fid=Xf6e2yqPYRavegdigOp6&c=4118352456&ccurr=USD&cuxr=1.0&a=456868&ca=724434&st=DISPLAY&sh=600&sw=300&rid=4212&mp=9&psk=HM0m9MWSkXJ9ZTd6IN2t&cfc=0&cfci=0&dur=-1&cityid=-1&metroid=26&countryid=232&postalid=5349&didtype=UNK&duration=180&v=1&auth=ADzJIULMCWkWl4KRm_J-2HWpPy4&x_r=lNYwjw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.163.100.58 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-163-100-58.compute-1.amazonaws.com
Software: adobe /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 21:13:04 GMT
x-pt: P=175 0=0
server: adobe
content-type: image/png
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 placement.js Show response
displayf-tm.everesttech.net/feed/ Frame 15C8 26 KB
6 KB 2981ms
47ms Script
text/plain 151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://displayf-tm.everesttech.net/feed/placement.js?id=Xf6e2yqPYRavegdigOp6&site_id=HM0m9MWSkXJ9ZTd6IN2t&rand=-4092841857359766116&tm_auction_id=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&didtype=UNK&bi=B09DMYkfW2HK2phsQkm4im18C5HG5ItpEMYiuamLttcpJtsuyiJ4qTTXsvo9kTRKrFKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uSJXvDFjagJXdmU0KWl411cW3w0Re9OaybUTHmqGN2t9w&page_url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&seller_id=pub-7820916800218761&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.224+Safari%2F537.36&q=H4sIAAAAAAAAAGWST2jTcBTHl2RrtyK4lYpSEOIQXMeS5u-vzXaYbde1-5OmLqndvEia_NplTfvL0l_bVW876m14kO0keFJB8DgPXsXjvIgnEQ8iiGPHXbRbJwi-wzs83ue9L9_3xiZmnhx8mZ71rqDX9tPo4UhoGvc8yNYQqrnQ9JwWa6FGvOLYNvTZlK1DvwP9Nbjdhi0cfjxy7ePwZGS9CqDQ2y5urJkdWLOdmuaBqYOfzwghkmtDF-OMZalY9aqy3itbKPn--beXl9MRfT3f67gpiLWltdxWaTmd2OntEVhFDxzXNeMyy9FTZadpo26LLhg0z7HcHN0vAGmO3gFSjE55ngvLsLLi4LgsJlgR0FMreUNdnaFdpw7pHLTqKEZnNn3UgHFe6A9gAacorCBItG5WTd-54PYJWgGcqcgJMyHZMMnJfMIEFpSgKSoWJ8m2cEhcVxeF-6CCuCwEC65SUep39eZil-UZnlXTHwiqVFg5IoLtZr2Jus3PRLA7EP-D4Eff7d8MR_Iq11DUsl5fX1buGTZYKgg4GnKR20X4zGaaVIbO43j-hIh47QqTSAqcwoMkxwl8MgH4UyJyRsoZqWw0aw2jZxg9Xd3YJScg3kStpCgyno9spmOCPXLcxxVmcDmm6vgt_IIcbjkYviFH-93Qb0J8QsZC_6PhwICavCSyHKMXUkU9rxm71HwoMPiL8d9viShV0hcmz1Lsr-hZyml46auLfbuzO7i_wHSLvmPB3DlUHHtEDe1TFyMOqVshsqSHycJGlJJ5aXqElwROEIK5rJbRFrKzgZym5Vazt4kjKiCKIAnkr9Q_Xn2nXpHH1KfhUypow1YdI--Gv3yn8_BXaOsP95g6DdQCAAA*&click_url=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUgb93CuwZff6I82Ln88Phbeb4Aa835z0XK6C25dSwI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0BJckP2cWeslNqJYbzKe4h2xlNAoPSkWg9K6E-DLMtsrb4lmhwzkZtarDBQLJHHTno6Husiul21jv-_mYhfEhd8PZrO8l7yyA-jaS8seCauff8xSlgM1vtFJjeWLwsC3ZCQQqbneNB1LKagsgXHM_eeru6X7wUQoWbhG1oRHoNMOgkcMhz7jmNKM0-v8TIHmuYA920_Jwbz6n-nbY8TZOgdRwGgbFh4pOMcMDL1bQ1TliiX5mpsfNaHGCJVGS11jbrhmaZJS1N9LGlXzb6hd6jLj28QJ-xfjrkRBxb607r-wrIAG1u7ksr2Xqtv9AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljns5jKtvSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0LWsYtntm-W6h-hIhlv62HytWx0w%26client%3Dca-pub-7820916800218761%26adurl%3D&tm_os_group=windows&tm_device_group=unknown
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: adobe /
Resource Hash: 555016c115381b38b129ad36159faa3a8873021eb768403c828321122e61dbf7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 23 Jan 2024 21:13:04 GMT
content-encoding: gzip
via: 1.1 varnish
x-pt: P=2378 0=0
x-cache: MISS
x-region: North-America
x-served-by: cache-yyz4562-YYZ
server: adobe
x-timer: S1706044384.146522,VS0,VE25
x-failover: none
vary: Accept-Encoding, User-Agent
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 15C8 3 KB
1 KB 2825ms
2825ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/ Frame 15C8 20 KB
8 KB 2819ms
2818ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240118/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 11:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Feb 2024 11:21:22 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 15C8 205 KB
65 KB 2831ms
2830ms Script
text/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66080
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1705966741457425"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 21:13:04 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame F5DD 5 KB
6 KB 2938ms
35ms Image
image/png 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?h=108&m=0&partner=25144&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F25144%2F200701%2F49c7fdefdb4a4feebd2bf14922e3bf51_relaterentals_core_logowht.png&v=3&w=316&rid=4&s=IaPovPkwLv4IEyWeCQRrWd4q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3669542290f85c170b0d00b97e6bfbe89d45da68d507da531cea040dcef44c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5584
expires: Fri, 03 Jan 2025 02:19:21 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame F5DD 33 KB
33 KB 2967ms
65ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Fimage_gallery_large_2x%2Fpublic%2F2019-01%2F1-LIVING-ARGYLE-HOUSE-LA_8.jpg%3Fitok%3DWGbImvcM&v=3&w=800&rid=4&s=Bz-BXWmVUanJbaqjgE2IRLnH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

657f82dba7d6431f1601c073a565332d97b9429d1c5093131f1a500637607a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 33552
expires: Wed, 31 Jan 2024 21:53:35 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame F5DD 17 KB
18 KB 3031ms
129ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Funit_hero_large_2x%2Fpublic%2F2019-01%2Fliving3-one-back-bay-boston_7.jpg%3Fh%3Db394498a%26itok%3DwlOc1pAM&v=3&w=800&rid=4&s=HPTyv2eWvotqv3Coh4bUfTgH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4fbbee18d3f1f9a098c4504eb826dffb62f7e2536d7ac81420900d6d6cca846b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 17864
expires: Thu, 25 Jan 2024 20:40:30 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame F5DD 35 KB
35 KB 2938ms
36ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Fimage_gallery_large_2x%2Fpublic%2F2020-04%2F500LakeShoreDrive_1_4.jpg%3Fitok%3DNMKrjyUd&v=3&w=800&rid=4&s=IG8K6EzF933Mgi6QNuPCgNYp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

51986bfbad1a0c3bf7ba11f8768172d6477ba7dfa77aa59a844191cf918b603c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 35834
expires: Fri, 02 Feb 2024 21:01:43 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame F5DD 16 KB
16 KB 3025ms
123ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Funit_hero_large_2x%2Fpublic%2F2018-05%2Fone-back-bay-apartment-interiors2_0.jpg%3Fh%3Df778dbdf%26itok%3DW_sH9MsH&v=3&w=800&rid=4&s=4Rm7jL1pIafzJxKwEEweu0C7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

9aeb13e1bb386a4538794616f85d1f5f995abb63f3e3566cc54015171e9e4986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 16532
expires: Thu, 25 Jan 2024 20:05:58 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame F5DD 17 KB
17 KB 3014ms
112ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Fimage_gallery_large_2x%2Fpublic%2F2019-01%2Fkitchen2-one-back-bay-boston_1.jpg%3Fitok%3Dmin22iBB&v=3&w=800&rid=4&s=8R4r42CD93E1woHRp5JonQWZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

6aafa767dbb03c6088b1c5fb34d65e50ec40388c77b2d6460330e7469832426e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 17118
expires: Sun, 28 Jan 2024 21:21:07 GMT

GET
H2 200 img
imageproxy.us.criteo.net/img/ Frame F5DD 13 KB
14 KB 110ms
109ms Image
image/webp 2620:100:a001::9
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25144&q=80&r=2&u=https%3A%2F%2Fwww.relatedrentals.com%2Fsites%2Fdefault%2Ffiles%2Fstyles%2Funit_hero_large_2x%2Fpublic%2F2018-12%2F2-The-Tate-NYC-Living-Dining_16.jpg%3Fh%3D8b193dc6%26itok%3D7f9kO1ce&v=3&w=800&rid=4&s=4QpJ3gGkIrqOUEUZ2NTgQODm&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::9 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

d7f88777bbd8cb7b6e993e1efc280e971f783389a15b2848fda9e9a6b3943622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1209600
timing-allow-origin: *
content-length: 13774
expires: Thu, 25 Jan 2024 20:58:34 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame F5DD 0
127 B 2858ms
2858ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=4g3y8nNOTIMBreBXfSrR0usks_HG_B7VjD3i4Deb4s_XD_R8cJiU0h0bxXg3ioL2mUMPNR5mKIUmqBVjYo0ytGjooekoX5WoPKGJNs3xH05W-FNGtbunZcsYJLmVVTtWkZn5HUStdb0rHcERZfu4m5SrxewTBWL5n0fisem1tGRUHzNrnbzpbAK8zQVzpaXA4nYJvNWJ-_6dSyGNjo4rT74gsI7sZNsXQrl_VG8bNgSgnI5JffhOLURjh_PsNKQvf0DurA&sds=2&rev=90272.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 23 Jan 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame F5DD 2 KB
1 KB 2861ms
2861ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:04 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame F5DD 2 KB
1 KB 2858ms
2858ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:04 GMT

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 0D69 51 KB
19 KB 2850ms
2848ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=ZbAr3AAIv5UD5-J-AAPAzJBJbIImoNfnMHXXtQ&u=%7CSdnFM9rFZ0odLPq8LVFP0UWbFPoNjDTmAtIFf672x1I%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaKkqjJg35npvJEksAgg3fKVJnQb7YAztWXNjTHBlL3i4sevADxmhzLXJifhAOH3pZp1geiSI8o1fZm74hKjUzwkCMwBO-ua1XeAGVp5Zf3Kb8EulLhMhJC-Pa53Y2jrAsgtdOPhMByr7AY2xhVd_FVAHsqTuWQrvwCHi2ImLzbp7ysne6v7QTbslmZ6uHo3dNN35nIb4kpUgU22NCzgMh43R6JfLqpqSqar7DFcahRYkBt4ZKynhbihVw2YDSzu6PFkURGav7ExDlSGHHRNHXQnCSLsRgPs4u4P2Ingt0f73qRYjFYuEGqfwQqOYKzOWYRgRpK_q5JDX52InsXw1s0Rr1uSKf9fPgfl1XLP0So8iD2ffmrwiBdqzDCn6sporrik5_IGuMaBmVYtdGLrqWpNigB8Jt3vmbv1mISu3Fmfp10YpE-gm9IV1cC5YRSIGbrF0CIT2gSPL-w7Hl78PoUv5NDxV0kB51Qanvgip2_1GeeammfciPraiXOnb3RMmNkkPJxjByXXd2RkwTSeJFe_UFaIeXtedFHaXimMy3f8gvNpOY9WJIpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_FZW3CuwZZX_Iv7En88PzIGPwAKcge-wXKLKp6p0wI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0MVt6gS2SvDZ72a2Kn2scbP6NYK_-eUOgcaaeSQsWGVm51cSqx7VMiGZwfPUi_zULPAflfPFmVkGtbHRrwD9LRReVoIknx0cjt-xiq6_wFZHQQ2MjME0Olvz2r0VuJ2HjLbRe5jxzCXize9s8lTOOO7YaI1ajnl9rZ2-WKHvmy8xpU9QgxfdFwX0WD51Xylz_mIqvEaj87-5oAAtxs77EJ9j6bVbTlLFaS12JSoBRN8sVt6PABwXahEK_wuQxtMjSdcVEg9M0Re6N-ul58XFOnhbGSeLTYVfS39wHm0uy8nSJYAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNa-l8q29IMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2oyIDX6L9PJwV2JE52-V4PdMaDgA%26client%3Dca-pub-7820916800218761%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2c9bf103d6fb9a7d944d279020119f7da3ba39d7ca436a07f55e87facdeb3a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 23 Jan 2024 21:13:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=Nc43FnNOTIMBreBXvmt9QokDh1dYj0775E5HlLzk0AAgaeWiqEYaXw7K8Gzy7WsuWj8yW99yd35y284YDOPMVQFGbq1YnD-FrBeeoTmvf1jhO4PowHBRQV4SPPUHss8olYlIoxjbY2ZzI1aWgG5_iN5Kat7QC8f4wPvv6t4Q4HQJDL0ysqv7Cz96ZI-9IvUfvoeFN_r0xItEPG6f0zbJRbyVPYuLfHnm5cWIVqFXw7G0by-ZDkQOBNB8cfhRwoqEOKsZXR2M-j-F1aEa"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 3497114
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame FDFF 0
286 B 2878ms
2876ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COOFc3CuwZbiLI8zDn88P-aqJgA6cge-wXKLKp6p0wI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4AFP0MoPGTkV5-1jkPw29UiKUDdEGLpc90T8atROv9thdHjeXVlRezJsC5KNaHqKODfK8Lzht68DjcFYjZc9YHHacBYviI2NpXVQtpSHQ9vPORrIyCY-qPSB2aliyg_Tx2jySjQWFfAzlh3cZ3L3zo9Tj6IuwisiE9BmpAO-_7rFRDE0XRh_zyxWjnyW2ephJ7N7ydtEPPHbUg58FG2wyYL5tDxViuuE7TfK05CfutMkKlZNZHSivce3GXYyLIA6Onllx8CrFIcPYF5y7UyEFuDa-Cvi_N511EylIY5uP_KNaYAGwJuJmZCLporaAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljPzZfKtvSDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03ODIwOTE2ODAwMjE4NzYxGAA&sigh=su5zK3J_cBI&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_pcirj6LzZQloASGfmxhZUCu9hXGYzkB2HDaTqgoH4EOnVCRvYshyiCORV2jGh8NG0RLOGvuyPQI2Py3PXJAogCDfkpaN-YTOXSoYAQ&cbvp=2&vis=1

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 Jan 2024 21:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 Jan 2024 21:13:04 GMT

GET
H2 200 notify
rtb.da.us.criteo.com/google/auction/ Frame FDFF 0
126 B 2959ms
49ms Image
text/plain 74.119.118.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.da.us.criteo.com/google/auction/notify?profile=14&payload=kJuSGdWCMKwC-gHiIp0XAgAAANrD_adkRnc8ENwrsGWR_2G8K1tFHktTAAASAAAKCkFRVUREQUVCREE&wp=ZbAr3AAIxbgD5-HMAAJVeRU4m9rEYUHYOqZHWw&cbvp=2

Requested by

Host: buzzstormer.com
URL: http://buzzstormer.com/rummage-through-your-basement-you-may-be-sitting-on-a-baseball-card-treasure-chest/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.118.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 210303
server: Kestrel
content-length: 0

GET
H2 200 imp
statsf-tm.everesttech.net/stats/1/ Frame 15C8 85 B
359 B 2884ms
45ms Image
image/png 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/imp?sessId=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&cpKey=GuelttCccMtMpf5SyWco&mpKey=Xf6e2yqPYRavegdigOp6&adKey=SXHyvlAetOIRGjUJB7xy&psId=HM0m9MWSkXJ9ZTd6IN2t&burl=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7820916800218761%26output%3Dhtml%26h%3D600%26adk%3D3209154675%26adf%3D4043039345%26pi%3Dt.aa~a.4236442960~rp.1%26w%3D300%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1681580591%26rafmt%3D1%26to%3Dqs%26pwprc%3D3548874890%26format%3D300x600%26url%3Dhttps%253A%252F%252Flolwot.com%252F10-easy-methods-to-make-extra-cash%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26adsid%3DChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE%26uach%3DWyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd%26dt%3D1681580591901%26bpp%3D2%26bdt%3D1456%26idt%3D-M%26shv%3Dr20230412%26mjsv%3Dm202304110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253Df317d07e87cadccd-22695f1c2cdf0037%253AT%253D1681580591%253ART%253D1681580591%253AS%253DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw%26gpic%3DUID%253D00000bf4db70eedd%253AT%253D1681580591%253ART%253D1681580591%253AS%253DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA%26prev_fmts%3D0x0%26nras%3D2%26correlator%3D1724404121286%26frm%3D20%26pv%3D1%26ga_vid%3D351234906.1681580587%26ga_sid%3D1681580591%26ga_hid%3D1124025909%26ga_fc%3D1%26u_tz%3D330%26u_his%3D1%26u_h%3D864%26u_w%3D1536%26u_ah%3D824%26u_aw%3D1536%26u_cd%3D24%26u_sd%3D1.25%26dmc%3D8%26adx%3D175%26ady%3D1052%26biw%3D1519%26bih%3D754%26scr_x%3D0%26scr_y%3D0%26eid%3D44759927%252C44759842%252C44759876%252C31073770%252C44788443%26oid%3D2%26pvsid%3D232731587555987%26tmod%3D1357422795%26uas%3D0%26nvt%3D2%26ref%3Dhttps%253A%252F%252Fwww.google.com%252F%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1536%252C0%252C1536%252C824%252C1536%252C754%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D128%26bc%3D31%26jar%3D2023-04-15-12%26ifi%3D2%26uci%3Da!2%26btvi%3D1%26fsb%3D1%26xpc%3D1Vv6r9uXdy%26p%3Dhttps%253A%2F%2Flolwot.com%26dtd%3D6&w=300&h=600&bi=B09DMYkfW2HK2phsQkm4im18C5HG5ItpEMYiuamLttcpJtsuyiJ4qTTXsvo9kTRKrFKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uSJXvDFjagJXdmU0KWl411cW3w0Re9OaybUTHmqGN2t9w&price=ZbAr3AAI_XcD58XNAAbbhYepyUC1LN7OTs_0ZQ&PG=F&didtype=UNK&seller_id=pub-7820916800218761&campaignKey=9ZTd5C4WTngmTyTTySMY&bidderZone=ethos833-prod-va6&bidderGroup=rtb-bidder-first&env=site&conn=ethernet&s=H4sIAAAAAAAAAAGwAE__9l3MzgEj7Lx3ncnRdBwtAr4GYDQpQfLNUJJ4QCn5TWLdca8QUwN2N4ZyTR26VtQ1QkQJLNR4ctvOr1NppEDNMqMpKK_PnffJXiOnwdj2QXwuowFrjwilFox0glvG80bh4y-34VCkj6NTJGMf2n3b5LsQURSWrXbyyPvCxriF8nd0B3TmhMsiGxzlYO68ykWTi5VgDKjLlSddsx37X8XuY9QjmruRWLVQy-Jas0ZZh0Z7jsfQsAAAAA&date=1706044380764&auth=31e619dfb38a5b1f8bd32195077c3da1&vinst=t&rurl=http%3A%2F%2Fbuzzstormer.com%2F&wd=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 23 Jan 2024 21:13:04 GMT
via: 1.1 varnish
x-pt: P=515
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region: North-America
content-length: 85
x-served-by: cache-yyz4570-YYZ
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Tue, 23 Jan 2024 21:13:04 UTC

GET
DATA 200
OK truncated
/ Frame 67D3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e60c8c6f1840281a10ac3ae4f7c91c634c86465a5e49810f09ee9e2343261711

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 67D3 0
386 B 2797ms
2792ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ChEzv3CuwZZX_Iv7En88PzIGPwAKcge-wXKLKp6p0wI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4AFP0MVt6gS2SvDZ72a2Kn2scbP6NYK_-eUOgcaaeSQsWGVm51cSqx7VMiGZwfPUi_zULPAflfPFmVkGtbHRrwD9LRReVoIknx0cjt-xiq6_wFZHQQ2MjME0Olvz2r0VuJ2HjLbRe5jxzCXize9s8lTOOO7YaI1ajnl9rZ2-WKHvmy8xpU9QgxfdFwX0WD51Xylz_mIqvEaj87-5oAAtxs77EJ9j6bVbTlLFaS12JSoBRN8sVt6PABwXahEKvQmwVBWeoq2c-TCYXS5dk1qqz8zrIrzA6l0ChDtBZ2fx2vkXLIAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNa-l8q29IMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc4MjA5MTY4MDAyMTg3NjEYAA&sigh=HnAbwX-Q9OI&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_zmNdsIu9ERENuAzshbwyiF29cinwv0yGDGc0ygFLFaFg0QV-VLgbk1yGyXlpXYD-f2vAkmBh8XnkJQxk8ASHglW2Vu1f5zMTm9UYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=250&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x250&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 Jan 2024 21:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 23 Jan 2024 21:13:04 GMT

GET
H2 200 notify
rtb.da.us.criteo.com/google/auction/ Frame 67D3 0
125 B 2879ms
50ms Image
text/plain 74.119.118.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.da.us.criteo.com/google/auction/notify?profile=14&payload=kJnWGNWCMKwC-gHiIp0XAgAAANrD_adkRnc8ENwrsGXXkWwlGspphWhIAAASAAAKCkFRVUJEQUVCREE&wp=ZbAr3AAIv5UD5-J-AAPAzJBJbIImoNfnMHXXtQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.118.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 202897
server: Kestrel
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B84 42 B
404 B 2109ms
101ms Fetch
image/gif 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIy6P4hJylWF2qeZGe6F83VOgGl7WCZajQV6y6MHVQmowMfJyPUdtcdGQopi5o7A6A8-z_8HGrm6fkN28reHANHL_1SYhBZiaqOBvf6zTaO4m3lXPXDEQ&sig=Cg0ArKJSzMDqCby0XJykEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3209154675&rs=2&la=0&cr=0&vs=4&r=v&rst=1706044380447&rpt=628&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 21:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame F5DD 0
127 B 1841ms
1841ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 23 Jan 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 playfairdisplay-400.css
static.criteo.net/design/googlefont/playfairdisplay/ Frame F5DD 1 KB
760 B 43ms
41ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

96ea11f0396cec62f5c20e6a49b719359e3030150c73ef12c15531b8e9bebd4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:23 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c7-57c"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:04 GMT

GET
H2 200 playfairdisplay-700.css
static.criteo.net/design/googlefont/playfairdisplay/ Frame F5DD 1 KB
761 B 38ms
36ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

811b6e679ed2a18fb5696054a5386869bef195c0dcdd045f623dc19530216741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:24 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c8-57c"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:04 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0D69 2 KB
1 KB 38ms
36ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZbAr3AAIv5UD5-J-AAPAzJBJbIImoNfnMHXXtQ&u=%7CSdnFM9rFZ0odLPq8LVFP0UWbFPoNjDTmAtIFf672x1I%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92GpIThShgUu3ar18UI6JIlXEk8QJpwBMaKkqjJg35npvJEksAgg3fKVJnQb7YAztWXNjTHBlL3i4sevADxmhzLXJifhAOH3pZp1geiSI8o1fZm74hKjUzwkCMwBO-ua1XeAGVp5Zf3Kb8EulLhMhJC-Pa53Y2jrAsgtdOPhMByr7AY2xhVd_FVAHsqTuWQrvwCHi2ImLzbp7ysne6v7QTbslmZ6uHo3dNN35nIb4kpUgU22NCzgMh43R6JfLqpqSqar7DFcahRYkBt4ZKynhbihVw2YDSzu6PFkURGav7ExDlSGHHRNHXQnCSLsRgPs4u4P2Ingt0f73qRYjFYuEGqfwQqOYKzOWYRgRpK_q5JDX52InsXw1s0Rr1uSKf9fPgfl1XLP0So8iD2ffmrwiBdqzDCn6sporrik5_IGuMaBmVYtdGLrqWpNigB8Jt3vmbv1mISu3Fmfp10YpE-gm9IV1cC5YRSIGbrF0CIT2gSPL-w7Hl78PoUv5NDxV0kB51Qanvgip2_1GeeammfciPraiXOnb3RMmNkkPJxjByXXd2RkwTSeJFe_UFaIeXtedFHaXimMy3f8gvNpOY9WJIpY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_FZW3CuwZZX_Iv7En88PzIGPwAKcge-wXKLKp6p0wI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0MVt6gS2SvDZ72a2Kn2scbP6NYK_-eUOgcaaeSQsWGVm51cSqx7VMiGZwfPUi_zULPAflfPFmVkGtbHRrwD9LRReVoIknx0cjt-xiq6_wFZHQQ2MjME0Olvz2r0VuJ2HjLbRe5jxzCXize9s8lTOOO7YaI1ajnl9rZ2-WKHvmy8xpU9QgxfdFwX0WD51Xylz_mIqvEaj87-5oAAtxs77EJ9j6bVbTlLFaS12JSoBRN8sVt6PABwXahEK_wuQxtMjSdcVEg9M0Re6N-ul58XFOnhbGSeLTYVfS39wHm0uy8nSJYAG8a2p_pS685FloAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiAYRABMgKKAjoEgECAQEi9_cE6WNa-l8q29IMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2oyIDX6L9PJwV2JE52-V4PdMaDgA%26client%3Dca-pub-7820916800218761%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:04 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 0D69 2 KB
1 KB 79ms
77ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:04 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0D69 308 B
636 B 37ms
36ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 17 Jan 2025 21:13:04 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0D69 293 B
621 B 79ms
78ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 17 Jan 2025 21:13:04 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 0D69 43 B
347 B 36ms
35ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=jty6TYAc6Uhv1mEB-BrN-muAVB8ruq6IfFs5GeldMVUspJ6MU-v5ZmNGAWyL1k4GWV1LcbXhak0CGkU0m74yk2tg0nD8gRuB5c4GSbbufkRMB1vkdqsKPQWq_X39preFA-7cls1AgH4o0iyMx3p03lqHANjrlehK6oLrKgzvjkPI7OLiszuErPEvdiZgOUbUXXPAwBHjENlOTMQ_RivESjJCGlgWyluHaupBVAj8SjXCTlH7czB6uWEIt2nVGoCnEc01PJtCuWTONq1jOW-AuANdm43W4P8zHWEkgtDdICgoNi4AX-00YI-gg02wjBWz7AWh3Etr96ythY2HY7k5k6-AqCis2uJYxetf2BBht1e8bjmVTw-rERgu_4UeWYxa7lkc38-IRVL4E9j02Qn9GetGgDzYrDRS-8QvEFNSlesXv_TJob8juxY4Ic_WRrv4zEsDYw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1792276
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 87659b7a80cb4a338dfcc2d795fa0c9e_image_ad_300x250.png
static.criteo.net/design/dt/108469/5227621/ Frame 0D69 70 KB
71 KB 46ms
44ms Image
image/png 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/108469/5227621/87659b7a80cb4a338dfcc2d795fa0c9e_image_ad_300x250.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

492a94d56b0404cdd13b6bbebe7deb24d41e198a62979ab05b568eea69c271f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 11 Jan 2024 17:42:01 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "65a02869-1191d"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 71965
expires: Fri, 17 Jan 2025 21:13:04 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 0D69 0
127 B 47ms
34ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=Nc43FnNOTIMBreBXvmt9QokDh1dYj0775E5HlLzk0AAgaeWiqEYaXw7K8Gzy7WsuWj8yW99yd35y284YDOPMVQFGbq1YnD-FrBeeoTmvf1jhO4PowHBRQV4SPPUHss8olYlIoxjbY2ZzI1aWgG5_iN5Kat7QC8f4wPvv6t4Q4HQJDL0ysqv7Cz96ZI-9IvUfvoeFN_r0xItEPG6f0zbJRbyVPYuLfHnm5cWIVqFXw7G0by-ZDkQOBNB8cfhRwoqEOKsZXR2M-j-F1aEa&sds=2&rev=90272.1&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 23 Jan 2024 21:13:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0D69 2 KB
1 KB 71ms
58ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:04 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0D69 2 KB
1 KB 70ms
58ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:04 GMT

GET
H2 200 playfairdisplay-700-latin.woff2
static.criteo.net/design/googlefont/playfairdisplay/ Frame F5DD 20 KB
21 KB 41ms
41ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

c16f06e6edabd22d2c5c9d9b87260eca6faf706400dea89876de323480750489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-700.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:24 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c8-51e8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:04 GMT

GET
H2 200 playfairdisplay-400-latin.woff2
static.criteo.net/design/googlefont/playfairdisplay/ Frame F5DD 19 KB
20 KB 52ms
50ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

2b3fcab0b897a5fdf81ea0a1b01d80802e01544c22fb738fe6365688b9233579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/playfairdisplay/playfairdisplay-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:12:22 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f0c6-4d94"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 17 Jan 2025 21:13:04 GMT

GET
DATA 200
OK truncated
/ Frame 15C8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 566000795ea211af6ca766f166e903289a96d2dcab90654997f5f8d2bb94a989

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 15C8 0
19 B 66ms
65ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CK4eP3CuwZff6I82Ln88Phbeb4Aa835z0XK6C25dSwI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4AFP0BJckP2cWeslNqJYbzKe4h2xlNAoPSkWg9K6E-DLMtsrb4lmhwzkZtarDBQLJHHTno6Husiul21jv-_mYhfEhd8PZrO8l7yyA-jaS8seCauff8xSlgM1vtFJjeWLwsC3ZCQQqbneNB1LKagsgXHM_eeru6X7wUQoWbhG1oRHoNMOgkcMhz7jmNKM0-v8TIHmuYA920_Jwbz6n-nbY8TZOgdRwGgbFh4pOMcMDL1bQ1TliiX5mpsfNaHGSpdm2f-_686O7JHROZ3B38vGR6Fz8pIZRrLhXMH9glyUVkv2ZIAG1u7ksr2Xqtv9AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljns5jKtvSDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03ODIwOTE2ODAwMjE4NzYxGAA&sigh=zo-ljDuhl20&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_hm0VZ-g5kteQBJqiwO-QXN_fDgd-04vJ5ileACy12YlWJtHN1TSZFTZdB71PTkQuPq0JCsjKrR6N_1NkX5mDZK9-DFbaLqBs1NQYAQ&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=300&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=300x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 Jan 2024 21:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9B84 0
19 B 66ms
64ms Image
text/html 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-rDd3CuwZdyzI_T4n88PzrSEyAScge-wXKLKp6p0wI23ARABIABg5QKCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4AFP0L69gpsZOGaDIBtyNJLCRLIVkdZhDcSskIrLLq-ibY1YAQsF6rPieyZB3MOu0X08mI6PuAMagFdhp2_-9trFriYT9svcfPKzKzLZlG_D4RJaPlkLoHKAf-NFzqGtjYpnbWf9QzwPt5CCtS2_rEOUf9yN2j3ekj-3x8d6qGeG1KbSV2yp0DZPttX_fcanxhhq1Wn-o_5y080brBnGCqc0v94D9OoCp61JrjRGpH6NhFJ8vip0z_TS7KB_yjM1of2OoHCdE_XQp4L2DUyZ3ipfgIzNcLMHbKIIL1Qv8woqVYAGiKHur8vVqKuEAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljb7ZfKtvSDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03ODIwOTE2ODAwMjE4NzYxGAA&sigh=sCeLszA10fI&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_6z-jkin0yltKeRI0kiSFYPbX0IrBtcrwOQ1MgZkE-gUTJYKHLrq-aG3bPB9KDXikM-HtrsKLQuWYWYbpsdZ7wlTCe2WjGk06prYYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 23 Jan 2024 21:13:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.da.us.criteo.com/google/auction/ Frame 9B84 0
125 B 48ms
47ms Image
text/plain 74.119.118.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.da.us.criteo.com/google/auction/notify?profile=14&payload=kOmHDdSCMKAB2ATiIp0XAgAAANrD_adkRnc8ENwrsGWg-5Z-qOKlEuUFAAASAAAKCkFRVUJEQUVCREE&wp=ZbAr3AAI2dwD5_x0AAEaToIc8yHKiXZx3lKDBA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.118.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 237295
server: Kestrel
content-length: 0

GET
H2 200 displayproxy-20231031.js Show response
playtime.tubemogul.com/ud/prod/ad_plugins/release/ Frame CCA5 17 KB
17 KB 177ms
36ms Script
text/javascript 72.21.81.64
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB
Requested by: Host: displayf-tm.everesttech.net
URL: https://displayf-tm.everesttech.net/feed/placement.js?id=Xf6e2yqPYRavegdigOp6&site_id=HM0m9MWSkXJ9ZTd6IN2t&rand=-4092841857359766116&tm_auction_id=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&didtype=UNK&bi=B09DMYkfW2HK2phsQkm4im18C5HG5ItpEMYiuamLttcpJtsuyiJ4qTTXsvo9kTRKrFKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uSJXvDFjagJXdmU0KWl411cW3w0Re9OaybUTHmqGN2t9w&page_url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&seller_id=pub-7820916800218761&tm_user_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F120.0.6099.224+Safari%2F537.36&q=H4sIAAAAAAAAAGWST2jTcBTHl2RrtyK4lYpSEOIQXMeS5u-vzXaYbde1-5OmLqndvEia_NplTfvL0l_bVW876m14kO0keFJB8DgPXsXjvIgnEQ8iiGPHXbRbJwi-wzs83ue9L9_3xiZmnhx8mZ71rqDX9tPo4UhoGvc8yNYQqrnQ9JwWa6FGvOLYNvTZlK1DvwP9Nbjdhi0cfjxy7ePwZGS9CqDQ2y5urJkdWLOdmuaBqYOfzwghkmtDF-OMZalY9aqy3itbKPn--beXl9MRfT3f67gpiLWltdxWaTmd2OntEVhFDxzXNeMyy9FTZadpo26LLhg0z7HcHN0vAGmO3gFSjE55ngvLsLLi4LgsJlgR0FMreUNdnaFdpw7pHLTqKEZnNn3UgHFe6A9gAacorCBItG5WTd-54PYJWgGcqcgJMyHZMMnJfMIEFpSgKSoWJ8m2cEhcVxeF-6CCuCwEC65SUep39eZil-UZnlXTHwiqVFg5IoLtZr2Jus3PRLA7EP-D4Eff7d8MR_Iq11DUsl5fX1buGTZYKgg4GnKR20X4zGaaVIbO43j-hIh47QqTSAqcwoMkxwl8MgH4UyJyRsoZqWw0aw2jZxg9Xd3YJScg3kStpCgyno9spmOCPXLcxxVmcDmm6vgt_IIcbjkYviFH-93Qb0J8QsZC_6PhwICavCSyHKMXUkU9rxm71HwoMPiL8d9viShV0hcmz1Lsr-hZyml46auLfbuzO7i_wHSLvmPB3DlUHHtEDe1TFyMOqVshsqSHycJGlJJ5aXqElwROEIK5rJbRFrKzgZym5Vazt4kjKiCKIAnkr9Q_Xn2nXpHH1KfhUypow1YdI--Gv3yn8_BXaOsP95g6DdQCAAA*&click_url=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUgb93CuwZff6I82Ln88Phbeb4Aa835z0XK6C25dSwI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0BJckP2cWeslNqJYbzKe4h2xlNAoPSkWg9K6E-DLMtsrb4lmhwzkZtarDBQLJHHTno6Husiul21jv-_mYhfEhd8PZrO8l7yyA-jaS8seCauff8xSlgM1vtFJjeWLwsC3ZCQQqbneNB1LKagsgXHM_eeru6X7wUQoWbhG1oRHoNMOgkcMhz7jmNKM0-v8TIHmuYA920_Jwbz6n-nbY8TZOgdRwGgbFh4pOMcMDL1bQ1TliiX5mpsfNaHGCJVGS11jbrhmaZJS1N9LGlXzb6hd6jLj28QJ-xfjrkRBxb607r-wrIAG1u7ksr2Xqtv9AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljns5jKtvSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0LWsYtntm-W6h-hIhlv62HytWx0w%26client%3Dca-pub-7820916800218761%26adurl%3D&tm_os_group=windows&tm_device_group=unknown
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/7962) /
Resource Hash: 686e660739424dd896e22f46622a30e963c89df24864933df2a586ebfd5cacfa

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
last-modified: Tue, 31 Oct 2023 12:11:00 GMT
server: ECAcc (nya/7962)
age: 32488
etag: "3106171132"
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 17475
expires: Wed, 24 Jan 2024 21:13:04 GMT

GET
H2 200 renderstart
statsf-tm.everesttech.net/stats/1/ Frame CCA5 85 B
129 B 112ms
112ms Image
image/png 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/renderstart?cpKey=GuelttCccMtMpf5SyWco&mpKey=Xf6e2yqPYRavegdigOp6&bi=B09DMYkfW2HK2phsQkm4im18C5HG5ItpEMYiuamLttcpJtsuyiJ4qTTXsvo9kTRKrFKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uSJXvDFjagJXdmU0KWl411cW3w0Re9OaybUTHmqGN2t9w&price=&conn=ethernet&did=&sessId=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&s=H4sIAAAAAAAAAAEAAf_-b_pbEeVjQfL3gt_xZJ2gDF4hfRT_xccTzG5130jMdRBjKRe6YF6KMxFRo3WXPz0JaVJcm3gB-eb3x1GzCuGkoo63JL8fJHssXT54GjZh4FXfbhKQJ2lJBa73An5yZRC5DSAgy91UhCMYhyHFF8cor0B8rIDLjLf4zOgzhxUV-tRWM6CDJFSQSlknvo8Hvt9bl5q93nyxO-0uH1gZ6HoKbXFcH4W3JvqiefPW9L1YF3t-Qv7xHb8lIcEJxTriedholjw8-AZB1TYd0oIy6B77XM8PP3FYkaTdcHsd7WkQw1g7r3UAEx6Ro6VdpZjdoSrdB2v4e5TZU3rJQlyAolB7mPKfNdoAAQAA&env=site&adKey=SXHyvlAetOIRGjUJB7xy&seller_id=pub-7820916800218761&rt=HTML5&PG=F&date=1706044384160&psId=HM0m9MWSkXJ9ZTd6IN2t&didtype=UNK&vinst=t&auth=8a5db0316480f786440e10789ca132bb&burl=about%3Ablank&rurl=http%3A%2F%2Fbuzzstormer.com&astv=20230731&apv=B20231031
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 23 Jan 2024 21:13:04 GMT
via: 1.1 varnish
x-pt: P=174
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region: North-America
content-length: 85
x-served-by: cache-yyz4570-YYZ
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Tue, 23 Jan 2024 21:13:04 UTC

GET
H2 200 rendercomplete
statsf-tm.everesttech.net/stats/1/ Frame CCA5 85 B
130 B 49ms
49ms Image
image/png 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/rendercomplete?cpKey=GuelttCccMtMpf5SyWco&mpKey=Xf6e2yqPYRavegdigOp6&bi=B09DMYkfW2HK2phsQkm4im18C5HG5ItpEMYiuamLttcpJtsuyiJ4qTTXsvo9kTRKrFKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uSJXvDFjagJXdmU0KWl411cW3w0Re9OaybUTHmqGN2t9w&price=&conn=ethernet&did=&sessId=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&s=H4sIAAAAAAAAAAEAAf_-b_pbEeVjQfL3gt_xZJ2gDF4hfRT_xccTzG5130jMdRBjKRe6YF6KMxFRo3WXPz0JaVJcm3gB-eb3x1GzCuGkoo63JL8fJHssXT54GjZh4FXfbhKQJ2lJBa73An5yZRC5DSAgy91UhCMYhyHFF8cor0B8rIDLjLf4zOgzhxUV-tRWM6CDJFSQSlknvo8Hvt9bl5q93nyxO-0uH1gZ6HoKbXFcH4W3JvqiefPW9L1YF3t-Qv7xHb8lIcEJxTriedholjw8-AZB1TYd0oIy6B77XM8PP3FYkaTdcHsd7WkQw1g7r3UAEx6Ro6VdpZjdoSrdB2v4e5TZU3rJQlyAolB7mPKfNdoAAQAA&env=site&adKey=SXHyvlAetOIRGjUJB7xy&seller_id=pub-7820916800218761&rt=HTML5&PG=F&date=1706044384160&psId=HM0m9MWSkXJ9ZTd6IN2t&didtype=UNK&vinst=t&auth=8a5db0316480f786440e10789ca132bb&burl=about%3Ablank&rurl=http%3A%2F%2Fbuzzstormer.com&astv=20230731&apv=B20231031
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 23 Jan 2024 21:13:04 GMT
via: 1.1 varnish
x-pt: P=342
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region: North-America
content-length: 85
x-served-by: cache-yyz4570-YYZ
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Tue, 23 Jan 2024 21:13:04 UTC

GET
H2 200 aac_viewability-ab8b7a.js Show response
playtime.tubemogul.com/ud/prod/pullins/ Frame CCA5 14 KB
14 KB 36ms
36ms Script
text/javascript 72.21.81.64
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://playtime.tubemogul.com/ud/prod/pullins/aac_viewability-ab8b7a.js
Requested by: Host: playtime.tubemogul.com
URL: https://playtime.tubemogul.com/ud/prod/ad_plugins/release/displayproxy-20231031.js?auction_id=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.21.81.64 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/79B4) /
Resource Hash: 0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:04 GMT
last-modified: Tue, 11 Feb 2020 01:39:46 GMT
server: ECAcc (nya/79B4)
age: 69621
etag: "1983306799"
x-cache: HIT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 13877
expires: Wed, 24 Jan 2024 21:13:04 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/225407;8026171;201;jsappend;AdobeAdCloud;AdCloudFY24AcrobatDemandGenPSPAudExDGVersatileUSDSKBAN300x600/ Frame 9BD1 4 KB
3 KB 170ms
69ms Script
text/javascript 23.192.41.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/225407;8026171;201;jsappend;AdobeAdCloud;AdCloudFY24AcrobatDemandGenPSPAudExDGVersatileUSDSKBAN300x600/?ft_custom=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&us_privacy=${US_PRIVACY}&ftClick=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=GuelttCccMtMpf5SyWco&mpKey=Xf6e2yqPYRavegdigOp6&adKey=SXHyvlAetOIRGjUJB7xy&sessId=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&seller_id=pub-7820916800218761&psId=HM0m9MWSkXJ9ZTd6IN2t&sId=0&dur=15&date=&auth=&did=&didtype=UNK&stch_id=&conn=ethernet&env=site&bi=B09DMYkfW2HK2phsQkm4im18C5HG5ItpEMYiuamLttcpJtsuyiJ4qTTXsvo9kTRKrFKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uSJXvDFjagJXdmU0KWl411cW3w0Re9OaybUTHmqGN2t9w&PG=F&s=H4sIAAAAAAAAAAEAAf_-8vbwgQtBf5xEaTLeRzHzO09KC_bnQNewSLbL3zC5iMeTUqYB9ASH_4xr3CcqxVx7QPRNlStngDYhKzhAyRiVk5Df8o5JX0vo6ixrJbWp40Ce_U-376lq794NO9iC7u_n1zOsJahi_Hy3FjNgrsRVZpl_PJGCp41epbIseesh-tgAXAXp22PCIJQCVDWfzbC6JU5-pa6VPWTdf4R6GrfR52mt8kuSDHIMNt_E-vEr70HNSY8TmB0TCdjjUjJwWsnG7A9NN2b0qG44ybn_bOp76pRKt5oyGPPWUJIoPlKZ-192PITxyuI4X8TuauNDylnkKHf5DbkSlv5kaM63E7LnlEIbfUQAAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCUgb93CuwZff6I82Ln88Phbeb4Aa835z0XK6C25dSwI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0BJckP2cWeslNqJYbzKe4h2xlNAoPSkWg9K6E-DLMtsrb4lmhwzkZtarDBQLJHHTno6Husiul21jv-_mYhfEhd8PZrO8l7yyA-jaS8seCauff8xSlgM1vtFJjeWLwsC3ZCQQqbneNB1LKagsgXHM_eeru6X7wUQoWbhG1oRHoNMOgkcMhz7jmNKM0-v8TIHmuYA920_Jwbz6n-nbY8TZOgdRwGgbFh4pOMcMDL1bQ1TliiX5mpsfNaHGCJVGS11jbrhmaZJS1N9LGlXzb6hd6jLj28QJ-xfjrkRBxb607r-wrIAG1u7ksr2Xqtv9AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljns5jKtvSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0LWsYtntm-W6h-hIhlv62HytWx0w%26client%3Dca-pub-7820916800218761%26adurl%3D&ft_partnerimpid=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&site_url=lolwot.com&cachebuster=680866.0127483674

Requested by

Host: blank
URL: about:blank

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.41.210 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-41-210.deploy.static.akamaitechnologies.com

Software

prod-xre-app47.ash11 /

Resource Hash

01a2348949706ad765480e79b0a3403a050a34dfdb8df4f627bb5294fe099e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 21:13:04 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app47.ash11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 2200
Expires: Tue, 23 Jan 2024 21:13:04 GMT

GET
H2 200 ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame 9BD1 86 KB
26 KB 138ms
35ms Script
application/javascript 13.226.34.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/225407;8026171;201;jsappend;AdobeAdCloud;AdCloudFY24AcrobatDemandGenPSPAudExDGVersatileUSDSKBAN300x600/?ft_custom=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&ftOBA=1&ft_agentEnv=0&ft_referrer=about%3Ablank&gdpr=0&us_privacy=${US_PRIVACY}&ftClick=https://statsf-tm.everesttech.net/stats/1/ct?cpKey=GuelttCccMtMpf5SyWco&mpKey=Xf6e2yqPYRavegdigOp6&adKey=SXHyvlAetOIRGjUJB7xy&sessId=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&seller_id=pub-7820916800218761&psId=HM0m9MWSkXJ9ZTd6IN2t&sId=0&dur=15&date=&auth=&did=&didtype=UNK&stch_id=&conn=ethernet&env=site&bi=B09DMYkfW2HK2phsQkm4im18C5HG5ItpEMYiuamLttcpJtsuyiJ4qTTXsvo9kTRKrFKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uSJXvDFjagJXdmU0KWl411cW3w0Re9OaybUTHmqGN2t9w&PG=F&s=H4sIAAAAAAAAAAEAAf_-8vbwgQtBf5xEaTLeRzHzO09KC_bnQNewSLbL3zC5iMeTUqYB9ASH_4xr3CcqxVx7QPRNlStngDYhKzhAyRiVk5Df8o5JX0vo6ixrJbWp40Ce_U-376lq794NO9iC7u_n1zOsJahi_Hy3FjNgrsRVZpl_PJGCp41epbIseesh-tgAXAXp22PCIJQCVDWfzbC6JU5-pa6VPWTdf4R6GrfR52mt8kuSDHIMNt_E-vEr70HNSY8TmB0TCdjjUjJwWsnG7A9NN2b0qG44ybn_bOp76pRKt5oyGPPWUJIoPlKZ-192PITxyuI4X8TuauNDylnkKHf5DbkSlv5kaM63E7LnlEIbfUQAAQAA&redir=https%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%3Fsa%3DL%26ai%3DCUgb93CuwZff6I82Ln88Phbeb4Aa835z0XK6C25dSwI23ARABIABgyebii8Sk5BCCARdjYS1wdWItNzgyMDkxNjgwMDIxODc2McgBCagDAcgDAqoE4wFP0BJckP2cWeslNqJYbzKe4h2xlNAoPSkWg9K6E-DLMtsrb4lmhwzkZtarDBQLJHHTno6Husiul21jv-_mYhfEhd8PZrO8l7yyA-jaS8seCauff8xSlgM1vtFJjeWLwsC3ZCQQqbneNB1LKagsgXHM_eeru6X7wUQoWbhG1oRHoNMOgkcMhz7jmNKM0-v8TIHmuYA920_Jwbz6n-nbY8TZOgdRwGgbFh4pOMcMDL1bQ1TliiX5mpsfNaHGCJVGS11jbrhmaZJS1N9LGlXzb6hd6jLj28QJ-xfjrkRBxb607r-wrIAG1u7ksr2Xqtv9AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljns5jKtvSDA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0LWsYtntm-W6h-hIhlv62HytWx0w%26client%3Dca-pub-7820916800218761%26adurl%3D&ft_partnerimpid=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&site_url=lolwot.com&cachebuster=680866.0127483674
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.34.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-34-100.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8398e3a12c77db0695fb66a0b180d4492ccfe268435a59abdb9a056bbbf92a8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 16:44:20 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.1), 1.1 0a84c1b70b100e694edd23e638bf7fa8.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C2
age: 16124
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26311
last-modified: Thu, 11 Jan 2024 16:43:14 GMT
server: AmazonS3
etag: W/"3643773625f898f1236b1c08c2d13631"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=86400
x-varnish: 601231860 558667357
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: QqWrWFb4IM5rcVYdH6Kt_bCyIPu8rI1z6XHFjWKKbWr0f3zVzT96ww==

GET
H2 200 4251820.json Show response
agen-assets.ftstatic.com/display/8026171/ Frame 9BD1 4 KB
2 KB 191ms
77ms XHR
application/json 18.154.227.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/8026171/4251820.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.227.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-227-73.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3471c118eac0fd59fedb1ed32ab04e856fc5e331f4742038a35671b5d2a7b2c7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:05 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.2), 1.1 87e02820e63ff6cf9cd98d9efbaab1fc.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P5
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 1912
last-modified: Fri, 12 Jan 2024 01:07:55 GMT
server: AmazonS3
etag: W/"abe37a77ee5ff30dd8a4f770a65c0387"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 54704832
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: Hy81IoiPpvna3r2_IUj0MeOoFYyjQ2XGfLznsS-n9EgfdS1lzvylYQ==

GET
H2 200 d9core Show response
d9.flashtalking.com/ Frame 9BD1 11 KB
11 KB 331ms
49ms Script
application/javascript 3.211.194.210

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.194.210 -, , ASN (),
Reverse DNS
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 6a9b4b9c89d9f9c260299549612af3ccf2962149c239c66fc4fb83900c1615f6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:05 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
etag: 5bc31bf7d4a298e1bef9d35fce222bfc
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: d9.flashtalking.com
content-type: application/javascript;charset=utf-8
cache-control: private, must-revalidate, proxy-revalidate, max-age=172800
access-control-allow-credentials: true

GET
H/1.1 200
OK adobe_contractor_300x600.html Show response
cdn.flashtalking.com/172799/4251820/ Frame 58FE 3 KB
2 KB 310ms
33ms Document
text/html 23.56.162.52

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/172799/4251820/adobe_contractor_300x600.html
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 -, , ASN (),
Reverse DNS
Software: Flashtalking (AKA) /
Resource Hash: 0c84928e13854d7e66b948664a95f52ea23c3c30630fba6ceb2dec238ea17b5f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Cache-Control: max-age=181
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1213
Content-Type: text/html
Date: Tue, 23 Jan 2024 21:13:05 GMT
ETag: W/"31b103eb909a5597d4310ce044b39ad8"
Expires: Tue, 23 Jan 2024 21:16:06 GMT
Last-Modified: Thu, 09 Mar 2023 21:49:34 GMT
Server: Flashtalking (AKA)
Vary: Accept-Encoding
X-FT-Origin: us
X-Varnish: 738341164 737241665

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame 9BD1 547 KB
160 KB 307ms
31ms Script
application/javascript 2600:9000:261f:a600:a:deb0:3380:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225407&l2=AdobeAdCloud&l3=8026171&l4=4251820&l5=&l6=&utid=0B91DC0F-7B13-FDA9-FE97-C8213694DECE&creative_type=display&adid=ftdiv8026171&pub_app=&pub_domain=lolwot.com&uid=&cb=864987.6402238467&pub_ts=1705021696&121917413
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:261f:a600:a:deb0:3380:93a1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b0ad345a13efc7c9874a0502135bfbb599c0397b366e1ddae817c7d93a11038

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 20:33:16 GMT
Content-Encoding: br
Via: 1.1 def26d054ec95b961e8352e3cd4fae7e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK52-P3
Age: 2389
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 23 Jan 2024 20:33:16 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: IFdBeefwPuagdYjjpI6LzCeYg9DjAKVqZctEkgr8NqaEsrWhlbFUDg==
Expires: Wed, 24 Jan 2024 20:33:16 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame 9BD1 17 KB
6 KB 315ms
39ms Script
application/javascript 23.56.162.52

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 -, , ASN (),
Reverse DNS
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:13:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
X-FT-Origin: us
Vary: Accept-Encoding
X-Varnish: 413862034 236107414
Content-Type: application/javascript
Cache-Control: max-age=43198
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Wed, 24 Jan 2024 09:13:03 GMT

GET
H/1.1 200
OK iconc.png
cdn.flashtalking.com/oba/icon/ Frame 9BD1 1 KB
2 KB 307ms
31ms Image
image/png 23.56.162.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 -, , ASN (),
Reverse DNS
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:13:05 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:31 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin: us
X-Varnish: 108102152
Content-Type: image/png
Cache-Control: max-age=665887
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Wed, 31 Jan 2024 14:11:12 GMT

GET
DATA 200
OK truncated
/ Frame 9BD1 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 15C8 42 B
108 B 106ms
105ms Fetch
image/gif 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiqINP5UL3pWn14nTNjmnLshVb8S27yjcv0N2iwowlaMJCzMwP5oHzBOiYdhsenNDBOUwSGXbYtwko_Teke_yJ4AVC2K0KZOq1FUOi3B-kPFUf48h0SPQ&sig=Cg0ArKJSzP67XuhewM1PEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240122&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3209154675&rs=2&la=0&cr=0&vs=4&r=v&rst=1706044380446&rpt=3805&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 23 Jan 2024 21:13:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 58FE 236 KB
63 KB 137ms
39ms Script
text/javascript 2600:141b:e800:2a::1721:2c86

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/172799/4251820/adobe_contractor_300x600.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:e800:2a::1721:2c86 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:05 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Tue, 23 Jan 2024 21:28:05 GMT

GET
H2 200 gsap_3.11.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 58FE 69 KB
27 KB 124ms
53ms Script
text/javascript 2607:f8b0:4006:822::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js

Requested by

Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/172799/4251820/adobe_contractor_300x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27635
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:03:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Jan 2024 21:13:05 GMT

GET
H/1.1 200
OK adobe_contractor_300x600.js Show response
cdn.flashtalking.com/172799/4251820/ Frame 58FE 158 KB
39 KB 51ms
51ms Script
application/javascript 23.56.162.52

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/172799/4251820/adobe_contractor_300x600.js?1677109824056
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/172799/4251820/adobe_contractor_300x600.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 -, , ASN (),
Reverse DNS
Software: Flashtalking (AKA) /
Resource Hash: b1152f08180483780c03c12cdb60aa8d90e3436412b0905609a8a7e4bd41f9e6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/172799/4251820/adobe_contractor_300x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:13:05 GMT
Content-Encoding: gzip
X-FT-Origin: us
Connection: keep-alive
Content-Length: 38968
Last-Modified: Thu, 09 Mar 2023 21:49:34 GMT
Server: Flashtalking (AKA)
ETag: W/"a7020a17926389b50c6ec461ef8c401c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 341344229 341142910
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding
Cache-Control: max-age=127
Content-Type: application/javascript
Accept-Ranges: bytes
Expires: Tue, 23 Jan 2024 21:15:12 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/8026171;4251820;0;271;0B91DC0F-7B13-FDA9-FE97-C8213694DECE/ Frame 9BD1 0
67 B 164ms
36ms Image
text/plain 44.215.176.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/8026171;4251820;0;271;0B91DC0F-7B13-FDA9-FE97-C8213694DECE/?cachebuster=209788795
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.215.176.30 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 23 Jan 2024 21:13:05 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 9BD1 1 B
377 B 150ms
46ms Image
text/plain 23.56.162.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-8026171;4251820;0-304-0-0-594413959
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 21:13:05 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 23 Jan 2024 21:13:05 GMT

POST
H2 200 lgc Show response
d9.flashtalking.com/ Frame 9BD1 103 B
549 B 81ms
80ms XHR
application/json 3.211.194.210

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.211.194.210 -, , ASN (),
Reverse DNS
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 0447bf29a5ed62229ecd855d49a43e0999d2cf3927037087dcea341d89cc0910

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 23 Jan 2024 21:13:05 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: https://googleads.g.doubleclick.net
content-type: application/json;charset=ISO-8859-1
access-control-allow-credentials: true
content-length: 103

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 9BD1 121 B
680 B 235ms
81ms Fetch
text/plain 130.211.115.4

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=sesLOYuaasIBNosmaxXFUvBYYvyLLzAv-FE7fPshldVTqKD4Q033MFErD-E03BOs1jalvrMA==&pm_ct=328b86a35ce923ef7249abd4&pm_pl=1706044385435&pm_td=15&pid=1000925&en=1.1&callback=__pm_glbl_wf2nHWLLXl7Xsl2nbEdPgMpS._gc1&tt=g&v=0eaac4d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225407&l2=AdobeAdCloud&l3=8026171&l4=4251820&l5=&l6=&utid=0B91DC0F-7B13-FDA9-FE97-C8213694DECE&creative_type=display&adid=ftdiv8026171&pub_app=&pub_domain=lolwot.com&uid=&cb=864987.6402238467&pub_ts=1705021696&121917413
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df1f7909dd56c7d6b1ddc66684ff91e8f064b23b9e0247748df67f56b5b95c20

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 21:13:05 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 121

GET
DATA 200
OK truncated
/ Frame FCAE 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 9BD1 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/8026171;4251820;0;401;0B91DC0F-7B13-FDA9-FE97-C8213694DECE/ Frame 9BD1 42 B
342 B 100ms
99ms Image
image/gif 23.192.41.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/state/8026171;4251820;0;401;0B91DC0F-7B13-FDA9-FE97-C8213694DECE/?ft_data=d9:3871d558903c4552bba06180742f9963;d9s:3871d558903c4552bba06180742f9963&cachebuster=821761511

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.192.41.210 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-192-41-210.deploy.static.akamaitechnologies.com

Software

prod-xre-app3.ash11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 21:13:05 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app3.ash11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Tue, 23 Jan 2024 21:13:05 GMT

GET
BLOB 200
OK 7e1cffde-5825-44e3-957a-12a10c526c64
https://googleads.g.doubleclick.net/ Frame 9BD1 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/7e1cffde-5825-44e3-957a-12a10c526c64
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK d530a154-4d68-4e2a-950c-a17cbe9aecff
https://googleads.g.doubleclick.net/ Frame 9BD1 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/d530a154-4d68-4e2a-950c-a17cbe9aecff
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 9BD1 1 B
377 B 28ms
27ms Image
text/plain 23.56.162.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-8026171;4251820;0-306-0-0-855413179
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 -, , ASN (),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 23 Jan 2024 21:13:05 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Tue, 23 Jan 2024 21:13:05 GMT

GET
H2 200 vimp
statsf-tm.everesttech.net/stats/1/ Frame CCA5 85 B
176 B 42ms
41ms Image
image/png 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsf-tm.everesttech.net/stats/1/vimp?cpKey=GuelttCccMtMpf5SyWco&mpKey=Xf6e2yqPYRavegdigOp6&bi=B09DMYkfW2HK2phsQkm4im18C5HG5ItpEMYiuamLttcpJtsuyiJ4qTTXsvo9kTRKrFKYqdOoWYvHqw2HV-yzaeVhurTKu95HYWJ2vXieEZ0PqqpDP7dCwuS-__m1TSaIPPmwK6G4RFNLcyWNJOPePIUPJrV0R-fyPYVKNfHH0al-uSJXvDFjagJXdmU0KWl411cW3w0Re9OaybUTHmqGN2t9w&price=&conn=ethernet&did=&sessId=MF2_6bo0Ee6Dl9b9kVSnFw.1-1.MB&s=H4sIAAAAAAAAAAEAAf_-b_pbEeVjQfL3gt_xZJ2gDF4hfRT_xccTzG5130jMdRBjKRe6YF6KMxFRo3WXPz0JaVJcm3gB-eb3x1GzCuGkoo63JL8fJHssXT54GjZh4FXfbhKQJ2lJBa73An5yZRC5DSAgy91UhCMYhyHFF8cor0B8rIDLjLf4zOgzhxUV-tRWM6CDJFSQSlknvo8Hvt9bl5q93nyxO-0uH1gZ6HoKbXFcH4W3JvqiefPW9L1YF3t-Qv7xHb8lIcEJxTriedholjw8-AZB1TYd0oIy6B77XM8PP3FYkaTdcHsd7WkQw1g7r3UAEx6Ro6VdpZjdoSrdB2v4e5TZU3rJQlyAolB7mPKfNdoAAQAA&env=site&adKey=SXHyvlAetOIRGjUJB7xy&seller_id=pub-7820916800218761&rt=HTML5&PG=F&date=1706044384160&psId=HM0m9MWSkXJ9ZTd6IN2t&didtype=UNK&vinst=t&auth=8a5db0316480f786440e10789ca132bb&burl=about%3Ablank&rurl=http%3A%2F%2Fbuzzstormer.com&astv=20230731&apv=B20231031&w=300&h=600&pw=300&ph=600&vw=300&vh=600&vwbl=t&vver=20200211&vpct=100&ifr=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 23 Jan 2024 21:13:05 GMT
via: 1.1 varnish
x-pt: P=237
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
x-region: North-America
content-length: 85
x-served-by: cache-yyz4570-YYZ
pragma: no-cache
server: Jetty(9.4.35.v20201120)
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
expires: Tue, 23 Jan 2024 21:13:05 UTC

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 9BD1 1 B
283 B 94ms
93ms Fetch
text/plain 130.211.115.4

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=sesLOYuaasIBNosmaxXFUvBYYvyLLzAv-FE7fPshldVTqKD4Q033MFErD-E03BOs1jalvrMA==&pm_ct=328b86a35ce923ef7249abd4&pm_pl=1706044385435&pm_td=481&pid=1000925&en=1.1&callback=__pm_glbl_wf2nHWLLXl7Xsl2nbEdPgMpS._gc2&tt=g&v=0eaac4d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225407&l2=AdobeAdCloud&l3=8026171&l4=4251820&l5=&l6=&utid=0B91DC0F-7B13-FDA9-FE97-C8213694DECE&creative_type=display&adid=ftdiv8026171&pub_app=&pub_domain=lolwot.com&uid=&cb=864987.6402238467&pub_ts=1705021696&121917413
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Tue, 23 Jan 2024 21:13:05 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
BLOB 200
OK 4af93791-7cbe-4043-a087-c60c3e5fde6c
https://googleads.g.doubleclick.net/ Frame 9BD1 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/4af93791-7cbe-4043-a087-c60c3e5fde6c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
H/1.1 200
OK adobe_contractor_300x600_atlas_P_1.png
cdn.flashtalking.com/172799/4251820/images/ Frame 58FE 148 KB
149 KB 38ms
36ms Image
image/png 23.56.162.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/172799/4251820/images/adobe_contractor_300x600_atlas_P_1.png?1677109824011
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 -, , ASN (),
Reverse DNS
Software: Flashtalking (AKA) /
Resource Hash: 7645301e70aba97534c220311f2612c8aed531493ef8844211f2c294e8ffd65b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/172799/4251820/adobe_contractor_300x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:13:05 GMT
X-FT-Origin: us
Connection: keep-alive
Content-Length: 151743
Last-Modified: Thu, 09 Mar 2023 21:49:34 GMT
Server: Flashtalking (AKA)
ETag: W/"2536a99e004008a7d1874a3a55872a5c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=127
X-Varnish: 829035238 824445633
Accept-Ranges: bytes
Expires: Tue, 23 Jan 2024 21:15:12 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 9BD1 1 B
283 B 51ms
49ms Fetch
text/plain 130.211.115.4

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=sesLOYuaasIBNosmaxXFUvBYYvyLLzAv-FE7fPshldVTqKD4Q033MFErD-E03BOs1jalvrMA==&pm_ct=328b86a35ce923ef7249abd4&pm_pl=1706044385435&pm_td=580&pid=1000925&en=1.1&callback=__pm_glbl_wf2nHWLLXl7Xsl2nbEdPgMpS._gc3&tt=g&v=0eaac4d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225407&l2=AdobeAdCloud&l3=8026171&l4=4251820&l5=&l6=&utid=0B91DC0F-7B13-FDA9-FE97-C8213694DECE&creative_type=display&adid=ftdiv8026171&pub_app=&pub_domain=lolwot.com&uid=&cb=864987.6402238467&pub_ts=1705021696&121917413
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Tue, 23 Jan 2024 21:13:06 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9BD1 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 9BD1 0
0

GET
H/1.1 200
OK adobe_contractor_300x600_atlas_NP_1.jpg
cdn.flashtalking.com/172799/4251820/images/ Frame 58FE 74 KB
0 67ms
67ms Image
image/jpeg 23.56.162.52

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/172799/4251820/images/adobe_contractor_300x600_atlas_NP_1.jpg?1677109824011
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 -, , ASN (),
Reverse DNS
Software: Flashtalking (AKA) /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/172799/4251820/adobe_contractor_300x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Tue, 23 Jan 2024 21:13:06 GMT
X-FT-Origin: us
Connection: keep-alive
Content-Length: 114652
Last-Modified: Thu, 09 Mar 2023 21:49:34 GMT
Server: Flashtalking (AKA)
ETag: W/"795316ba5b57291013ae32d045521d5f"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1134
X-Varnish: 829035237 825788189
Accept-Ranges: bytes
Expires: Tue, 23 Jan 2024 21:32:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 9BD1 1 B
283 B 48ms
47ms Fetch
text/plain 130.211.115.4

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=sesLOYuaasIBNosmaxXFUvBYYvyLLzAv-FE7fPshldVTqKD4Q033MFErD-E03BOs1jalvrMA==&pm_ct=328b86a35ce923ef7249abd4&pm_pl=1706044385435&pm_td=636&pid=1000925&en=1.1&callback=__pm_glbl_wf2nHWLLXl7Xsl2nbEdPgMpS._gc4&tt=g&v=0eaac4d
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225407&l2=AdobeAdCloud&l3=8026171&l4=4251820&l5=&l6=&utid=0B91DC0F-7B13-FDA9-FE97-C8213694DECE&creative_type=display&adid=ftdiv8026171&pub_app=&pub_domain=lolwot.com&uid=&cb=864987.6402238467&pub_ts=1705021696&121917413
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Tue, 23 Jan 2024 21:13:06 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: secure.flashtalking.com
URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.buzzstormer.com/	1970-01-20 17:54:06	Name: __cf_bm Value: tUnrNYuigCxOpjEfwR8yGTAFPdRdrOfPILTzBE9f3bM-1706044380-1-AXtlLC82uWfanJoOISdE0liyfgIztvpAxbLSXQxtLfTggsh/xR0EMBbbD6ubX7MgebVGVars47dj6L253LDru/A=
.doubleclick.net/	1970-01-20 22:13:16	Name: APC Value: AfxxVi4ns2mJWdHnwnGNRSxjDJNwq5OlDNirYewiE4wDLoB89VqwPg
.doubleclick.net/	1970-01-21 03:30:04	Name: IDE Value: AHWqTUk4QJT977dKUkWjW8beN64cACzrFWtn75fLB4aBqs864Cm1eYEjyUWguOu2xWw
.flashtalking.com/	1970-01-21 03:23:28	Name: flashtalkingad1 Value: "GUID=586668D76DFBBB"

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: about:blank Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7820916800218761&output=html&h=600&adk=3209154675&adf=4043039345&pi=t.aa~a.4236442960~rp.1&w=160&fwrn=4&fwrnh=100&lmt=1681580591&rafmt=1&to=qs&pwprc=3548874890&format=160x600&url=https%3A%2F%2Flolwot.com%2F10-easy-methods-to-make-extra-cash&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&adsid=ChAI8JbpoQYQovec5bemwthEEjkA0C3Uu2lj9FQlGvNcbRllwO4ioXd7JE9N70O1w3XQFcx8mwkS6U5t965cTg5SIb3He5l6-Y41SJE&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTEyLjAuNTYxNS44NiIsW10sZmFsc2UsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTEyLjAuNTYxNS44NiJdLFsiR29vZ2xlIENocm9tZSIsIjExMi4wLjU2MTUuODYiXSxbIk5vdDpBLUJyYW5kIiwiOTkuMC4wLjAiXV0sZmFsc2Vd&dt=1681580591901&bpp=2&bdt=1456&idt=-M&shv=r20230412&mjsv=m202304110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Df317d07e87cadccd-22695f1c2cdf0037%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MaEWlPUVUPYq5s3pqrqa_CEFOTxZw&gpic=UID%3D00000bf4db70eedd%3AT%3D1681580591%3ART%3D1681580591%3AS%3DALNI_MYWa1x1dCyxlZJJKDRzuXIi5YLiFA&prev_fmts=0x0&nras=2&correlator=1724404121286&frm=20&pv=1&ga_vid=351234906.1681580587&ga_sid=1681580591&ga_hid=1124025909&ga_fc=1&u_tz=330&u_his=1&u_h=864&u_w=1536&u_ah=824&u_aw=1536&u_cd=24&u_sd=1.25&dmc=8&adx=175&ady=1052&biw=1519&bih=754&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31073770%2C44788443&oid=2&pvsid=232731587555987&tmod=1357422795&uas=0&nvt=2&ref=https%3A%2F%2Fwww.google.com%2F&fc=1920&brdim=0%2C0%2C0%2C0%2C1536%2C0%2C1536%2C824%2C1536%2C754&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&jar=2023-04-15-12&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=1Vv6r9uXdy&p=https%3A//lolwot.com&dtd=6 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad-events.flashtalking.com
ad.doubleclick.net
ads.us.criteo.com
agen-assets.ftstatic.com
ajs-assets.ftstatic.com
buzzstormer.com
cat.va.us.criteo.com
cdn.flashtalking.com
cdnjs.cloudflare.com
code.createjs.com
csm.us.criteo.net
d9.flashtalking.com
data.ad-score.com
displayf-tm.everesttech.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.us.criteo.net
js.ad-score.com
pagead2.googlesyndication.com
plausible.io
playtime.tubemogul.com
rtb-lb-event-dx-adcloud-prod-us-east-1-tm.everesttech.net
rtb.da.us.criteo.com
s0.2mdn.net
secure.flashtalking.com
servedby.flashtalking.com
stat.flashtalking.com
static.criteo.net
statsf-tm.everesttech.net
tpc.googlesyndication.com
trkrcom.com
www.googletagservices.com
secure.flashtalking.com
13.226.34.100
130.211.115.4
141.193.213.11
142.251.41.6
151.101.130.49
151.101.2.49
18.154.227.73
23.192.41.210
23.56.162.52
2600:141b:e800:2a::1721:2c86
2600:9000:261f:a600:a:deb0:3380:93a1
2606:4700:3037::6815:5870
2606:4700::6811:190e
2607:f8b0:4006:806::2002
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::2003
2607:f8b0:4006:80e::2002
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81d::200a
2607:f8b0:4006:822::2006
2620:100:a001::16
2620:100:a001::24
2620:100:a001::4
2620:100:a001::9
2a02:6ea0:c454::1
3.211.194.210
44.215.176.30
54.163.100.58
72.21.81.64
74.119.118.147
74.119.119.147
01a2348949706ad765480e79b0a3403a050a34dfdb8df4f627bb5294fe099e31
01a6d44f7420fa491c7af252f08b57de4ac1c9cdae68032fcec67c304719e604
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
035c8608c67dff282950cdfeb41ad77bdfefd86b6405b7a98876401082a774ca
03faea081300341c1ec3959c72d2b53b75562ee9870a3020829e2b1f14683c5d
0447bf29a5ed62229ecd855d49a43e0999d2cf3927037087dcea341d89cc0910
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a814a3ed70bdbaad9012f811b5a4e764fddcfd2e5655479690f0f24d91966e4
0a935bcb26d17b1f20321b7c5e101597e8288c386b3e007778b5675a3fd032ef
0c84928e13854d7e66b948664a95f52ea23c3c30630fba6ceb2dec238ea17b5f
0cb8cc3fee4275e182236ab19c3aae55274f43aa0ffde9c0510d8d59fcf8e5dc
14376c90b1f807adf65110e16fccb21e57f814a8ba20ef658841aade579a3c45
1aa2bff23635960c962d55382102b8ede80d3d231c7c7ed2602627445fa12c98
2187439774ebd6e0d1f4c1b6a100a34f6bd6f28a90bd48d50b894b9b92651e57
228d6f118f951f8685da56ca4b71cb1a0438a529ae37a8b86e5358e2f3beb79f
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2b3fcab0b897a5fdf81ea0a1b01d80802e01544c22fb738fe6365688b9233579
2c9bf103d6fb9a7d944d279020119f7da3ba39d7ca436a07f55e87facdeb3a41
2f719d34d3d7420ad540758d502a29633213bceaa985ea2df545aa60dc7e8758
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3471c118eac0fd59fedb1ed32ab04e856fc5e331f4742038a35671b5d2a7b2c7
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
492a94d56b0404cdd13b6bbebe7deb24d41e198a62979ab05b568eea69c271f5
4acc7ff03019c152c16ddbbe3e5fc6e351fbbebbdc5824d7f898f33846caf066
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fbbee18d3f1f9a098c4504eb826dffb62f7e2536d7ac81420900d6d6cca846b
51986bfbad1a0c3bf7ba11f8768172d6477ba7dfa77aa59a844191cf918b603c
555016c115381b38b129ad36159faa3a8873021eb768403c828321122e61dbf7
566000795ea211af6ca766f166e903289a96d2dcab90654997f5f8d2bb94a989
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
625152d270ca31a0c26f7f1215d453c1590d752be20f254aaf26a3abf4f5b64d
657f82dba7d6431f1601c073a565332d97b9429d1c5093131f1a500637607a45
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
686e660739424dd896e22f46622a30e963c89df24864933df2a586ebfd5cacfa
6912f7388531e949bd5406b5668cd6b55fea4cc7e2d123dbaed489054dd98438
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6a95f465dfc8a6c6476a2b5c1259b8af885039129d80c71cbb6fd5181b97b13a
6a9b4b9c89d9f9c260299549612af3ccf2962149c239c66fc4fb83900c1615f6
6aafa767dbb03c6088b1c5fb34d65e50ec40388c77b2d6460330e7469832426e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0ad345a13efc7c9874a0502135bfbb599c0397b366e1ddae817c7d93a11038
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7645301e70aba97534c220311f2612c8aed531493ef8844211f2c294e8ffd65b
811b6e679ed2a18fb5696054a5386869bef195c0dcdd045f623dc19530216741
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
909a75e03f7fab31955917653fd5f39871e10b0da781ac8c1808e10ae5a37440
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96ea11f0396cec62f5c20e6a49b719359e3030150c73ef12c15531b8e9bebd4b
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9aeb13e1bb386a4538794616f85d1f5f995abb63f3e3566cc54015171e9e4986
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8a24d49b555dc6f18bcdb6c270e3c575611bc45a2c35952cd5e20ef89075e50
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b1152f08180483780c03c12cdb60aa8d90e3436412b0905609a8a7e4bd41f9e6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
c16f06e6edabd22d2c5c9d9b87260eca6faf706400dea89876de323480750489
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c66974170914676bcda77d5f5087dba48899a24cc38d3fe3be1c6b6da33d2cbe
c6d8d5a3b5915c145fca94fd00a881bbe941d591525725af8583b111a7006a21
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
c8398e3a12c77db0695fb66a0b180d4492ccfe268435a59abdb9a056bbbf92a8
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d5dc8f0e43d36678bfec4beb79ea87672a4d127693e591f8cc31e43c273c3f5d
d7f88777bbd8cb7b6e993e1efc280e971f783389a15b2848fda9e9a6b3943622
df1f7909dd56c7d6b1ddc66684ff91e8f064b23b9e0247748df67f56b5b95c20
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3669542290f85c170b0d00b97e6bfbe89d45da68d507da531cea040dcef44c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e60c8c6f1840281a10ac3ae4f7c91c634c86465a5e49810f09ee9e2343261711
e9fdc188060ed6e1f88c478d14ec18de88aa08f8a04920a03c707b158b91bb41
ec9052d8748086849ee85660f196dfc094a1a2e688b6f37ede36fb75e2b8d331
ee0919ad2985025ead5321f5f125c138ec80dbf6037c35402e2b37ff4eb37c31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa7044b61673336fe621b90c74f48402854cde97bac5256680d8fadb8359510
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f7d8ba3f70422ccb7ae935a2eec8300a0d50eae89c28d6f8f8b607947e592725
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

buzzstormer.com Open in urlscan Pro 141.193.213.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

126 Requests

87 %HTTPS

52 %IPv6

18 Domains

33 Subdomains

32 IPs

1 Countries

1623 kBTransfer

3980 kBSize

4 Cookies

0 Outgoing links

Redirected requests

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

buzzstormer.com Open in urlscan Pro
141.193.213.11 Public Scan

Screenshot
Live screenshot

Full Image

126
Requests

87 %
HTTPS

52 %
IPv6

18
Domains

33
Subdomains

32
IPs

1
Countries

1623 kB
Transfer

3980 kB
Size

4
Cookies

126 HTTP transactions
10 data transactions