qa.elbwaba.com Open in urlscan Pro
50.87.253.242 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://anunsco.com/
Effective URL:
https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023
Submission: On October 28 via api (October 28th 2022, 12:40:46 pm UTC) from US — Scanned from US

Summary HTTP 104 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 16 domains to perform 104 HTTP transactions. The main IP is 50.87.253.242, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is qa.elbwaba.com.
TLS certificate: Issued by R3 on October 10th 2022. Valid for: 3 months.

This is the only time qa.elbwaba.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	199.188.200.212 199.188.200.212	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2606:4700:303... 2606:4700:3032::6815:55c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
13	50.87.253.242 50.87.253.242	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:310... 2606:4700:3108::ac42:2b38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2002	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
3	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
3	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
21	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2620:100:a001::a 2620:100:a001::a	19750 (AS-CRITEO) (AS-CRITEO)
5	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
3	2607:f8b0:400... 2607:f8b0:4006:81c::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:820::2003	15169 (GOOGLE) (GOOGLE)
104	21

1 199.188.200.212 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: host17.registrar-servers.com

anunsco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:55c4 (United States)

ASN13335 (CLOUDFLARENET, US)

ois.is	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 50.87.253.242 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box2225.bluehost.com

qa.elbwaba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b38 (United States)

ASN13335 (CLOUDFLARENET, US)

cryptomaniaks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:816::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:100:a001::a (United States)

ASN19750 (AS-CRITEO, US)

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	criteo.net static.criteo.net — Cisco Umbrella Rank: 658 pix.us.criteo.net — Cisco Umbrella Rank: 2469 csm.us.criteo.net — Cisco Umbrella Rank: 2441	168 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	340 KB
13	elbwaba.com qa.elbwaba.com	109 KB
9	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 5245 ads.us.criteo.com — Cisco Umbrella Rank: 2398 cat.va.us.criteo.com — Cisco Umbrella Rank: 2708	132 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	41 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 71	2 KB
3	gstatic.com fonts.gstatic.com	80 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	2 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	14 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	141 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 869	329 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	346 B
1	cryptomaniaks.com cryptomaniaks.com	22 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	77 KB
1	ois.is ois.is — Cisco Umbrella Rank: 360028	712 B
1	anunsco.com anunsco.com	447 B
104	16

	Domain	Requested by
21	static.criteo.net	ads.us.criteo.com
13	qa.elbwaba.com	www.google.com qa.elbwaba.com
10	pagead2.googlesyndication.com	qa.elbwaba.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net anunsco.com
7	pix.us.criteo.net	ads.us.criteo.com
5	csm.us.criteo.net	ads.us.criteo.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	cdnjs.cloudflare.com
3	cdnjs.cloudflare.com	ads.us.criteo.com
3	cat.va.us.criteo.com	ads.us.criteo.com
3	ads.us.criteo.com	googleads.g.doubleclick.net
3	rtb.va.us.criteo.com	googleads.g.doubleclick.net anunsco.com
3	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	www.google.com	ois.is tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	cryptomaniaks.com	qa.elbwaba.com
1	www.googletagmanager.com	qa.elbwaba.com
1	ois.is	anunsco.com
1	anunsco.com
104	22

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
*.ois.is E1	`2022-08-31` - `2022-11-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
www.qa.elbwaba.com R3	`2022-10-10` - `2023-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
cryptomaniaks.com Cloudflare Inc ECC CA-3	`2022-04-19` - `2023-04-18`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-08` - `2023-01-09`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-30` - `2023-01-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-28` - `2022-11-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023
Frame ID: D37FD2BFE938B2A3E60BB4CB434122DE
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html
Frame ID: 19D7D0294253AC675F40D9896C8703BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&adk=1812271804&adf=3025194257&lmt=1666960840&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.elbwaba.com%2F48%2F5-best-ways-to-buy-bitcoin-in-2023&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666960840767&bpp=3&bdt=309&idt=160&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7186314629900&frm=20&pv=2&ga_vid=1819449926.1666960841&ga_sid=1666960841&ga_hid=1537148362&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C44770880%2C44775016&oid=2&pvsid=1859984389440479&tmod=1536650461&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=193
Frame ID: CD67317374791E15A10BD9052E3A82AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666960840&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F48%2F5-best-ways-to-buy-bitcoin-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666960840770&bpp=3&bdt=311&idt=195&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7186314629900&frm=20&pv=1&ga_vid=1819449926.1666960841&ga_sid=1666960841&ga_hid=1537148362&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C44770880%2C44775016&oid=2&pvsid=1859984389440479&tmod=1536650461&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uTCpS8HzZ7&p=https%3A//qa.elbwaba.com&dtd=206
Frame ID: D215AF70736432CA06CB15CB26D758C0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666960841&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F48%2F5-best-ways-to-buy-bitcoin-in-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666960840774&bpp=2&bdt=316&idt=219&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7186314629900&frm=20&pv=1&ga_vid=1819449926.1666960841&ga_sid=1666960841&ga_hid=1537148362&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C44770880%2C44775016&oid=2&pvsid=1859984389440479&tmod=1536650461&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ehTSSm1HBJ&p=https%3A//qa.elbwaba.com&dtd=231
Frame ID: BA0B009B3CA1A46ADA4CF1E57D3FAC72
Requests: 6 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y1vNyQAAUKIE0bWRAALOwsFYPBLdPSVfm2msDQ&u=%7CYUTbT5ClgBbrOZRWPAUuc0D9mkmzmi8igdWkKuipXe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92McXv0IAiEpPt43uNF4ZcitEYDvgt2VJmIiFkvmndNCmgJgTQLF9vMDMWmoTep1GcJt58cANQWQ2RQN-GTvLAQCDFRhNdOEPJQAvzSoTmdZPt5vKgvCTnJFrjK2aK8Cd4imRBeHgphXwMohbCl37MzrUNQ0F2sdofcjjAHxJYjy1gSMtJA_S96CwHcGlqW3viQi0-zLfXdmHgwLg4WQmaB8acCLu1t4tt2T_v6bdswlgkMBMVh-Jjfvf2Qd9an3sl3FsPqRDK4Fo3uBkpWfFHR4uWEBNJM8m0W9T8JvNRxq7o3XnDKhMHBY0772dZWQahq50XLS6GN7MhT0Fs0YZ8u5vXKJx8brDoM4rgdEZWNxsXHgxG8wkbv5mM2syw0NBsUEyz0486-vfEkf3TE82gtGHVPSNig_avB72PU8-Cb4ejLvApRjgUEIVJgYO94WfLd-_pre8SS7Bepz1HwtHfsoh4urXw51xHSQtbTu1dO6m9xF16I6_PVWlmuD4_uAp703Tbm7Lh98_cFJcw7vUGR77fdA6ET8Vk1aD1Gk80ChdIipu5N_SO6g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxXONyc1bY6KhAZHrxtYPwp2LyA-cge-wXLKaqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTEyNDI2MzYxMzIyMjY0MMgBCagDAaoE2wFP0LqP4u9R00x7olU5CNArU9M33IxdvaQlkxhiNCB_tZn9XWV9PXoNrN_8Qi01wj7bzd2J_rPV3gEVlUsm5bLd_E8gNdk0zoUZJDzEeCO0DRNc2C-d7pDYnsmygIYbME4q_MXi18n8PWxy7Ama0s62qrFsiOdJHdRVfKw20FrltnWf5i7H5V4T13nD60cEi7_73z3qIvRrgqgW0plTOZOp0UR4RPhPbM4p17f62K7L5K0ET0t9USYmL9bCJ8KoXKS0fkcNTuI9WjEsoMCShvYJgoy5KVU3I8F-EweABsfV-PSTnoC9FKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1yIxO9cH0P6mXig9Weh9qOSDKGkA%26client%3Dca-pub-1124263613222640%26adurl%3D
Frame ID: E3CD099999396569C8DD532997DD2083
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6FFD68DB0A50E8D62CEA73592678DE16
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y1vNyQAATJME0amGAAlrDNcP9_IdJx3paIys_Q&u=%7CYUTbT5ClgBY%2BsdFkIqaqcML8UiLY3zgybYyVVF%2F6CzY%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92McXv0IAiEpPkn5j-Tr6rYQKR_T_fBzp9uMqmIwCrz9YxbMyNS02222yvt8DL50bTXqoW3xW2hptKGkh-QcAp69Azt2vp8vThYTEpCqsNYAl-yHmKIXHD9HNOAfq3RsJstf98A4PWGT_olqmOjPlDtW-zt68vFhR5l-KLAzFvxqPFCv_kP_OU4hmW41ZYgWgOwJEvSOPMYbVIQsYGBpx4hbVvj4FHYYOd9S2rpB2e5nRvyADy3Fn6HLNUdft7XzAkKqPl_4BSEHHGHnPPIerIXyA1WvYG8Jt49-I-JJHERmeHYJyOAy27sRxr2M3HoBkg47r3jYAoh3i52pc8XKnvQHel5wGO-0r0E5uKqnJDXKl4DgduVE836njCIeJhvSjC0j9dg1d6NOs5rHsXnDYUjIdjn7_irZh-YfAwUGP03gVrp50deB7wbtjsJW_ICayRT0rCU1fgYW1rI8uqEy-9vq6ZKmUjNZCRbt6eOvxTUUvaQToajUX4Dz4srqjJDfqNAFw8V1CyGQbm5fxcD5EXKEpzllQMM5lakLhK5shn6Eoqxd55J5f3ijTJr_R3KRX9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpoQyc1bY5OZAYbTxtYPjNalwAKcge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTEyNDI2MzYxMzIyMjY0MMgBCagDAaoE3gFP0LfB_0JSw7hMNKv4zMpwfl927awq-p4QQM9JhomVLyZTS_mzhrpD-NldsnaZq0HplFdMbBULuISRlEsW5m42thJ16xHNQyiIYzLH2fT3vxyWrzBsPEXcs-GUHDw2K-DzhuXU5L1xB3E1pRHfHoQwn7FDkEDji-P0DhgE7behdiiXHQXEtrLnQNDXSVvZhFEG6WrX9RgV0P8SuT2yyeCCTTolMEeGJKG6t4wUtIR5yqui5xl5KNZ9kv6GUV3uu5oLXKbBInGRchVfm6xZFGZ2NWRiRfbFUlL1hNhVJeKABsfV-PSTnoC9FKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_14CCDvynUp0vaK1USYWYtcbBMAVQ%26client%3Dca-pub-1124263613222640%26adurl%3D
Frame ID: 79EA3CDF99555973B7002000A2B36739
Requests: 17 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y1vNyQAAw_4E0bDSAAR8wLwnZMkr4xRdLO2MLw&u=%7CYUTbT5ClgBbfECGHTp%2BbwCsz9hbFwyYc%2FDYe83W59js%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-pdBd4Yn-iAyg0RfPc5NXLXF37ShTWqW3RZnNua5tm5ARR2bNoIRASRydqQ1H9QITZENADbZUio5WydBclWoXCMJXww0Fu15rvP4h8IabvkdlBaMi286crlk3rKZvf9DPuYHdfxPq-OsrgOXHXUVeTvdZX-CrlNYWLnrg0XMCsrySZNRoBVgL8L1adbSFtB2hua9KOSZoe6CRZnly9gMJu54qyWORPgYYjyNUt19bBo66XKhF6_BajLlPvdHQefgocZdcnNGuHphObDmzoN6y-VYYGNrp1LBVs6CuKlHbDAun0tJ-flkB7eTBzKnM0eArTSkUBXpxYfH1G7keq5BTnICykpLnQxJYaZlAX6kISiMsoTshdT4g9i33_7a2Bjpb0fGxGLkqeiNaaXDbik5VGzEM7QNEIJUY6LaeEqtaki9aSVOGzMFIpPYuTPf_FN6u0xcEliYdD-Hz2QjoXrBaWGE8wSeWjesUCOWO87xiifHBLw--MnCM2OPvgIev35-u2nRRfk_PyEBDdYmRVJq7E4HMMjBdaU58vkhKu9wcaWIa6xEZ1OWpN4grbxBq29_aCggy7lR9l_RUsEuHPKD2UloKGVCwRGNh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV1TQyc1bY_6HA9LhxtYPwPmRuAacge-wXNqkqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTEyNDI2MzYxMzIyMjY0MMgBCagDAaoE4gFP0KgdRwTF_a1G6vdxKGdNc7F2ip_oW3G7g54VuWAcX4ImwuZ9g9h7sRNiyR3qlmuGwC6DjuljRFdDWLQivvsHFDx6dganL9Wykmp_IoQcBlEFrLLYu_HyW2fIPkmLTYiUuK4AskhJZk-mV8YgW_cLnueunv46EQdrXxA7-5WZscXots1ah1RCu9rL5s5l9O7uBy1HqurJYDco9KKLuP0WGDErHYejn7KX6sv_L_3pAU0n9F43pRm9BBuKQpuhhrx5h7y6LJQHt83ET9P5Qd4rscC2c5L6W9wwjuB61m83Tyt8gAb6-IW5guLwtOkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3YHnXoZJTMxq0jxnVmGFOdiDRLgg%26client%3Dca-pub-1124263613222640%26adurl%3D
Frame ID: 169397733A11326AD93006F626CB0CB4
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 554F13B53AC26F2685CBCD1C90703C1F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 92FF81B27011DB37D8AFB43D040ED88E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

5 Best Ways to Buy Bitcoin in 2023 - Top Crypto

Page URL History Show full URLs

http://anunsco.com/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.elbwaba.com/48/5-best-ways-to-buy-b... Page URL
https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023 Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

104
Requests

99 %
HTTPS

85 %
IPv6

16
Domains

22
Subdomains

21
IPs

2
Countries

1131 kB
Transfer

2733 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://anunsco.com/ Page URL
https://ois.is/images/logo.png Page URL
https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023&ved=2ahUKEwiDmK7fpff6AhXvXvEDHXaDDIkQFnoECAsQAQ&usg=AOvVaw1ZDRGi8_yscqB-37uioaO1 Page URL
https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

104 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
anunsco.com/ 357 B
447 B 408ms
181ms Document
text/html 199.188.200.212
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: http://anunsco.com/
Protocol: HTTP/1.1
Server: 199.188.200.212 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: host17.registrar-servers.com
Software: Apache / PHP/7.4.32
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-length: 241
content-type: text/html; charset=UTF-8
date: Fri, 28 Oct 2022 12:40:39 GMT
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/7.4.32

GET
H2 200 logo.png
ois.is/images/ 473 B
712 B 395ms
351ms Document
text/html 2606:4700:3032::6815:55c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ois.is/images/logo.png
Requested by: Host: anunsco.com
URL: http://anunsco.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:55c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://anunsco.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7613bdc04baac46b-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 28 Oct 2022 12:40:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3FiFfIohURECpamN3nv7LrbpS4%2FcnulRDVxOtOzNwoTC%2BCNwGbfaKga2C8lmMp6zgVArBsixCjkZ%2FfNv4X96jsX9SGiBzfTUKCSPmmfEuPKsrY5qajr8AtLbdJK0ML2xbrxTyU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET
H2 200 url
www.google.com/ 992 B
1 KB 55ms
36ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023&ved=2ahUKEwiDmK7fpff6AhXvXvEDHXaDDIkQFnoECAsQAQ&usg=AOvVaw1ZDRGi8_yscqB-37uioaO1

Requested by

Host: ois.is
URL: https://ois.is/images/logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://ois.is/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 497
content-type: text/html; charset=UTF-8
date: Fri, 28 Oct 2022 12:40:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request 5-best-ways-to-buy-bitcoin-in-2023 Show response
qa.elbwaba.com/48/ 47 KB
16 KB 299ms
100ms Document
text/html 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&source=web&rct=j&url=https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023&ved=2ahUKEwiDmK7fpff6AhXvXvEDHXaDDIkQFnoECAsQAQ&usg=AOvVaw1ZDRGi8_yscqB-37uioaO1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: 62d8c46bf1d13e87c13aea2c81ab2679b72ecc686a54238c66f9d4f5ec82f276

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 15973
content-type: text/html; charset=utf-8
date: Fri, 28 Oct 2022 12:40:40 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
pragma: no-cache
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
x-nginx-cache: WordPress

GET
H2 200 qa-styles.css
qa.elbwaba.com/qa-theme/SnowFlat/ 70 KB
18 KB 73ms
72ms Stylesheet
text/css 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 21 Apr 2021 04:04:58 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: Sun, 27 Nov 2022 12:40:40 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
qa.elbwaba.com/qa-content/ 87 KB
38 KB 136ms
135ms Script
application/javascript 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.elbwaba.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 21 Apr 2021 04:04:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
expires: Fri, 28 Oct 2022 18:40:40 GMT

GET
H2 200 qa-global.js Show response
qa.elbwaba.com/qa-content/ 20 KB
7 KB 72ms
71ms Script
application/javascript 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.elbwaba.com/qa-content/qa-global.js?1.8.6
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 21 Apr 2021 04:04:56 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7211
expires: Fri, 28 Oct 2022 18:40:40 GMT

GET
H2 200 snow-core.js Show response
qa.elbwaba.com/qa-theme/SnowFlat/js/ 2 KB
1 KB 70ms
70ms Script
application/javascript 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Wed, 21 Apr 2021 04:04:58 GMT
server: Apache
vary: Accept-Encoding
x-endurance-cache-level: 2
content-type: application/javascript
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1047
expires: Fri, 28 Oct 2022 18:40:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
77 KB 46ms
27ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TM8RE8VEQ7

Requested by

Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8a5bb5b6c206456e6fe908e8055e47f6b4ddf88d3415d7fb2e4564fb12f340c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78448
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Oct 2022 12:40:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 167 KB
54 KB 91ms
60ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2279ed439e34f468a0e87fa5695349f1b3571f4292391348f230e82a430cae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55156
x-xss-protection: 0
server: cafe
etag: 8718952229830199176
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 12:40:40 GMT

GET
H2 200 americans-and-bitcoin-3-compressor_1.png
cryptomaniaks.com/sites/default/files/pictures/ 21 KB
22 KB 66ms
36ms Image
image/webp 2606:4700:3108::ac42:2b38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cryptomaniaks.com/sites/default/files/pictures/americans-and-bitcoin-3-compressor_1.png

Requested by

Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df542fea394490d468c5e3a326077da936f69c11401dbe97c40aedf19f6a0f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN, SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 350444
cf-polished: origFmt=png, origSize=27554
content-disposition: inline; filename="americans-and-bitcoin-3-compressor_1.webp"
content-length: 21986
cf-bgj: imgq:100,h2pri
last-modified: Mon, 17 Feb 2020 05:01:12 GMT
server: cloudflare
etag: "6ba2-59ebe71b1b600"
vary: Accept
x-frame-options: SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
content-type: image/webp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adKoAPcYnv6ZfcgbNoVUp79wE0e3gbnnz6cBZsjHxnA0GUKnvPr0kymXPA7KMHQP%2B3wX0%2FbgDbb3%2Bq%2BrQf%2B9oxirZsGjhm%2BNMwlgZxpD50dJBzlxOD16SK0rUcv764OCpJ4zIiXBYVFzw8HDdZ2m"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7613bdc60ecd78df-EWR

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
55 KB 69ms
46ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1124263613222640

Requested by

Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/48/5-best-ways-to-buy-bitcoin-in-2023

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc5c97917f6d0c87d919648a087dc3e5f278f6bafa9b5ca6ee6410ccb2535dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Origin: https://qa.elbwaba.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55373
x-xss-protection: 0
server: cafe
etag: 12879018522636990869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 12:40:40 GMT

GET
H2 200 vote-buttons-3.png
qa.elbwaba.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 69ms
66ms Image
image/png 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
x-nginx-cache: WordPress
last-modified: Sat, 01 Aug 2020 04:52:10 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1457
expires: Sat, 28 Oct 2023 12:40:40 GMT

GET
H2 200 fontello.woff
qa.elbwaba.com/qa-theme/SnowFlat/fonts/ 7 KB
7 KB 71ms
67ms Font
font/woff 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://qa.elbwaba.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
x-nginx-cache: WordPress
last-modified: Tue, 26 Jul 2016 07:31:58 GMT
server: Apache
x-endurance-cache-level: 2
content-type: font/woff
cache-control: max-age=21600
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7200
expires: Fri, 28 Oct 2022 18:40:40 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
346 B 40ms
18ms Ping
text/plain 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-TM8RE8VEQ7&gtm=2oeaq0&_p=1537148362&cid=1819449926.1666960841&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666960840&sct=1&seg=0&dl=https%3A%2F%2Fqa.elbwaba.com%2F48%2F5-best-ways-to-buy-bitcoin-in-2023&dr=https%3A%2F%2Fwww.google.com%2F&dt=5%20Best%20Ways%20to%20Buy%20Bitcoin%20in%202023%20-%20Top%20Crypto&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TM8RE8VEQ7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:40:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://qa.elbwaba.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 answer-white.png
qa.elbwaba.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 69ms
68ms Image
image/png 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Jan 2019 06:08:24 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2867
expires: Sat, 28 Oct 2023 12:40:40 GMT

GET
H2 200 answer-select.png
qa.elbwaba.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 66ms
65ms Image
image/png 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Jan 2019 06:08:24 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1831
expires: Sat, 28 Oct 2023 12:40:40 GMT

GET
H2 200 link-white.png
qa.elbwaba.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 67ms
65ms Image
image/png 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Jan 2019 06:08:24 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3026
expires: Sat, 28 Oct 2023 12:40:40 GMT

GET
H2 200 comment-white.png
qa.elbwaba.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 65ms
64ms Image
image/png 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Jan 2019 06:08:24 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2906
expires: Sat, 28 Oct 2023 12:40:40 GMT

GET
H2 200 search-icon-white.png
qa.elbwaba.com/qa-theme/SnowFlat/images/ 1 KB
1 KB 68ms
67ms Image
image/png 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Jan 2019 06:08:24 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 1412
expires: Sat, 28 Oct 2023 12:40:40 GMT

GET
H2 200 spinner-icon-14x14.gif
qa.elbwaba.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 67ms
66ms Image
image/gif 50.87.253.242
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qa.elbwaba.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: qa.elbwaba.com
URL: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 50.87.253.242 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: box2225.bluehost.com
Software: Apache /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
x-nginx-cache: WordPress
last-modified: Tue, 15 Jan 2019 06:08:24 GMT
server: Apache
x-endurance-cache-level: 2
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7781
expires: Sat, 28 Oct 2023 12:40:40 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/ 353 KB
116 KB 83ms
83ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f27dcfa2118578da7fde244daeb191fcdd0641d84c16fd08fe216c45d2bc2172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118736
x-xss-protection: 0
server: cafe
etag: 11925551942716203442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 12:40:40 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/ Frame 19D7 10 KB
5 KB 27ms
5ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 05:23:55 GMT
etag: 9671129459699598864
expires: Fri, 11 Nov 2022 05:23:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
329 B 22ms
21ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=qa.elbwaba.com&callback=_gfp_s_&client=ca-pub-1124263613222640&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79eadc6d701b906a56ce4a1ffdd0aedfb6a7b1ab0287649e4bf8c2139bf36747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 91ms
32ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.elbwaba.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD67 36 KB
13 KB 385ms
364ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&adk=1812271804&adf=3025194257&lmt=1666960840&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fqa.elbwaba.com%2F48%2F5-best-ways-to-buy-bitcoin-in-2023&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666960840767&bpp=3&bdt=309&idt=160&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7186314629900&frm=20&pv=2&ga_vid=1819449926.1666960841&ga_sid=1666960841&ga_hid=1537148362&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C44770880%2C44775016&oid=2&pvsid=1859984389440479&tmod=1536650461&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=193

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4be36dedc7f46d62bd569f0f7e00cea716efb6567bec5ffb2c0b38e8502dbbd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13139
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:40:41 GMT
expires: Fri, 28 Oct 2022 12:40:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D215 23 KB
10 KB 403ms
392ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666960840&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F48%2F5-best-ways-to-buy-bitcoin-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666960840770&bpp=3&bdt=311&idt=195&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7186314629900&frm=20&pv=1&ga_vid=1819449926.1666960841&ga_sid=1666960841&ga_hid=1537148362&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C44770880%2C44775016&oid=2&pvsid=1859984389440479&tmod=1536650461&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uTCpS8HzZ7&p=https%3A//qa.elbwaba.com&dtd=206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

419ba1d9514b8e22ec6958c906b6da8259721f452ada8946ecb53cbeecebddb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9849
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:40:41 GMT
expires: Fri, 28 Oct 2022 12:40:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA0B 23 KB
10 KB 717ms
710ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666960841&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F48%2F5-best-ways-to-buy-bitcoin-in-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666960840774&bpp=2&bdt=316&idt=219&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7186314629900&frm=20&pv=1&ga_vid=1819449926.1666960841&ga_sid=1666960841&ga_hid=1537148362&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C44770880%2C44775016&oid=2&pvsid=1859984389440479&tmod=1536650461&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ehTSSm1HBJ&p=https%3A//qa.elbwaba.com&dtd=231

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae9db2ed7002ff2feff57d947edcea41fbe46040921b911eede2ef9509e58e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9852
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:40:41 GMT
expires: Fri, 28 Oct 2022 12:40:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/ 151 KB
51 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85c3fcfe1d3e689f99bb692c9605844636a257132a60b07dda75e39a1d6887ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52350
x-xss-protection: 0
server: cafe
etag: 4118288465248158473
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 12:40:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D215 3 KB
1 KB 80ms
9ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666960840&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F48%2F5-best-ways-to-buy-bitcoin-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666960840770&bpp=3&bdt=311&idt=195&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7186314629900&frm=20&pv=1&ga_vid=1819449926.1666960841&ga_sid=1666960841&ga_hid=1537148362&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C44770880%2C44775016&oid=2&pvsid=1859984389440479&tmod=1536650461&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uTCpS8HzZ7&p=https%3A//qa.elbwaba.com&dtd=206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:15:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 05:15:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame D215 17 KB
8 KB 79ms
8ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:15:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 05:15:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D215 153 KB
47 KB 34ms
33ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 12:40:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D215 0
0 114ms
113ms Fetch
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9Mv8yc1bY6KhAZHrxtYPwp2LyA-cge-wXLKaqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTEyNDI2MzYxMzIyMjY0MMgBCagDAaoE2AFP0LqP4u9R00x7olU5CNArU9M33IxdvaQlkxhiNCB_tZn9XWV9PXoNrN_8Qi01wj7bzd2J_rPV3gEVlUsm5bLd_E8gNdk0zoUZJDzEeCO0DRNc2C-d7pDYnsmygIYbME4q_MXi18n8PWxy7Ama0s62qrFsiOdJHdRVfKw20FrltnWf5i7H5V4T13nD60cEi7_73z3qIvRrgqgW0plTOZOp0UR4RPhPbM4p17f62K7L5K0ETwl_cbSN3V_C5EvF0E_O94S6cso0dCnoOzPoDz-3nKChgIOmIwKABsfV-PSTnoC9FKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTExMjQyNjM2MTMyMjI2NDAYAA&sigh=EpwUWcIpD6g&uach_m=[UACH]&cid=CAQSGwDq26N9-8ItwgdiTTu_-QzCz-R34jN_TWxGCRgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666960840&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F48%2F5-best-ways-to-buy-bitcoin-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666960840770&bpp=3&bdt=311&idt=195&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7186314629900&frm=20&pv=1&ga_vid=1819449926.1666960841&ga_sid=1666960841&ga_hid=1537148362&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C44770880%2C44775016&oid=2&pvsid=1859984389440479&tmod=1536650461&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uTCpS8HzZ7&p=https%3A//qa.elbwaba.com&dtd=206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 12:40:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Oct 2022 12:40:41 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame D215 0
0 101ms
10ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kIfQEs36ROwFWuIinRcCAAAA-4gZodg3mIkQyM1bY4vKxfdbxN7ypPnUABIAAA&wp=Y1vNyQAAUKIE0bWRAALOwsFYPBLdPSVfm2msDQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 286302
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame E3CD 127 KB
43 KB 97ms
75ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y1vNyQAAUKIE0bWRAALOwsFYPBLdPSVfm2msDQ&u=%7CYUTbT5ClgBbrOZRWPAUuc0D9mkmzmi8igdWkKuipXe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92McXv0IAiEpPt43uNF4ZcitEYDvgt2VJmIiFkvmndNCmgJgTQLF9vMDMWmoTep1GcJt58cANQWQ2RQN-GTvLAQCDFRhNdOEPJQAvzSoTmdZPt5vKgvCTnJFrjK2aK8Cd4imRBeHgphXwMohbCl37MzrUNQ0F2sdofcjjAHxJYjy1gSMtJA_S96CwHcGlqW3viQi0-zLfXdmHgwLg4WQmaB8acCLu1t4tt2T_v6bdswlgkMBMVh-Jjfvf2Qd9an3sl3FsPqRDK4Fo3uBkpWfFHR4uWEBNJM8m0W9T8JvNRxq7o3XnDKhMHBY0772dZWQahq50XLS6GN7MhT0Fs0YZ8u5vXKJx8brDoM4rgdEZWNxsXHgxG8wkbv5mM2syw0NBsUEyz0486-vfEkf3TE82gtGHVPSNig_avB72PU8-Cb4ejLvApRjgUEIVJgYO94WfLd-_pre8SS7Bepz1HwtHfsoh4urXw51xHSQtbTu1dO6m9xF16I6_PVWlmuD4_uAp703Tbm7Lh98_cFJcw7vUGR77fdA6ET8Vk1aD1Gk80ChdIipu5N_SO6g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxXONyc1bY6KhAZHrxtYPwp2LyA-cge-wXLKaqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTEyNDI2MzYxMzIyMjY0MMgBCagDAaoE2wFP0LqP4u9R00x7olU5CNArU9M33IxdvaQlkxhiNCB_tZn9XWV9PXoNrN_8Qi01wj7bzd2J_rPV3gEVlUsm5bLd_E8gNdk0zoUZJDzEeCO0DRNc2C-d7pDYnsmygIYbME4q_MXi18n8PWxy7Ama0s62qrFsiOdJHdRVfKw20FrltnWf5i7H5V4T13nD60cEi7_73z3qIvRrgqgW0plTOZOp0UR4RPhPbM4p17f62K7L5K0ET0t9USYmL9bCJ8KoXKS0fkcNTuI9WjEsoMCShvYJgoy5KVU3I8F-EweABsfV-PSTnoC9FKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1yIxO9cH0P6mXig9Weh9qOSDKGkA%26client%3Dca-pub-1124263613222640%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

23b3ef8ec2f0ea1a98f6f81e030913b9deb1c00ff89af9ffd94f08c827a38876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:40:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=wnjO0OK-eG75ZGQWfJ9_XnF3pCGPR92rjQOZ_EkuXHExLH2Ll3ylhonKbhWC7E6ZUzKciO7dU5kQ9Apj2pdMM8Kd0_-aQPtok4RnS5dCTQoGqjy8o-IU1GM4oP_wWyWnOAExQIJbssFb-VeifuZmOVV-XrIud1HurZaMmaSjMaRxkMijTqY2vco0QCBJY11g8F1k0A4xtcI3ffzZrxURxet-jDuqOeVG69sokqgXZ7yivPLQURfA-ZWfMyBSjWvwUBjqyg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 58687185
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 44ms
25ms Script
application/javascript 2607:f8b0:4006:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=qa.elbwaba.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/ Frame 6FFD 10 KB
4 KB 9ms
9ms Document
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 65809
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4270
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 18:23:52 GMT
etag: 9671129459699598864
expires: Thu, 10 Nov 2022 18:23:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6FFD 0
0 115ms
114ms Fetch
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C92dXyc1bY5OZAYbTxtYPjNalwAKcge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTEyNDI2MzYxMzIyMjY0MMgBCagDAaoE2wFP0LfB_0JSw7hMNKv4zMpwfl927awq-p4QQM9JhomVLyZTS_mzhrpD-NldsnaZq0HplFdMbBULuISRlEsW5m42thJ16xHNQyiIYzLH2fT3vxyWrzBsPEXcs-GUHDw2K-DzhuXU5L1xB3E1pRHfHoQwn7FDkEDji-P0DhgE7behdiiXHQXEtrLnQNDXSVvZhFEG6WrX9RgV0P8SuT2yyeCCTTolMEeGJKG6t4wUtIR5yqui5xl5KJR_smwto9TueBNm0E27q7ImTj1WtbSdj5UMvK3cW9rd-4RkhBuABsfV-PSTnoC9FKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTExMjQyNjM2MTMyMjI2NDAYAA&sigh=u3Er4JcMjLA&uach_m=[UACH]&cid=CAQSGwDq26N9jBVttfqVOjWGmQwm4P_rd3wMuiCigBgBIBM

Requested by

Host: anunsco.com
URL: http://anunsco.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 12:40:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Oct 2022 12:40:41 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 6FFD 0
0 11ms
11ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kIfQEs36RO0HfOIinRcCAAAADdvcbOKBA7IQyM1bY3PKRS1ALmdBeZuTABIAAA&wp=Y1vNyQAATJME0amGAAlrDNcP9_IdJx3paIys_Q

Requested by

Host: anunsco.com
URL: http://anunsco.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 315026
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 79EA 119 KB
42 KB 62ms
56ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y1vNyQAATJME0amGAAlrDNcP9_IdJx3paIys_Q&u=%7CYUTbT5ClgBY%2BsdFkIqaqcML8UiLY3zgybYyVVF%2F6CzY%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92McXv0IAiEpPkn5j-Tr6rYQKR_T_fBzp9uMqmIwCrz9YxbMyNS02222yvt8DL50bTXqoW3xW2hptKGkh-QcAp69Azt2vp8vThYTEpCqsNYAl-yHmKIXHD9HNOAfq3RsJstf98A4PWGT_olqmOjPlDtW-zt68vFhR5l-KLAzFvxqPFCv_kP_OU4hmW41ZYgWgOwJEvSOPMYbVIQsYGBpx4hbVvj4FHYYOd9S2rpB2e5nRvyADy3Fn6HLNUdft7XzAkKqPl_4BSEHHGHnPPIerIXyA1WvYG8Jt49-I-JJHERmeHYJyOAy27sRxr2M3HoBkg47r3jYAoh3i52pc8XKnvQHel5wGO-0r0E5uKqnJDXKl4DgduVE836njCIeJhvSjC0j9dg1d6NOs5rHsXnDYUjIdjn7_irZh-YfAwUGP03gVrp50deB7wbtjsJW_ICayRT0rCU1fgYW1rI8uqEy-9vq6ZKmUjNZCRbt6eOvxTUUvaQToajUX4Dz4srqjJDfqNAFw8V1CyGQbm5fxcD5EXKEpzllQMM5lakLhK5shn6Eoqxd55J5f3ijTJr_R3KRX9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpoQyc1bY5OZAYbTxtYPjNalwAKcge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTEyNDI2MzYxMzIyMjY0MMgBCagDAaoE3gFP0LfB_0JSw7hMNKv4zMpwfl927awq-p4QQM9JhomVLyZTS_mzhrpD-NldsnaZq0HplFdMbBULuISRlEsW5m42thJ16xHNQyiIYzLH2fT3vxyWrzBsPEXcs-GUHDw2K-DzhuXU5L1xB3E1pRHfHoQwn7FDkEDji-P0DhgE7behdiiXHQXEtrLnQNDXSVvZhFEG6WrX9RgV0P8SuT2yyeCCTTolMEeGJKG6t4wUtIR5yqui5xl5KNZ9kv6GUV3uu5oLXKbBInGRchVfm6xZFGZ2NWRiRfbFUlL1hNhVJeKABsfV-PSTnoC9FKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_14CCDvynUp0vaK1USYWYtcbBMAVQ%26client%3Dca-pub-1124263613222640%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

346f1ade9b6175511bf0244701663723264c609cc4fc275160e3678cbf62ee2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:40:40 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=Q8y-b-K-eG75ZGQWC9Uzru4kIJ2VqdJEloLwmdBYb8rl3UpEHlreWi7UrB77n3f83Whs9htq4eaNYL-Fp17aUuCARI1jWMGtlt-urRt5bX8Tp1fbESaqhH8ksyiu7z02axbRFWMccp7DBehylAGx6SB1aOakQN4Z2kxvHiM7eOhhEpIWQl0v2JoUOd5UocW5A2b7WZ-YBJMGs6PD5kBJCbc9lNfvtHjsY_9zCZol2lCmmCbttz_n1BFwjfTy_e_KFwnbFA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 47095815
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 6FFD 3 KB
1 KB 31ms
6ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:15:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 05:15:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame 6FFD 17 KB
7 KB 28ms
5ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:15:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 05:15:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6FFD 153 KB
47 KB 25ms
21ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221026/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 12:40:41 GMT

GET
DATA 200
OK truncated
/ Frame D215 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0227194888eb78c250e237464ea08a6463cad1c78c45ecd0f47d4e7b4810a35b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E3CD 2 KB
1 KB 252ms
84ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y1vNyQAAUKIE0bWRAALOwsFYPBLdPSVfm2msDQ&u=%7CYUTbT5ClgBbrOZRWPAUuc0D9mkmzmi8igdWkKuipXe4%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92McXv0IAiEpPt43uNF4ZcitEYDvgt2VJmIiFkvmndNCmgJgTQLF9vMDMWmoTep1GcJt58cANQWQ2RQN-GTvLAQCDFRhNdOEPJQAvzSoTmdZPt5vKgvCTnJFrjK2aK8Cd4imRBeHgphXwMohbCl37MzrUNQ0F2sdofcjjAHxJYjy1gSMtJA_S96CwHcGlqW3viQi0-zLfXdmHgwLg4WQmaB8acCLu1t4tt2T_v6bdswlgkMBMVh-Jjfvf2Qd9an3sl3FsPqRDK4Fo3uBkpWfFHR4uWEBNJM8m0W9T8JvNRxq7o3XnDKhMHBY0772dZWQahq50XLS6GN7MhT0Fs0YZ8u5vXKJx8brDoM4rgdEZWNxsXHgxG8wkbv5mM2syw0NBsUEyz0486-vfEkf3TE82gtGHVPSNig_avB72PU8-Cb4ejLvApRjgUEIVJgYO94WfLd-_pre8SS7Bepz1HwtHfsoh4urXw51xHSQtbTu1dO6m9xF16I6_PVWlmuD4_uAp703Tbm7Lh98_cFJcw7vUGR77fdA6ET8Vk1aD1Gk80ChdIipu5N_SO6g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxXONyc1bY6KhAZHrxtYPwp2LyA-cge-wXLKaqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTEyNDI2MzYxMzIyMjY0MMgBCagDAaoE2wFP0LqP4u9R00x7olU5CNArU9M33IxdvaQlkxhiNCB_tZn9XWV9PXoNrN_8Qi01wj7bzd2J_rPV3gEVlUsm5bLd_E8gNdk0zoUZJDzEeCO0DRNc2C-d7pDYnsmygIYbME4q_MXi18n8PWxy7Ama0s62qrFsiOdJHdRVfKw20FrltnWf5i7H5V4T13nD60cEi7_73z3qIvRrgqgW0plTOZOp0UR4RPhPbM4p17f62K7L5K0ET0t9USYmL9bCJ8KoXKS0fkcNTuI9WjEsoMCShvYJgoy5KVU3I8F-EweABsfV-PSTnoC9FKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1yIxO9cH0P6mXig9Weh9qOSDKGkA%26client%3Dca-pub-1124263613222640%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame E3CD 2 KB
1 KB 249ms
81ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E3CD 308 B
637 B 229ms
79ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E3CD 293 B
621 B 233ms
82ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame E3CD 43 B
347 B 100ms
13ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=9ghJvalpCNEoLPAXBNnzxtbeXil-Ju_AJpQM53CWdRwxqWSQJXwR65PbDl4QDDF_LGLR2PkQ9AQ0Vr60yIGrlOx3dngLYCfQU22KrDugIlSoLxXx7DtpPtANR6YelC7B-clCD0fVU-njJGrLxIBL6fxXJYVVztCeDaLrlI7xJAWR84yUDhFMJbHdrJUlu4iW-qoT4UsA7vfcZaxcg66x1CMebOb2PtbJ4_LXCxYMja55bJtcyAr5P1r3aVGZUfoJuO4WRBK4mtdyK_BVV1lOrB_HBF6YQhDvVwnQmekuN2itEBM5cewNM-y3WDMRwFUel2rJwDGBcAbCvLf0FZS6Gzv2z1fUNdMk1wIUnZT-n1cFzV4O49G4mo4EnpbpGLJmXE9D9sv-941_oRFf7CMFdDB6PAnHk8y89-af3vrk2KqQSuoZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2301303
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 79EA 2 KB
1 KB 236ms
84ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y1vNyQAATJME0amGAAlrDNcP9_IdJx3paIys_Q&u=%7CYUTbT5ClgBY%2BsdFkIqaqcML8UiLY3zgybYyVVF%2F6CzY%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR7Ob23Zd9U92McXv0IAiEpPkn5j-Tr6rYQKR_T_fBzp9uMqmIwCrz9YxbMyNS02222yvt8DL50bTXqoW3xW2hptKGkh-QcAp69Azt2vp8vThYTEpCqsNYAl-yHmKIXHD9HNOAfq3RsJstf98A4PWGT_olqmOjPlDtW-zt68vFhR5l-KLAzFvxqPFCv_kP_OU4hmW41ZYgWgOwJEvSOPMYbVIQsYGBpx4hbVvj4FHYYOd9S2rpB2e5nRvyADy3Fn6HLNUdft7XzAkKqPl_4BSEHHGHnPPIerIXyA1WvYG8Jt49-I-JJHERmeHYJyOAy27sRxr2M3HoBkg47r3jYAoh3i52pc8XKnvQHel5wGO-0r0E5uKqnJDXKl4DgduVE836njCIeJhvSjC0j9dg1d6NOs5rHsXnDYUjIdjn7_irZh-YfAwUGP03gVrp50deB7wbtjsJW_ICayRT0rCU1fgYW1rI8uqEy-9vq6ZKmUjNZCRbt6eOvxTUUvaQToajUX4Dz4srqjJDfqNAFw8V1CyGQbm5fxcD5EXKEpzllQMM5lakLhK5shn6Eoqxd55J5f3ijTJr_R3KRX9Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnpoQyc1bY5OZAYbTxtYPjNalwAKcge-wXKqxqqp0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTEyNDI2MzYxMzIyMjY0MMgBCagDAaoE3gFP0LfB_0JSw7hMNKv4zMpwfl927awq-p4QQM9JhomVLyZTS_mzhrpD-NldsnaZq0HplFdMbBULuISRlEsW5m42thJ16xHNQyiIYzLH2fT3vxyWrzBsPEXcs-GUHDw2K-DzhuXU5L1xB3E1pRHfHoQwn7FDkEDji-P0DhgE7behdiiXHQXEtrLnQNDXSVvZhFEG6WrX9RgV0P8SuT2yyeCCTTolMEeGJKG6t4wUtIR5yqui5xl5KNZ9kv6GUV3uu5oLXKbBInGRchVfm6xZFGZ2NWRiRfbFUlL1hNhVJeKABsfV-PSTnoC9FKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_14CCDvynUp0vaK1USYWYtcbBMAVQ%26client%3Dca-pub-1124263613222640%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 79EA 2 KB
1 KB 321ms
169ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 79EA 308 B
636 B 224ms
86ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 79EA 293 B
621 B 293ms
155ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 79EA 43 B
348 B 86ms
12ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=W7AciqlpCNEoLPAXBNnzxtbeXimGxH7poHeozOB4TiEiED7LeGSUZtLDLZGLQJicpeBqvvq8T2Ua3MGbBfLmeGDbDml8uxnUzSbBZwDFsZ_eHyTgXkoQNK2JPsTTGorNJFLZ_YbLNDzTulHFT8fEWM2tKtkfCVrLoYHSCA8IOJAelb_vNaTqzqtHB6O1EEwpme0z0zk04-DpzMWsX7aDK18fjXjS1IuonQIHN1kUFkslnljZ4tuAeuxxgKkLrOgDhzr3T_WptA3J5MbWPM-R7gceLJmS4ZpIBSYv7V1vEKUfG_AHk5vi9rDiGoW9f3H5U80d3ArZ4VxdntgYLrgXPlFkSqCmhyCO8MYr1ZNy590VpkZwWwgNBW5UAHGoaZ1oaTSMhoWW1zu75p15P6fjwNcoH75_Ml7j_zbAW9R5hVHmAGMv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1749984
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 79EA 12 KB
4 KB 28ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 1958269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7613bdcc19bd19e3-EWR
expires: Wed, 18 Oct 2023 12:40:41 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 79EA 12 KB
6 KB 299ms
168ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame E3CD 12 KB
5 KB 17ms
11ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 1958269
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7613bdcc19bf19e3-EWR
expires: Wed, 18 Oct 2023 12:40:41 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E3CD 12 KB
6 KB 366ms
246ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E3CD 11 KB
11 KB 46ms
18ms Image
image/png 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=176&m=0&partner=1075&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F771%2F160923%2F58605b2e514c432f98cd3a75f9acc6b6_logo_n_horizontal.png&v=3&w=196&s=8KrOs-N9i48cObmvAAtmwZf_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

a690dfaf60d7dac70959d80eb53b4b2234adb0479977f6802b1085d972611e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28125925
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11279
expires: Tue, 19 Sep 2023 01:26:07 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E3CD 3 KB
4 KB 57ms
30ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F14%2F14193850IE_14_F.JPG&v=3&w=400&s=4SJhdOAuIj8gphq5j0_BocHb&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

2bbf369ac3b4b9a866d9e82e547e94818e5a4e08df663ee51a3be7ffffe511e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3532
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E3CD 7 KB
7 KB 37ms
10ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F14%2F14166067GB_14_F.JPG&v=3&w=400&s=RlVtJhZ2UFjREcPBltiD5mDj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

ea6b88dedde5579cd66eed115170c91762c3b620db1f2dc2e202cc8bfabf9e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6710
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame E3CD 46 KB
46 KB 47ms
20ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=1200&m=0&partner=1075&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F1075%2F220314%2F57b30706c5a54d2eaf2ff9b507fe5540_img_horizontal_1.jpg&v=3&w=1200&s=ZLNYVewuId8GdaEXczHdA-Sw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

4f964db4029abf63cc81b45ae0fc17ae1ee0dc9e6a2b79b8922f3550211b9143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28826449
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46878
expires: Wed, 27 Sep 2023 04:01:31 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame E3CD 0
128 B 91ms
10ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=wnjO0OK-eG75ZGQWfJ9_XnF3pCGPR92rjQOZ_EkuXHExLH2Ll3ylhonKbhWC7E6ZUzKciO7dU5kQ9Apj2pdMM8Kd0_-aQPtok4RnS5dCTQoGqjy8o-IU1GM4oP_wWyWnOAExQIJbssFb-VeifuZmOVV-XrIud1HurZaMmaSjMaRxkMijTqY2vco0QCBJY11g8F1k0A4xtcI3ffzZrxURxet-jDuqOeVG69sokqgXZ7yivPLQURfA-ZWfMyBSjWvwUBjqyg&sds=2&rev=83303&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E3CD 2 KB
1 KB 181ms
85ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E3CD 2 KB
1 KB 144ms
143ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
DATA 200
OK truncated
/ Frame 6FFD 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efc717f9cf52c5e5b1da0e893d82a984d3bcd02427f36c7ad14a4883d4570fc9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
pix.us.criteo.net/img/ Frame 79EA 46 KB
46 KB 17ms
16ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

4f964db4029abf63cc81b45ae0fc17ae1ee0dc9e6a2b79b8922f3550211b9143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28826449
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46878
expires: Wed, 27 Sep 2023 04:01:31 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 79EA 11 KB
11 KB 20ms
14ms Image
image/png 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=244&m=0&partner=1075&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F771%2F160923%2F58605b2e514c432f98cd3a75f9acc6b6_logo_n_horizontal.png&v=3&w=196&s=EuBYWcefdymcb3m6KI2b2LFu

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

a690dfaf60d7dac70959d80eb53b4b2234adb0479977f6802b1085d972611e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28125925
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11279
expires: Tue, 19 Sep 2023 01:26:07 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 79EA 5 KB
5 KB 20ms
15ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=1075&q=80&r=0&u=https%3A%2F%2Fcdn.yoox.biz%2F49%2F49800481EL_14_F.JPG&v=3&w=800&s=IPl_0YcGvHdZQlxQGu-DoJDq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

136da73e18e1f7b54f05cc3c3a3ab07c0a1e3c71828d7d8ef6d3d5e3a49d8438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5234
expires: Mon, 23 Oct 2023 12:40:41 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 79EA 0
127 B 47ms
11ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=Q8y-b-K-eG75ZGQWC9Uzru4kIJ2VqdJEloLwmdBYb8rl3UpEHlreWi7UrB77n3f83Whs9htq4eaNYL-Fp17aUuCARI1jWMGtlt-urRt5bX8Tp1fbESaqhH8ksyiu7z02axbRFWMccp7DBehylAGx6SB1aOakQN4Z2kxvHiM7eOhhEpIWQl0v2JoUOd5UocW5A2b7WZ-YBJMGs6PD5kBJCbc9lNfvtHjsY_9zCZol2lCmmCbttz_n1BFwjfTy_e_KFwnbFA&sds=2&rev=83303&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 79EA 2 KB
1 KB 134ms
83ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 79EA 2 KB
1 KB 142ms
142ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 79EA 3 KB
1 KB 50ms
22ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 11:00:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 12:40:41 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E3CD 3 KB
622 B 49ms
23ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 11:13:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 12:40:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame BA0B 3 KB
1 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666960841&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F48%2F5-best-ways-to-buy-bitcoin-in-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666960840774&bpp=2&bdt=316&idt=219&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7186314629900&frm=20&pv=1&ga_vid=1819449926.1666960841&ga_sid=1666960841&ga_hid=1537148362&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C44770880%2C44775016&oid=2&pvsid=1859984389440479&tmod=1536650461&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ehTSSm1HBJ&p=https%3A//qa.elbwaba.com&dtd=231

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:15:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 05:15:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/ Frame BA0B 17 KB
7 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221026/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 05:15:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26714
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Nov 2022 05:15:27 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BA0B 153 KB
47 KB 31ms
30ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47996
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1666856053429787"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 12:40:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BA0B 0
0 114ms
114ms Fetch
text/html 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTHKdyc1bY_6HA9LhxtYPwPmRuAacge-wXNqkqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTEyNDI2MzYxMzIyMjY0MMgBCagDAaoE3wFP0KgdRwTF_a1G6vdxKGdNc7F2ip_oW3G7g54VuWAcX4ImwuZ9g9h7sRNiyR3qlmuGwC6DjuljRFdDWLQivvsHFDx6dganL9Wykmp_IoQcBlEFrLLYu_HyW2fIPkmLTYiUuK4AskhJZk-mV8YgW_cLnueunv46EQdrXxA7-5WZscXots1ah1RCu9rL5s5l9O7uBy1HqurJYDco9KKLuP0WGDErHYejn7KX6sv_L_3pAU0n9F43pRm9BBvIQLszLU7wh38zQRjszUQH-O_RSPAzdVtFCRsz5cIclkmsR2_0gAb6-IW5guLwtOkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTEyNDI2MzYxMzIyMjY0MBgA&sigh=WACOc7B9krM&uach_m=[UACH]&cid=CAQSGwDq26N9Mir3AmSQ_zkb4hOOpH3BryfK9Fl_OhgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=640&slotname=8438358023&adk=1206473694&adf=851893608&pi=t.ma~as.8438358023&w=320&lmt=1666960841&format=320x640&url=https%3A%2F%2Fqa.elbwaba.com%2F48%2F5-best-ways-to-buy-bitcoin-in-2023&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666960840774&bpp=2&bdt=316&idt=219&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C748x90&nras=1&correlator=7186314629900&frm=20&pv=1&ga_vid=1819449926.1666960841&ga_sid=1666960841&ga_hid=1537148362&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C44770880%2C44775016&oid=2&pvsid=1859984389440479&tmod=1536650461&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfnEr%7C&abl=CF&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=ehTSSm1HBJ&p=https%3A//qa.elbwaba.com&dtd=231
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 28 Oct 2022 12:40:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame BA0B 0
0 11ms
11ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOrREM36RMACgAXiIp0XAgAAAEC9uSiZvo8vEMjNW2MCPMvrn7vKwOPS8wASAAA&wp=Y1vNyQAAw_4E0bDSAAR8wLwnZMkr4xRdLO2MLw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 211543
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 1693 134 KB
45 KB 91ms
90ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y1vNyQAAw_4E0bDSAAR8wLwnZMkr4xRdLO2MLw&u=%7CYUTbT5ClgBbfECGHTp%2BbwCsz9hbFwyYc%2FDYe83W59js%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-pdBd4Yn-iAyg0RfPc5NXLXF37ShTWqW3RZnNua5tm5ARR2bNoIRASRydqQ1H9QITZENADbZUio5WydBclWoXCMJXww0Fu15rvP4h8IabvkdlBaMi286crlk3rKZvf9DPuYHdfxPq-OsrgOXHXUVeTvdZX-CrlNYWLnrg0XMCsrySZNRoBVgL8L1adbSFtB2hua9KOSZoe6CRZnly9gMJu54qyWORPgYYjyNUt19bBo66XKhF6_BajLlPvdHQefgocZdcnNGuHphObDmzoN6y-VYYGNrp1LBVs6CuKlHbDAun0tJ-flkB7eTBzKnM0eArTSkUBXpxYfH1G7keq5BTnICykpLnQxJYaZlAX6kISiMsoTshdT4g9i33_7a2Bjpb0fGxGLkqeiNaaXDbik5VGzEM7QNEIJUY6LaeEqtaki9aSVOGzMFIpPYuTPf_FN6u0xcEliYdD-Hz2QjoXrBaWGE8wSeWjesUCOWO87xiifHBLw--MnCM2OPvgIev35-u2nRRfk_PyEBDdYmRVJq7E4HMMjBdaU58vkhKu9wcaWIa6xEZ1OWpN4grbxBq29_aCggy7lR9l_RUsEuHPKD2UloKGVCwRGNh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV1TQyc1bY_6HA9LhxtYPwPmRuAacge-wXNqkqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTEyNDI2MzYxMzIyMjY0MMgBCagDAaoE4gFP0KgdRwTF_a1G6vdxKGdNc7F2ip_oW3G7g54VuWAcX4ImwuZ9g9h7sRNiyR3qlmuGwC6DjuljRFdDWLQivvsHFDx6dganL9Wykmp_IoQcBlEFrLLYu_HyW2fIPkmLTYiUuK4AskhJZk-mV8YgW_cLnueunv46EQdrXxA7-5WZscXots1ah1RCu9rL5s5l9O7uBy1HqurJYDco9KKLuP0WGDErHYejn7KX6sv_L_3pAU0n9F43pRm9BBuKQpuhhrx5h7y6LJQHt83ET9P5Qd4rscC2c5L6W9wwjuB61m83Tyt8gAb6-IW5guLwtOkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3YHnXoZJTMxq0jxnVmGFOdiDRLgg%26client%3Dca-pub-1124263613222640%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

2a5fc01d637a59a9aeaf43d3f5d02556232548914f67c26f86521a373fdc5671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:40:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=KxkWzuK-eG75ZGQW0HHWjy3XInKqEOWkHzYFPrsrb18xGO3Sg44__MRu83Wr60PYzGvPq5cfSoLAqy3OZ_3RP-GLGX0cXzhFmIa8ouTZ1ei_s-uJXZqs_0Ddxg0GrhX-NZSK6FtJGAfMnA3zI9sikqnB-vWv1Pafgk_Vuc0N1RwQUEb__02no_aoPVGkhh2vlUPsmjY3Ag7CsNYu8VMrt3iVnsFnpIWpLPuZ7tBugQpNCLeACN8L9iq9dTTOw60dkrpf9YjG2qLZSSMD"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 79059698
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame E3CD 30 KB
31 KB 26ms
6ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 10:24:41 GMT
x-content-type-options: nosniff
age: 8160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 10:24:41 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 79EA 30 KB
30 KB 29ms
11ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 10:24:41 GMT
x-content-type-options: nosniff
age: 8160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Oct 2023 10:24:41 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1693 2 KB
1 KB 92ms
91ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y1vNyQAAw_4E0bDSAAR8wLwnZMkr4xRdLO2MLw&u=%7CYUTbT5ClgBbfECGHTp%2BbwCsz9hbFwyYc%2FDYe83W59js%3D%7C&c1=SMhbYeryLxkG14NwFf2jh1KVMrwDvmO-pdBd4Yn-iAyg0RfPc5NXLXF37ShTWqW3RZnNua5tm5ARR2bNoIRASRydqQ1H9QITZENADbZUio5WydBclWoXCMJXww0Fu15rvP4h8IabvkdlBaMi286crlk3rKZvf9DPuYHdfxPq-OsrgOXHXUVeTvdZX-CrlNYWLnrg0XMCsrySZNRoBVgL8L1adbSFtB2hua9KOSZoe6CRZnly9gMJu54qyWORPgYYjyNUt19bBo66XKhF6_BajLlPvdHQefgocZdcnNGuHphObDmzoN6y-VYYGNrp1LBVs6CuKlHbDAun0tJ-flkB7eTBzKnM0eArTSkUBXpxYfH1G7keq5BTnICykpLnQxJYaZlAX6kISiMsoTshdT4g9i33_7a2Bjpb0fGxGLkqeiNaaXDbik5VGzEM7QNEIJUY6LaeEqtaki9aSVOGzMFIpPYuTPf_FN6u0xcEliYdD-Hz2QjoXrBaWGE8wSeWjesUCOWO87xiifHBLw--MnCM2OPvgIev35-u2nRRfk_PyEBDdYmRVJq7E4HMMjBdaU58vkhKu9wcaWIa6xEZ1OWpN4grbxBq29_aCggy7lR9l_RUsEuHPKD2UloKGVCwRGNh&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCV1TQyc1bY_6HA9LhxtYPwPmRuAacge-wXNqkqap0wI23ARABIABgycapi8Ck2A-CARdjYS1wdWItMTEyNDI2MzYxMzIyMjY0MMgBCagDAaoE4gFP0KgdRwTF_a1G6vdxKGdNc7F2ip_oW3G7g54VuWAcX4ImwuZ9g9h7sRNiyR3qlmuGwC6DjuljRFdDWLQivvsHFDx6dganL9Wykmp_IoQcBlEFrLLYu_HyW2fIPkmLTYiUuK4AskhJZk-mV8YgW_cLnueunv46EQdrXxA7-5WZscXots1ah1RCu9rL5s5l9O7uBy1HqurJYDco9KKLuP0WGDErHYejn7KX6sv_L_3pAU0n9F43pRm9BBuKQpuhhrx5h7y6LJQHt83ET9P5Qd4rscC2c5L6W9wwjuB61m83Tyt8gAb6-IW5guLwtOkBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3YHnXoZJTMxq0jxnVmGFOdiDRLgg%26client%3Dca-pub-1124263613222640%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1693 2 KB
1 KB 88ms
87ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1693 308 B
636 B 83ms
82ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1693 293 B
621 B 84ms
83ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 1693 43 B
347 B 22ms
21ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=czk2daT6HDQGV1PFBq1PqWt_wtbOJ9PYBKslY4vM6Dh9DD8pTuO93Q0K1gPkI99-AaU4HmLLUgvdIIIk0EydJ62l6ID2nvB96vpNhIOvJrHPG0bVwMqUotlBs4zj3UUHcWvMg8KMQKQXjiTlX4nm5fmifS87f2b3x55fn3WGDsDYO00M7N27H6BMxsNpeKoY3IqQYN-JzyNglOTjXoTDgC_6mR9qXC0MXN5SuhDZTERUMAK1fRYU3v4eQ7DCZ1m1WCa224XVA_xqDyy67GbXbB5kNieHUU6Kugkjk_vQAS909DsHFuXMU4Gc51HXEjulufhJTOcByb52Uxqxrmtinoa9lbErh7QYQLKE2VjlUAPpb1uqNiDXQbviGSR52YoD7-vEKEduK3_JyV4dl2h2EEuIX-YbWKhY4ZbbbJOhna61oXtn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:40:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3352015
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1693 12 KB
5 KB 55ms
44ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 2720016
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7613bdcdf8881825-EWR
expires: Wed, 18 Oct 2023 12:40:41 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1693 12 KB
6 KB 86ms
86ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 1693 0
127 B 11ms
11ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=KxkWzuK-eG75ZGQW0HHWjy3XInKqEOWkHzYFPrsrb18xGO3Sg44__MRu83Wr60PYzGvPq5cfSoLAqy3OZ_3RP-GLGX0cXzhFmIa8ouTZ1ei_s-uJXZqs_0Ddxg0GrhX-NZSK6FtJGAfMnA3zI9sikqnB-vWv1Pafgk_Vuc0N1RwQUEb__02no_aoPVGkhh2vlUPsmjY3Ag7CsNYu8VMrt3iVnsFnpIWpLPuZ7tBugQpNCLeACN8L9iq9dTTOw60dkrpf9YjG2qLZSSMD&sds=2&rev=83303&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 12:40:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1693 2 KB
1 KB 85ms
85ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1693 2 KB
1 KB 99ms
99ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:40:41 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1693 2 KB
519 B 43ms
22ms Stylesheet
text/css 2607:f8b0:4006:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

222cabd38089af521e8c7f681b803322077eb96a5551098d85afc4777a18e189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 28 Oct 2022 12:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Oct 2022 11:45:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Oct 2022 12:40:41 GMT

GET
H3 200 0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
fonts.gstatic.com/s/lora/v26/ Frame 1693 19 KB
19 KB 25ms
6ms Font
font/woff2 2607:f8b0:4006:820::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 20:02:31 GMT
x-content-type-options: nosniff
age: 319090
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19228
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:05:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 20:02:31 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 62ms
48ms XHR
application/json 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221026&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2a93d536cb3e6fca159e52269bdc74c3e64468acf9825f671590b1f4a003cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11190
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 47ms
47ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210190101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Oct 2022 12:40:42 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 554F 13 KB
5 KB 8ms
5ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 31007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 04:03:55 GMT
expires: Sat, 28 Oct 2023 04:03:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 92FF 783 B
536 B 41ms
25ms Document
text/html 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0d0e89d071390f981a92413d0c85c9a0a576ffea8448be8235c28bc3e1b6ce23

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G1DW0Bq6oxBEgSwNFJUCxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qa.elbwaba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-G1DW0Bq6oxBEgSwNFJUCxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 28 Oct 2022 12:40:42 GMT
expires: Fri, 28 Oct 2022 12:40:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 554F 36 KB
16 KB 6ms
5ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 04:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31007
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Oct 2023 04:03:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 92FF 0
0 67ms
66ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221026&jk=1859984389440479&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 554F 0
10 B 5ms
5ms Image
text/plain 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dHitmg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 12:40:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D215 42 B
64 B 84ms
83ms Fetch
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvK2GZaF-nDqYZuNS1XfKNhZRb8A75H4rN8s8DdaGIc2Yi8BKfZ4VDkO5z5lVv89jpza0Tl-KH5iz1BxnslLiWw4tE&sig=Cg0ArKJSzKcACfkmnXepEAE&id=lidar2&mcvt=1000&p=0,0,90,748&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=909556274&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666960840978&rpt=563&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame E3CD 0
127 B 10ms
10ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 12:40:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 68ms
68ms Image
text/html 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221026&jk=1859984389440479&bg=!5Oel56PNAAZPh4lnb4c7ACkAdvg8WoKBvzLFp84M9ZefPBB_U7thAn2gfiG8WXz5xHMQ5UWgh80GlQIAAABkUgAAAANoAQcKAG8IwmbbSBUzZD59S1icKkAFbpZr8C5Uwpi2DRdT2PW6pQ5zAaKfpW1AGryjR0dVYgqUUZY66CsToXWNDUujO9brf30li4Kqfcr6wwN9NIsYmMvnUBMHNiefsm6-NTcyot1A40ELlBb7Pp2sSMDMyS6ZApjP9Dsx5z0bcCyXVuLhIg8ihcSXNTyUDchcBUKw_xgVntncRH0Wbb3ct6YUOy_i76gA1f42khjqz1jXJQ-vn2fGDYi2OR7TUY06_krcIphcmr0xi58TJXcz5SMzrv5ZotpOQMdGDao0Xhs8h9jGCWuON0apf6s2mlDk8rAJsJ4b49N9zUcKrxokuOJDunuPJVXG5QYCokPdKBv4dhyfRmuSZHQn7dWYePDJl7Q2Kr2WG1q9WbUQWEWVNUMZOW7n64zVSB252-eH8fXwz5GmzAl8CobfI26Vb1wqwiLMJ17FbhwCQKQAD7CfRoJ_ojw-yA4zVxTFmmOTXbwfK6JYOF0-sLhiZGRPP-93NrZwY2Q2aznyCGLool3bV7GQvDM5VHMn5vRhz56H9HZSBrW7wlG4vBe7zkjtDJ3kf_dC0MG-52Dr3mjfypa72xoyCvO8QxghvbATJA8U1OhWD9LCtilmuAr-vz7j0iqyeyOrA6_lpFyLQ5PHve3HDKjzuZpJF8bWit0lLUSmY7I4bvrm7-omojuQmLHwqOdlkZBbNNDsOJpOuB0_qg38AiE0IvgD4fzmIa4nl3b-UHEsiP9rlwzTyGfgSvJHsQCwoGS7xIAuXL5P1CLURmDTJ16PC_i62ETNlof6kWvVvQgZIYH1C4dEmi44WibRaKisipzFp014MR6SFNFVrwnWiuGRoBD4dvNNVsCXJ15AZDAqvZulsO3Zg-RU_4AY37WsUFHAdP2hEL5tgoEVYoN2r7kwI7tR08DSCvU1aQvaj5pysgD7p2E7A8LWfZBuiskmlk5aHN1E5UqWciom8hFIJWV7F-A-9n37FLqBph38XCro9ZUeZTSxYCLqJqnYU-fHIG4pSbbtdyiMKijZATt7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://qa.elbwaba.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6FFD 42 B
64 B 23ms
23ms Fetch
image/gif 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnRtXcKqwytJJeOF9RHvRQtg_sNLN4immpouJ1SE77vXwG-E4hQkn8zkjoILnViWEObPUT53sVP51TkZoes0Aa2Nk&sig=Cg0ArKJSzHu-adjQM52VEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=89,777,1000,1121,1186&tos=89,688,223,121,65&v=20221027&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666960841461&rpt=200&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Oct 2022 12:40:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 79EA 0
127 B 10ms
9ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 28 Oct 2022 12:40:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 11:26:12	Name: NID Value: 511=cTzT1Xi27zFfAsEPia_vLSd9HnCnKCl9wF9IqJJUYL-SfAisOWNugvBD2LMXmr6KBGhBqONW_QDHQI-x8f_iJyKwKdAINPDqhNo1phWRT8OgFCI7TzDFo1LG8kgxy6d4xrzMkr42r9Esv1JqiroLWeumaONUa-VZAGx57zeMt_4
qa.elbwaba.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 4ba3dd466f9afb8085e1b0f15aafd106
qa.elbwaba.com/	1970-01-20 07:05:33	Name: qa_key Value: krdu9qd3hkq9s3odsfggolbg2ni7c1ox
.elbwaba.com/	1970-01-20 16:38:40	Name: _ga_TM8RE8VEQ7 Value: GS1.1.1666960840.1.0.1666960840.0.0.0
.elbwaba.com/	1970-01-20 16:38:40	Name: _ga Value: GA1.1.1819449926.1666960841
.elbwaba.com/	1970-01-20 16:24:16	Name: __gads Value: ID=4913124a5b01b724-227b4b7bcad70072:T=1666960840:RT=1666960840:S=ALNI_MaxZU6CxpJ2DUbnynUtZtf7JjRLMA
.elbwaba.com/	1970-01-20 16:24:16	Name: __gpi Value: UID=00000897e220ba4b:T=1666960840:RT=1666960840:S=ALNI_Madunmojk_aMXFbBnDuFVhsqWzK6g
.doubleclick.net/	1970-01-20 16:38:40	Name: IDE Value: AHWqTUkDEHgPW0ZetUYoybXMBGBc3pp3K0_1qTlR54Zo2ZSZt51DdH2kp0EXxIa5nXI
.doubleclick.net/	1970-01-20 07:02:41	Name: test_cookie Value: CheckForPermission

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1124263613222640&output=html&h=90&slotname=1938549114&adk=909556274&adf=383669989&pi=t.ma~as.1938549114&w=748&fwrn=4&fwrnh=100&lmt=1666960840&rafmt=2&format=748x90&url=https%3A%2F%2Fqa.elbwaba.com%2F48%2F5-best-ways-to-buy-bitcoin-in-2023&fwr=0&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666960840770&bpp=3&bdt=311&idt=195&shv=r20221026&mjsv=m202210190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7186314629900&frm=20&pv=1&ga_vid=1819449926.1666960841&ga_sid=1666960841&ga_hid=1537148362&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531706%2C44770880%2C44775016&oid=2&pvsid=1859984389440479&tmod=1536650461&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uTCpS8HzZ7&p=https%3A//qa.elbwaba.com&dtd=206 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
adservice.google.com
anunsco.com
cat.va.us.criteo.com
cdnjs.cloudflare.com
cryptomaniaks.com
csm.us.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ois.is
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
qa.elbwaba.com
rtb.va.us.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
199.188.200.212
2606:4700:3032::6815:55c4
2606:4700:3108::ac42:2b38
2606:4700::6811:180e
2607:f8b0:4006:80e::2002
2607:f8b0:4006:80e::200e
2607:f8b0:4006:816::2001
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::2008
2607:f8b0:4006:823::2002
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::a
2a02:2638:1::3
50.87.253.242
74.119.119.147
0227194888eb78c250e237464ea08a6463cad1c78c45ecd0f47d4e7b4810a35b
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0c03682256f0ddbfa031d5ee3c2bbb80eea99dab4ffa12622c551dea01359656
0d0e89d071390f981a92413d0c85c9a0a576ffea8448be8235c28bc3e1b6ce23
136da73e18e1f7b54f05cc3c3a3ab07c0a1e3c71828d7d8ef6d3d5e3a49d8438
222cabd38089af521e8c7f681b803322077eb96a5551098d85afc4777a18e189
23b3ef8ec2f0ea1a98f6f81e030913b9deb1c00ff89af9ffd94f08c827a38876
2604b45b39193f2405a1a4b4f93b2d769fb6a67c8f1d0b097343e540c7911ec1
2a5fc01d637a59a9aeaf43d3f5d02556232548914f67c26f86521a373fdc5671
2bbf369ac3b4b9a866d9e82e547e94818e5a4e08df663ee51a3be7ffffe511e6
346f1ade9b6175511bf0244701663723264c609cc4fc275160e3678cbf62ee2f
419ba1d9514b8e22ec6958c906b6da8259721f452ada8946ecb53cbeecebddb3
4be36dedc7f46d62bd569f0f7e00cea716efb6567bec5ffb2c0b38e8502dbbd7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f964db4029abf63cc81b45ae0fc17ae1ee0dc9e6a2b79b8922f3550211b9143
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d8c46bf1d13e87c13aea2c81ab2679b72ecc686a54238c66f9d4f5ec82f276
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
79eadc6d701b906a56ce4a1ffdd0aedfb6a7b1ab0287649e4bf8c2139bf36747
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
85c3fcfe1d3e689f99bb692c9605844636a257132a60b07dda75e39a1d6887ca
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a690dfaf60d7dac70959d80eb53b4b2234adb0479977f6802b1085d972611e66
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
ae9db2ed7002ff2feff57d947edcea41fbe46040921b911eede2ef9509e58e1c
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
c2a93d536cb3e6fca159e52269bdc74c3e64468acf9825f671590b1f4a003cb6
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
cc5c97917f6d0c87d919648a087dc3e5f278f6bafa9b5ca6ee6410ccb2535dd6
d2279ed439e34f468a0e87fa5695349f1b3571f4292391348f230e82a430cae7
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f
df542fea394490d468c5e3a326077da936f69c11401dbe97c40aedf19f6a0f49
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea6b88dedde5579cd66eed115170c91762c3b620db1f2dc2e202cc8bfabf9e17
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc717f9cf52c5e5b1da0e893d82a984d3bcd02427f36c7ad14a4883d4570fc9
f27dcfa2118578da7fde244daeb191fcdd0641d84c16fd08fe216c45d2bc2172
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f8a5bb5b6c206456e6fe908e8055e47f6b4ddf88d3415d7fb2e4564fb12f340c

qa.elbwaba.com Open in urlscan Pro 50.87.253.242 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

104 Requests

99 %HTTPS

85 %IPv6

16 Domains

22 Subdomains

21 IPs

2 Countries

1131 kBTransfer

2733 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qa.elbwaba.com Open in urlscan Pro
50.87.253.242 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

99 %
HTTPS

85 %
IPv6

16
Domains

22
Subdomains

21
IPs

2
Countries

1131 kB
Transfer

2733 kB
Size

9
Cookies

104 HTTP transactions
2 data transactions