Submitted URL: https://t.co/je2Jgu5dXz
Effective URL: https://www.hereofamily.com/
Submission: On November 28 via manual from NZ — Scanned from NZ

Summary

This website contacted 35 IPs in 6 countries across 27 domains to perform 216 HTTP transactions. The main IP is 104.128.237.116, located in Los Angeles, United States and belongs to HOSTUS-GLOBAL-AS HostUS, HK. The main domain is www.hereofamily.com.
TLS certificate: Issued by R3 on November 25th 2022. Valid for: 3 months.
This is the only time www.hereofamily.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.197 13414 (TWITTER)
2 4 151.139.128.10 20446 (STACKPATH...)
2 3 104.128.237.116 7489 (HOSTUS-GL...)
1 104.18.10.207 13335 (CLOUDFLAR...)
31 74.125.24.155 15169 (GOOGLE)
1 142.250.4.97 15169 (GOOGLE)
23 142.251.12.155 15169 (GOOGLE)
1 139.45.197.237 9002 (RETN-AS)
11 139.45.197.251 9002 (RETN-AS)
1 139.45.197.239 9002 (RETN-AS)
2 216.239.38.178 15169 (GOOGLE)
1 74.125.24.154 15169 (GOOGLE)
1 172.253.118.156 15169 (GOOGLE)
5 74.125.130.132 15169 (GOOGLE)
1 172.217.194.157 15169 (GOOGLE)
13 74.125.200.132 15169 (GOOGLE)
49 142.251.10.132 15169 (GOOGLE)
6 142.250.4.157 15169 (GOOGLE)
2 172.253.118.95 15169 (GOOGLE)
4 74.125.24.94 15169 (GOOGLE)
11 16 142.251.10.157 15169 (GOOGLE)
5 11 139.5.84.243 27381 (CASALE-MEDIA)
5 8 68.67.179.155 29990 (ASN-APPNEX)
8 142.250.4.155 15169 (GOOGLE)
19 142.250.4.148 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
3 142.250.4.94 15169 (GOOGLE)
3 4 35.244.159.8 15169 (GOOGLE)
1 2 23.53.160.138 16625 (AKAMAI-AS)
1 2 54.251.115.154 16509 (AMAZON-02)
1 2 74.125.24.106 15169 (GOOGLE)
1 42.99.140.152 4637 (ASN-TELST...)
3 18.161.97.11 16509 (AMAZON-02)
6 3.216.74.39 ()
216 35
Apex Domain
Subdomains
Transfer
85 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
790 KB
47 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 248
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356
427 KB
19 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 332
373 KB
13 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 370
238 KB
11 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 995
static.adsafeprotected.com — Cisco Umbrella Rank: 674
dt.adsafeprotected.com
98 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705
9 KB
11 upskittyan.com
upskittyan.com — Cisco Umbrella Rank: 274142
41 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 276
8 KB
7 gstatic.com
www.gstatic.com
fonts.gstatic.com
77 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
284 KB
4 openx.net
us-u.openx.net — Cisco Umbrella Rank: 585
720 B
3 google.com
adservice.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 16
2 KB
3 hereofamily.com
www.hereofamily.com
hereofamily.com
6 KB
3 link1s.com
link1s.com — Cisco Umbrella Rank: 431023
31 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1439
637 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 84
20 KB
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1615
63 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 7708
547 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 961
699 B
1 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 103261
792 B
1 ugroocuw.net
ugroocuw.net — Cisco Umbrella Rank: 98325
421 B
1 offfurreton.com
offfurreton.com — Cisco Umbrella Rank: 344461
357 B
1 web1s.com
ssp.web1s.com — Cisco Umbrella Rank: 519317
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 106
43 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2619
24 KB
1 t.co
t.co — Cisco Umbrella Rank: 497
731 B
216 27
Domain Requested by
49 tpc.googlesyndication.com googleads.g.doubleclick.net
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
t.co
tpc.googlesyndication.com
securepubads.g.doubleclick.net
www.hereofamily.com
31 pagead2.googlesyndication.com www.hereofamily.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
t.co
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
19 s0.2mdn.net googleads.g.doubleclick.net
t.co
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
s0.2mdn.net
16 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
t.co
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
www.hereofamily.com
13 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
11 dsum-sec.casalemedia.com 5 redirects googleads.g.doubleclick.net
11 upskittyan.com ssp.web1s.com
upskittyan.com
t.co
8 googleads4.g.doubleclick.net googleads.g.doubleclick.net
t.co
8 ib.adnxs.com 5 redirects googleads.g.doubleclick.net
8 securepubads.g.doubleclick.net www.hereofamily.com
securepubads.g.doubleclick.net
6 dt.adsafeprotected.com
6 www.googletagservices.com googleads.g.doubleclick.net
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
t.co
5 e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 us-u.openx.net 3 redirects googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
t.co
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
3 static.adsafeprotected.com fw.adsafeprotected.com
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 link1s.com 2 redirects www.hereofamily.com
2 www.google.com 1 redirects tpc.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects t.co
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.hereofamily.com 1 redirects t.co
1 code.createjs.com s0.2mdn.net
1 my.rtmark.net t.co
1 partner.googleadservices.com pagead2.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.co.nz securepubads.g.doubleclick.net
1 ugroocuw.net ssp.web1s.com
1 offfurreton.com t.co
1 ssp.web1s.com www.hereofamily.com
1 www.googletagmanager.com www.hereofamily.com
1 stackpath.bootstrapcdn.com www.hereofamily.com
1 hereofamily.com 1 redirects
1 t.co
216 37

This site contains links to these domains. Also see Links.

Domain
link1s.com
dooloust.net
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1
2022-02-10 -
2023-02-10
a year crt.sh
hereofamily.com
R3
2022-11-25 -
2023-02-23
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-01-29 -
2023-01-29
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
link1s.com
R3
2022-11-03 -
2023-02-01
3 months crt.sh
ssp.web1s.com
R3
2022-10-17 -
2023-01-15
3 months crt.sh
offfurreton.com
R3
2022-10-12 -
2023-01-10
3 months crt.sh
upskittyan.com
R3
2022-10-05 -
2023-01-03
3 months crt.sh
ugroocuw.net
R3
2022-11-20 -
2023-02-18
3 months crt.sh
*.google.co.nz
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh
rtmark.net
R3
2022-11-24 -
2023-02-22
3 months crt.sh
fw.adsafeprotected.com
Amazon
2022-04-28 -
2023-05-27
a year crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1
2022-04-29 -
2023-05-30
a year crt.sh
static.adsafeprotected.com
Amazon
2022-08-06 -
2023-09-04
a year crt.sh
dt.adsafeprotected.com
Amazon
2022-04-10 -
2023-05-08
a year crt.sh
www.google.com
GTS CA 1C3
2022-11-02 -
2023-01-25
3 months crt.sh

This page contains 30 frames:

Primary Page: https://www.hereofamily.com/
Frame ID: 2B678CEBF5BF52D5E2C6B3549C57788A
Requests: 33 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 52EE69B2ED4C5AFB5B9A8E58F2EBDF74
Requests: 1 HTTP requests in this frame

Frame: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9398F5CDB3D2767ACA5C3C120078417C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&adk=1812271804&adf=3025194257&lmt=1669630325&plat=1%3A64%2C2%3A64%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.hereofamily.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324221&bpp=3&bdt=1275&idt=1488&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=726049612534&frm=20&pv=2&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1504
Frame ID: E697DF412D86D27C09A0AA4B6DA124FA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
Frame ID: 2A0FD455587A54563EFDA81780F1A72D
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Frame ID: 769CDF76F4FAAF44B84B85E801D19E00
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1003366635&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324227&bpp=1&bdt=1280&idt=1532&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C336x336&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=1066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=gouRnk5LvF&p=https%3A//www.hereofamily.com&dtd=1535
Frame ID: 6562FB06480634BF68ACBDC2E67B70D0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjXmanEATAB&v=APEucNXSdeT_9wzWNydqZ2i39VtdAaT82UVWuHU9jFFgor_HxgNX2O4wPKUMzMRxQrcyW5cElWeq9P70TT-n1gC9OhGdYEpEsw
Frame ID: 0C023299B72A9B75D668CC83C0F9206D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWoGWDgsX4WIFlNN6nk95YrITL2QfX3p7JX7pXLcxxS-0958gHrFxG0uMF_h13jiMKKITP6mk-qpKGK2GLCwKjaS-yUw&cry=1&dbm_d=AKAmf-D5SZKXLuW4oDpwWk5GC7r38rjcEEkiiYpRf4qRmybxps0xU9niEqD55Q5pT8yM7Rm-cqnHRVNaUqx985Y1j-NsaJwxQcoj4Dmwo4fcBkmn4iIN01VbYO0fexYnU8xgwbtVEzEXO3Bi63ZJeXFf0HhqkX3Ku1mrK3i4ACAexYJ1tIOyQEcljm73nmAeC0WM1bq7pAoUjZD6FStMyvEDYcRZhBlI5OewyxWVlg1FswdnZT5wop44y7JLpmIfiYtAxQB20PVqadb3l8poubD4LDXoB_FXBYoEqHjfVJzJSjIQsfYyZXSJduc-hXgDmrZfxHiMyN6MefWJWC9uFccTz2YDa2WYu-CrxQl6GzSDktn1pw4TteVXOcdpQGprWxDMygCxJBbfNaf2QcA297qzQgazHOqBbz8CllawV12OLEUiInf6c3QWb23sonK7PzcDYL4qBqlLeIDamcsOw7JStziiQK2Y55xQiI3Tp9bDkTZBExV_SKnJkCvjXCrNU5jBLBTI6pp4A7sIM0Das2eqY6xh_n5suSsjKLwVoMLwBfVAZ3jpAgCyjmC7790E0L08DB6zKFSvnF7M_VX8SvKjGa0AMxV6rGR7qzKXdleqRy-M7EhtirC2DtjR18hgEsegHgfUtL8l1sq2E326Hst8wapXZnxAO9ouCNTyPVE5VfN_P9Zz2YZg6ZUPNc3Q_inKcWf3ZIGtw-NZZucfWrHwvYiSbpgMgpciJSb3BX4xJUAQCKQHYuzNz942-OxGCDYvUL8L1sBdeaTY8BfxE6TOGiYvCOGaaClGEHE8slLCHlAoWrkQPBMYO9lDonNCN7DJ7Xzz2SNcA2Ek-6NM3Axf5IUYvvvbrM_Uwwi5YUOnEPAefKM9YcQjHDtsfj08GviYO0_dy-Zdf-PFdeMVnmDy12PU4O1GKFrDlceMExeGY22lkVz1p4Wu8ASZOEhJvyoVfoK-t9R7mqKkw2ipHO7rlG5CD6nh6gZ-61b-KpAOfaoo4MWFEF-JBzloeq1R785UtNPrO2w1SqvxVYzLv1oQRhdrmCIrOYZuitOusz38z42-o7ozqchQ0W_b7q15PeI7miho-uSy1pIrrPpH4CXSw8-kzmlgaG4l6FKOxcgUWloO49eO9RQdkFVm9uH7WUdw4QUJx2uOyeIV5ItjIFhgd909r2vGwTLw4UIFz_mXhsEFLkRG9yMObUQkK_Zarq_gXzeH0atGaFKWsfsQPmDuWxvhqwTe1iDw_dSvOPZcAByzOMYY6ypPXz09i9ekbfOl-6vvPItBqYVXzylcWA0R8Pk7GFUVdT_v1_ELxYFYp8nSEKF3ctF6YgVSN8qGA6lCXtPqJcZvyLf9Ltc6uw0kqSdkvam0h5uS3exIssyjP_jdbS2evfSoYksNs-z0sQdPthhcpqLNpWHiTHE3Jf4So1Rfio-8ijOneArvn_iq0YQGMXF8qh5r0vQ0TJQyu--hNqx50RSWjU1M4xq9YkXkcBFfvr5N_RBIhCFEsMgx3BH_KQQEILsGdiBwVhHNluT_XlzqRaSJUeFjeb1WxT7nMEhs7bcwmBjeH5b_dIOSu7L4vWdXZIZM35rVMy9Nj5pNXacN69VEbHqaqym1hpUfccbUqpzJwT4uwxnSancy2kREnhaEN6d20TWmuROlJGkYv3JF0g2_vUDWjHAug8n8qr1olFC1bARODFPRf5LRanq3ZFVJLZEcjcBkxsxm69CdMfwUpvY6jCNqyWVl4akSTjWZgrc4wURsuqnzImGrftvPPPc2DIWsYA1yfAN2BGPHgVSXEeiLx_VB6CzA69lhRoOHokx2ODQx4IYYq304tVhmhxW5AcWmFzTLQ5jKu2K2snvFGz8Vki5NMDy995hZkmdt8pDwU0KwCeWf2z7pNDIyHUIg_za8eFz8OLiVQnY5zZYFunIMZvCishsVdW39Yl6XZayjEPQriK3AH4rcLNkBMk6Qq4ZdRJ0ee19GBo_al8libRwlLVA3GIXfc6AG6E-lHeOp6RoxeBALMhOibMPJ5ObjsbCXLV2ZgnvnZ9-uYzDjXzslNeztYY1ZnjOTXqWINLw0lxhDGPQ7Lqi4q_jK9UqcrvPHDQmWxlTGoDXFU86W3XIXgDA2kriSlr_Jt_bYmrubs1RjjflVZnDyIfkYwqvPlRfQHiV6FSP2zcvHzAhnviSZJ-pFoQipcmiYDQdl27vXn3W84GalhtDQgWYAv0iMq-6x2CcMe4byA9wbwr8Ip1uWAt8aTDpd-ritw3OEPTbVtwnfTDeFb3inNjV-fDnGxu8i5lUIhTQfMpFmpVoBsf3R9nFfp_l9_Kjk8R4L0chBEo8r1yW1T9ChH3cH5H1hjPkFzqWOncnVFzNZlQ_oMTQsjjZ-FT2BONwIBrEMtwChyX00HL-mYzjEQq4-JC9X80pLTV2llIsJbdbQO1LA-un31yL47u-7f9r3Pzk2SUJi20F1tGh2xpiIYjjWr_e8MOjLGC_umSVYUMqate5d-a0eO7N-TRhjSrlsr-RMBPY3MO8VpuPfntiHTuIQSLZK5B-jiO1fTJ3cimp-mcq5rt-3nMYfzbxgpcW2Pv-abTURt68Ljltd1k43PufQK0gnK0VCYe6fkSKDYdw3wqXHax6SPFea7jeqfIfieufZdP74QPweWHNRVYf7o8GaMU8Wq4doZjBOj4LSogY9UWo61HSLV2YPibY44RoeeOV2oiHUBeZ08BaBzoohEDdLwUYeVB6jIZyCOWlrrUb3tp9PwmiI4-Yxf44qeEIU01Nzusrs-4e-7HXRkOL7MnC2uOwj9hD7HAchboLFD3Rp6K8k6gz1p3KeJAvxnfmrQITNnmKJHLg01I_VdJDIJHX3n22zMdPyfYqdH2A2IuRnmUbJVHFYdaLZaLwuJ_Qq8lDvQ4B3zrANwmtj9b_HYWjr8pBPCEQOCS89-JlO43qTGdWf7R0F-T9ABuKT2akSiTFVy8543lTjz_0Knsv8rN7rn31A7URUdaFg_f77eDDe2WMfobl6PBn4RZgC7CS1dVTGuRbg43gBnNXAACAqz_RnMSrSiMgzwGyTxj4HNlT_HbPF2u1SxQ8n_0D6ohQqxq9W7AFc8fQ72Q9or-1J3mk0x25HIXzXnZ_n56AAmuj-Pntzc5qujeGP_edc4FwTr_kWke4zdqje8WXjJWKq_zlLni55v1s&cid=CAQSGwDq26N9hU6SAcMCY6wYhuknRaezln5b0vFWzhgBIBM&rfl=2%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Frame ID: 1A2042FF5A0BE601079F02E361C46E71
Requests: 12 HTTP requests in this frame

Frame: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8CC8CD68F8BB8F8924160796EB5B8DC8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJe6-wEQgZeaAhihqOvPATAB&v=APEucNUrvnyu42k37XgwCk43nI0ODsYH5J2AydpEXA3z8eSN6jmUuvMc7DIb2voL_IC0yO1LvSSyGCR54UzvqTYXtht5b7X-6Q
Frame ID: 863D055667449E0D878792CA0E8B9A37
Requests: 5 HTTP requests in this frame

Frame: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B7371380F29891CE24AC3D37BF519E33
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhDX2eECGJP-m9cBMAE&v=APEucNVFJyq4m4elcryfubuHYoVwk9Yx3km82RNl6nbMzGNypd5IDlGmpIGrBKyqk4_vN8W4PJLohf7yGvz4OuoV893VH7FzJA
Frame ID: BDB27BE81556D19A8ABA0A3967B93A89
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F831F6976FBC8A14FF6B413003B691D0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: BE9DF42E09FFE5CE6DADC74C702DEC2E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EA5FAC1227E877022F0F304177CD8E94
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3CBA8AD1B27A0E3730B92B2B7E20DCAF
Requests: 3 HTTP requests in this frame

Frame: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4B22892690F3ABB78DC36D43F3EF8E2B
Requests: 1 HTTP requests in this frame

Frame: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 202973EF4760B6EB4C9411DA8229A761
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: C1B4D41C6CFE03F48F531268493AD6BA
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEMnNrJkDGOPc99UBMAE&v=APEucNWV9IYYU6YB9tj8Ku6kik9F__MyZcL_Rj9n8jg_k_AZo4BTbca6qfjdWIDTAA8PGqTCswKTLwkGvrr1xF_SeNOfrEet2w
Frame ID: EEC84842C40E8A3A5F6AEA9AB20ED85E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Belvd3c8Yp5rjaP3CJ6GV1MfiI-sTuxfUgRHDNPZ6F_Ogn6EgrUFOl1_2iFNjn7cXbibD3cmeT-5xQcP6-xdvKjbUEPW-mzMDYwfTUlk7p1dk9dRGUb1YTTSj3GQuTeE4BPXAmj-pa40ZoCVGq5mPdeLxRLDhQQpCN3g0B283xa49fQcg&dbm_d=AKAmf-C2C2ccKZFI0My8obhbWx8GwLnZPIpXwD8ukXeSPy4QxcWdBCl-xQdOimER_s3zkol8Ov4IAMrCBy-_M8LYQn4RWx5HYNUO5lp0rra5ommgzUjin5m5BR_2VKVudaqg0davuw2AZbNZyPxIGqnx4D6Ins_Ycgbdmgc6-Bz_IggQw7FF59EIYmoM3rCWjO5ZhUd0t8ZpxzPVsLcRge6-tk_xKuI-ZpdPVnTW3vzgtVT3fLNWXTuEPF4_1B_zQsFDPB2ShL0-pbsyLUPCYonYtmYOlOhqyVGsWEk0GZ9VHD1sgKR-qtmsxm_dPIyYIgzwd_RJY7tMHMSmOAbpL1WgxgybRVk1NGqE86THWuoSqJUAfEXft_P4n6HbvTIwMTm-ZgutJfg67FrUY4aBQKa2favOsRaS3nUy5krNejXuHCCgtb73afevMu3G5U8YddWjB5rPKRbcSLFZa8JED1vTmDF8PX7XVUND7VyYC_GBLK_ZL5OrzyW1Vv10l-UlK-rtFjAl0HCGiVAesEpoNpfpyfieMBiFT0CqR42Trgd5rF8Eg5YfpcwC4yROno_YF1Wmmj8hoXL3fztbMv6GcmPF7lMtXcq2J1j1ZCf8ewZLFtKh9a0cUe1w8mJQRf3ypInqDjJmPD6NSdzffc-FB9ocfquV14TAmiA6jQJlJKcEFCaXU3kLhF5CE6FF1ocYuu2G2VngBTEQyF0X64b4aEsS9ya7CWHoTZGKqw8WKlcK_T0OurQSMED48D3IXm1ou-XPeh-XHL1yOMDmxqr34GjSOD4NPK_2XzIuNF_smIdKRenTTzo0SSkr-XJk4uMP0zyAYk2mdI9guCL2pOFVKdqBlI9A_Zf05VXZLFjapTanPXoLiAlFtIsuYWrWv4BYWBCQMHIwKBdBEVQTwuWBSgqRsngfQ9ESdbktfd3k6DbGCUjDvtMrJDSkSAO5nMiQ34KDpC4TI-vLIVtetAfzLnpk3fHLFFDeB-c0M0KcUznx8b8PChfJr5_m4zHbuXKrVVtx1l7m3d9ONQeDARZbn9x3ib0CjgSuOem3_z6VVeS9je9TKZh8u43h4ayKfhflfUPkn9eERe7XGGD7SwmZyWGn1lbhZ8BIC_jyMvA3b2cHgSCHURnvFbhZKDprS1R_jl0TofmoqWiLd6lsiu9cwg7iFetzC3jmGbaUM8wBXCF-tTzgrWwW_q8mRBYDy3GHzcuVYTsXeQiHABnZEUEND5qaaawtfW7cN1HuNjUj0pRdtkLJwAbjC_KGR10DKXxNy17o-PjXkjP9kHvJM_6lEEfkoUrvZqk11OeBkhfS7TpLyOO1JP6FO9E2svcH3WlsjwUheBRjYHd3MHJsRdjjKjp4UCnj6gnrUJQngyz-ycRf5h1JrEBT0tSrC82dYr8LVrMSQ7Enus6YK4oJaPRKO9Orf_7KsZl7rUjTGAs06sp8B0cb0Vw9wUekYCioNGwgMxfG9UaLxWN9lLfBxrGJHV6Qx5bLV-vhMImLNoBO7bN4aQs0qGM3j54SrZmrLbfXf_nnGuJ0m8FBbgra6HHGErQ0uD5VZngUYY2y4aybwtWuSvhKsfvJX0yPVJoLd-75kUS1_m5dw9b-P9zOh_Z9QfUmKRo7E05DDmwRcMaWz8uypxbNPRNxNz5dOBsPqXK95_ASQvWIa6MX04AD0vW9J0HyGYKO0x14MdLplhRB_pdzxHJejhCbWjdHhdNYtJFak8GO1UDFISmR-9RdSp9yihtI1QFPcfNwASg2H0yNXnGH9M7ZJ1W9HZRPh-WNEvOi-FOZOxBmLH3aAXUIfKG0PTgK45u4L2o7IZSIFBJFIgQm-E9pnr2n-u4phYJYd7C8cBZ7-FAZ-WupsObUPIp5AtrRJYO6YO7NdN0w3wHTDNOWgKseWWbviLI_a-7U0ss1_i-cVM4sq8404PV-HXpAzO7hAMEboT28TK6toWwQTLtKCWd2To8sZA-QrQztVh2mAYHR1gFx2ZPVsNjrWOYmHR37rdldXSQCa2nWNv1bcfjtqVlwMTB9uRN-_Z0aWhCg2N4BjvzD9vlHjw3dJpu7beJECjc6UNQukQcKUFyjCu6hyWDf46bwxl1cCuOjgiXEvM_VcJaOs2hJeeVoLVYEdDwLd-Ivfp3vQwCPGamJzcZRBN4XWI6xcCHcpqF4TTExEH5ORZwJlL7RLoKa2rmHHZKJRpDOwscrt-MZJLrEgZXqk-qWUz2XYUSnoE1iKiuIz_BqJcO2v6_jHBbj50k5zak1vKggxKhkIkRvp7zECfNZvwqilybEydCKJGAoaOpsCtNRg9fFSxx7QKFHay5UAchMd-O0l8lE3WAIy3e1BsNygXU9ie1wK-9nkBmKD2sSb9pWPwZGt-XVKVEDlTgwN8eaiAA94f8oyP2TAimT2bC_ear5aQt0pVmyvzWeJlu7CkyE8i0qKJmY_rWMqNh7cDYYC295-x8Tuc30nNszJFLeGZFv9ighdfTV5nREfQ14aeOoxxaoySGhMYaVV6otzq-EtiSvJ66gnEA_F1Rt_Zy60MEPD_Ls97i90v6y6yQDqc8qmKSPFI1ieyMjQHzLxdeakTgz1XjFigUi93RMxaOhjiFNKc2ugiTJmUs3NRZGwyv4zV1fLZQR4o2MxsbU9ohZ88E20cUe-kfMfdO7tZXY2Vel-_lFc-GvLz8g3dexKVznVfo72jKFoLai7xZH74gZ93-79RJGjRa19x5MuLjzRf9jOy7FXUqPMcPut7HB7qkF8aLAhixvuf8kyV7p3Aiddayk1MY999lcczzFQ-M0mGQDCafbOS8qtrX-qUTgsDsTarysVHXURIhim3-Bg_KInSLfMLfF2pNkFOiqwgiqp3dUgYjRuWtkaxCyAANHPau40FpsI4Fj0euWaxghvxHu3HLESTVfdNKdTrX265Eg3Bprma_yODykBMjzl7nzmzJxG7fR4fExuslKraah_9I68GhmJK1B0-p5TF4COUi-E4I8MbJ96DZDTrntxrHBS2JpQ5CCqeDRJCGw4Xv_JWAcW0GV1cbsyaqVDz1jSS3uKd-aDIrzezKa4HCQYoEkM3NkrUFPJd3PK2yJRkurObuIIEX_yJDz7-BOcABKuUYuybaJYK0GbGSFnoswMgH8auqOlQP-nYK0CrWjn_CIo2QN8647QCyD7RaTmrbfXgCrF1TIKNHvXzqd29sOdg9i7-Rx-JBi55OxIigs7Q1WDjU2-vfm6Grz1UXJO-hxdwxIWso6amvBsMuKBP6JMkujmU1MHj2EW6uhNvkfGGJ1X-YSyJHPlxovTHZrSqidZaV9pnQr0WXxwR_mpbI5PocFxfv70nIvziZmwObBeBoj66Ze8_yahTYB3S0Tclso0bV7OSElwCSjzAI&cid=CAQSTADq26N9zswik1vQa8AzRX2nanfKbfDDpy6kJuDt1RJ8aGnXsEb151o6vJiIU-K3lkNp4S4cMm1UsboS6_4NaUQDlohOeZlUTMvFN-gYASAT&rfl=2%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Frame ID: 0F13D00408A10B12AA0F488A697E5CC7
Requests: 22 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: C531316A60784EB51FB11B830D110F72
Requests: 6 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7993156538493491812/jj437394_mrec_Garmin_Epix_DV360/index.html
Frame ID: 52ABC0139773A962CEFEC265502A8BFD
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
Frame ID: 628FB2824480888BFFFF2F9D3D1676E6
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B1958F99D59C5127FC420047CFBE2FDC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 3D13F5780676830DAB09E4F33DBE90B2
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 161FFCA08809AC52952C2076A63B3BF1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9F11B6EC7B6794D20C2C7E7F3DEF84A2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8C91F1F75D5A84477CDA746440E5B1DC
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

hereO - Family Safety: Nanny Cams, GPS Watch and more!

Page URL History Show full URLs

  1. https://t.co/je2Jgu5dXz Page URL
  2. http://link1s.com/DeRq8KI HTTP 301
    https://link1s.com/DeRq8KI HTTP 302
    https://www.hereofamily.com/verifylv4/?DeRq8KI HTTP 307
    https://hereofamily.com/ HTTP 301
    https://www.hereofamily.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

216
Requests

92 %
HTTPS

0 %
IPv6

27
Domains

37
Subdomains

35
IPs

6
Countries

2527 kB
Transfer

6578 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/je2Jgu5dXz Page URL
  2. http://link1s.com/DeRq8KI HTTP 301
    https://link1s.com/DeRq8KI HTTP 302
    https://www.hereofamily.com/verifylv4/?DeRq8KI HTTP 307
    https://hereofamily.com/ HTTP 301
    https://www.hereofamily.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIu6YBDP1RnvyxPUXvjX9U&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIu6YBDP1RnvyxPUXvjX9U&google_cver=1&C=1
Request Chain 69
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4SJeFQxDw1xjrx7kDjq1AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1
Request Chain 70
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJLNskBmoQ6arhn06rKVbHM&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJLNskBmoQ6arhn06rKVbHM%26google_cver%3D1
Request Chain 71
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4MTYzMDUxNzk5NzI4NTk4NA%3D%3D
Request Chain 96
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1
Request Chain 97
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4SJeIQEwDknK.WO5M11vAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1&google_hm=2
Request Chain 98
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELzpVmDytYkvnj3BvnmfXLg&google_cver=1
Request Chain 99
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4OTQ1MTg5NDM5NzIzMzM4NA%3D%3D
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1
Request Chain 118
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4SJeIQEwDknK.WO5M11vAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1&google_hm=2
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELzpVmDytYkvnj3BvnmfXLg&google_cver=1
Request Chain 120
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4OTQ1MTg5NDM5NzIzMzM4NA%3D%3D
Request Chain 164
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKZrcW_y8l0KRB_jzuWhf1E&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKZrcW_y8l0KRB_jzuWhf1E&google_cver=1
Request Chain 165
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTU5Mzk1ZTQtNzE4ZC0yMTNjLWM1YjAtNTk3NTU1Y2Q4YTRl
Request Chain 166
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEGYbnHRYdAXT0LztS_zL1Oc&google_cver=1
Request Chain 167
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjRhNGNlMTYtN2MzZi00MjA1LTgzMDctOGFiMzk2YWZlZjIy
Request Chain 175
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 204
  • https://fw.adsafeprotected.com/rfw/st/1210565/66379768/skeleton.js?ias_dspID=3&ias_campId=1009254204&ias_pubId=pub-2205121062140812&ias_chanId=1&ias_placementId=18536756356&bidurl=https://www.hereofamily.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h_tWyapaXOaABKjZxwUeqb&adsafe_url=https%3A%2F%2Fwww.hereofamily.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.hereofamily.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fe1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fe1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=bed&adsafe_jsinfo=,id:1cc75f96-8484-058d-1679-e815d9f73f93,c:vfU69d,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-655d5567f8-cjqtp,rg:sg,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:1904,mot:0,app:0,maw:0,fm:totwIqm+11%7C12%7C13%7C141%7C15%7C1611%7C1612%7C171%7C172%7C173%7C181%7C182%7C191*.1210565-66379768%7C1911%7C1912%7C1913%7C1a11%7C1b,idMap:191*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:1921,oid:1f16a307-6f05-11ed-b52d-b605fcca31af,v:19.8.366,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

216 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
je2Jgu5dXz
t.co/
269 B
731 B
Document
General
Full URL
https://t.co/je2Jgu5dXz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
private,max-age=300
content-encoding
gzip
content-length
195
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Mon, 28 Nov 2022 10:11:58 GMT
expires
Mon, 28 Nov 2022 10:16:59 GMT
perf
7626143928
referrer-policy
unsafe-url
server
tsa_l
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
02815641b00b96fa5df10b41230de4f2a6c43c8f2ab5cc99000a4ad496b43853
x-response-time
165
x-transaction-id
8f49dd005feadbcc
x-xss-protection
0
Primary Request /
www.hereofamily.com/
Redirect Chain
  • http://link1s.com/DeRq8KI
  • https://link1s.com/DeRq8KI
  • https://www.hereofamily.com/verifylv4/?DeRq8KI
  • https://hereofamily.com/
  • https://www.hereofamily.com/
16 KB
5 KB
Document
General
Full URL
https://www.hereofamily.com/
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.128.237.116 Los Angeles, United States, ASN7489 (HOSTUS-GLOBAL-AS HostUS, HK),
Reverse DNS
Software
LiteSpeed / WPTangTocOLS
Resource Hash
9ff56e76b310d2751228a8d71d1d91f8554d4d3969d55c0f62cc0de9a3610c62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://t.co/je2Jgu5dXz
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
gzip
content-length
4817
content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 10:10:52 GMT
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
WPTangTocOLS
x-xss-protection
1;mode=block

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 28 Nov 2022 10:10:52 GMT
location
https://www.hereofamily.com/
permissions-policy
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
referrer-policy
strict-origin-when-cross-origin
server
LiteSpeed
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
WPTangTocOLS
x-redirect-by
WordPress
x-xss-protection
1;mode=block
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/
152 KB
24 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: www.hereofamily.com
URL: https://www.hereofamily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617, 617
age
19920295
cdn-cachedat
2021-04-13 02:55:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
59da3ae3b9404365378a2aa473c14f04
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
771252b0a9e0a874-SYD
cdn-requestpullsuccess
True
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
145 KB
49 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1540753690967677
Requested by
Host: www.hereofamily.com
URL: https://www.hereofamily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
758425f217a349649d120914a929b0c8081deabcdcbcfe2e6b1ffe8c33b6a63e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hereofamily.com/
Origin
https://www.hereofamily.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49477
x-xss-protection
0
server
cafe
etag
9086108597256601511
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 28 Nov 2022 10:12:03 GMT
js
www.googletagmanager.com/gtag/
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-224687701-1
Requested by
Host: www.hereofamily.com
URL: https://www.hereofamily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
bffaae4a7e0ee2e8bf22d461e92af69be2bce24d50caf85be1f883259c8dfca7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43676
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 28 Nov 2022 10:12:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
78 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.hereofamily.com
URL: https://www.hereofamily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27210
x-xss-protection
0
server
sffe
etag
"1405 / 840 of 1000 / last-modified: 1669244741"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 28 Nov 2022 10:12:04 GMT
logo1s.png
link1s.com/
30 KB
30 KB
Image
General
Full URL
https://link1s.com/logo1s.png
Requested by
Host: www.hereofamily.com
URL: https://www.hereofamily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
fbs / LarVPS
Resource Hash
a1e2b0dcdc48527c85aa69b5f00854c11cb4b4554544098f2473119428c38017
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 28 Feb 2021 03:13:41 GMT
server
fbs
etag
"603b0a65-7682"
x-download-options
noopen
x-powered-by
LarVPS
content-type
image/png
access-control-allow-origin
*
x-hw
1669630323.cds205.sy2.hn,1669630323.cds207.sy2.c
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30338
x-xss-protection
1; mode=block
ser.php
ssp.web1s.com/
3 KB
2 KB
Script
General
Full URL
https://ssp.web1s.com/ser.php?t=AADIV56&f=56&psc=
Requested by
Host: www.hereofamily.com
URL: https://www.hereofamily.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
nginx / LarVPS
Resource Hash
ea8ad008ab4dd58162e9fdfb1b32302f46ca780168984413c2e5a868c04f22f7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
nginx
x-powered-by
LarVPS
x-download-options
noopen
x-hw
1669630323.cds024.sy2.hn,1669630323.cds020.sy2.sc,1669630324.cds020.sy2.p
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
accept-ranges
bytes
x-xss-protection
1; mode=block
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/
355 KB
117 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1540753690967677
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
2ca4d28ab2c14f13d6f0a8ea5175a4bfe3773cae9c502545a97b396737c974ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119603
x-xss-protection
0
server
cafe
etag
14358802220943534917
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Nov 2022 10:12:04 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 52EE
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1540753690967677
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hereofamily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
40515
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 22:56:49 GMT
etag
10353107486223812946
expires
Sun, 11 Dec 2022 22:56:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5112623
offfurreton.com/400/
0
357 B
Script
General
Full URL
https://offfurreton.com/400/5112623
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-trace-id
e9bbb2462fe6459bafa722c6f516e5fc
pragma
no-cache
date
Mon, 28 Nov 2022 10:12:05 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
vary
Origin
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
tag.min.js
upskittyan.com/pfe/current/
14 KB
6 KB
Script
General
Full URL
https://upskittyan.com/pfe/current/tag.min.js?z=5118379
Requested by
Host: ssp.web1s.com
URL: https://ssp.web1s.com/ser.php?t=AADIV56&f=56&psc=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b3003c3ab4f9e4ac15d2f96fe35686dfd975147278ef23f3ef3270679c54038d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:05 GMT
content-encoding
gzip
last-modified
Thu, 24 Nov 2022 15:53:54 GMT
server
nginx
etag
W/"637f9392-39be"
content-type
application/javascript
cache-control
no-cache
access-control-allow-credentials
true
5112622
ugroocuw.net/5/
0
421 B
Script
General
Full URL
https://ugroocuw.net/5/5112622
Requested by
Host: ssp.web1s.com
URL: https://ssp.web1s.com/ser.php?t=AADIV56&f=56&psc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Mon, 28 Nov 2022 10:12:05 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/
381 KB
129 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 06:17:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Nov 2023 06:17:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
131 B
108 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.hereofamily.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e29129691fbab1127591b9b596238af536d447dd5292a7e0b8f00a0fdaab4f81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
expires
Mon, 28 Nov 2022 10:12:05 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-224687701-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Nov 2022 09:12:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
3568
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Mon, 28 Nov 2022 11:12:37 GMT
integrator.js
adservice.google.co.nz/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=www.hereofamily.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hereofamily.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
219 KB
59 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4424423428132875&correlator=2857999334602871&eid=31070983%2C31070116%2C31070838&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=21857590943%3A22677312591%2Chereofamily.com%2Chereofamily.com_anchor%2Chereofamily.com_interstitial%2Chereofamily.com_300x250_1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=1x1%2C1x1%2C336x280%7C320x50%7C300x250%7C320x100&ifi=5&adks=613163195%2C1312767204%2C3600352650&sfv=1-0-40&ists=6&fas=1%2C8%2C0&sc=1&cookie_enabled=1&abxe=1&dt=1669630325640&lmt=1669630325&dlt=1669630322946&idt=2661&adxs=-9%2C-9%2C632&adys=-9%2C-9%2C358&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.hereofamily.com%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C1000x1374&msz=0x-1%7C0x-1%7C1000x50&fws=2%2C2%2C4&ohw=0%2C0%2C1600&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
7108f85755fc266ca60e49fc06bb323ca06044549c99318db79d3fab5b8d10bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60736
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hereofamily.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
15 KB
8 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4424423428132875&correlator=2857999334602871&eid=31070983%2C31070116%2C31070838&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=21857590943%3A22677312591%2Chereofamily.com%2Chereofamily.com_300x250_2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x250%7C336x280&ifi=8&adks=1095224260&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1669630325647&lmt=1669630325&dlt=1669630322946&idt=2661&adxs=640&adys=474&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.hereofamily.com%2F&frm=20&vis=1&psz=1000x1374&msz=1000x50&fws=4&ohw=1600&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
482ca1be7978847c7273988f985f286c8af913ef6c117015af20c302b832344c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8279
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hereofamily.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
74 KB
35 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4424423428132875&correlator=2857999334602871&eid=31070983%2C31070116%2C31070838&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=21857590943%3A22677312591%2Chereofamily.com%2Chereofamily.com_300x250_3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C320x100%7C320x50%7C336x280&ifi=9&adks=3797433685&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1669630325649&lmt=1669630325&dlt=1669630322946&idt=2661&adxs=650&adys=1402&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.hereofamily.com%2F&frm=20&vis=1&psz=1000x1374&msz=1000x50&fws=4&ohw=1600&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
d3abb75bb587fbd07a07d246d092462dbd1ff0e87cda244d7b9233c111ced89b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35330
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hereofamily.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9398
6 KB
3 KB
Document
General
Full URL
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hereofamily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:06 GMT
expires
Tue, 28 Nov 2023 10:12:06 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022111501.js
securepubads.g.doubleclick.net/gpt/
37 KB
14 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
sffe /
Resource Hash
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 12:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424973
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13838
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Nov 2023 12:09:15 GMT
cookie.js
partner.googleadservices.com/gampad/
397 B
699 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.hereofamily.com&callback=_gfp_s_&client=ca-pub-1540753690967677&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
cafe /
Resource Hash
cfd07ec4774cb35702d68c67fcd418417ebdd6c0d10d88883fd5af45814cbfcd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
254
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E697
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&adk=1812271804&adf=3025194257&lmt=1669630325&plat=1%3A64%2C2%3A64%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.hereofamily.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324221&bpp=3&bdt=1275&idt=1488&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=726049612534&frm=20&pv=2&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1504
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hereofamily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:05 GMT
expires
Mon, 28 Nov 2022 10:12:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2A0F
70 KB
25 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
41f7d3948029176ebbe86146c954f2aae2c829444b6a208aa1d3d2bd59cb41d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hereofamily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
25470
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:06 GMT
expires
Mon, 28 Nov 2022 10:12:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 769C
92 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
0421e4c0ca3f8ebd03d04f457b27510274a4011356f080a025e3182dc4a49a80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hereofamily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
12540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:06 GMT
expires
Mon, 28 Nov 2022 10:12:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zone
upskittyan.com/
688 B
979 B
Fetch
General
Full URL
https://upskittyan.com/zone?pub=0&zone_id=5118379&is_mobile=false&domain=www.hereofamily.com&var=&ymid=&var_3=
Requested by
Host: upskittyan.com
URL: https://upskittyan.com/pfe/current/tag.min.js?z=5118379
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
497cabc89b2902d851fda0c03e470b94764f82d12c885cf2734e222a6a298a63
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-trace-id
e8f693308f86966b68aabaf787789aa5
date
Mon, 28 Nov 2022 10:12:05 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hereofamily.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
688
universal.min.js
upskittyan.com/pfe/current/
96 KB
33 KB
Fetch
General
Full URL
https://upskittyan.com/pfe/current/universal.min.js?v=3.1.405
Requested by
Host: upskittyan.com
URL: https://upskittyan.com/pfe/current/tag.min.js?z=5118379
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1457cd0f9f509a2452e9f1ab9f0f4b5fad2f27d7d91003f122367dac9b1b8fe5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:06 GMT
content-encoding
gzip
last-modified
Thu, 24 Nov 2022 15:53:54 GMT
server
nginx
etag
W/"637f9392-180b9"
content-type
application/javascript
access-control-allow-origin
https://www.hereofamily.com
cache-control
no-cache
access-control-allow-credentials
true
ads
googleads.g.doubleclick.net/pagead/ Frame 6562
17 KB
8 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1003366635&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324227&bpp=1&bdt=1280&idt=1532&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C336x336&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=1066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=gouRnk5LvF&p=https%3A//www.hereofamily.com&dtd=1535
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
28bcfede36b1079f8b1c4ef1141e715f057d4d7c600720e8751aec0b23aa404f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hereofamily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
8118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:06 GMT
expires
Mon, 28 Nov 2022 10:12:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1906383948&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hereofamily.com%2F&ul=en-us&de=UTF-8&dt=hereO%20-%20Family%20Safety%3A%20Nanny%20Cams%2C%20GPS%20Watch%20and%20more!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1405836467&gjid=410704128&cid=1450316800.1669630326&tid=UA-224687701-1&_gid=1159447286.1669630326&_r=1&gtm=2oub90&z=160468451
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.38.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hereofamily.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hereofamily.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 769C
221 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 24 Nov 2022 12:51:46 GMT
age
336021
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 24 Nov 2023 12:51:46 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 769C
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 28 Nov 2022 01:24:21 GMT
age
31666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Nov 2023 01:24:21 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 769C
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 05:23:01 GMT
age
535746
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 05:23:01 GMT
amp-carousel-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 769C
33 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-carousel-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
a2cef147f59ba3c90ea2d5a2d4897f9c126b5d71b472d5625cd484fa232ef0c1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 21 Nov 2022 18:13:13 GMT
age
575934
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10090
x-xss-protection
0
server
sffe
etag
"e045a48636d92551"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 Nov 2023 18:13:13 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 769C
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 25 Nov 2022 06:20:45 GMT
age
273082
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Nov 2023 06:20:45 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 769C
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 19:38:19 GMT
age
484428
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 19:38:19 GMT
amp-gwd-animation-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 769C
6 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-gwd-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
79e86049a33a4706f4e46501c1268f61536aa9ed3943113c308076b2403c53f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 28 Nov 2022 02:05:18 GMT
age
29210
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2457
x-xss-protection
0
server
sffe
etag
"d4430c48bac670ef"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Nov 2023 02:05:18 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 769C
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 17:01:11 GMT
x-content-type-options
nosniff
server
cafe
age
61856
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Mon, 28 Nov 2022 17:01:11 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 769C
344 B
474 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 12:35:44 GMT
x-content-type-options
nosniff
server
cafe
age
77783
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 28 Nov 2022 12:35:44 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 769C
0
17 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CixkZdYmEY6SUNp-RssUP0PqeqA-Z_4_AbYS-xYLvELzMrvGhNxABIIfdzChgq-yxheAYoAHE0va_KMgBCakCc4neHw3UpD6oAwHIAwiqBNcBT9CaltXKW1Rvncsc0661GOSJhbuDw-izhYtvC2DJGPmPDx8DjR_PGGufeA_xYBEViMZnqgjxE1IYFOuC3Nu4xr412Kp2MF1egS8yaKQ-fDGpElV3_KtIB3c-wunv3P4MmYuIvkalaVHRqt1YhM9xw4U2ury70a0oxWwR_yib0B8iGn7QF8suOd3aeXOE6CTZzxv6kKyZ7kDjsJ4UXiIczSuOIFucNIIR3R5JKF7VmxfbZzmSJMWcgvH4ht_XKS6ZY0aD50PG7LALw4CY3Rm13PDtJdGR2ILABOmg0tKkBJIFBAgEGAGSBQQIBRgEoAYugAfEisefA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMjVCNIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0xNTQwNzUzNjkwOTY3Njc3GAA&sigh=WnfI3R5JDrU&uach_m=[UACH]&cid=CAQSGwDq26N9agVrVjbicEnWJpc1UPONqtSV6PFAGBgBIBM&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
BG.jpg
tpc.googlesyndication.com/sadbundle/12436910007385564782/ Frame 769C
54 KB
55 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/12436910007385564782/BG.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
02acaea89ef93de8e97f91ac41f7e4cb241b05d527ebcd62956e3e02168d5b24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55806
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 04:20:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:08 GMT
t1.png
tpc.googlesyndication.com/sadbundle/12436910007385564782/ Frame 769C
4 KB
4 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/12436910007385564782/t1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
537d8b9cf77c7c5c817fde89fe3a31b33311d482f7dcf7120af7b41e0363fcd8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3932
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 04:20:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:08 GMT
image1.png
tpc.googlesyndication.com/sadbundle/12436910007385564782/ Frame 769C
45 KB
45 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/12436910007385564782/image1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
f779500d96f2b86cf0e6d2985e48fe09875da070c986d00c3cb9c31da8edcebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46201
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 04:20:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:08 GMT
t2.png
tpc.googlesyndication.com/sadbundle/12436910007385564782/ Frame 769C
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/12436910007385564782/t2.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
d5a4d6644586e39100d9faf9e7d4576c76f2c8dda86ad5d89b63261e65c7feb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2538
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 04:20:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:08 GMT
TCs.png
tpc.googlesyndication.com/sadbundle/12436910007385564782/ Frame 769C
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/12436910007385564782/TCs.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
46fe2dd08d5fda9675d8ca1f7c432e46a70501af228dc30d6774ffca359cf072
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1457
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 04:20:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:08 GMT
logo.png
tpc.googlesyndication.com/sadbundle/12436910007385564782/ Frame 769C
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/12436910007385564782/logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
03366bed9e3d06c37c4f2b180c05937e1436837b2f32b1a938cc6c218d99fed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2070
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 04:20:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:08 GMT
tray.png
tpc.googlesyndication.com/sadbundle/12436910007385564782/ Frame 769C
1 KB
1 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/12436910007385564782/tray.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
11f5cb43d7f0dd4ea7f299cd25c1b64aa631b6ab098c500278cfa9b364c6ac01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1166
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 04:20:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:08 GMT
order_up.png
tpc.googlesyndication.com/sadbundle/12436910007385564782/ Frame 769C
6 KB
6 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/12436910007385564782/order_up.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
7572bf4643dc6c9e225117a1e4bfb86d288c55e08eb29569a53ce18de65688d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5874
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 04:20:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:08 GMT
t4.png
tpc.googlesyndication.com/sadbundle/12436910007385564782/ Frame 769C
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/12436910007385564782/t4.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5c31b009aa21b8afde1a668a7b1cb0b1585611d984f3f7d90fe39fe026c18ba4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2236
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 04:20:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:08 GMT
image2.png
tpc.googlesyndication.com/sadbundle/12436910007385564782/ Frame 769C
26 KB
26 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/12436910007385564782/image2.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
40b509024b7508d5ac324b400725d0801ac0ea8ec27e9ea2a79f9b4c46012eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26612
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 04:20:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:08 GMT
t3.png
tpc.googlesyndication.com/sadbundle/12436910007385564782/ Frame 769C
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/12436910007385564782/t3.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
774247fca311ae186c1ca26c0fc7ba8ec2eff55806b23159f81b38b78ea90b7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3019
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 04:20:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:08 GMT
button.png
tpc.googlesyndication.com/sadbundle/12436910007385564782/ Frame 769C
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/12436910007385564782/button.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
ffc0bf586e39dea6e7b0bc3703e733a56ca0aae30a31b49f0e7f6aed22568858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2021
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 04:20:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:08 GMT
mouse.png
tpc.googlesyndication.com/sadbundle/12436910007385564782/ Frame 769C
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/sadbundle/12436910007385564782/mouse.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1460667099&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324226&bpp=1&bdt=1280&idt=1524&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=674&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=fqp5i1tdbg&p=https%3A//www.hereofamily.com&dtd=1527
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
7cf98085dfe888e5931c1657f252184e2b2d4695ba4663374f60ae15abd4ed01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1547
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 04:20:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:08 GMT
truncated
/ Frame 769C
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4142ebe166e185cfcab474050cedc9b94bdbdb18224822507a8c6be152c98ac

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0C02
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjXmanEATAB&v=APEucNXSdeT_9wzWNydqZ2i39VtdAaT82UVWuHU9jFFgor_HxgNX2O4wPKUMzMRxQrcyW5cElWeq9P70TT-n1gC9OhGdYEpEsw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1003366635&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324227&bpp=1&bdt=1280&idt=1532&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C336x336&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=1066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=gouRnk5LvF&p=https%3A//www.hereofamily.com&dtd=1535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1003366635&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324227&bpp=1&bdt=1280&idt=1532&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C336x336&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=1066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=gouRnk5LvF&p=https%3A//www.hereofamily.com&dtd=1535
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:06 GMT
expires
Mon, 28 Nov 2022 10:12:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 1A20
67 KB
32 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWoGWDgsX4WIFlNN6nk95YrITL2QfX3p7JX7pXLcxxS-0958gHrFxG0uMF_h13jiMKKITP6mk-qpKGK2GLCwKjaS-yUw&cry=1&dbm_d=AKAmf-D5SZKXLuW4oDpwWk5GC7r38rjcEEkiiYpRf4qRmybxps0xU9niEqD55Q5pT8yM7Rm-cqnHRVNaUqx985Y1j-NsaJwxQcoj4Dmwo4fcBkmn4iIN01VbYO0fexYnU8xgwbtVEzEXO3Bi63ZJeXFf0HhqkX3Ku1mrK3i4ACAexYJ1tIOyQEcljm73nmAeC0WM1bq7pAoUjZD6FStMyvEDYcRZhBlI5OewyxWVlg1FswdnZT5wop44y7JLpmIfiYtAxQB20PVqadb3l8poubD4LDXoB_FXBYoEqHjfVJzJSjIQsfYyZXSJduc-hXgDmrZfxHiMyN6MefWJWC9uFccTz2YDa2WYu-CrxQl6GzSDktn1pw4TteVXOcdpQGprWxDMygCxJBbfNaf2QcA297qzQgazHOqBbz8CllawV12OLEUiInf6c3QWb23sonK7PzcDYL4qBqlLeIDamcsOw7JStziiQK2Y55xQiI3Tp9bDkTZBExV_SKnJkCvjXCrNU5jBLBTI6pp4A7sIM0Das2eqY6xh_n5suSsjKLwVoMLwBfVAZ3jpAgCyjmC7790E0L08DB6zKFSvnF7M_VX8SvKjGa0AMxV6rGR7qzKXdleqRy-M7EhtirC2DtjR18hgEsegHgfUtL8l1sq2E326Hst8wapXZnxAO9ouCNTyPVE5VfN_P9Zz2YZg6ZUPNc3Q_inKcWf3ZIGtw-NZZucfWrHwvYiSbpgMgpciJSb3BX4xJUAQCKQHYuzNz942-OxGCDYvUL8L1sBdeaTY8BfxE6TOGiYvCOGaaClGEHE8slLCHlAoWrkQPBMYO9lDonNCN7DJ7Xzz2SNcA2Ek-6NM3Axf5IUYvvvbrM_Uwwi5YUOnEPAefKM9YcQjHDtsfj08GviYO0_dy-Zdf-PFdeMVnmDy12PU4O1GKFrDlceMExeGY22lkVz1p4Wu8ASZOEhJvyoVfoK-t9R7mqKkw2ipHO7rlG5CD6nh6gZ-61b-KpAOfaoo4MWFEF-JBzloeq1R785UtNPrO2w1SqvxVYzLv1oQRhdrmCIrOYZuitOusz38z42-o7ozqchQ0W_b7q15PeI7miho-uSy1pIrrPpH4CXSw8-kzmlgaG4l6FKOxcgUWloO49eO9RQdkFVm9uH7WUdw4QUJx2uOyeIV5ItjIFhgd909r2vGwTLw4UIFz_mXhsEFLkRG9yMObUQkK_Zarq_gXzeH0atGaFKWsfsQPmDuWxvhqwTe1iDw_dSvOPZcAByzOMYY6ypPXz09i9ekbfOl-6vvPItBqYVXzylcWA0R8Pk7GFUVdT_v1_ELxYFYp8nSEKF3ctF6YgVSN8qGA6lCXtPqJcZvyLf9Ltc6uw0kqSdkvam0h5uS3exIssyjP_jdbS2evfSoYksNs-z0sQdPthhcpqLNpWHiTHE3Jf4So1Rfio-8ijOneArvn_iq0YQGMXF8qh5r0vQ0TJQyu--hNqx50RSWjU1M4xq9YkXkcBFfvr5N_RBIhCFEsMgx3BH_KQQEILsGdiBwVhHNluT_XlzqRaSJUeFjeb1WxT7nMEhs7bcwmBjeH5b_dIOSu7L4vWdXZIZM35rVMy9Nj5pNXacN69VEbHqaqym1hpUfccbUqpzJwT4uwxnSancy2kREnhaEN6d20TWmuROlJGkYv3JF0g2_vUDWjHAug8n8qr1olFC1bARODFPRf5LRanq3ZFVJLZEcjcBkxsxm69CdMfwUpvY6jCNqyWVl4akSTjWZgrc4wURsuqnzImGrftvPPPc2DIWsYA1yfAN2BGPHgVSXEeiLx_VB6CzA69lhRoOHokx2ODQx4IYYq304tVhmhxW5AcWmFzTLQ5jKu2K2snvFGz8Vki5NMDy995hZkmdt8pDwU0KwCeWf2z7pNDIyHUIg_za8eFz8OLiVQnY5zZYFunIMZvCishsVdW39Yl6XZayjEPQriK3AH4rcLNkBMk6Qq4ZdRJ0ee19GBo_al8libRwlLVA3GIXfc6AG6E-lHeOp6RoxeBALMhOibMPJ5ObjsbCXLV2ZgnvnZ9-uYzDjXzslNeztYY1ZnjOTXqWINLw0lxhDGPQ7Lqi4q_jK9UqcrvPHDQmWxlTGoDXFU86W3XIXgDA2kriSlr_Jt_bYmrubs1RjjflVZnDyIfkYwqvPlRfQHiV6FSP2zcvHzAhnviSZJ-pFoQipcmiYDQdl27vXn3W84GalhtDQgWYAv0iMq-6x2CcMe4byA9wbwr8Ip1uWAt8aTDpd-ritw3OEPTbVtwnfTDeFb3inNjV-fDnGxu8i5lUIhTQfMpFmpVoBsf3R9nFfp_l9_Kjk8R4L0chBEo8r1yW1T9ChH3cH5H1hjPkFzqWOncnVFzNZlQ_oMTQsjjZ-FT2BONwIBrEMtwChyX00HL-mYzjEQq4-JC9X80pLTV2llIsJbdbQO1LA-un31yL47u-7f9r3Pzk2SUJi20F1tGh2xpiIYjjWr_e8MOjLGC_umSVYUMqate5d-a0eO7N-TRhjSrlsr-RMBPY3MO8VpuPfntiHTuIQSLZK5B-jiO1fTJ3cimp-mcq5rt-3nMYfzbxgpcW2Pv-abTURt68Ljltd1k43PufQK0gnK0VCYe6fkSKDYdw3wqXHax6SPFea7jeqfIfieufZdP74QPweWHNRVYf7o8GaMU8Wq4doZjBOj4LSogY9UWo61HSLV2YPibY44RoeeOV2oiHUBeZ08BaBzoohEDdLwUYeVB6jIZyCOWlrrUb3tp9PwmiI4-Yxf44qeEIU01Nzusrs-4e-7HXRkOL7MnC2uOwj9hD7HAchboLFD3Rp6K8k6gz1p3KeJAvxnfmrQITNnmKJHLg01I_VdJDIJHX3n22zMdPyfYqdH2A2IuRnmUbJVHFYdaLZaLwuJ_Qq8lDvQ4B3zrANwmtj9b_HYWjr8pBPCEQOCS89-JlO43qTGdWf7R0F-T9ABuKT2akSiTFVy8543lTjz_0Knsv8rN7rn31A7URUdaFg_f77eDDe2WMfobl6PBn4RZgC7CS1dVTGuRbg43gBnNXAACAqz_RnMSrSiMgzwGyTxj4HNlT_HbPF2u1SxQ8n_0D6ohQqxq9W7AFc8fQ72Q9or-1J3mk0x25HIXzXnZ_n56AAmuj-Pntzc5qujeGP_edc4FwTr_kWke4zdqje8WXjJWKq_zlLni55v1s&cid=CAQSGwDq26N9hU6SAcMCY6wYhuknRaezln5b0vFWzhgBIBM&rfl=2%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
075331d621e991fed988ec0a7b58fa404c4a9a2804849a731deacb53310ce3aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1003366635&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324227&bpp=1&bdt=1280&idt=1532&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C336x336&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=1066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=gouRnk5LvF&p=https%3A//www.hereofamily.com&dtd=1535
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32771
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1A20
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1003366635&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324227&bpp=1&bdt=1280&idt=1532&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C336x336&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=1066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=gouRnk5LvF&p=https%3A//www.hereofamily.com&dtd=1535
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 09:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
4072
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 09:04:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 1A20
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1003366635&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324227&bpp=1&bdt=1280&idt=1532&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C336x336&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=1066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=gouRnk5LvF&p=https%3A//www.hereofamily.com&dtd=1535
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 07:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
10237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 07:21:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1A20
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1003366635&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324227&bpp=1&bdt=1280&idt=1532&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C336x336&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=1066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=gouRnk5LvF&p=https%3A//www.hereofamily.com&dtd=1535
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 10:12:07 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A20
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D6x4iHRVYC8XibDvSeg3trXG_F58stbmF4jQCq6aWPiaC-cUQ4ulPNfk0t49ArgNbMHl6ES3RQOfGFpJyPxWABFMAPE1T2kY2lU36Z2Mz2Psm3BtQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1003366635&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324227&bpp=1&bdt=1280&idt=1532&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C336x336&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=1066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=gouRnk5LvF&p=https%3A//www.hereofamily.com&dtd=1535
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 2A0F
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 10:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 08:59:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 10:12:07 GMT
delayed_impression_vu_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/impression/ Frame 2A0F
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/impression/delayed_impression_vu_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3a884fabfe8b946af11849f676a46317ac57b22440eca1535ffc26880d6ecca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 22:00:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
43927
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7585
x-xss-protection
0
server
cafe
etag
6483726508017165511
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 22:00:00 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2A0F
2 KB
765 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 16:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
64226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 16:21:42 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 2A0F
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 07:22:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
10206
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 07:22:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2A0F
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 09:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
4073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 09:04:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 2A0F
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 07:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
10237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 07:21:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2A0F
154 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 10:12:07 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame 2A0F
34 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 03:39:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109973
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 25 Feb 2023 03:39:15 GMT
rum
dsum-sec.casalemedia.com/ Frame 0C02
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIu6YBDP1RnvyxPUXvjX9U&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIu6YBDP1RnvyxPUXvjX9U&google_cver=1&C=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIu6YBDP1RnvyxPUXvjX9U&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjXmanEATAB&v=APEucNXSdeT_9wzWNydqZ2i39VtdAaT82UVWuHU9jFFgor_HxgNX2O4wPKUMzMRxQrcyW5cElWeq9P70TT-n1gC9OhGdYEpEsw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEOIu6YBDP1RnvyxPUXvjX9U&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 0C02
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4SJeFQxDw1xjrx7kDjq1AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1
43 B
894 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjXmanEATAB&v=APEucNXSdeT_9wzWNydqZ2i39VtdAaT82UVWuHU9jFFgor_HxgNX2O4wPKUMzMRxQrcyW5cElWeq9P70TT-n1gC9OhGdYEpEsw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 0C02
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJLNskBmoQ6arhn06rKVbHM&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJLNskBmoQ6arhn06rKVbHM%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJLNskBmoQ6arhn06rKVbHM%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjXmanEATAB&v=APEucNXSdeT_9wzWNydqZ2i39VtdAaT82UVWuHU9jFFgor_HxgNX2O4wPKUMzMRxQrcyW5cElWeq9P70TT-n1gC9OhGdYEpEsw
Protocol
HTTP/1.1
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:08 GMT
AN-X-Request-Uuid
fdc2829a-034d-4af6-9104-01de17858e00
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:08 GMT
AN-X-Request-Uuid
81f0faa3-86b1-4277-9a83-13fc6badedfb
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJLNskBmoQ6arhn06rKVbHM%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0C02
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4MTYzMDUxNzk5NzI4NTk4NA%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4MTYzMDUxNzk5NzI4NTk4NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARjXmanEATAB&v=APEucNXSdeT_9wzWNydqZ2i39VtdAaT82UVWuHU9jFFgor_HxgNX2O4wPKUMzMRxQrcyW5cElWeq9P70TT-n1gC9OhGdYEpEsw
Protocol
H2
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:08 GMT
AN-X-Request-Uuid
7a09593b-8d6a-4bfe-9555-651bec7d18c7
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njk4MTYzMDUxNzk5NzI4NTk4NA%3D%3D
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 1A20
29 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWoGWDgsX4WIFlNN6nk95YrITL2QfX3p7JX7pXLcxxS-0958gHrFxG0uMF_h13jiMKKITP6mk-qpKGK2GLCwKjaS-yUw&cry=1&dbm_d=AKAmf-D5SZKXLuW4oDpwWk5GC7r38rjcEEkiiYpRf4qRmybxps0xU9niEqD55Q5pT8yM7Rm-cqnHRVNaUqx985Y1j-NsaJwxQcoj4Dmwo4fcBkmn4iIN01VbYO0fexYnU8xgwbtVEzEXO3Bi63ZJeXFf0HhqkX3Ku1mrK3i4ACAexYJ1tIOyQEcljm73nmAeC0WM1bq7pAoUjZD6FStMyvEDYcRZhBlI5OewyxWVlg1FswdnZT5wop44y7JLpmIfiYtAxQB20PVqadb3l8poubD4LDXoB_FXBYoEqHjfVJzJSjIQsfYyZXSJduc-hXgDmrZfxHiMyN6MefWJWC9uFccTz2YDa2WYu-CrxQl6GzSDktn1pw4TteVXOcdpQGprWxDMygCxJBbfNaf2QcA297qzQgazHOqBbz8CllawV12OLEUiInf6c3QWb23sonK7PzcDYL4qBqlLeIDamcsOw7JStziiQK2Y55xQiI3Tp9bDkTZBExV_SKnJkCvjXCrNU5jBLBTI6pp4A7sIM0Das2eqY6xh_n5suSsjKLwVoMLwBfVAZ3jpAgCyjmC7790E0L08DB6zKFSvnF7M_VX8SvKjGa0AMxV6rGR7qzKXdleqRy-M7EhtirC2DtjR18hgEsegHgfUtL8l1sq2E326Hst8wapXZnxAO9ouCNTyPVE5VfN_P9Zz2YZg6ZUPNc3Q_inKcWf3ZIGtw-NZZucfWrHwvYiSbpgMgpciJSb3BX4xJUAQCKQHYuzNz942-OxGCDYvUL8L1sBdeaTY8BfxE6TOGiYvCOGaaClGEHE8slLCHlAoWrkQPBMYO9lDonNCN7DJ7Xzz2SNcA2Ek-6NM3Axf5IUYvvvbrM_Uwwi5YUOnEPAefKM9YcQjHDtsfj08GviYO0_dy-Zdf-PFdeMVnmDy12PU4O1GKFrDlceMExeGY22lkVz1p4Wu8ASZOEhJvyoVfoK-t9R7mqKkw2ipHO7rlG5CD6nh6gZ-61b-KpAOfaoo4MWFEF-JBzloeq1R785UtNPrO2w1SqvxVYzLv1oQRhdrmCIrOYZuitOusz38z42-o7ozqchQ0W_b7q15PeI7miho-uSy1pIrrPpH4CXSw8-kzmlgaG4l6FKOxcgUWloO49eO9RQdkFVm9uH7WUdw4QUJx2uOyeIV5ItjIFhgd909r2vGwTLw4UIFz_mXhsEFLkRG9yMObUQkK_Zarq_gXzeH0atGaFKWsfsQPmDuWxvhqwTe1iDw_dSvOPZcAByzOMYY6ypPXz09i9ekbfOl-6vvPItBqYVXzylcWA0R8Pk7GFUVdT_v1_ELxYFYp8nSEKF3ctF6YgVSN8qGA6lCXtPqJcZvyLf9Ltc6uw0kqSdkvam0h5uS3exIssyjP_jdbS2evfSoYksNs-z0sQdPthhcpqLNpWHiTHE3Jf4So1Rfio-8ijOneArvn_iq0YQGMXF8qh5r0vQ0TJQyu--hNqx50RSWjU1M4xq9YkXkcBFfvr5N_RBIhCFEsMgx3BH_KQQEILsGdiBwVhHNluT_XlzqRaSJUeFjeb1WxT7nMEhs7bcwmBjeH5b_dIOSu7L4vWdXZIZM35rVMy9Nj5pNXacN69VEbHqaqym1hpUfccbUqpzJwT4uwxnSancy2kREnhaEN6d20TWmuROlJGkYv3JF0g2_vUDWjHAug8n8qr1olFC1bARODFPRf5LRanq3ZFVJLZEcjcBkxsxm69CdMfwUpvY6jCNqyWVl4akSTjWZgrc4wURsuqnzImGrftvPPPc2DIWsYA1yfAN2BGPHgVSXEeiLx_VB6CzA69lhRoOHokx2ODQx4IYYq304tVhmhxW5AcWmFzTLQ5jKu2K2snvFGz8Vki5NMDy995hZkmdt8pDwU0KwCeWf2z7pNDIyHUIg_za8eFz8OLiVQnY5zZYFunIMZvCishsVdW39Yl6XZayjEPQriK3AH4rcLNkBMk6Qq4ZdRJ0ee19GBo_al8libRwlLVA3GIXfc6AG6E-lHeOp6RoxeBALMhOibMPJ5ObjsbCXLV2ZgnvnZ9-uYzDjXzslNeztYY1ZnjOTXqWINLw0lxhDGPQ7Lqi4q_jK9UqcrvPHDQmWxlTGoDXFU86W3XIXgDA2kriSlr_Jt_bYmrubs1RjjflVZnDyIfkYwqvPlRfQHiV6FSP2zcvHzAhnviSZJ-pFoQipcmiYDQdl27vXn3W84GalhtDQgWYAv0iMq-6x2CcMe4byA9wbwr8Ip1uWAt8aTDpd-ritw3OEPTbVtwnfTDeFb3inNjV-fDnGxu8i5lUIhTQfMpFmpVoBsf3R9nFfp_l9_Kjk8R4L0chBEo8r1yW1T9ChH3cH5H1hjPkFzqWOncnVFzNZlQ_oMTQsjjZ-FT2BONwIBrEMtwChyX00HL-mYzjEQq4-JC9X80pLTV2llIsJbdbQO1LA-un31yL47u-7f9r3Pzk2SUJi20F1tGh2xpiIYjjWr_e8MOjLGC_umSVYUMqate5d-a0eO7N-TRhjSrlsr-RMBPY3MO8VpuPfntiHTuIQSLZK5B-jiO1fTJ3cimp-mcq5rt-3nMYfzbxgpcW2Pv-abTURt68Ljltd1k43PufQK0gnK0VCYe6fkSKDYdw3wqXHax6SPFea7jeqfIfieufZdP74QPweWHNRVYf7o8GaMU8Wq4doZjBOj4LSogY9UWo61HSLV2YPibY44RoeeOV2oiHUBeZ08BaBzoohEDdLwUYeVB6jIZyCOWlrrUb3tp9PwmiI4-Yxf44qeEIU01Nzusrs-4e-7HXRkOL7MnC2uOwj9hD7HAchboLFD3Rp6K8k6gz1p3KeJAvxnfmrQITNnmKJHLg01I_VdJDIJHX3n22zMdPyfYqdH2A2IuRnmUbJVHFYdaLZaLwuJ_Qq8lDvQ4B3zrANwmtj9b_HYWjr8pBPCEQOCS89-JlO43qTGdWf7R0F-T9ABuKT2akSiTFVy8543lTjz_0Knsv8rN7rn31A7URUdaFg_f77eDDe2WMfobl6PBn4RZgC7CS1dVTGuRbg43gBnNXAACAqz_RnMSrSiMgzwGyTxj4HNlT_HbPF2u1SxQ8n_0D6ohQqxq9W7AFc8fQ72Q9or-1J3mk0x25HIXzXnZ_n56AAmuj-Pntzc5qujeGP_edc4FwTr_kWke4zdqje8WXjJWKq_zlLni55v1s&cid=CAQSGwDq26N9hU6SAcMCY6wYhuknRaezln5b0vFWzhgBIBM&rfl=2%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 11:51:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
80453
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 11:51:14 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 1A20
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWoGWDgsX4WIFlNN6nk95YrITL2QfX3p7JX7pXLcxxS-0958gHrFxG0uMF_h13jiMKKITP6mk-qpKGK2GLCwKjaS-yUw&cry=1&dbm_d=AKAmf-D5SZKXLuW4oDpwWk5GC7r38rjcEEkiiYpRf4qRmybxps0xU9niEqD55Q5pT8yM7Rm-cqnHRVNaUqx985Y1j-NsaJwxQcoj4Dmwo4fcBkmn4iIN01VbYO0fexYnU8xgwbtVEzEXO3Bi63ZJeXFf0HhqkX3Ku1mrK3i4ACAexYJ1tIOyQEcljm73nmAeC0WM1bq7pAoUjZD6FStMyvEDYcRZhBlI5OewyxWVlg1FswdnZT5wop44y7JLpmIfiYtAxQB20PVqadb3l8poubD4LDXoB_FXBYoEqHjfVJzJSjIQsfYyZXSJduc-hXgDmrZfxHiMyN6MefWJWC9uFccTz2YDa2WYu-CrxQl6GzSDktn1pw4TteVXOcdpQGprWxDMygCxJBbfNaf2QcA297qzQgazHOqBbz8CllawV12OLEUiInf6c3QWb23sonK7PzcDYL4qBqlLeIDamcsOw7JStziiQK2Y55xQiI3Tp9bDkTZBExV_SKnJkCvjXCrNU5jBLBTI6pp4A7sIM0Das2eqY6xh_n5suSsjKLwVoMLwBfVAZ3jpAgCyjmC7790E0L08DB6zKFSvnF7M_VX8SvKjGa0AMxV6rGR7qzKXdleqRy-M7EhtirC2DtjR18hgEsegHgfUtL8l1sq2E326Hst8wapXZnxAO9ouCNTyPVE5VfN_P9Zz2YZg6ZUPNc3Q_inKcWf3ZIGtw-NZZucfWrHwvYiSbpgMgpciJSb3BX4xJUAQCKQHYuzNz942-OxGCDYvUL8L1sBdeaTY8BfxE6TOGiYvCOGaaClGEHE8slLCHlAoWrkQPBMYO9lDonNCN7DJ7Xzz2SNcA2Ek-6NM3Axf5IUYvvvbrM_Uwwi5YUOnEPAefKM9YcQjHDtsfj08GviYO0_dy-Zdf-PFdeMVnmDy12PU4O1GKFrDlceMExeGY22lkVz1p4Wu8ASZOEhJvyoVfoK-t9R7mqKkw2ipHO7rlG5CD6nh6gZ-61b-KpAOfaoo4MWFEF-JBzloeq1R785UtNPrO2w1SqvxVYzLv1oQRhdrmCIrOYZuitOusz38z42-o7ozqchQ0W_b7q15PeI7miho-uSy1pIrrPpH4CXSw8-kzmlgaG4l6FKOxcgUWloO49eO9RQdkFVm9uH7WUdw4QUJx2uOyeIV5ItjIFhgd909r2vGwTLw4UIFz_mXhsEFLkRG9yMObUQkK_Zarq_gXzeH0atGaFKWsfsQPmDuWxvhqwTe1iDw_dSvOPZcAByzOMYY6ypPXz09i9ekbfOl-6vvPItBqYVXzylcWA0R8Pk7GFUVdT_v1_ELxYFYp8nSEKF3ctF6YgVSN8qGA6lCXtPqJcZvyLf9Ltc6uw0kqSdkvam0h5uS3exIssyjP_jdbS2evfSoYksNs-z0sQdPthhcpqLNpWHiTHE3Jf4So1Rfio-8ijOneArvn_iq0YQGMXF8qh5r0vQ0TJQyu--hNqx50RSWjU1M4xq9YkXkcBFfvr5N_RBIhCFEsMgx3BH_KQQEILsGdiBwVhHNluT_XlzqRaSJUeFjeb1WxT7nMEhs7bcwmBjeH5b_dIOSu7L4vWdXZIZM35rVMy9Nj5pNXacN69VEbHqaqym1hpUfccbUqpzJwT4uwxnSancy2kREnhaEN6d20TWmuROlJGkYv3JF0g2_vUDWjHAug8n8qr1olFC1bARODFPRf5LRanq3ZFVJLZEcjcBkxsxm69CdMfwUpvY6jCNqyWVl4akSTjWZgrc4wURsuqnzImGrftvPPPc2DIWsYA1yfAN2BGPHgVSXEeiLx_VB6CzA69lhRoOHokx2ODQx4IYYq304tVhmhxW5AcWmFzTLQ5jKu2K2snvFGz8Vki5NMDy995hZkmdt8pDwU0KwCeWf2z7pNDIyHUIg_za8eFz8OLiVQnY5zZYFunIMZvCishsVdW39Yl6XZayjEPQriK3AH4rcLNkBMk6Qq4ZdRJ0ee19GBo_al8libRwlLVA3GIXfc6AG6E-lHeOp6RoxeBALMhOibMPJ5ObjsbCXLV2ZgnvnZ9-uYzDjXzslNeztYY1ZnjOTXqWINLw0lxhDGPQ7Lqi4q_jK9UqcrvPHDQmWxlTGoDXFU86W3XIXgDA2kriSlr_Jt_bYmrubs1RjjflVZnDyIfkYwqvPlRfQHiV6FSP2zcvHzAhnviSZJ-pFoQipcmiYDQdl27vXn3W84GalhtDQgWYAv0iMq-6x2CcMe4byA9wbwr8Ip1uWAt8aTDpd-ritw3OEPTbVtwnfTDeFb3inNjV-fDnGxu8i5lUIhTQfMpFmpVoBsf3R9nFfp_l9_Kjk8R4L0chBEo8r1yW1T9ChH3cH5H1hjPkFzqWOncnVFzNZlQ_oMTQsjjZ-FT2BONwIBrEMtwChyX00HL-mYzjEQq4-JC9X80pLTV2llIsJbdbQO1LA-un31yL47u-7f9r3Pzk2SUJi20F1tGh2xpiIYjjWr_e8MOjLGC_umSVYUMqate5d-a0eO7N-TRhjSrlsr-RMBPY3MO8VpuPfntiHTuIQSLZK5B-jiO1fTJ3cimp-mcq5rt-3nMYfzbxgpcW2Pv-abTURt68Ljltd1k43PufQK0gnK0VCYe6fkSKDYdw3wqXHax6SPFea7jeqfIfieufZdP74QPweWHNRVYf7o8GaMU8Wq4doZjBOj4LSogY9UWo61HSLV2YPibY44RoeeOV2oiHUBeZ08BaBzoohEDdLwUYeVB6jIZyCOWlrrUb3tp9PwmiI4-Yxf44qeEIU01Nzusrs-4e-7HXRkOL7MnC2uOwj9hD7HAchboLFD3Rp6K8k6gz1p3KeJAvxnfmrQITNnmKJHLg01I_VdJDIJHX3n22zMdPyfYqdH2A2IuRnmUbJVHFYdaLZaLwuJ_Qq8lDvQ4B3zrANwmtj9b_HYWjr8pBPCEQOCS89-JlO43qTGdWf7R0F-T9ABuKT2akSiTFVy8543lTjz_0Knsv8rN7rn31A7URUdaFg_f77eDDe2WMfobl6PBn4RZgC7CS1dVTGuRbg43gBnNXAACAqz_RnMSrSiMgzwGyTxj4HNlT_HbPF2u1SxQ8n_0D6ohQqxq9W7AFc8fQ72Q9or-1J3mk0x25HIXzXnZ_n56AAmuj-Pntzc5qujeGP_edc4FwTr_kWke4zdqje8WXjJWKq_zlLni55v1s&cid=CAQSGwDq26N9hU6SAcMCY6wYhuknRaezln5b0vFWzhgBIBM&rfl=2%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 08:36:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
5740
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 08:36:28 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1A20
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuz5M0hGeIaUt7ymkYLoqgHLC9caq3xCeXzo6SjbMmfYGRXpLB5VS1y2ZLMwAXbtSF9uVsrQIfo0rFNnI9GExqD1I9ph9K6eO_ZD1i4lrF9xV6FfGWB5AGtn94KdyF-nbCDicoIHjQAg0MX5ieLWTDPV728s_rzPkN0mVd6bSaywpvtGhdFWgBusNfBeeIWKYv0nt1xkBCVelp9JYRrs6fwQDcwbHvIvDGCBhJ932B-rXQZQU3KlqsboM4nBmMHcaslnvNRBKmwp9CInh7onBxNSrK8OIipVBJk-difqpTWIpmZN_3PaVl1ebp6waVwVuk8Vf20yOM1VlyptqyE2R-WqIBBMDrP0ewkhfwvrgGEuR56g9WY-G7MjJP42_2aoIAe_oaRylBZaIxo8cL50kq19hDbCMAYBaTDJ5TcfPZdXK7yl5E6jCm60GaHlU22JQqB-Th75v2qNVFNfH_hshuCZg49erlbzH_N7bUR9VO96dQmfLFMuupfjXHnd5WF7LhgXLGI4CgNmMbqLUdaKGd6x-MOoMgfEIJ3tlUDN97ayY5uWA0h8Ty7eSXOaDXgJ_vxLOfLZJ8o9VnHS1lrnV2yc0Mp1kELHH--pM92RO7u4j1h-TZwZ6RjHf12HfIQNj5YuQ4xCOJkqrnmllhvSJSAkAOsH0YgD2ra-EnNFl8gI64Lyv8bGfClbo7_pt3Mq0lGme0ZEyWl3wPgqWSko9CdsKD4EavoBLdK8pnauMAVZwaxmPGFTC9j_P81iBWHAPYioG2wB5CG6ZZOJLMDCcfGKVZy-1JBNQTb4tE4QfdY4t2czMy4urXPhzLZyVYDyuCkVj_o6PCcalfG9U_y8dFYp7VaclzA-SUi38IMhrlhseYpgFYy64wPkFM8XH9A1t3aAv7nJkXrQ4zoHT2ahI6JCe8huLbCF8Zb4mCpvsz5Wv8eJTXmdmHTZ_6wRQWW9k6XklgUJFIaMUTYjH7GRPDgl9uvQ-Irh4_Nq49i-B-Hsb7SP5KkFU2DpdXtYkEazeFkrICBETeNCsrmUdUQOsyxqwnC-N1jkzn8xm_8d9Godn2NJs4JTUSnDJKnPwaMOvZZqcamFWj1C6wwXlEVgu34IGBL-UxhevXzFsZJXWkc7Hlq2y-MNxXid5kTNY3ihlLGc_RoDkfElVzTueFpgzdBY2saqEpzGZ48LjCkVfKKSYrCYV0dzvJZxuk&sai=AMfl-YQu-xgwtbVAITE0wGC0_nHAsf-DVI1n-1JcPKndbd8c0SzI4zgKhPNdiPpsMkQ-cqGb-z2HkY06YXxu2VFsLRnHd7CaIzhAuKcXf9CFVjeexr2Ssc7cu7hGSUNv1_B9_8RYgLUKhmtak3NWInGaj_md56IbOnJlSvFQnT0AxkH77vquWH2kGTwouA&sig=Cg0ArKJSzHJjdNoINXzLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.23769&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWoGWDgsX4WIFlNN6nk95YrITL2QfX3p7JX7pXLcxxS-0958gHrFxG0uMF_h13jiMKKITP6mk-qpKGK2GLCwKjaS-yUw&cry=1&dbm_d=AKAmf-D5SZKXLuW4oDpwWk5GC7r38rjcEEkiiYpRf4qRmybxps0xU9niEqD55Q5pT8yM7Rm-cqnHRVNaUqx985Y1j-NsaJwxQcoj4Dmwo4fcBkmn4iIN01VbYO0fexYnU8xgwbtVEzEXO3Bi63ZJeXFf0HhqkX3Ku1mrK3i4ACAexYJ1tIOyQEcljm73nmAeC0WM1bq7pAoUjZD6FStMyvEDYcRZhBlI5OewyxWVlg1FswdnZT5wop44y7JLpmIfiYtAxQB20PVqadb3l8poubD4LDXoB_FXBYoEqHjfVJzJSjIQsfYyZXSJduc-hXgDmrZfxHiMyN6MefWJWC9uFccTz2YDa2WYu-CrxQl6GzSDktn1pw4TteVXOcdpQGprWxDMygCxJBbfNaf2QcA297qzQgazHOqBbz8CllawV12OLEUiInf6c3QWb23sonK7PzcDYL4qBqlLeIDamcsOw7JStziiQK2Y55xQiI3Tp9bDkTZBExV_SKnJkCvjXCrNU5jBLBTI6pp4A7sIM0Das2eqY6xh_n5suSsjKLwVoMLwBfVAZ3jpAgCyjmC7790E0L08DB6zKFSvnF7M_VX8SvKjGa0AMxV6rGR7qzKXdleqRy-M7EhtirC2DtjR18hgEsegHgfUtL8l1sq2E326Hst8wapXZnxAO9ouCNTyPVE5VfN_P9Zz2YZg6ZUPNc3Q_inKcWf3ZIGtw-NZZucfWrHwvYiSbpgMgpciJSb3BX4xJUAQCKQHYuzNz942-OxGCDYvUL8L1sBdeaTY8BfxE6TOGiYvCOGaaClGEHE8slLCHlAoWrkQPBMYO9lDonNCN7DJ7Xzz2SNcA2Ek-6NM3Axf5IUYvvvbrM_Uwwi5YUOnEPAefKM9YcQjHDtsfj08GviYO0_dy-Zdf-PFdeMVnmDy12PU4O1GKFrDlceMExeGY22lkVz1p4Wu8ASZOEhJvyoVfoK-t9R7mqKkw2ipHO7rlG5CD6nh6gZ-61b-KpAOfaoo4MWFEF-JBzloeq1R785UtNPrO2w1SqvxVYzLv1oQRhdrmCIrOYZuitOusz38z42-o7ozqchQ0W_b7q15PeI7miho-uSy1pIrrPpH4CXSw8-kzmlgaG4l6FKOxcgUWloO49eO9RQdkFVm9uH7WUdw4QUJx2uOyeIV5ItjIFhgd909r2vGwTLw4UIFz_mXhsEFLkRG9yMObUQkK_Zarq_gXzeH0atGaFKWsfsQPmDuWxvhqwTe1iDw_dSvOPZcAByzOMYY6ypPXz09i9ekbfOl-6vvPItBqYVXzylcWA0R8Pk7GFUVdT_v1_ELxYFYp8nSEKF3ctF6YgVSN8qGA6lCXtPqJcZvyLf9Ltc6uw0kqSdkvam0h5uS3exIssyjP_jdbS2evfSoYksNs-z0sQdPthhcpqLNpWHiTHE3Jf4So1Rfio-8ijOneArvn_iq0YQGMXF8qh5r0vQ0TJQyu--hNqx50RSWjU1M4xq9YkXkcBFfvr5N_RBIhCFEsMgx3BH_KQQEILsGdiBwVhHNluT_XlzqRaSJUeFjeb1WxT7nMEhs7bcwmBjeH5b_dIOSu7L4vWdXZIZM35rVMy9Nj5pNXacN69VEbHqaqym1hpUfccbUqpzJwT4uwxnSancy2kREnhaEN6d20TWmuROlJGkYv3JF0g2_vUDWjHAug8n8qr1olFC1bARODFPRf5LRanq3ZFVJLZEcjcBkxsxm69CdMfwUpvY6jCNqyWVl4akSTjWZgrc4wURsuqnzImGrftvPPPc2DIWsYA1yfAN2BGPHgVSXEeiLx_VB6CzA69lhRoOHokx2ODQx4IYYq304tVhmhxW5AcWmFzTLQ5jKu2K2snvFGz8Vki5NMDy995hZkmdt8pDwU0KwCeWf2z7pNDIyHUIg_za8eFz8OLiVQnY5zZYFunIMZvCishsVdW39Yl6XZayjEPQriK3AH4rcLNkBMk6Qq4ZdRJ0ee19GBo_al8libRwlLVA3GIXfc6AG6E-lHeOp6RoxeBALMhOibMPJ5ObjsbCXLV2ZgnvnZ9-uYzDjXzslNeztYY1ZnjOTXqWINLw0lxhDGPQ7Lqi4q_jK9UqcrvPHDQmWxlTGoDXFU86W3XIXgDA2kriSlr_Jt_bYmrubs1RjjflVZnDyIfkYwqvPlRfQHiV6FSP2zcvHzAhnviSZJ-pFoQipcmiYDQdl27vXn3W84GalhtDQgWYAv0iMq-6x2CcMe4byA9wbwr8Ip1uWAt8aTDpd-ritw3OEPTbVtwnfTDeFb3inNjV-fDnGxu8i5lUIhTQfMpFmpVoBsf3R9nFfp_l9_Kjk8R4L0chBEo8r1yW1T9ChH3cH5H1hjPkFzqWOncnVFzNZlQ_oMTQsjjZ-FT2BONwIBrEMtwChyX00HL-mYzjEQq4-JC9X80pLTV2llIsJbdbQO1LA-un31yL47u-7f9r3Pzk2SUJi20F1tGh2xpiIYjjWr_e8MOjLGC_umSVYUMqate5d-a0eO7N-TRhjSrlsr-RMBPY3MO8VpuPfntiHTuIQSLZK5B-jiO1fTJ3cimp-mcq5rt-3nMYfzbxgpcW2Pv-abTURt68Ljltd1k43PufQK0gnK0VCYe6fkSKDYdw3wqXHax6SPFea7jeqfIfieufZdP74QPweWHNRVYf7o8GaMU8Wq4doZjBOj4LSogY9UWo61HSLV2YPibY44RoeeOV2oiHUBeZ08BaBzoohEDdLwUYeVB6jIZyCOWlrrUb3tp9PwmiI4-Yxf44qeEIU01Nzusrs-4e-7HXRkOL7MnC2uOwj9hD7HAchboLFD3Rp6K8k6gz1p3KeJAvxnfmrQITNnmKJHLg01I_VdJDIJHX3n22zMdPyfYqdH2A2IuRnmUbJVHFYdaLZaLwuJ_Qq8lDvQ4B3zrANwmtj9b_HYWjr8pBPCEQOCS89-JlO43qTGdWf7R0F-T9ABuKT2akSiTFVy8543lTjz_0Knsv8rN7rn31A7URUdaFg_f77eDDe2WMfobl6PBn4RZgC7CS1dVTGuRbg43gBnNXAACAqz_RnMSrSiMgzwGyTxj4HNlT_HbPF2u1SxQ8n_0D6ohQqxq9W7AFc8fQ72Q9or-1J3mk0x25HIXzXnZ_n56AAmuj-Pntzc5qujeGP_edc4FwTr_kWke4zdqje8WXjJWKq_zlLni55v1s&cid=CAQSGwDq26N9hU6SAcMCY6wYhuknRaezln5b0vFWzhgBIBM&rfl=2%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Nov 2022 10:12:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 28 Nov 2022 10:12:07 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 1A20
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWoGWDgsX4WIFlNN6nk95YrITL2QfX3p7JX7pXLcxxS-0958gHrFxG0uMF_h13jiMKKITP6mk-qpKGK2GLCwKjaS-yUw&cry=1&dbm_d=AKAmf-D5SZKXLuW4oDpwWk5GC7r38rjcEEkiiYpRf4qRmybxps0xU9niEqD55Q5pT8yM7Rm-cqnHRVNaUqx985Y1j-NsaJwxQcoj4Dmwo4fcBkmn4iIN01VbYO0fexYnU8xgwbtVEzEXO3Bi63ZJeXFf0HhqkX3Ku1mrK3i4ACAexYJ1tIOyQEcljm73nmAeC0WM1bq7pAoUjZD6FStMyvEDYcRZhBlI5OewyxWVlg1FswdnZT5wop44y7JLpmIfiYtAxQB20PVqadb3l8poubD4LDXoB_FXBYoEqHjfVJzJSjIQsfYyZXSJduc-hXgDmrZfxHiMyN6MefWJWC9uFccTz2YDa2WYu-CrxQl6GzSDktn1pw4TteVXOcdpQGprWxDMygCxJBbfNaf2QcA297qzQgazHOqBbz8CllawV12OLEUiInf6c3QWb23sonK7PzcDYL4qBqlLeIDamcsOw7JStziiQK2Y55xQiI3Tp9bDkTZBExV_SKnJkCvjXCrNU5jBLBTI6pp4A7sIM0Das2eqY6xh_n5suSsjKLwVoMLwBfVAZ3jpAgCyjmC7790E0L08DB6zKFSvnF7M_VX8SvKjGa0AMxV6rGR7qzKXdleqRy-M7EhtirC2DtjR18hgEsegHgfUtL8l1sq2E326Hst8wapXZnxAO9ouCNTyPVE5VfN_P9Zz2YZg6ZUPNc3Q_inKcWf3ZIGtw-NZZucfWrHwvYiSbpgMgpciJSb3BX4xJUAQCKQHYuzNz942-OxGCDYvUL8L1sBdeaTY8BfxE6TOGiYvCOGaaClGEHE8slLCHlAoWrkQPBMYO9lDonNCN7DJ7Xzz2SNcA2Ek-6NM3Axf5IUYvvvbrM_Uwwi5YUOnEPAefKM9YcQjHDtsfj08GviYO0_dy-Zdf-PFdeMVnmDy12PU4O1GKFrDlceMExeGY22lkVz1p4Wu8ASZOEhJvyoVfoK-t9R7mqKkw2ipHO7rlG5CD6nh6gZ-61b-KpAOfaoo4MWFEF-JBzloeq1R785UtNPrO2w1SqvxVYzLv1oQRhdrmCIrOYZuitOusz38z42-o7ozqchQ0W_b7q15PeI7miho-uSy1pIrrPpH4CXSw8-kzmlgaG4l6FKOxcgUWloO49eO9RQdkFVm9uH7WUdw4QUJx2uOyeIV5ItjIFhgd909r2vGwTLw4UIFz_mXhsEFLkRG9yMObUQkK_Zarq_gXzeH0atGaFKWsfsQPmDuWxvhqwTe1iDw_dSvOPZcAByzOMYY6ypPXz09i9ekbfOl-6vvPItBqYVXzylcWA0R8Pk7GFUVdT_v1_ELxYFYp8nSEKF3ctF6YgVSN8qGA6lCXtPqJcZvyLf9Ltc6uw0kqSdkvam0h5uS3exIssyjP_jdbS2evfSoYksNs-z0sQdPthhcpqLNpWHiTHE3Jf4So1Rfio-8ijOneArvn_iq0YQGMXF8qh5r0vQ0TJQyu--hNqx50RSWjU1M4xq9YkXkcBFfvr5N_RBIhCFEsMgx3BH_KQQEILsGdiBwVhHNluT_XlzqRaSJUeFjeb1WxT7nMEhs7bcwmBjeH5b_dIOSu7L4vWdXZIZM35rVMy9Nj5pNXacN69VEbHqaqym1hpUfccbUqpzJwT4uwxnSancy2kREnhaEN6d20TWmuROlJGkYv3JF0g2_vUDWjHAug8n8qr1olFC1bARODFPRf5LRanq3ZFVJLZEcjcBkxsxm69CdMfwUpvY6jCNqyWVl4akSTjWZgrc4wURsuqnzImGrftvPPPc2DIWsYA1yfAN2BGPHgVSXEeiLx_VB6CzA69lhRoOHokx2ODQx4IYYq304tVhmhxW5AcWmFzTLQ5jKu2K2snvFGz8Vki5NMDy995hZkmdt8pDwU0KwCeWf2z7pNDIyHUIg_za8eFz8OLiVQnY5zZYFunIMZvCishsVdW39Yl6XZayjEPQriK3AH4rcLNkBMk6Qq4ZdRJ0ee19GBo_al8libRwlLVA3GIXfc6AG6E-lHeOp6RoxeBALMhOibMPJ5ObjsbCXLV2ZgnvnZ9-uYzDjXzslNeztYY1ZnjOTXqWINLw0lxhDGPQ7Lqi4q_jK9UqcrvPHDQmWxlTGoDXFU86W3XIXgDA2kriSlr_Jt_bYmrubs1RjjflVZnDyIfkYwqvPlRfQHiV6FSP2zcvHzAhnviSZJ-pFoQipcmiYDQdl27vXn3W84GalhtDQgWYAv0iMq-6x2CcMe4byA9wbwr8Ip1uWAt8aTDpd-ritw3OEPTbVtwnfTDeFb3inNjV-fDnGxu8i5lUIhTQfMpFmpVoBsf3R9nFfp_l9_Kjk8R4L0chBEo8r1yW1T9ChH3cH5H1hjPkFzqWOncnVFzNZlQ_oMTQsjjZ-FT2BONwIBrEMtwChyX00HL-mYzjEQq4-JC9X80pLTV2llIsJbdbQO1LA-un31yL47u-7f9r3Pzk2SUJi20F1tGh2xpiIYjjWr_e8MOjLGC_umSVYUMqate5d-a0eO7N-TRhjSrlsr-RMBPY3MO8VpuPfntiHTuIQSLZK5B-jiO1fTJ3cimp-mcq5rt-3nMYfzbxgpcW2Pv-abTURt68Ljltd1k43PufQK0gnK0VCYe6fkSKDYdw3wqXHax6SPFea7jeqfIfieufZdP74QPweWHNRVYf7o8GaMU8Wq4doZjBOj4LSogY9UWo61HSLV2YPibY44RoeeOV2oiHUBeZ08BaBzoohEDdLwUYeVB6jIZyCOWlrrUb3tp9PwmiI4-Yxf44qeEIU01Nzusrs-4e-7HXRkOL7MnC2uOwj9hD7HAchboLFD3Rp6K8k6gz1p3KeJAvxnfmrQITNnmKJHLg01I_VdJDIJHX3n22zMdPyfYqdH2A2IuRnmUbJVHFYdaLZaLwuJ_Qq8lDvQ4B3zrANwmtj9b_HYWjr8pBPCEQOCS89-JlO43qTGdWf7R0F-T9ABuKT2akSiTFVy8543lTjz_0Knsv8rN7rn31A7URUdaFg_f77eDDe2WMfobl6PBn4RZgC7CS1dVTGuRbg43gBnNXAACAqz_RnMSrSiMgzwGyTxj4HNlT_HbPF2u1SxQ8n_0D6ohQqxq9W7AFc8fQ72Q9or-1J3mk0x25HIXzXnZ_n56AAmuj-Pntzc5qujeGP_edc4FwTr_kWke4zdqje8WXjJWKq_zlLni55v1s&cid=CAQSGwDq26N9hU6SAcMCY6wYhuknRaezln5b0vFWzhgBIBM&rfl=2%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:07:48 GMT
6471980973118774983
s0.2mdn.net/simgad/ Frame 1A20
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/6471980973118774983
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=336&slotname=8323630076&adk=1198883251&adf=1003366635&pi=t.ma~as.8323630076&w=336&lmt=1669630325&format=336x336&url=https%3A%2F%2Fwww.hereofamily.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324227&bpp=1&bdt=1280&idt=1532&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x280%2C336x336&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=1066&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=gouRnk5LvF&p=https%3A//www.hereofamily.com&dtd=1535
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
4dbeff1fe06e0c33dd7d3d4811eae2c80ce6785e5d9e3ab291631face82a820e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 22:49:14 GMT
x-content-type-options
nosniff
age
40973
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4003
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 15:27:27 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Nov 2023 22:49:14 GMT
custom
upskittyan.com/ Frame
0
0
Preflight
General
Full URL
https://upskittyan.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hereofamily.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hereofamily.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 28 Nov 2022 10:12:07 GMT
server
nginx
custom
upskittyan.com/
39 B
328 B
Fetch
General
Full URL
https://upskittyan.com/custom
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hereofamily.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
5578321712dc66109033da4d8d5ac138
date
Mon, 28 Nov 2022 10:12:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hereofamily.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
downsize_200k_v1
tpc.googlesyndication.com/simgad/12418509679839917594/ Frame 2A0F
17 KB
18 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12418509679839917594/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
046be0f27be3f78b2f58cf4563d531f22b21e7803fbd8a3b6d66087f07054509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 01:19:56 GMT
x-content-type-options
nosniff
age
463931
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17623
x-xss-protection
0
last-modified
Fri, 23 Jul 2021 14:30:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 23 Nov 2023 01:19:56 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/5119921852707348718/ Frame 2A0F
5 KB
5 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5119921852707348718/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
4a1f3b1fb59c26931fcc86dec7c4aef5ba00eb05da5a8d057e0453e005a02c16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:07 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4654
x-xss-protection
0
last-modified
Tue, 10 Sep 2019 04:04:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:07 GMT
custom
upskittyan.com/
39 B
328 B
Fetch
General
Full URL
https://upskittyan.com/custom
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hereofamily.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
9192849e1a597381925f3c06ae5dab98
date
Mon, 28 Nov 2022 10:12:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hereofamily.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
custom
upskittyan.com/ Frame
0
0
Preflight
General
Full URL
https://upskittyan.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hereofamily.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hereofamily.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 28 Nov 2022 10:12:07 GMT
server
nginx
gid.js
my.rtmark.net/
65 B
547 B
Fetch
General
Full URL
https://my.rtmark.net/gid.js?pub=0&userId=90940c1be91c45cc88e7befb8a506189&zoneId=5118379&checkDuplicate=true&ymid=&var=
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
43a3cac264277769d8afce651785c82002f5d3653c65b68adb7b1eb20a909e3c
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hereofamily.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
truncated
/ Frame 1A20
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d05e4d10d9057f323a1044c0034e64fc16a7159488346749cdd73e9851a3aee

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
container.html
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8CC8
6 KB
3 KB
Document
General
Full URL
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hereofamily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:08 GMT
expires
Tue, 28 Nov 2023 10:12:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2A0F
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eccbf80f730f6ec51a77b9fd627ad910052aad293387812ff1f2c08e0f600598

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012211060024000/
23 KB
8 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
b7054618d6d88e0ec7d1065f8dcc60911c9ad2cdb1ab832f3a2d4602a9dc5a34
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 21 Nov 2022 18:10:57 GMT
age
576071
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7860
x-xss-protection
0
server
sffe
etag
"a403c481d3db7074"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 21 Nov 2023 18:10:57 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 1A20
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuz5M0hGeIaUt7ymkYLoqgHLC9caq3xCeXzo6SjbMmfYGRXpLB5VS1y2ZLMwAXbtSF9uVsrQIfo0rFNnI9GExqD1I9ph9K6eO_ZD1i4lrF9xV6FfGWB5AGtn94KdyF-nbCDicoIHjQAg0MX5ieLWTDPV728s_rzPkN0mVd6bSaywpvtGhdFWgBusNfBeeIWKYv0nt1xkBCVelp9JYRrs6fwQDcwbHvIvDGCBhJ932B-rXQZQU3KlqsboM4nBmMHcaslnvNRBKmwp9CInh7onBxNSrK8OIipVBJk-difqpTWIpmZN_3PaVl1ebp6waVwVuk8Vf20yOM1VlyptqyE2R-WqIBBMDrP0ewkhfwvrgGEuR56g9WY-G7MjJP42_2aoIAe_oaRylBZaIxo8cL50kq19hDbCMAYBaTDJ5TcfPZdXK7yl5E6jCm60GaHlU22JQqB-Th75v2qNVFNfH_hshuCZg49erlbzH_N7bUR9VO96dQmfLFMuupfjXHnd5WF7LhgXLGI4CgNmMbqLUdaKGd6x-MOoMgfEIJ3tlUDN97ayY5uWA0h8Ty7eSXOaDXgJ_vxLOfLZJ8o9VnHS1lrnV2yc0Mp1kELHH--pM92RO7u4j1h-TZwZ6RjHf12HfIQNj5YuQ4xCOJkqrnmllhvSJSAkAOsH0YgD2ra-EnNFl8gI64Lyv8bGfClbo7_pt3Mq0lGme0ZEyWl3wPgqWSko9CdsKD4EavoBLdK8pnauMAVZwaxmPGFTC9j_P81iBWHAPYioG2wB5CG6ZZOJLMDCcfGKVZy-1JBNQTb4tE4QfdY4t2czMy4urXPhzLZyVYDyuCkVj_o6PCcalfG9U_y8dFYp7VaclzA-SUi38IMhrlhseYpgFYy64wPkFM8XH9A1t3aAv7nJkXrQ4zoHT2ahI6JCe8huLbCF8Zb4mCpvsz5Wv8eJTXmdmHTZ_6wRQWW9k6XklgUJFIaMUTYjH7GRPDgl9uvQ-Irh4_Nq49i-B-Hsb7SP5KkFU2DpdXtYkEazeFkrICBETeNCsrmUdUQOsyxqwnC-N1jkzn8xm_8d9Godn2NJs4JTUSnDJKnPwaMOvZZqcamFWj1C6wwXlEVgu34IGBL-UxhevXzFsZJXWkc7Hlq2y-MNxXid5kTNY3ihlLGc_RoDkfElVzTueFpgzdBY2saqEpzGZ48LjCkVfKKSYrCYV0dzvJZxuk&sai=AMfl-YQu-xgwtbVAITE0wGC0_nHAsf-DVI1n-1JcPKndbd8c0SzI4zgKhPNdiPpsMkQ-cqGb-z2HkY06YXxu2VFsLRnHd7CaIzhAuKcXf9CFVjeexr2Ssc7cu7hGSUNv1_B9_8RYgLUKhmtak3NWInGaj_md56IbOnJlSvFQnT0AxkH77vquWH2kGTwouA&sig=Cg0ArKJSzHJjdNoINXzLEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=840&vt=11&dtpt=839&dett=2&cstd=0&cisv=r20221110.23769&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AWoGWDgsX4WIFlNN6nk95YrITL2QfX3p7JX7pXLcxxS-0958gHrFxG0uMF_h13jiMKKITP6mk-qpKGK2GLCwKjaS-yUw&cry=1&dbm_d=AKAmf-D5SZKXLuW4oDpwWk5GC7r38rjcEEkiiYpRf4qRmybxps0xU9niEqD55Q5pT8yM7Rm-cqnHRVNaUqx985Y1j-NsaJwxQcoj4Dmwo4fcBkmn4iIN01VbYO0fexYnU8xgwbtVEzEXO3Bi63ZJeXFf0HhqkX3Ku1mrK3i4ACAexYJ1tIOyQEcljm73nmAeC0WM1bq7pAoUjZD6FStMyvEDYcRZhBlI5OewyxWVlg1FswdnZT5wop44y7JLpmIfiYtAxQB20PVqadb3l8poubD4LDXoB_FXBYoEqHjfVJzJSjIQsfYyZXSJduc-hXgDmrZfxHiMyN6MefWJWC9uFccTz2YDa2WYu-CrxQl6GzSDktn1pw4TteVXOcdpQGprWxDMygCxJBbfNaf2QcA297qzQgazHOqBbz8CllawV12OLEUiInf6c3QWb23sonK7PzcDYL4qBqlLeIDamcsOw7JStziiQK2Y55xQiI3Tp9bDkTZBExV_SKnJkCvjXCrNU5jBLBTI6pp4A7sIM0Das2eqY6xh_n5suSsjKLwVoMLwBfVAZ3jpAgCyjmC7790E0L08DB6zKFSvnF7M_VX8SvKjGa0AMxV6rGR7qzKXdleqRy-M7EhtirC2DtjR18hgEsegHgfUtL8l1sq2E326Hst8wapXZnxAO9ouCNTyPVE5VfN_P9Zz2YZg6ZUPNc3Q_inKcWf3ZIGtw-NZZucfWrHwvYiSbpgMgpciJSb3BX4xJUAQCKQHYuzNz942-OxGCDYvUL8L1sBdeaTY8BfxE6TOGiYvCOGaaClGEHE8slLCHlAoWrkQPBMYO9lDonNCN7DJ7Xzz2SNcA2Ek-6NM3Axf5IUYvvvbrM_Uwwi5YUOnEPAefKM9YcQjHDtsfj08GviYO0_dy-Zdf-PFdeMVnmDy12PU4O1GKFrDlceMExeGY22lkVz1p4Wu8ASZOEhJvyoVfoK-t9R7mqKkw2ipHO7rlG5CD6nh6gZ-61b-KpAOfaoo4MWFEF-JBzloeq1R785UtNPrO2w1SqvxVYzLv1oQRhdrmCIrOYZuitOusz38z42-o7ozqchQ0W_b7q15PeI7miho-uSy1pIrrPpH4CXSw8-kzmlgaG4l6FKOxcgUWloO49eO9RQdkFVm9uH7WUdw4QUJx2uOyeIV5ItjIFhgd909r2vGwTLw4UIFz_mXhsEFLkRG9yMObUQkK_Zarq_gXzeH0atGaFKWsfsQPmDuWxvhqwTe1iDw_dSvOPZcAByzOMYY6ypPXz09i9ekbfOl-6vvPItBqYVXzylcWA0R8Pk7GFUVdT_v1_ELxYFYp8nSEKF3ctF6YgVSN8qGA6lCXtPqJcZvyLf9Ltc6uw0kqSdkvam0h5uS3exIssyjP_jdbS2evfSoYksNs-z0sQdPthhcpqLNpWHiTHE3Jf4So1Rfio-8ijOneArvn_iq0YQGMXF8qh5r0vQ0TJQyu--hNqx50RSWjU1M4xq9YkXkcBFfvr5N_RBIhCFEsMgx3BH_KQQEILsGdiBwVhHNluT_XlzqRaSJUeFjeb1WxT7nMEhs7bcwmBjeH5b_dIOSu7L4vWdXZIZM35rVMy9Nj5pNXacN69VEbHqaqym1hpUfccbUqpzJwT4uwxnSancy2kREnhaEN6d20TWmuROlJGkYv3JF0g2_vUDWjHAug8n8qr1olFC1bARODFPRf5LRanq3ZFVJLZEcjcBkxsxm69CdMfwUpvY6jCNqyWVl4akSTjWZgrc4wURsuqnzImGrftvPPPc2DIWsYA1yfAN2BGPHgVSXEeiLx_VB6CzA69lhRoOHokx2ODQx4IYYq304tVhmhxW5AcWmFzTLQ5jKu2K2snvFGz8Vki5NMDy995hZkmdt8pDwU0KwCeWf2z7pNDIyHUIg_za8eFz8OLiVQnY5zZYFunIMZvCishsVdW39Yl6XZayjEPQriK3AH4rcLNkBMk6Qq4ZdRJ0ee19GBo_al8libRwlLVA3GIXfc6AG6E-lHeOp6RoxeBALMhOibMPJ5ObjsbCXLV2ZgnvnZ9-uYzDjXzslNeztYY1ZnjOTXqWINLw0lxhDGPQ7Lqi4q_jK9UqcrvPHDQmWxlTGoDXFU86W3XIXgDA2kriSlr_Jt_bYmrubs1RjjflVZnDyIfkYwqvPlRfQHiV6FSP2zcvHzAhnviSZJ-pFoQipcmiYDQdl27vXn3W84GalhtDQgWYAv0iMq-6x2CcMe4byA9wbwr8Ip1uWAt8aTDpd-ritw3OEPTbVtwnfTDeFb3inNjV-fDnGxu8i5lUIhTQfMpFmpVoBsf3R9nFfp_l9_Kjk8R4L0chBEo8r1yW1T9ChH3cH5H1hjPkFzqWOncnVFzNZlQ_oMTQsjjZ-FT2BONwIBrEMtwChyX00HL-mYzjEQq4-JC9X80pLTV2llIsJbdbQO1LA-un31yL47u-7f9r3Pzk2SUJi20F1tGh2xpiIYjjWr_e8MOjLGC_umSVYUMqate5d-a0eO7N-TRhjSrlsr-RMBPY3MO8VpuPfntiHTuIQSLZK5B-jiO1fTJ3cimp-mcq5rt-3nMYfzbxgpcW2Pv-abTURt68Ljltd1k43PufQK0gnK0VCYe6fkSKDYdw3wqXHax6SPFea7jeqfIfieufZdP74QPweWHNRVYf7o8GaMU8Wq4doZjBOj4LSogY9UWo61HSLV2YPibY44RoeeOV2oiHUBeZ08BaBzoohEDdLwUYeVB6jIZyCOWlrrUb3tp9PwmiI4-Yxf44qeEIU01Nzusrs-4e-7HXRkOL7MnC2uOwj9hD7HAchboLFD3Rp6K8k6gz1p3KeJAvxnfmrQITNnmKJHLg01I_VdJDIJHX3n22zMdPyfYqdH2A2IuRnmUbJVHFYdaLZaLwuJ_Qq8lDvQ4B3zrANwmtj9b_HYWjr8pBPCEQOCS89-JlO43qTGdWf7R0F-T9ABuKT2akSiTFVy8543lTjz_0Knsv8rN7rn31A7URUdaFg_f77eDDe2WMfobl6PBn4RZgC7CS1dVTGuRbg43gBnNXAACAqz_RnMSrSiMgzwGyTxj4HNlT_HbPF2u1SxQ8n_0D6ohQqxq9W7AFc8fQ72Q9or-1J3mk0x25HIXzXnZ_n56AAmuj-Pntzc5qujeGP_edc4FwTr_kWke4zdqje8WXjJWKq_zlLni55v1s&cid=CAQSGwDq26N9hU6SAcMCY6wYhuknRaezln5b0vFWzhgBIBM&rfl=2%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 28 Nov 2022 10:12:08 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 863D
624 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJe6-wEQgZeaAhihqOvPATAB&v=APEucNUrvnyu42k37XgwCk43nI0ODsYH5J2AydpEXA3z8eSN6jmUuvMc7DIb2voL_IC0yO1LvSSyGCR54UzvqTYXtht5b7X-6Q
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:08 GMT
expires
Mon, 28 Nov 2022 10:12:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 8CC8
79 KB
33 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAoR66x4yQ9aiksnuTnH67-qdJmER2bMBRtK77_bd4ucdI82Z5RUUzygvS7fUtHYlb8BGB3vayeN06K8sbEKMkJfg9M6j111pMp8EptV138DDzgEChHADsSeE9I2M55JyxHcswCFQ6rwb2y6oXp7r_VioOFSNx2SBz0pLAiiFuJVgH5ag&cry=1&dbm_d=AKAmf-BMrNbY5vinES0abK3C4fzV0UXmYcGgwKza87xvESaIzDa5l1A2iwvW0b7jqD1kcolX3Yl4beZgQjjQ8DrcxSX-SMgtHhjUdpqBiUeuSjexdEyB6TgMUY6OwMn-uSGw1Pfd_M35TlsqAH6J7j5sONV1tbINJVauSjJc3NxkCxqRxCiWFoWLWB3Nm4_Ap3gMAHkCfU8XnzgEJz9B8y8Xl7u3R86mb-02derYoOL5IAzjkOkwoCAYCgTbsuygU0WchOqD2VCmzvzn0pChV569IjOXGwCxzPvh39QjhGgIAVyXejYCa_P-5YlOwkwl2ZMG0KKr1EAAvLu4foCsR4sfk_0L7sEd7u0S7GQu2L7EYGwcCSRS1vxsQmap43dmuZJUiuUByLCgVTGpkGmBh1MqN0N6g0cKCjag1TmORpieROJwn6qs2kH6BE1qO7zM597Xtx1DMBAmoU3DQxiNHIBPoA13wvOf6rUcFbErnNxpK2nX4TevcP-p_sUmAmgjLwqQOP_A1oxMhA7auxOdb_gcoX1Qh4tVv-NrjTgWKB1Bf2vW4ObL5KZU95Jcey82-v7Vaa5PMww8VBwwmCTLP3duzTFEXfXRuWypG8kQikYazE1TRum84T73e2iqJ-z5kMSWwWFC7O3AnoSX-SsZEY6cwOSf5XqKVu8GGo5pDiZ9B8jJoWDbz8n-02zfAxKzmFLJurdVpH7twTqVS4_P1JG9BJYaC1tHIbsnJsEjxOH4Ei9BaAbSzhZWfTzXQ4QCTFUj7oz_l_MUKVL_HOIM8joVXxzfGfndHIso8agKZ1Fp8EgbFm0iGls46eSVh_mL4uoUnsQwCg0UiwFTfIY72VwKLR7SyeQ-3kV6IhjXmxwe_dSeT4J974LKSwUxmeTOCinYxpzho97xgjskcxvLaLkL-IeVEBM2sM_fPb7MH7wFMOSOT8des09r7mE7y8po2sQJTw0gK3UyHm8-MefnnjRLSAyFt1ZqahtuK3jn2J76flm3NiSrrWht9KoWRauk3addY07i-S64a_3OfVXxkvhTyLVtGLIKYM-R4r2SeXywDWSs8YhcWQa9eFiqFHPeun1Xr5k_AwkeQFrarNPLTt7nmY8D1bh1M6MLPrV0j5Trv4JdQL_76kemR9iM59JGtn8-jbiRBTeUgOxbFT96P14JXw0HWizOKRKoFDr97zXiYuXxX-giwBbxQqKgQEZSTtgx0NuDhOULBJJMaix-N-6fyAri5ge7TvRHRFlwR8YaAWCm_pnw99q35xGaIGTFbU0ejLXej01_0x3so8q3SbXue5rnwZ52j-KTmci2T8zyJGZ8uLGbpiqeXMlgRbJ0FnU6mKoMU2X4R57vabP-wqI0B39c2u6fAxaNVdZqMeHgChELPVWQ102XfGCGuu6qIMM24dn1q_sWUNUfpycpghjRvvF1KEXDx51iGBeAvYPI_9bTGR5eomlQi286CTfcAsHjiNqbQWIt7tGQKUTRn2VC9wokQfGTtjHYIcGZ-xipqBj3_0besTgKQCfi6VGlw4D_umOdbSQiCj16Xxj-rMyJRd9chbsEFK1hyyc-PDtpty6I6uRoSAaaUHLIwnzhzqb0BLL8Dn7-SLYekh19dy22KqGr3bfqh285lwkpaZ3p2VlkTjJvc6sxSoMY0RtzMrh5c6-1XZT4OxPEgX5_fc-gb9dytDf2dciy-qm3oXEvUyCUPwPoL_3elqjuH0lyYf_FaPxwRYMDZJCS0XcnfZyTJM2vaYQCJvZrroq8INxgKE9Wm2CT39WP6vUpXsLgWk9A19DUzGgiqTS4jVsgxWQjXv1Zw_nMcLtcs7KDzySMmgjU2hNDa40RTXrwfqHS9IQw8WS59Hm2Lb2WNsvVOx2HGxZGGYqHrxba9kQ3Q-HUfWcyeGZ5cll56_s8ip_xbBvzVq8MXt0ZpSJ6ADS6nVxzhHsBcaVROa5Ponjqj0wEf5VLHcAeO5gv_j__u3o-h-4uWdu4ChJr1aVGnTNZAY-atrDWX2J9Q7x6qL6lvJT3nRUiTZ1f1y7B5d-XU1qdHaXZRa4CiVjmE_IO6TuBZ4lBl6bkRDf0seVmxNi3QwJd0MgYpcuMbdyTQQYVHQB3zvXKkB22iyB7lYw8MUSeK4BvGbrI6hqU0-nDbywuHlUuN1Dt7pQPXQoHu7YiTel2zYvnzYbzLxTIkzGVIRHOXgZ9BzzYreSXkINC0zwr-HWO2gXPMeTZ-RisgTSZmRWR6WhJJj2fImy25POceKilerBwC2AAhdoCWiUemnvThO665Q2Xp38YCtS38_ru444u8RnhJuUrLSx6YIrgCnWlElnbe0QFxhdt7WMzSDsm93WEAq5bKNp2Rflu2F9e7VfBljdyxXOfYL-rpKoMh7amwThKLD3tzOOzwgYeNvEYihdx9PwMszAsKuLQWmFIYS_zGeWPl_PQffw2c7nj4-yhp_kRGw4Vh1sxOXFrOE3OzN4RfxqJCr7_jet7-tLLUMOg244_wrefl_8soDpnYoyr9pEmTWTZcGGPfgYvsMz-kuJd78xcRpd7i75x01JtfxbEY05n1NZvuD0OAkK4xKHqSJ_6n8ZeEPLjI7WAuu6tcE15uPxLK20teBzumQNScSgbnGQpGa4QqD9kfIkfBkG-2dcHI9LOq-e_JQJuWKK4z_1037-bNUi0N7gG9hSRsfsbSvl-S2N1DIJ4-nvjEWjyCcD-aolI3lJUVh3joakSM00ZqrNN9Szx8beo-_hTwvO3yx-yzJEjkcspB8u5WXS5rYtlfJIz5VXm16gkYp0wFRZx2-biJikeutK20jNEOZvEVT6vT5RZ8YkInArEebfmHdy58Wbp_8WIETmkHhdbIzPy035gVIc4skf7d0eJgzzU2t50LhUiXfV-uC90CafitXl8boFcSlPvvP_euy8tvlKbaemt_qQxUKWsLms-6912Ra3WKCCI7FVLu0mSv4AmgAt-kQw_sB5MFGW-PsBq8YYtiKKF2V1k0mvD9PQfxMAk_2mgEyLjiaaxl4lgckoGGojJA6cHQX7Txm5y5o9pv6l02VaiudquIv9Sx9ie2hCbn0TNRCA7MVqe7AbHbqzeTgBbZSpTl8kCfLSV0nk44y03Y_NfLKfOCtkJMwvkABDpRH40NQXjuxyUnY7_RhQBphr2rVrops5q51cmD-GUtz5dtVCU4sf-zXJ63ep7LUKEpWapJzPwx7InNJPe-JrbM8ad9eXXJ51QSUrDGPmOjsRxJlFNsXr0PTakrgo4CiFsJV0oBmuqz-nx2MvJO2-hSpF1lQUysK5Bf461-ITedR54ton7tTNPJ9UIx4z9n971hHN5HJX_gnnE9iZALqcl1VbQClDUPNRSqbk2fiKco2l-X-bPhV7pj7wuTkFTKgRsxpk36NhUitPqw-IScfzKlvmYSeI9DGV1026y9rkqwjhQGyihqPr9y1KIkj9pK-4s4fFu23i9XOK82zzD6MzXuB0WbGlSSeqgAEtAluzWzIOdvJxkzy4zQ8r3UBA8GKWck6-EHMO5JPPOmgX79Dhz3GFThtGkkOp7OGh84ABukrK4g_QenTlSleabXU6oWVIKj_sH3wBzNLXnM0b4OeB-tTFIUiSs646eUg&cid=CAQSSwDq26N9WITRDtUkFVbZmk7VtqUTPgsczJ9J0cjUgbh3Gf8lp2TKG-xH-yRbelkfnCq3gmStX-lvb424iawc-2fwKi9tK43CekoTuxgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
5d0cf341738f84c9be24784521c049ecb2b3eaf5fdb9575a439b7e5386964a26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:08 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34035
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CC8
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CijAZotVmgRogP8cxOPRh0aSR5KRIIRDWG5J6tz0OB6Imh55BoTcQE774Fyf0UbXDUQ4Tpjx7M7x-RtLbn022wWUuPgRGwyz-V5Aqf-x-gMt-hDI8
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8CC8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 09:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
4073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 09:04:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8CC8
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 07:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
10238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 07:21:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8CC8
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 10:12:08 GMT
container.html
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B737
6 KB
3 KB
Document
General
Full URL
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hereofamily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:08 GMT
expires
Tue, 28 Nov 2023 10:12:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 863D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJe6-wEQgZeaAhihqOvPATAB&v=APEucNUrvnyu42k37XgwCk43nI0ODsYH5J2AydpEXA3z8eSN6jmUuvMc7DIb2voL_IC0yO1LvSSyGCR54UzvqTYXtht5b7X-6Q
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 863D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4SJeIQEwDknK.WO5M11vAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1&google_hm=2
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJe6-wEQgZeaAhihqOvPATAB&v=APEucNUrvnyu42k37XgwCk43nI0ODsYH5J2AydpEXA3z8eSN6jmUuvMc7DIb2voL_IC0yO1LvSSyGCR54UzvqTYXtht5b7X-6Q
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 863D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELzpVmDytYkvnj3BvnmfXLg&google_cver=1
43 B
1016 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELzpVmDytYkvnj3BvnmfXLg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJe6-wEQgZeaAhihqOvPATAB&v=APEucNUrvnyu42k37XgwCk43nI0ODsYH5J2AydpEXA3z8eSN6jmUuvMc7DIb2voL_IC0yO1LvSSyGCR54UzvqTYXtht5b7X-6Q
Protocol
HTTP/1.1
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:09 GMT
AN-X-Request-Uuid
5d04465c-1840-49b9-85b5-980edfa92098
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELzpVmDytYkvnj3BvnmfXLg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 863D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4OTQ1MTg5NDM5NzIzMzM4NA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4OTQ1MTg5NDM5NzIzMzM4NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJe6-wEQgZeaAhihqOvPATAB&v=APEucNUrvnyu42k37XgwCk43nI0ODsYH5J2AydpEXA3z8eSN6jmUuvMc7DIb2voL_IC0yO1LvSSyGCR54UzvqTYXtht5b7X-6Q
Protocol
H3
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:08 GMT
AN-X-Request-Uuid
ca56921e-de73-448d-ae43-cd972d1af61e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4OTQ1MTg5NDM5NzIzMzM4NA%3D%3D
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 8CC8
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
Origin
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 05:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18148
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 05:09:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 8CC8
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAoR66x4yQ9aiksnuTnH67-qdJmER2bMBRtK77_bd4ucdI82Z5RUUzygvS7fUtHYlb8BGB3vayeN06K8sbEKMkJfg9M6j111pMp8EptV138DDzgEChHADsSeE9I2M55JyxHcswCFQ6rwb2y6oXp7r_VioOFSNx2SBz0pLAiiFuJVgH5ag&cry=1&dbm_d=AKAmf-BMrNbY5vinES0abK3C4fzV0UXmYcGgwKza87xvESaIzDa5l1A2iwvW0b7jqD1kcolX3Yl4beZgQjjQ8DrcxSX-SMgtHhjUdpqBiUeuSjexdEyB6TgMUY6OwMn-uSGw1Pfd_M35TlsqAH6J7j5sONV1tbINJVauSjJc3NxkCxqRxCiWFoWLWB3Nm4_Ap3gMAHkCfU8XnzgEJz9B8y8Xl7u3R86mb-02derYoOL5IAzjkOkwoCAYCgTbsuygU0WchOqD2VCmzvzn0pChV569IjOXGwCxzPvh39QjhGgIAVyXejYCa_P-5YlOwkwl2ZMG0KKr1EAAvLu4foCsR4sfk_0L7sEd7u0S7GQu2L7EYGwcCSRS1vxsQmap43dmuZJUiuUByLCgVTGpkGmBh1MqN0N6g0cKCjag1TmORpieROJwn6qs2kH6BE1qO7zM597Xtx1DMBAmoU3DQxiNHIBPoA13wvOf6rUcFbErnNxpK2nX4TevcP-p_sUmAmgjLwqQOP_A1oxMhA7auxOdb_gcoX1Qh4tVv-NrjTgWKB1Bf2vW4ObL5KZU95Jcey82-v7Vaa5PMww8VBwwmCTLP3duzTFEXfXRuWypG8kQikYazE1TRum84T73e2iqJ-z5kMSWwWFC7O3AnoSX-SsZEY6cwOSf5XqKVu8GGo5pDiZ9B8jJoWDbz8n-02zfAxKzmFLJurdVpH7twTqVS4_P1JG9BJYaC1tHIbsnJsEjxOH4Ei9BaAbSzhZWfTzXQ4QCTFUj7oz_l_MUKVL_HOIM8joVXxzfGfndHIso8agKZ1Fp8EgbFm0iGls46eSVh_mL4uoUnsQwCg0UiwFTfIY72VwKLR7SyeQ-3kV6IhjXmxwe_dSeT4J974LKSwUxmeTOCinYxpzho97xgjskcxvLaLkL-IeVEBM2sM_fPb7MH7wFMOSOT8des09r7mE7y8po2sQJTw0gK3UyHm8-MefnnjRLSAyFt1ZqahtuK3jn2J76flm3NiSrrWht9KoWRauk3addY07i-S64a_3OfVXxkvhTyLVtGLIKYM-R4r2SeXywDWSs8YhcWQa9eFiqFHPeun1Xr5k_AwkeQFrarNPLTt7nmY8D1bh1M6MLPrV0j5Trv4JdQL_76kemR9iM59JGtn8-jbiRBTeUgOxbFT96P14JXw0HWizOKRKoFDr97zXiYuXxX-giwBbxQqKgQEZSTtgx0NuDhOULBJJMaix-N-6fyAri5ge7TvRHRFlwR8YaAWCm_pnw99q35xGaIGTFbU0ejLXej01_0x3so8q3SbXue5rnwZ52j-KTmci2T8zyJGZ8uLGbpiqeXMlgRbJ0FnU6mKoMU2X4R57vabP-wqI0B39c2u6fAxaNVdZqMeHgChELPVWQ102XfGCGuu6qIMM24dn1q_sWUNUfpycpghjRvvF1KEXDx51iGBeAvYPI_9bTGR5eomlQi286CTfcAsHjiNqbQWIt7tGQKUTRn2VC9wokQfGTtjHYIcGZ-xipqBj3_0besTgKQCfi6VGlw4D_umOdbSQiCj16Xxj-rMyJRd9chbsEFK1hyyc-PDtpty6I6uRoSAaaUHLIwnzhzqb0BLL8Dn7-SLYekh19dy22KqGr3bfqh285lwkpaZ3p2VlkTjJvc6sxSoMY0RtzMrh5c6-1XZT4OxPEgX5_fc-gb9dytDf2dciy-qm3oXEvUyCUPwPoL_3elqjuH0lyYf_FaPxwRYMDZJCS0XcnfZyTJM2vaYQCJvZrroq8INxgKE9Wm2CT39WP6vUpXsLgWk9A19DUzGgiqTS4jVsgxWQjXv1Zw_nMcLtcs7KDzySMmgjU2hNDa40RTXrwfqHS9IQw8WS59Hm2Lb2WNsvVOx2HGxZGGYqHrxba9kQ3Q-HUfWcyeGZ5cll56_s8ip_xbBvzVq8MXt0ZpSJ6ADS6nVxzhHsBcaVROa5Ponjqj0wEf5VLHcAeO5gv_j__u3o-h-4uWdu4ChJr1aVGnTNZAY-atrDWX2J9Q7x6qL6lvJT3nRUiTZ1f1y7B5d-XU1qdHaXZRa4CiVjmE_IO6TuBZ4lBl6bkRDf0seVmxNi3QwJd0MgYpcuMbdyTQQYVHQB3zvXKkB22iyB7lYw8MUSeK4BvGbrI6hqU0-nDbywuHlUuN1Dt7pQPXQoHu7YiTel2zYvnzYbzLxTIkzGVIRHOXgZ9BzzYreSXkINC0zwr-HWO2gXPMeTZ-RisgTSZmRWR6WhJJj2fImy25POceKilerBwC2AAhdoCWiUemnvThO665Q2Xp38YCtS38_ru444u8RnhJuUrLSx6YIrgCnWlElnbe0QFxhdt7WMzSDsm93WEAq5bKNp2Rflu2F9e7VfBljdyxXOfYL-rpKoMh7amwThKLD3tzOOzwgYeNvEYihdx9PwMszAsKuLQWmFIYS_zGeWPl_PQffw2c7nj4-yhp_kRGw4Vh1sxOXFrOE3OzN4RfxqJCr7_jet7-tLLUMOg244_wrefl_8soDpnYoyr9pEmTWTZcGGPfgYvsMz-kuJd78xcRpd7i75x01JtfxbEY05n1NZvuD0OAkK4xKHqSJ_6n8ZeEPLjI7WAuu6tcE15uPxLK20teBzumQNScSgbnGQpGa4QqD9kfIkfBkG-2dcHI9LOq-e_JQJuWKK4z_1037-bNUi0N7gG9hSRsfsbSvl-S2N1DIJ4-nvjEWjyCcD-aolI3lJUVh3joakSM00ZqrNN9Szx8beo-_hTwvO3yx-yzJEjkcspB8u5WXS5rYtlfJIz5VXm16gkYp0wFRZx2-biJikeutK20jNEOZvEVT6vT5RZ8YkInArEebfmHdy58Wbp_8WIETmkHhdbIzPy035gVIc4skf7d0eJgzzU2t50LhUiXfV-uC90CafitXl8boFcSlPvvP_euy8tvlKbaemt_qQxUKWsLms-6912Ra3WKCCI7FVLu0mSv4AmgAt-kQw_sB5MFGW-PsBq8YYtiKKF2V1k0mvD9PQfxMAk_2mgEyLjiaaxl4lgckoGGojJA6cHQX7Txm5y5o9pv6l02VaiudquIv9Sx9ie2hCbn0TNRCA7MVqe7AbHbqzeTgBbZSpTl8kCfLSV0nk44y03Y_NfLKfOCtkJMwvkABDpRH40NQXjuxyUnY7_RhQBphr2rVrops5q51cmD-GUtz5dtVCU4sf-zXJ63ep7LUKEpWapJzPwx7InNJPe-JrbM8ad9eXXJ51QSUrDGPmOjsRxJlFNsXr0PTakrgo4CiFsJV0oBmuqz-nx2MvJO2-hSpF1lQUysK5Bf461-ITedR54ton7tTNPJ9UIx4z9n971hHN5HJX_gnnE9iZALqcl1VbQClDUPNRSqbk2fiKco2l-X-bPhV7pj7wuTkFTKgRsxpk36NhUitPqw-IScfzKlvmYSeI9DGV1026y9rkqwjhQGyihqPr9y1KIkj9pK-4s4fFu23i9XOK82zzD6MzXuB0WbGlSSeqgAEtAluzWzIOdvJxkzy4zQ8r3UBA8GKWck6-EHMO5JPPOmgX79Dhz3GFThtGkkOp7OGh84ABukrK4g_QenTlSleabXU6oWVIKj_sH3wBzNLXnM0b4OeB-tTFIUiSs646eUg&cid=CAQSSwDq26N9WITRDtUkFVbZmk7VtqUTPgsczJ9J0cjUgbh3Gf8lp2TKG-xH-yRbelkfnCq3gmStX-lvb424iawc-2fwKi9tK43CekoTuxgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 08:36:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
5741
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 08:36:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 8CC8
29 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAoR66x4yQ9aiksnuTnH67-qdJmER2bMBRtK77_bd4ucdI82Z5RUUzygvS7fUtHYlb8BGB3vayeN06K8sbEKMkJfg9M6j111pMp8EptV138DDzgEChHADsSeE9I2M55JyxHcswCFQ6rwb2y6oXp7r_VioOFSNx2SBz0pLAiiFuJVgH5ag&cry=1&dbm_d=AKAmf-BMrNbY5vinES0abK3C4fzV0UXmYcGgwKza87xvESaIzDa5l1A2iwvW0b7jqD1kcolX3Yl4beZgQjjQ8DrcxSX-SMgtHhjUdpqBiUeuSjexdEyB6TgMUY6OwMn-uSGw1Pfd_M35TlsqAH6J7j5sONV1tbINJVauSjJc3NxkCxqRxCiWFoWLWB3Nm4_Ap3gMAHkCfU8XnzgEJz9B8y8Xl7u3R86mb-02derYoOL5IAzjkOkwoCAYCgTbsuygU0WchOqD2VCmzvzn0pChV569IjOXGwCxzPvh39QjhGgIAVyXejYCa_P-5YlOwkwl2ZMG0KKr1EAAvLu4foCsR4sfk_0L7sEd7u0S7GQu2L7EYGwcCSRS1vxsQmap43dmuZJUiuUByLCgVTGpkGmBh1MqN0N6g0cKCjag1TmORpieROJwn6qs2kH6BE1qO7zM597Xtx1DMBAmoU3DQxiNHIBPoA13wvOf6rUcFbErnNxpK2nX4TevcP-p_sUmAmgjLwqQOP_A1oxMhA7auxOdb_gcoX1Qh4tVv-NrjTgWKB1Bf2vW4ObL5KZU95Jcey82-v7Vaa5PMww8VBwwmCTLP3duzTFEXfXRuWypG8kQikYazE1TRum84T73e2iqJ-z5kMSWwWFC7O3AnoSX-SsZEY6cwOSf5XqKVu8GGo5pDiZ9B8jJoWDbz8n-02zfAxKzmFLJurdVpH7twTqVS4_P1JG9BJYaC1tHIbsnJsEjxOH4Ei9BaAbSzhZWfTzXQ4QCTFUj7oz_l_MUKVL_HOIM8joVXxzfGfndHIso8agKZ1Fp8EgbFm0iGls46eSVh_mL4uoUnsQwCg0UiwFTfIY72VwKLR7SyeQ-3kV6IhjXmxwe_dSeT4J974LKSwUxmeTOCinYxpzho97xgjskcxvLaLkL-IeVEBM2sM_fPb7MH7wFMOSOT8des09r7mE7y8po2sQJTw0gK3UyHm8-MefnnjRLSAyFt1ZqahtuK3jn2J76flm3NiSrrWht9KoWRauk3addY07i-S64a_3OfVXxkvhTyLVtGLIKYM-R4r2SeXywDWSs8YhcWQa9eFiqFHPeun1Xr5k_AwkeQFrarNPLTt7nmY8D1bh1M6MLPrV0j5Trv4JdQL_76kemR9iM59JGtn8-jbiRBTeUgOxbFT96P14JXw0HWizOKRKoFDr97zXiYuXxX-giwBbxQqKgQEZSTtgx0NuDhOULBJJMaix-N-6fyAri5ge7TvRHRFlwR8YaAWCm_pnw99q35xGaIGTFbU0ejLXej01_0x3so8q3SbXue5rnwZ52j-KTmci2T8zyJGZ8uLGbpiqeXMlgRbJ0FnU6mKoMU2X4R57vabP-wqI0B39c2u6fAxaNVdZqMeHgChELPVWQ102XfGCGuu6qIMM24dn1q_sWUNUfpycpghjRvvF1KEXDx51iGBeAvYPI_9bTGR5eomlQi286CTfcAsHjiNqbQWIt7tGQKUTRn2VC9wokQfGTtjHYIcGZ-xipqBj3_0besTgKQCfi6VGlw4D_umOdbSQiCj16Xxj-rMyJRd9chbsEFK1hyyc-PDtpty6I6uRoSAaaUHLIwnzhzqb0BLL8Dn7-SLYekh19dy22KqGr3bfqh285lwkpaZ3p2VlkTjJvc6sxSoMY0RtzMrh5c6-1XZT4OxPEgX5_fc-gb9dytDf2dciy-qm3oXEvUyCUPwPoL_3elqjuH0lyYf_FaPxwRYMDZJCS0XcnfZyTJM2vaYQCJvZrroq8INxgKE9Wm2CT39WP6vUpXsLgWk9A19DUzGgiqTS4jVsgxWQjXv1Zw_nMcLtcs7KDzySMmgjU2hNDa40RTXrwfqHS9IQw8WS59Hm2Lb2WNsvVOx2HGxZGGYqHrxba9kQ3Q-HUfWcyeGZ5cll56_s8ip_xbBvzVq8MXt0ZpSJ6ADS6nVxzhHsBcaVROa5Ponjqj0wEf5VLHcAeO5gv_j__u3o-h-4uWdu4ChJr1aVGnTNZAY-atrDWX2J9Q7x6qL6lvJT3nRUiTZ1f1y7B5d-XU1qdHaXZRa4CiVjmE_IO6TuBZ4lBl6bkRDf0seVmxNi3QwJd0MgYpcuMbdyTQQYVHQB3zvXKkB22iyB7lYw8MUSeK4BvGbrI6hqU0-nDbywuHlUuN1Dt7pQPXQoHu7YiTel2zYvnzYbzLxTIkzGVIRHOXgZ9BzzYreSXkINC0zwr-HWO2gXPMeTZ-RisgTSZmRWR6WhJJj2fImy25POceKilerBwC2AAhdoCWiUemnvThO665Q2Xp38YCtS38_ru444u8RnhJuUrLSx6YIrgCnWlElnbe0QFxhdt7WMzSDsm93WEAq5bKNp2Rflu2F9e7VfBljdyxXOfYL-rpKoMh7amwThKLD3tzOOzwgYeNvEYihdx9PwMszAsKuLQWmFIYS_zGeWPl_PQffw2c7nj4-yhp_kRGw4Vh1sxOXFrOE3OzN4RfxqJCr7_jet7-tLLUMOg244_wrefl_8soDpnYoyr9pEmTWTZcGGPfgYvsMz-kuJd78xcRpd7i75x01JtfxbEY05n1NZvuD0OAkK4xKHqSJ_6n8ZeEPLjI7WAuu6tcE15uPxLK20teBzumQNScSgbnGQpGa4QqD9kfIkfBkG-2dcHI9LOq-e_JQJuWKK4z_1037-bNUi0N7gG9hSRsfsbSvl-S2N1DIJ4-nvjEWjyCcD-aolI3lJUVh3joakSM00ZqrNN9Szx8beo-_hTwvO3yx-yzJEjkcspB8u5WXS5rYtlfJIz5VXm16gkYp0wFRZx2-biJikeutK20jNEOZvEVT6vT5RZ8YkInArEebfmHdy58Wbp_8WIETmkHhdbIzPy035gVIc4skf7d0eJgzzU2t50LhUiXfV-uC90CafitXl8boFcSlPvvP_euy8tvlKbaemt_qQxUKWsLms-6912Ra3WKCCI7FVLu0mSv4AmgAt-kQw_sB5MFGW-PsBq8YYtiKKF2V1k0mvD9PQfxMAk_2mgEyLjiaaxl4lgckoGGojJA6cHQX7Txm5y5o9pv6l02VaiudquIv9Sx9ie2hCbn0TNRCA7MVqe7AbHbqzeTgBbZSpTl8kCfLSV0nk44y03Y_NfLKfOCtkJMwvkABDpRH40NQXjuxyUnY7_RhQBphr2rVrops5q51cmD-GUtz5dtVCU4sf-zXJ63ep7LUKEpWapJzPwx7InNJPe-JrbM8ad9eXXJ51QSUrDGPmOjsRxJlFNsXr0PTakrgo4CiFsJV0oBmuqz-nx2MvJO2-hSpF1lQUysK5Bf461-ITedR54ton7tTNPJ9UIx4z9n971hHN5HJX_gnnE9iZALqcl1VbQClDUPNRSqbk2fiKco2l-X-bPhV7pj7wuTkFTKgRsxpk36NhUitPqw-IScfzKlvmYSeI9DGV1026y9rkqwjhQGyihqPr9y1KIkj9pK-4s4fFu23i9XOK82zzD6MzXuB0WbGlSSeqgAEtAluzWzIOdvJxkzy4zQ8r3UBA8GKWck6-EHMO5JPPOmgX79Dhz3GFThtGkkOp7OGh84ABukrK4g_QenTlSleabXU6oWVIKj_sH3wBzNLXnM0b4OeB-tTFIUiSs646eUg&cid=CAQSSwDq26N9WITRDtUkFVbZmk7VtqUTPgsczJ9J0cjUgbh3Gf8lp2TKG-xH-yRbelkfnCq3gmStX-lvb424iawc-2fwKi9tK43CekoTuxgBIBM&rfl=1%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 11:51:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
80454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 11:51:14 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame BDB2
624 B
242 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhDX2eECGJP-m9cBMAE&v=APEucNVFJyq4m4elcryfubuHYoVwk9Yx3km82RNl6nbMzGNypd5IDlGmpIGrBKyqk4_vN8W4PJLohf7yGvz4OuoV893VH7FzJA
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame B737
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 17:59:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
58348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 17:59:40 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame B737
6 KB
2 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 16:56:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
62151
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 16:56:17 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B737
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuc-r65L8vq4Luc1l7VUdNgxm8VrDQQfkSE0u2NBdNTOYNCCh8q9y3PSLOpnK_mU2sc0Hkn44Ee4ge1EFdxLCm0zZ-oXv7pDcQwvGliqa0sBlKx2gVW6UGZFD-fBXf2umTSvmVr-A_2YltNtvWwdh4k8NmqMyOqA2Hlkf0ZuHpyL6qk26IZryoHgc99_ujZ14z0nJEIkutqb7Mw6SR9LU5w-yDZ-J6AF7Lkp3BGzehhrnAucQny5zphjVFBewvzngBhzvwoxjhLmtngYM5Arcpc3-77xGijUD0_3F4hamVj_UEieByz7WOoaMQla9-GIGAwU-fEsbE73j7dJzKwRoHPAJ5-qO0PwuiASzyAp_AVp8n3twuOmP643E_VTVLHaaWEeePIrF6S6u-Kg0RLC6D-XIcHelRyQO7W4Juv3Bjetvfiy5Cw3NB_Mz8aMSVdM6eSqFtdJsNTF4n-02pZeE_4avyvoNSqn_XZOC0Q5LcO2X-DVn9pt70rNIIMRr303nkWFWyqKgsuOI5O_BSkjqjr9iMh4miFzARoUBKeme2UZyov0BsWrpR4mLGjCuWxktCw_ioW8vyv9hLsrmPzPvQDBrhQWYB5ttjAwajqd9PL8uA1jFPZGHYWtkZy8baxB0s6Xgw9hRgb69L5t6gIfHyOrQTqGzePmwi678oLBWraiA_diM3cPmwDHI4BXEuT1P3h7db_KVG5iIftu1a5jfFqBjqvOIudld2LMLUvoEhHjd2LbNPzQXbyQCmp13zy-WlGqUIeQuMKi4u-eId71WS6tf4JSskcd-dGnty-_mMaJYa3kbigUpZdS7jlUu7w1z7_TQ1gqr2VIev9OPTQ1r0fq-1uxeJAMnj5snsSpBcJBh1sKZwzOuEGmjYwJ6ullg5mtksf8re--GyOsyycBM2V5WCmZtMPmNpZYBr0PMxOTmOBipCJhu0vXBhwoRVQoU_HQ4jYVIl00B5Sxp9tJARYWqALvEuvZEJ3PPUv1YFpmbEWsx9PS3ua3roS4Irc3XIXsiSNjSJ-97qetnA7ii9i9uzBYCxSt8iDvq21_6vBpesMdlWSrX6Af_AeUI2sNsHOMZi2CDYTBw32whVyyHzPKj27uDv8NJUdiSeMc1zOXYrfIOrHK09ZXoLGfD140rR9XvMT4wVHQsOilfT_vFdFXPyk3bH9huzpku7NvrJdwsTQjDdVKqUVN151Jp0FvQn5cp0HiA&sai=AMfl-YSiHOHcoHXb1BQdlgdmBgcbYYsuZ0mvyeAFovvmXtUD2cqMCDhYslJ7J1IDeGr-cZydy7F8Ha6cllhQhLQqS4dTbIH-Py5Au9wdofk88e1unfczCxpcX-1SMWc8Bg2rmEoPt4nQTpYi43yVzK8QzG94h0Jgx7-ukBWHqDYy2AXKnnyhg_5qyvH779Si7WqxmpjHjJKzVqr2NkVi9urgbm0zoCMY3q9SWYjuyvzUOCVEjCxzDhZZMdI4f0oc9PPAU2TnGkK2O0qyJUR27ToISfV15Io5mVHMMtJ6EH5MFlDDWJw8PVRh7pxdTpxyCzgEmkSx8gflPJBHa1bP8O-xC-_Skr1gqQXDlyKr6yRknuTENN_kugILwy1KgX4AFiCt4LDtohx_YQRCWoqZomiosYx9gxzOJke5q7rNLxRcSJc57NPDoGUsTQks8BBJ-COGixa7isuOZEG6z5rqejsWIE1nDzCJqpZF0gn9S-tyRA&sig=Cg0ArKJSzHRF7Ly5W_laEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221110.65361&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Nov 2022 10:12:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 28 Nov 2022 10:12:08 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B737
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:07:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B737
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A5rGNaM1WgtYUDbCl5_DI9QgadI077i-WwuPg9QGoHq6M9u-s0kiQzrmz6foGieT55U_luKRJKtolFgElM8ptEL31f6ZKMiYSP_FmXS5-CbwhrdK8
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B737
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 09:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
4074
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 09:04:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B737
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 07:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
10238
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 07:21:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B737
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 10:12:08 GMT
14295997519892250038
s0.2mdn.net/simgad/ Frame B737
78 KB
79 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/14295997519892250038
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
fb9ca2e75c00641e3d36a3c5b8d296f218e2bed05e639c72a46c17f32f78d6ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:09 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80367
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 02:23:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 10:12:09 GMT
event
upskittyan.com/ Frame
0
0
Preflight
General
Full URL
https://upskittyan.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hereofamily.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hereofamily.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 28 Nov 2022 10:12:09 GMT
server
nginx
event
upskittyan.com/
94 B
383 B
Fetch
General
Full URL
https://upskittyan.com/event
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
c45f78c4881d06fc759734a21b8bd569aa4db541448439044ccae5c0744c0d39
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hereofamily.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
70aa4208805f4417bf5c55376d7cd958
date
Mon, 28 Nov 2022 10:12:09 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hereofamily.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
94
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8CC8
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:07:48 GMT
truncated
/ Frame 8CC8
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1be83d06199a80a371b4ae1c539c472c9ac7c18cccd3fa82d8bb73b99b24342

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame BDB2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhDX2eECGJP-m9cBMAE&v=APEucNVFJyq4m4elcryfubuHYoVwk9Yx3km82RNl6nbMzGNypd5IDlGmpIGrBKyqk4_vN8W4PJLohf7yGvz4OuoV893VH7FzJA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame BDB2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4SJeIQEwDknK.WO5M11vAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1&google_hm=2
43 B
766 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhDX2eECGJP-m9cBMAE&v=APEucNVFJyq4m4elcryfubuHYoVwk9Yx3km82RNl6nbMzGNypd5IDlGmpIGrBKyqk4_vN8W4PJLohf7yGvz4OuoV893VH7FzJA
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgSVTNHLiU7uVPN_YF9yK0&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame BDB2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESELzpVmDytYkvnj3BvnmfXLg&google_cver=1
43 B
1016 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESELzpVmDytYkvnj3BvnmfXLg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhDX2eECGJP-m9cBMAE&v=APEucNVFJyq4m4elcryfubuHYoVwk9Yx3km82RNl6nbMzGNypd5IDlGmpIGrBKyqk4_vN8W4PJLohf7yGvz4OuoV893VH7FzJA
Protocol
HTTP/1.1
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:09 GMT
AN-X-Request-Uuid
18c59a52-31b5-43a4-aa1f-738d7d0c066e
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESELzpVmDytYkvnj3BvnmfXLg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BDB2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4OTQ1MTg5NDM5NzIzMzM4NA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4OTQ1MTg5NDM5NzIzMzM4NA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPWlRhDX2eECGJP-m9cBMAE&v=APEucNVFJyq4m4elcryfubuHYoVwk9Yx3km82RNl6nbMzGNypd5IDlGmpIGrBKyqk4_vN8W4PJLohf7yGvz4OuoV893VH7FzJA
Protocol
H3
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 10:12:09 GMT
AN-X-Request-Uuid
ef30a1fa-d8cf-46d8-9a55-8ae3db4e550d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY4OTQ1MTg5NDM5NzIzMzM4NA%3D%3D
Connection
keep-alive
X-Proxy-Origin
116.90.74.197; 116.90.74.197; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame B737
208 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6c65abf4622ac20b00f52f2858705eb164cde651fa3d4fbc71c1e02a69754e8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F831
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
469922
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 23:40:07 GMT
expires
Wed, 22 Nov 2023 23:40:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A0F
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 20:34:09 GMT
x-content-type-options
nosniff
age
135480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 26 Nov 2023 20:34:09 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A0F
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 22:15:02 GMT
x-content-type-options
nosniff
age
215827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 22:15:02 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2A0F
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 06:45:20 GMT
x-content-type-options
nosniff
age
271609
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 06:45:20 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2A0F
0
17 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CE5FfdYmEY-K_Nc-0oQOOiprgC7u3m-Bp2cevldgQsJAfEAEgh93MKGCr7LGF4BigAe_TodsDyAEJqAMByAPLBKoE2QFP0IqarPSLxFMIn0PPp8P8Ufq3AMGyFvtxq39lmtUJvFUpzW7H0-2-Hg23sxImaQ3rbsGrxmcXTDG_98IeSgfasVHMEKuFvXQzJ7jqq26PVcZlWAPERonsktdFs9t_FDN1w_rF_SNiCKc9BSfuPLfCrnJVRofdthaSDfQnuQ20pdVejRIPfTjLWSXOd83yQ1w5QheUZ_X4O1MiOtTPc-dJJLXexbEs-HjxPYDgWS-dsX5FMZqS7NIIwoDz3EYcmtXgNQqkrA3Hwmm1kyFbhlqLOOuImRiMz3GewASHq-7qvQKSBQQIBBgBkgUECAUYBKAGLoAH-aveJKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIHPHNIIDwiAYRABGB8yAooCOgKAQIAKAcgLAbgT5APYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMTU0MDc1MzY5MDk2NzY3NxgA&sigh=GZAEeTUQcvw&uach_m=[UACH]&cid=CAQSGwDq26N9kpDrFqV2gs-IZwOE38R0Vs5FPORKHRgBIBM&template_id=484&cbvp=2&vis=1
Requested by
Host: www.hereofamily.com
URL: https://www.hereofamily.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Nov 2022 10:12:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame BE9D
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1540753690967677&output=html&h=280&slotname=9287042163&adk=1186351040&adf=629620122&pi=t.ma~as.9287042163&w=1000&fwrn=4&fwrnh=100&lmt=1669630325&rafmt=1&format=1000x280&url=https%3A%2F%2Fwww.hereofamily.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669630324224&bpp=2&bdt=1278&idt=1507&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=726049612534&frm=20&pv=1&ga_vid=1450316800.1669630326&ga_sid=1669630326&ga_hid=1906383948&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=78&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44773810%2C42531705%2C44760911%2C31070762%2C44770881&oid=2&pvsid=4424423428132875&tmod=1994438468&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=uahWfwz4ED&p=https%3A//www.hereofamily.com&dtd=1515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 03:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
456472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 03:24:18 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EA5F
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
469922
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 23:40:07 GMT
expires
Wed, 22 Nov 2023 23:40:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3CBA
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
469922
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 23:40:07 GMT
expires
Wed, 22 Nov 2023 23:40:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B22
6 KB
3 KB
Document
General
Full URL
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hereofamily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:08 GMT
expires
Tue, 28 Nov 2023 10:12:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2029
6 KB
3 KB
Document
General
Full URL
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hereofamily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:08 GMT
expires
Tue, 28 Nov 2023 10:12:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame C1B4
221 KB
60 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 24 Nov 2022 12:51:46 GMT
age
336023
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 24 Nov 2023 12:51:46 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C1B4
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 28 Nov 2022 01:24:21 GMT
age
31668
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 28 Nov 2023 01:24:21 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C1B4
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 05:23:01 GMT
age
535748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 05:23:01 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C1B4
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 25 Nov 2022 06:20:45 GMT
age
273084
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 25 Nov 2023 06:20:45 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame C1B4
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 22 Nov 2022 19:38:19 GMT
age
484430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 22 Nov 2023 19:38:19 GMT
en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C1B4
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 17:01:11 GMT
x-content-type-options
nosniff
server
cafe
age
61858
etag
15880770647744369592
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2982
x-xss-protection
0
expires
Mon, 28 Nov 2022 17:01:11 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C1B4
344 B
371 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 12:35:44 GMT
x-content-type-options
nosniff
server
cafe
age
77785
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Mon, 28 Nov 2022 12:35:44 GMT
truncated
/ Frame C1B4
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
894f06d0eda23bd65a7335664877815ab2fd747f738cab889a9749cf6647442b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
9827099516404764317
tpc.googlesyndication.com/daca_images/simgad/ Frame C1B4
63 KB
63 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/9827099516404764317
Requested by
Host: www.hereofamily.com
URL: https://www.hereofamily.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
68dbb8671823fd0754d0a6a3804dba64b41917fbe66ec16b400f4f27eb7b84dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:09 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64812
x-xss-protection
0
last-modified
Mon, 09 May 2022 13:31:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 28 Nov 2023 10:12:09 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C1B4
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C5sXieImEY7HRBtadmsMP8KSf4Au3y7buYfaT67KHEOPW-KCnIxABILGT7Xlgq-yxheAYoAG4zqDLA8gBAuACAKgDAcgDCKoE-wFP0Iubuc8q9DdfeGe_qc38_WrKcOuGEdH_rtETXYD686OPt0Eph0RLf2BwbBHFtXmU5LQqPxUKj7CFhrBrFd7pkOAgIjr4YZiOQu1rMC9s_Zo4oO15QNq0GmgTDqzXf5KCNy5F3CpsYliGXbKNHNoAZTpgvKwhp-gzYgryvL4VZitv8AipKdT3ForOyF0vYYX7kvt1he-JxNvvhDSmGUWW9wVhl8SJBSFIv-2yP2dRQjQaaCdDMLOx81ixN49WWQUfNC24kaZpn6lWyqHLlKZEKztyMifPOzP-JGbzoI0TETUNkLfhKDkafhGJCWous1SNF2DI5oJy9th7msAEnLmg0sED4AQBkgUECAQYAZIFBAgFGASgBgKAB8WbcKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEK6oJ9IIDwiAYRABGB0yAooCOgKAQIAKA8gLAdgTAtAVAYAXAbIXHgocCAASFHB1Yi0yMjA1MTIxMDYyMTQwODEyGILzcg&sigh=g48zgKUGGHk&uach_m=[UACH]&cid=CAQSTADq26N9zswik1vQa8AzRX2nanfKbfDDpy6kJuDt1RJ8aGnXsEb151o6vJiIU-K3lkNp4S4cMm1UsboS6_4NaUQDlohOeZlUTMvFN-gYASAT
Requested by
Host: www.hereofamily.com
URL: https://www.hereofamily.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame F831
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 03:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
456471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 03:24:18 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame EA5F
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 03:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
456471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 03:24:18 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 3CBA
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 03:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
456471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 03:24:18 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame EEC8
640 B
265 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEMnNrJkDGOPc99UBMAE&v=APEucNWV9IYYU6YB9tj8Ku6kik9F__MyZcL_Rj9n8jg_k_AZo4BTbca6qfjdWIDTAA8PGqTCswKTLwkGvrr1xF_SeNOfrEet2w
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:09 GMT
expires
Mon, 28 Nov 2022 10:12:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 0F13
93 KB
37 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Belvd3c8Yp5rjaP3CJ6GV1MfiI-sTuxfUgRHDNPZ6F_Ogn6EgrUFOl1_2iFNjn7cXbibD3cmeT-5xQcP6-xdvKjbUEPW-mzMDYwfTUlk7p1dk9dRGUb1YTTSj3GQuTeE4BPXAmj-pa40ZoCVGq5mPdeLxRLDhQQpCN3g0B283xa49fQcg&dbm_d=AKAmf-C2C2ccKZFI0My8obhbWx8GwLnZPIpXwD8ukXeSPy4QxcWdBCl-xQdOimER_s3zkol8Ov4IAMrCBy-_M8LYQn4RWx5HYNUO5lp0rra5ommgzUjin5m5BR_2VKVudaqg0davuw2AZbNZyPxIGqnx4D6Ins_Ycgbdmgc6-Bz_IggQw7FF59EIYmoM3rCWjO5ZhUd0t8ZpxzPVsLcRge6-tk_xKuI-ZpdPVnTW3vzgtVT3fLNWXTuEPF4_1B_zQsFDPB2ShL0-pbsyLUPCYonYtmYOlOhqyVGsWEk0GZ9VHD1sgKR-qtmsxm_dPIyYIgzwd_RJY7tMHMSmOAbpL1WgxgybRVk1NGqE86THWuoSqJUAfEXft_P4n6HbvTIwMTm-ZgutJfg67FrUY4aBQKa2favOsRaS3nUy5krNejXuHCCgtb73afevMu3G5U8YddWjB5rPKRbcSLFZa8JED1vTmDF8PX7XVUND7VyYC_GBLK_ZL5OrzyW1Vv10l-UlK-rtFjAl0HCGiVAesEpoNpfpyfieMBiFT0CqR42Trgd5rF8Eg5YfpcwC4yROno_YF1Wmmj8hoXL3fztbMv6GcmPF7lMtXcq2J1j1ZCf8ewZLFtKh9a0cUe1w8mJQRf3ypInqDjJmPD6NSdzffc-FB9ocfquV14TAmiA6jQJlJKcEFCaXU3kLhF5CE6FF1ocYuu2G2VngBTEQyF0X64b4aEsS9ya7CWHoTZGKqw8WKlcK_T0OurQSMED48D3IXm1ou-XPeh-XHL1yOMDmxqr34GjSOD4NPK_2XzIuNF_smIdKRenTTzo0SSkr-XJk4uMP0zyAYk2mdI9guCL2pOFVKdqBlI9A_Zf05VXZLFjapTanPXoLiAlFtIsuYWrWv4BYWBCQMHIwKBdBEVQTwuWBSgqRsngfQ9ESdbktfd3k6DbGCUjDvtMrJDSkSAO5nMiQ34KDpC4TI-vLIVtetAfzLnpk3fHLFFDeB-c0M0KcUznx8b8PChfJr5_m4zHbuXKrVVtx1l7m3d9ONQeDARZbn9x3ib0CjgSuOem3_z6VVeS9je9TKZh8u43h4ayKfhflfUPkn9eERe7XGGD7SwmZyWGn1lbhZ8BIC_jyMvA3b2cHgSCHURnvFbhZKDprS1R_jl0TofmoqWiLd6lsiu9cwg7iFetzC3jmGbaUM8wBXCF-tTzgrWwW_q8mRBYDy3GHzcuVYTsXeQiHABnZEUEND5qaaawtfW7cN1HuNjUj0pRdtkLJwAbjC_KGR10DKXxNy17o-PjXkjP9kHvJM_6lEEfkoUrvZqk11OeBkhfS7TpLyOO1JP6FO9E2svcH3WlsjwUheBRjYHd3MHJsRdjjKjp4UCnj6gnrUJQngyz-ycRf5h1JrEBT0tSrC82dYr8LVrMSQ7Enus6YK4oJaPRKO9Orf_7KsZl7rUjTGAs06sp8B0cb0Vw9wUekYCioNGwgMxfG9UaLxWN9lLfBxrGJHV6Qx5bLV-vhMImLNoBO7bN4aQs0qGM3j54SrZmrLbfXf_nnGuJ0m8FBbgra6HHGErQ0uD5VZngUYY2y4aybwtWuSvhKsfvJX0yPVJoLd-75kUS1_m5dw9b-P9zOh_Z9QfUmKRo7E05DDmwRcMaWz8uypxbNPRNxNz5dOBsPqXK95_ASQvWIa6MX04AD0vW9J0HyGYKO0x14MdLplhRB_pdzxHJejhCbWjdHhdNYtJFak8GO1UDFISmR-9RdSp9yihtI1QFPcfNwASg2H0yNXnGH9M7ZJ1W9HZRPh-WNEvOi-FOZOxBmLH3aAXUIfKG0PTgK45u4L2o7IZSIFBJFIgQm-E9pnr2n-u4phYJYd7C8cBZ7-FAZ-WupsObUPIp5AtrRJYO6YO7NdN0w3wHTDNOWgKseWWbviLI_a-7U0ss1_i-cVM4sq8404PV-HXpAzO7hAMEboT28TK6toWwQTLtKCWd2To8sZA-QrQztVh2mAYHR1gFx2ZPVsNjrWOYmHR37rdldXSQCa2nWNv1bcfjtqVlwMTB9uRN-_Z0aWhCg2N4BjvzD9vlHjw3dJpu7beJECjc6UNQukQcKUFyjCu6hyWDf46bwxl1cCuOjgiXEvM_VcJaOs2hJeeVoLVYEdDwLd-Ivfp3vQwCPGamJzcZRBN4XWI6xcCHcpqF4TTExEH5ORZwJlL7RLoKa2rmHHZKJRpDOwscrt-MZJLrEgZXqk-qWUz2XYUSnoE1iKiuIz_BqJcO2v6_jHBbj50k5zak1vKggxKhkIkRvp7zECfNZvwqilybEydCKJGAoaOpsCtNRg9fFSxx7QKFHay5UAchMd-O0l8lE3WAIy3e1BsNygXU9ie1wK-9nkBmKD2sSb9pWPwZGt-XVKVEDlTgwN8eaiAA94f8oyP2TAimT2bC_ear5aQt0pVmyvzWeJlu7CkyE8i0qKJmY_rWMqNh7cDYYC295-x8Tuc30nNszJFLeGZFv9ighdfTV5nREfQ14aeOoxxaoySGhMYaVV6otzq-EtiSvJ66gnEA_F1Rt_Zy60MEPD_Ls97i90v6y6yQDqc8qmKSPFI1ieyMjQHzLxdeakTgz1XjFigUi93RMxaOhjiFNKc2ugiTJmUs3NRZGwyv4zV1fLZQR4o2MxsbU9ohZ88E20cUe-kfMfdO7tZXY2Vel-_lFc-GvLz8g3dexKVznVfo72jKFoLai7xZH74gZ93-79RJGjRa19x5MuLjzRf9jOy7FXUqPMcPut7HB7qkF8aLAhixvuf8kyV7p3Aiddayk1MY999lcczzFQ-M0mGQDCafbOS8qtrX-qUTgsDsTarysVHXURIhim3-Bg_KInSLfMLfF2pNkFOiqwgiqp3dUgYjRuWtkaxCyAANHPau40FpsI4Fj0euWaxghvxHu3HLESTVfdNKdTrX265Eg3Bprma_yODykBMjzl7nzmzJxG7fR4fExuslKraah_9I68GhmJK1B0-p5TF4COUi-E4I8MbJ96DZDTrntxrHBS2JpQ5CCqeDRJCGw4Xv_JWAcW0GV1cbsyaqVDz1jSS3uKd-aDIrzezKa4HCQYoEkM3NkrUFPJd3PK2yJRkurObuIIEX_yJDz7-BOcABKuUYuybaJYK0GbGSFnoswMgH8auqOlQP-nYK0CrWjn_CIo2QN8647QCyD7RaTmrbfXgCrF1TIKNHvXzqd29sOdg9i7-Rx-JBi55OxIigs7Q1WDjU2-vfm6Grz1UXJO-hxdwxIWso6amvBsMuKBP6JMkujmU1MHj2EW6uhNvkfGGJ1X-YSyJHPlxovTHZrSqidZaV9pnQr0WXxwR_mpbI5PocFxfv70nIvziZmwObBeBoj66Ze8_yahTYB3S0Tclso0bV7OSElwCSjzAI&cid=CAQSTADq26N9zswik1vQa8AzRX2nanfKbfDDpy6kJuDt1RJ8aGnXsEb151o6vJiIU-K3lkNp4S4cMm1UsboS6_4NaUQDlohOeZlUTMvFN-gYASAT&rfl=2%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
3ec4d61ecd7dd13a591b35b6f7c77367e0ce7940be27c5898e6870f9d252bb53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37478
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0F13
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 09:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
4074
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 09:04:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0F13
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 07:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
10239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 07:21:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0F13
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 10:12:09 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0F13
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D5Qwzr_Hm3uSleoq76JuMyACukpjF3FUimW3eH5jy_dUjGyTCTognwwMYmY6hpn4d-f4LaIowfqac6-LGQt-8sTw0FrhYpqgmKVnsXUjk9XZX8KWU
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 2029
4 KB
732 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 10:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 08:52:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 10:12:10 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C531
2 KB
769 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 16:21:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
64227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 16:21:42 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame C531
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 07:22:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
10208
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 07:22:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C531
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 09:04:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
4074
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 09:04:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C531
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 07:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
10239
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 07:21:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C531
154 KB
47 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f157.1e100.net
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 10:12:09 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame C531
34 KB
14 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 03:39:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 25 Feb 2023 03:39:15 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 2029
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 20:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
50665
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8086
x-xss-protection
0
server
cafe
etag
7427986489964165156
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 20:07:44 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2029
205 B
520 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 06:57:29 GMT
x-content-type-options
nosniff
age
270881
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 25 Nov 2023 06:57:29 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2029
604 B
697 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 08:47:40 GMT
x-content-type-options
nosniff
age
177870
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 26 Nov 2023 08:47:40 GMT
index.html
s0.2mdn.net/sadbundle/7993156538493491812/jj437394_mrec_Garmin_Epix_DV360/ Frame 52AB
6 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/7993156538493491812/jj437394_mrec_Garmin_Epix_DV360/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
6890869ef2b2071a7078d7c9b5308ee44bf6bdf3dd779fba205911568927bc5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2290
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:09 GMT
expires
Tue, 28 Nov 2023 10:12:09 GMT
last-modified
Fri, 22 Jul 2022 06:25:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 8CC8
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcRohEr_5npkVkMnL3FjAZ8BjDYneBZ9AtTUA-E_coYutsVZInhayCzC0hi_v6ToR6ijRYItUeVHTm3whsS4HfcDggMSFA33aqNbgGzJqAhIbZP8Pb3hct-pI4WioHdTHwhWmdTKAdeSSKlv2iGmyLOjsVOVvTgy7U5Up3XqXHaanTPsG9MRpyovozftfrEtW7abOVAoQdxOFAbjJUsobeL6CzpcR8afXWbsxDdKczQy2yQu6DImHO_oXe2GJS1_d18OlKc32dpEi2qcw1zKTqmQts9apdNMm9gEGHl39CTzG1hoScIiVugU35Wdv_a_E9MtkiS7mV8M73QopAst2cilUk0wzdlvL2W58k_Y6El0VZYO0g4kEsTFqkMBeBmipsqTJeisfKx4g8teIGP1n4l9hb4WSXGXl3WtZYnfnhBNEdz28IAS2OixEfZNVtxgllHQNe3tRknr3YGt6Yvl3xo5i2gGd81ikTjbstg32SfnoepXLsleUW1qpdWN4uG2eXsarXRkgYYLJ0gn_nOkevF_S0pMYYG-4deCLNqDblLm6TstJJyrODEz15o5MCMWLMm4yBEu8-hpr7vQmzz1bhJNcty8FnSNrcHbhsFZ_8gcbXT59WM63uxQJ3mUl9juQljQ3y8-7e26j30rPzgRzk7MmvWmKNt2htG3coHLQCQBzMNZfhEZVV3-zgIvkdM8nLZVoxdT4TbVaZC6gfmJmRof5ZE87_xr3ZGLb5v_QOyNhX0qw2LOpmSmwE6qMB-F9-6G4922tx5Z0EKFgJLdSu3Ej-NcPOR7O_837nBTl4Uq8r0M23V6skwPgawuoE7fgRUMkqun89bBtPgWExBGrTsfhQvbPvweOFlBz7AspDuvpzBLiMdju6rG5CEYkX_1KwrMG1HRwRGMIPvYX_j5hmXJm3D44fRqgCivu_D8Ba6MYyU3gGTPeJDz5BvFI7QMEA9ilrtWceNssFfUdQXyIGbcnDjo03ehUF2ERo--MsWWNVnUf16POW7OFJE_CgNVnRn2b51Jjcm-KlnQhX6fxBhFDtc54N0QjyCG9_SkwMWutcB_F2ddqOj7UzDJDh1bwbJYpC3GcpasicQsFh5680B2kMn5Zr_8VqILxa3bOhIW374h18xQEr7gZPjXHDji6WHtAwbxlS3AhIP3wA9eRDTY_qX9N-nYIeiZYTVTRqBBcKlTPta6JW0QDcgQBBQYRIdoITV0upA7m8qqmzm2o7IQy6yAIm7_4AoqUKkQ&sai=AMfl-YTKMHGKPyY5H4rdGv_EMoTZst5x3WIUPn2UnUwLHy_2cray2OENqvX2SKwl1yGAK3In3_rms0z7_hXzw0w-cTNTY_gNXO0h9L2NUTH50cfHEog3bLHIzH6LMf1v8Cwhj2T6crSwmAXRZycfNw2qhKRBgPiYo4EEZOq4_V7IUrfSSKhkoaTaMxHkWud7OtGiqgFKtwWTUtrhbGOErCmzUEoUnoGP1yVnGQnETf66qFNv9EoJJVZtcMasqrihIE3rcvXAsav7rIMZEeXgA6xFRKWS6gaNSxLbrDjRANo&sig=Cg0ArKJSzKMul0sQTNJ6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1085&cbvp=1&cstd=1082&cisv=r20221110.86569&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Nov 2022 10:12:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 28 Nov 2022 10:12:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B737
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuc-r65L8vq4Luc1l7VUdNgxm8VrDQQfkSE0u2NBdNTOYNCCh8q9y3PSLOpnK_mU2sc0Hkn44Ee4ge1EFdxLCm0zZ-oXv7pDcQwvGliqa0sBlKx2gVW6UGZFD-fBXf2umTSvmVr-A_2YltNtvWwdh4k8NmqMyOqA2Hlkf0ZuHpyL6qk26IZryoHgc99_ujZ14z0nJEIkutqb7Mw6SR9LU5w-yDZ-J6AF7Lkp3BGzehhrnAucQny5zphjVFBewvzngBhzvwoxjhLmtngYM5Arcpc3-77xGijUD0_3F4hamVj_UEieByz7WOoaMQla9-GIGAwU-fEsbE73j7dJzKwRoHPAJ5-qO0PwuiASzyAp_AVp8n3twuOmP643E_VTVLHaaWEeePIrF6S6u-Kg0RLC6D-XIcHelRyQO7W4Juv3Bjetvfiy5Cw3NB_Mz8aMSVdM6eSqFtdJsNTF4n-02pZeE_4avyvoNSqn_XZOC0Q5LcO2X-DVn9pt70rNIIMRr303nkWFWyqKgsuOI5O_BSkjqjr9iMh4miFzARoUBKeme2UZyov0BsWrpR4mLGjCuWxktCw_ioW8vyv9hLsrmPzPvQDBrhQWYB5ttjAwajqd9PL8uA1jFPZGHYWtkZy8baxB0s6Xgw9hRgb69L5t6gIfHyOrQTqGzePmwi678oLBWraiA_diM3cPmwDHI4BXEuT1P3h7db_KVG5iIftu1a5jfFqBjqvOIudld2LMLUvoEhHjd2LbNPzQXbyQCmp13zy-WlGqUIeQuMKi4u-eId71WS6tf4JSskcd-dGnty-_mMaJYa3kbigUpZdS7jlUu7w1z7_TQ1gqr2VIev9OPTQ1r0fq-1uxeJAMnj5snsSpBcJBh1sKZwzOuEGmjYwJ6ullg5mtksf8re--GyOsyycBM2V5WCmZtMPmNpZYBr0PMxOTmOBipCJhu0vXBhwoRVQoU_HQ4jYVIl00B5Sxp9tJARYWqALvEuvZEJ3PPUv1YFpmbEWsx9PS3ua3roS4Irc3XIXsiSNjSJ-97qetnA7ii9i9uzBYCxSt8iDvq21_6vBpesMdlWSrX6Af_AeUI2sNsHOMZi2CDYTBw32whVyyHzPKj27uDv8NJUdiSeMc1zOXYrfIOrHK09ZXoLGfD140rR9XvMT4wVHQsOilfT_vFdFXPyk3bH9huzpku7NvrJdwsTQjDdVKqUVN151Jp0FvQn5cp0HiA&sai=AMfl-YSiHOHcoHXb1BQdlgdmBgcbYYsuZ0mvyeAFovvmXtUD2cqMCDhYslJ7J1IDeGr-cZydy7F8Ha6cllhQhLQqS4dTbIH-Py5Au9wdofk88e1unfczCxpcX-1SMWc8Bg2rmEoPt4nQTpYi43yVzK8QzG94h0Jgx7-ukBWHqDYy2AXKnnyhg_5qyvH779Si7WqxmpjHjJKzVqr2NkVi9urgbm0zoCMY3q9SWYjuyvzUOCVEjCxzDhZZMdI4f0oc9PPAU2TnGkK2O0qyJUR27ToISfV15Io5mVHMMtJ6EH5MFlDDWJw8PVRh7pxdTpxyCzgEmkSx8gflPJBHa1bP8O-xC-_Skr1gqQXDlyKr6yRknuTENN_kugILwy1KgX4AFiCt4LDtohx_YQRCWoqZomiosYx9gxzOJke5q7rNLxRcSJc57NPDoGUsTQks8BBJ-COGixa7isuOZEG6z5rqejsWIE1nDzCJqpZF0gn9S-tyRA&sig=Cg0ArKJSzHRF7Ly5W_laEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1172&vt=11&dtpt=1171&dett=2&cstd=0&cisv=r20221110.65361&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 28 Nov 2022 10:12:09 GMT
sd
us-u.openx.net/w/1.0/ Frame EEC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKZrcW_y8l0KRB_jzuWhf1E&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKZrcW_y8l0KRB_jzuWhf1E&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKZrcW_y8l0KRB_jzuWhf1E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEMnNrJkDGOPc99UBMAE&v=APEucNWV9IYYU6YB9tj8Ku6kik9F__MyZcL_Rj9n8jg_k_AZo4BTbca6qfjdWIDTAA8PGqTCswKTLwkGvrr1xF_SeNOfrEet2w
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:10 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKZrcW_y8l0KRB_jzuWhf1E&google_cver=1
date
Mon, 28 Nov 2022 10:12:10 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame EEC8
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTU5Mzk1ZTQtNzE4ZC0yMTNjLWM1YjAtNTk3NTU1Y2Q4YTRl
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTU5Mzk1ZTQtNzE4ZC0yMTNjLWM1YjAtNTk3NTU1Y2Q4YTRl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEMnNrJkDGOPc99UBMAE&v=APEucNWV9IYYU6YB9tj8Ku6kik9F__MyZcL_Rj9n8jg_k_AZo4BTbca6qfjdWIDTAA8PGqTCswKTLwkGvrr1xF_SeNOfrEet2w
Protocol
H3
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 28 Nov 2022 10:12:10 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTU5Mzk1ZTQtNzE4ZC0yMTNjLWM1YjAtNTk3NTU1Y2Q4YTRl
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame EEC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEGYbnHRYdAXT0LztS_zL1Oc&google_cver=1
23 B
287 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEGYbnHRYdAXT0LztS_zL1Oc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEMnNrJkDGOPc99UBMAE&v=APEucNWV9IYYU6YB9tj8Ku6kik9F__MyZcL_Rj9n8jg_k_AZo4BTbca6qfjdWIDTAA8PGqTCswKTLwkGvrr1xF_SeNOfrEet2w
Protocol
H2
Server
23.53.160.138 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-160-138.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

expires
Mon, 28 Nov 2022 10:12:10 GMT
pragma
no-cache
date
Mon, 28 Nov 2022 10:12:10 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEGYbnHRYdAXT0LztS_zL1Oc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame EEC8
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjRhNGNlMTYtN2MzZi00MjA1LTgzMDctOGFiMzk2YWZlZjIy
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjRhNGNlMTYtN2MzZi00MjA1LTgzMDctOGFiMzk2YWZlZjIy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEMnNrJkDGOPc99UBMAE&v=APEucNWV9IYYU6YB9tj8Ku6kik9F__MyZcL_Rj9n8jg_k_AZo4BTbca6qfjdWIDTAA8PGqTCswKTLwkGvrr1xF_SeNOfrEet2w
Protocol
H3
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:11 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:10 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=NjRhNGNlMTYtN2MzZi00MjA1LTgzMDctOGFiMzk2YWZlZjIy
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Mon, 28 Nov 2022 10:12:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F831
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXY4zdomEY4aHL8eL9fwPlciBUAAAAAA4AeAEAg&bg=!p6SlpODNAAbvMpMzzzI7ACkAdvg8WsP4pkGoVdHVlWNAKa52X6xer1g8KK0GqFox-_qheLMcTekE1wIAAADDUgAAAANoAQeZAum0bRWLte2bYQkAmu3qojBWztFpSTO84HbjsbYoJLVhC7_XM7QAoGwZeP_9gTLgOLEp6QKR8Ef3QLBhk7URA1zUyynseGsrV86NuILsG_FdEXK7uWP4iP-x30h1Q0ELMNgkpZBjzkzawFZJtnFdVFXu8ubPVLhOmptmXlres6spRnApaGdFgw2tcpvtvmT-119KfzleLvyuKySG33C7f-JmFxMK6ZG-cW32WOJb96mgAz0c9Z64uR_DBba5wKojBwd0F0Gd1ZD-i4ICvPq5AukRfQgQzxfkf2NUakH0C7bsnK9v9BX-qrohLtFSpp-C2VkjYbwuhJJSmLCa2Atu4zqVGFfpL7eTmoXq5ZJk-wBgqrVHqtXb9iHBLIHHbaJ-5OQqqAjH855dFKVrvY6v1BPmdn6hqxB86T7BoApoKX80JiBibVnqVeQCes-CG3H3VEQXkSutYWzGwzpdpcO04DYM7jnpXa4UZHEMMRgu2E7UE5DeS1uH51-WFPW8iyr7VEdianHnCXA2TCMkCieOV8qUIfa3O-J-EzEEBsn4b53QFelNe2lzzRXOqn55huQ59rgM9_5mU36B67n-LboUPK4Iq6oyKczbaaxebCqH_NqZTuxyhM2GSShbdWxV8-NzoECyFKpQ7kMisAbjYSGBTGkoq5XWQslRQK60Or0pZxFRJnJ7ZEMMwFK0ULG4R5VmuYw8SToiJRcnxIvN1awbwcNFiBTbaYZ-SpnPR44De1gD48MDpi6bs_-DsPNA0o1jNUZcM7afbKggSVXRhk4JCMli-JeVQUSbt-icvSyPkDbwV2XNYt2lvP03Evp7h5tRD1svzASrcd4rHiy95MuM3KmWvYDjwzMHq0ZDgemkPTjZf7xghymiUqE-HN8u3tUnuAMSIbEFOQXTEuDtEvOCKYR0pCMlFhxm-FvEbZNQ0icW9m3c9P5c1gVPLCm4ltMUzr-7ea9JB9odMcAchZPAuY4KWzGWFbba2SoV
Requested by
Host: www.hereofamily.com
URL: https://www.hereofamily.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1210565/66379768/ Frame 0F13
46 KB
12 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/1210565/66379768/skeleton.js?ias_dspID=3&ias_campId=1009254204&ias_pubId=pub-2205121062140812&ias_chanId=1&ias_placementId=18536756356&bidurl=https://www.hereofamily.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h_tWyapaXOaABKjZxwUeqb
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.251.115.154 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-251-115-154.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
cf3290697245ecd5f002e564a73aaceb9a0057406c554078e282558fc06033e6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:10 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0F13
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
Origin
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 05:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18149
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Nov 2022 05:09:41 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 0F13
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Belvd3c8Yp5rjaP3CJ6GV1MfiI-sTuxfUgRHDNPZ6F_Ogn6EgrUFOl1_2iFNjn7cXbibD3cmeT-5xQcP6-xdvKjbUEPW-mzMDYwfTUlk7p1dk9dRGUb1YTTSj3GQuTeE4BPXAmj-pa40ZoCVGq5mPdeLxRLDhQQpCN3g0B283xa49fQcg&dbm_d=AKAmf-C2C2ccKZFI0My8obhbWx8GwLnZPIpXwD8ukXeSPy4QxcWdBCl-xQdOimER_s3zkol8Ov4IAMrCBy-_M8LYQn4RWx5HYNUO5lp0rra5ommgzUjin5m5BR_2VKVudaqg0davuw2AZbNZyPxIGqnx4D6Ins_Ycgbdmgc6-Bz_IggQw7FF59EIYmoM3rCWjO5ZhUd0t8ZpxzPVsLcRge6-tk_xKuI-ZpdPVnTW3vzgtVT3fLNWXTuEPF4_1B_zQsFDPB2ShL0-pbsyLUPCYonYtmYOlOhqyVGsWEk0GZ9VHD1sgKR-qtmsxm_dPIyYIgzwd_RJY7tMHMSmOAbpL1WgxgybRVk1NGqE86THWuoSqJUAfEXft_P4n6HbvTIwMTm-ZgutJfg67FrUY4aBQKa2favOsRaS3nUy5krNejXuHCCgtb73afevMu3G5U8YddWjB5rPKRbcSLFZa8JED1vTmDF8PX7XVUND7VyYC_GBLK_ZL5OrzyW1Vv10l-UlK-rtFjAl0HCGiVAesEpoNpfpyfieMBiFT0CqR42Trgd5rF8Eg5YfpcwC4yROno_YF1Wmmj8hoXL3fztbMv6GcmPF7lMtXcq2J1j1ZCf8ewZLFtKh9a0cUe1w8mJQRf3ypInqDjJmPD6NSdzffc-FB9ocfquV14TAmiA6jQJlJKcEFCaXU3kLhF5CE6FF1ocYuu2G2VngBTEQyF0X64b4aEsS9ya7CWHoTZGKqw8WKlcK_T0OurQSMED48D3IXm1ou-XPeh-XHL1yOMDmxqr34GjSOD4NPK_2XzIuNF_smIdKRenTTzo0SSkr-XJk4uMP0zyAYk2mdI9guCL2pOFVKdqBlI9A_Zf05VXZLFjapTanPXoLiAlFtIsuYWrWv4BYWBCQMHIwKBdBEVQTwuWBSgqRsngfQ9ESdbktfd3k6DbGCUjDvtMrJDSkSAO5nMiQ34KDpC4TI-vLIVtetAfzLnpk3fHLFFDeB-c0M0KcUznx8b8PChfJr5_m4zHbuXKrVVtx1l7m3d9ONQeDARZbn9x3ib0CjgSuOem3_z6VVeS9je9TKZh8u43h4ayKfhflfUPkn9eERe7XGGD7SwmZyWGn1lbhZ8BIC_jyMvA3b2cHgSCHURnvFbhZKDprS1R_jl0TofmoqWiLd6lsiu9cwg7iFetzC3jmGbaUM8wBXCF-tTzgrWwW_q8mRBYDy3GHzcuVYTsXeQiHABnZEUEND5qaaawtfW7cN1HuNjUj0pRdtkLJwAbjC_KGR10DKXxNy17o-PjXkjP9kHvJM_6lEEfkoUrvZqk11OeBkhfS7TpLyOO1JP6FO9E2svcH3WlsjwUheBRjYHd3MHJsRdjjKjp4UCnj6gnrUJQngyz-ycRf5h1JrEBT0tSrC82dYr8LVrMSQ7Enus6YK4oJaPRKO9Orf_7KsZl7rUjTGAs06sp8B0cb0Vw9wUekYCioNGwgMxfG9UaLxWN9lLfBxrGJHV6Qx5bLV-vhMImLNoBO7bN4aQs0qGM3j54SrZmrLbfXf_nnGuJ0m8FBbgra6HHGErQ0uD5VZngUYY2y4aybwtWuSvhKsfvJX0yPVJoLd-75kUS1_m5dw9b-P9zOh_Z9QfUmKRo7E05DDmwRcMaWz8uypxbNPRNxNz5dOBsPqXK95_ASQvWIa6MX04AD0vW9J0HyGYKO0x14MdLplhRB_pdzxHJejhCbWjdHhdNYtJFak8GO1UDFISmR-9RdSp9yihtI1QFPcfNwASg2H0yNXnGH9M7ZJ1W9HZRPh-WNEvOi-FOZOxBmLH3aAXUIfKG0PTgK45u4L2o7IZSIFBJFIgQm-E9pnr2n-u4phYJYd7C8cBZ7-FAZ-WupsObUPIp5AtrRJYO6YO7NdN0w3wHTDNOWgKseWWbviLI_a-7U0ss1_i-cVM4sq8404PV-HXpAzO7hAMEboT28TK6toWwQTLtKCWd2To8sZA-QrQztVh2mAYHR1gFx2ZPVsNjrWOYmHR37rdldXSQCa2nWNv1bcfjtqVlwMTB9uRN-_Z0aWhCg2N4BjvzD9vlHjw3dJpu7beJECjc6UNQukQcKUFyjCu6hyWDf46bwxl1cCuOjgiXEvM_VcJaOs2hJeeVoLVYEdDwLd-Ivfp3vQwCPGamJzcZRBN4XWI6xcCHcpqF4TTExEH5ORZwJlL7RLoKa2rmHHZKJRpDOwscrt-MZJLrEgZXqk-qWUz2XYUSnoE1iKiuIz_BqJcO2v6_jHBbj50k5zak1vKggxKhkIkRvp7zECfNZvwqilybEydCKJGAoaOpsCtNRg9fFSxx7QKFHay5UAchMd-O0l8lE3WAIy3e1BsNygXU9ie1wK-9nkBmKD2sSb9pWPwZGt-XVKVEDlTgwN8eaiAA94f8oyP2TAimT2bC_ear5aQt0pVmyvzWeJlu7CkyE8i0qKJmY_rWMqNh7cDYYC295-x8Tuc30nNszJFLeGZFv9ighdfTV5nREfQ14aeOoxxaoySGhMYaVV6otzq-EtiSvJ66gnEA_F1Rt_Zy60MEPD_Ls97i90v6y6yQDqc8qmKSPFI1ieyMjQHzLxdeakTgz1XjFigUi93RMxaOhjiFNKc2ugiTJmUs3NRZGwyv4zV1fLZQR4o2MxsbU9ohZ88E20cUe-kfMfdO7tZXY2Vel-_lFc-GvLz8g3dexKVznVfo72jKFoLai7xZH74gZ93-79RJGjRa19x5MuLjzRf9jOy7FXUqPMcPut7HB7qkF8aLAhixvuf8kyV7p3Aiddayk1MY999lcczzFQ-M0mGQDCafbOS8qtrX-qUTgsDsTarysVHXURIhim3-Bg_KInSLfMLfF2pNkFOiqwgiqp3dUgYjRuWtkaxCyAANHPau40FpsI4Fj0euWaxghvxHu3HLESTVfdNKdTrX265Eg3Bprma_yODykBMjzl7nzmzJxG7fR4fExuslKraah_9I68GhmJK1B0-p5TF4COUi-E4I8MbJ96DZDTrntxrHBS2JpQ5CCqeDRJCGw4Xv_JWAcW0GV1cbsyaqVDz1jSS3uKd-aDIrzezKa4HCQYoEkM3NkrUFPJd3PK2yJRkurObuIIEX_yJDz7-BOcABKuUYuybaJYK0GbGSFnoswMgH8auqOlQP-nYK0CrWjn_CIo2QN8647QCyD7RaTmrbfXgCrF1TIKNHvXzqd29sOdg9i7-Rx-JBi55OxIigs7Q1WDjU2-vfm6Grz1UXJO-hxdwxIWso6amvBsMuKBP6JMkujmU1MHj2EW6uhNvkfGGJ1X-YSyJHPlxovTHZrSqidZaV9pnQr0WXxwR_mpbI5PocFxfv70nIvziZmwObBeBoj66Ze8_yahTYB3S0Tclso0bV7OSElwCSjzAI&cid=CAQSTADq26N9zswik1vQa8AzRX2nanfKbfDDpy6kJuDt1RJ8aGnXsEb151o6vJiIU-K3lkNp4S4cMm1UsboS6_4NaUQDlohOeZlUTMvFN-gYASAT&rfl=2%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 08:36:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
5742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Dec 2022 08:36:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 0F13
29 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Belvd3c8Yp5rjaP3CJ6GV1MfiI-sTuxfUgRHDNPZ6F_Ogn6EgrUFOl1_2iFNjn7cXbibD3cmeT-5xQcP6-xdvKjbUEPW-mzMDYwfTUlk7p1dk9dRGUb1YTTSj3GQuTeE4BPXAmj-pa40ZoCVGq5mPdeLxRLDhQQpCN3g0B283xa49fQcg&dbm_d=AKAmf-C2C2ccKZFI0My8obhbWx8GwLnZPIpXwD8ukXeSPy4QxcWdBCl-xQdOimER_s3zkol8Ov4IAMrCBy-_M8LYQn4RWx5HYNUO5lp0rra5ommgzUjin5m5BR_2VKVudaqg0davuw2AZbNZyPxIGqnx4D6Ins_Ycgbdmgc6-Bz_IggQw7FF59EIYmoM3rCWjO5ZhUd0t8ZpxzPVsLcRge6-tk_xKuI-ZpdPVnTW3vzgtVT3fLNWXTuEPF4_1B_zQsFDPB2ShL0-pbsyLUPCYonYtmYOlOhqyVGsWEk0GZ9VHD1sgKR-qtmsxm_dPIyYIgzwd_RJY7tMHMSmOAbpL1WgxgybRVk1NGqE86THWuoSqJUAfEXft_P4n6HbvTIwMTm-ZgutJfg67FrUY4aBQKa2favOsRaS3nUy5krNejXuHCCgtb73afevMu3G5U8YddWjB5rPKRbcSLFZa8JED1vTmDF8PX7XVUND7VyYC_GBLK_ZL5OrzyW1Vv10l-UlK-rtFjAl0HCGiVAesEpoNpfpyfieMBiFT0CqR42Trgd5rF8Eg5YfpcwC4yROno_YF1Wmmj8hoXL3fztbMv6GcmPF7lMtXcq2J1j1ZCf8ewZLFtKh9a0cUe1w8mJQRf3ypInqDjJmPD6NSdzffc-FB9ocfquV14TAmiA6jQJlJKcEFCaXU3kLhF5CE6FF1ocYuu2G2VngBTEQyF0X64b4aEsS9ya7CWHoTZGKqw8WKlcK_T0OurQSMED48D3IXm1ou-XPeh-XHL1yOMDmxqr34GjSOD4NPK_2XzIuNF_smIdKRenTTzo0SSkr-XJk4uMP0zyAYk2mdI9guCL2pOFVKdqBlI9A_Zf05VXZLFjapTanPXoLiAlFtIsuYWrWv4BYWBCQMHIwKBdBEVQTwuWBSgqRsngfQ9ESdbktfd3k6DbGCUjDvtMrJDSkSAO5nMiQ34KDpC4TI-vLIVtetAfzLnpk3fHLFFDeB-c0M0KcUznx8b8PChfJr5_m4zHbuXKrVVtx1l7m3d9ONQeDARZbn9x3ib0CjgSuOem3_z6VVeS9je9TKZh8u43h4ayKfhflfUPkn9eERe7XGGD7SwmZyWGn1lbhZ8BIC_jyMvA3b2cHgSCHURnvFbhZKDprS1R_jl0TofmoqWiLd6lsiu9cwg7iFetzC3jmGbaUM8wBXCF-tTzgrWwW_q8mRBYDy3GHzcuVYTsXeQiHABnZEUEND5qaaawtfW7cN1HuNjUj0pRdtkLJwAbjC_KGR10DKXxNy17o-PjXkjP9kHvJM_6lEEfkoUrvZqk11OeBkhfS7TpLyOO1JP6FO9E2svcH3WlsjwUheBRjYHd3MHJsRdjjKjp4UCnj6gnrUJQngyz-ycRf5h1JrEBT0tSrC82dYr8LVrMSQ7Enus6YK4oJaPRKO9Orf_7KsZl7rUjTGAs06sp8B0cb0Vw9wUekYCioNGwgMxfG9UaLxWN9lLfBxrGJHV6Qx5bLV-vhMImLNoBO7bN4aQs0qGM3j54SrZmrLbfXf_nnGuJ0m8FBbgra6HHGErQ0uD5VZngUYY2y4aybwtWuSvhKsfvJX0yPVJoLd-75kUS1_m5dw9b-P9zOh_Z9QfUmKRo7E05DDmwRcMaWz8uypxbNPRNxNz5dOBsPqXK95_ASQvWIa6MX04AD0vW9J0HyGYKO0x14MdLplhRB_pdzxHJejhCbWjdHhdNYtJFak8GO1UDFISmR-9RdSp9yihtI1QFPcfNwASg2H0yNXnGH9M7ZJ1W9HZRPh-WNEvOi-FOZOxBmLH3aAXUIfKG0PTgK45u4L2o7IZSIFBJFIgQm-E9pnr2n-u4phYJYd7C8cBZ7-FAZ-WupsObUPIp5AtrRJYO6YO7NdN0w3wHTDNOWgKseWWbviLI_a-7U0ss1_i-cVM4sq8404PV-HXpAzO7hAMEboT28TK6toWwQTLtKCWd2To8sZA-QrQztVh2mAYHR1gFx2ZPVsNjrWOYmHR37rdldXSQCa2nWNv1bcfjtqVlwMTB9uRN-_Z0aWhCg2N4BjvzD9vlHjw3dJpu7beJECjc6UNQukQcKUFyjCu6hyWDf46bwxl1cCuOjgiXEvM_VcJaOs2hJeeVoLVYEdDwLd-Ivfp3vQwCPGamJzcZRBN4XWI6xcCHcpqF4TTExEH5ORZwJlL7RLoKa2rmHHZKJRpDOwscrt-MZJLrEgZXqk-qWUz2XYUSnoE1iKiuIz_BqJcO2v6_jHBbj50k5zak1vKggxKhkIkRvp7zECfNZvwqilybEydCKJGAoaOpsCtNRg9fFSxx7QKFHay5UAchMd-O0l8lE3WAIy3e1BsNygXU9ie1wK-9nkBmKD2sSb9pWPwZGt-XVKVEDlTgwN8eaiAA94f8oyP2TAimT2bC_ear5aQt0pVmyvzWeJlu7CkyE8i0qKJmY_rWMqNh7cDYYC295-x8Tuc30nNszJFLeGZFv9ighdfTV5nREfQ14aeOoxxaoySGhMYaVV6otzq-EtiSvJ66gnEA_F1Rt_Zy60MEPD_Ls97i90v6y6yQDqc8qmKSPFI1ieyMjQHzLxdeakTgz1XjFigUi93RMxaOhjiFNKc2ugiTJmUs3NRZGwyv4zV1fLZQR4o2MxsbU9ohZ88E20cUe-kfMfdO7tZXY2Vel-_lFc-GvLz8g3dexKVznVfo72jKFoLai7xZH74gZ93-79RJGjRa19x5MuLjzRf9jOy7FXUqPMcPut7HB7qkF8aLAhixvuf8kyV7p3Aiddayk1MY999lcczzFQ-M0mGQDCafbOS8qtrX-qUTgsDsTarysVHXURIhim3-Bg_KInSLfMLfF2pNkFOiqwgiqp3dUgYjRuWtkaxCyAANHPau40FpsI4Fj0euWaxghvxHu3HLESTVfdNKdTrX265Eg3Bprma_yODykBMjzl7nzmzJxG7fR4fExuslKraah_9I68GhmJK1B0-p5TF4COUi-E4I8MbJ96DZDTrntxrHBS2JpQ5CCqeDRJCGw4Xv_JWAcW0GV1cbsyaqVDz1jSS3uKd-aDIrzezKa4HCQYoEkM3NkrUFPJd3PK2yJRkurObuIIEX_yJDz7-BOcABKuUYuybaJYK0GbGSFnoswMgH8auqOlQP-nYK0CrWjn_CIo2QN8647QCyD7RaTmrbfXgCrF1TIKNHvXzqd29sOdg9i7-Rx-JBi55OxIigs7Q1WDjU2-vfm6Grz1UXJO-hxdwxIWso6amvBsMuKBP6JMkujmU1MHj2EW6uhNvkfGGJ1X-YSyJHPlxovTHZrSqidZaV9pnQr0WXxwR_mpbI5PocFxfv70nIvziZmwObBeBoj66Ze8_yahTYB3S0Tclso0bV7OSElwCSjzAI&cid=CAQSTADq26N9zswik1vQa8AzRX2nanfKbfDDpy6kJuDt1RJ8aGnXsEb151o6vJiIU-K3lkNp4S4cMm1UsboS6_4NaUQDlohOeZlUTMvFN-gYASAT&rfl=2%2Chttps%253A%252F%252Fwww.hereofamily.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 11:51:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
80456
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11206
x-xss-protection
0
server
cafe
etag
16690196781007480285
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 11:51:14 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8CC8
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQHLTs1YCPOQcPh4zxmGlPAon-BGT0u2VoJHfLeu0sOjcTLeA73j7YTwBS_G9ASVKL0wYoigcvZX6eG6dQYLsAPFnhdTN77wgAcVR_fOIcoKzBlHIREMp7HXeG4MCdbaRJo5M&sai=AMfl-YSiGPBXBxp9ZBDpayeVH1QwP_if3GgYnBYLEN54w_4n9i6NJUP0kzuLApyila5RSI8Jq-FR46UTDmHFpwCoU3B5VyOF2QFOdPM62oYuj6cFaaKXZoTgWYp9VAXN04i7t6Xpg0SwF375yTRrk0A&sig=Cg0ArKJSzEEp8iT0y6fBEAE&cid=CAQSSwDq26N9WITRDtUkFVbZmk7VtqUTPgsczJ9J0cjUgbh3Gf8lp2TKG-xH-yRbelkfnCq3gmStX-lvb424iawc-2fwKi9tK43CekoTuxgBIBM&id=lidar2&mcvt=1021&p=474,650,724,950&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1095224260&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669630327618&rpt=1305&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EA5F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6NcQd4mEY_iaG4HJmsMPqa2lkAUAAAAAOAHgBAI&bg=!GxilGFzNAAbvMpMzzzI7ACkAdvg8WiLxCseu6DSYQUIwUseX4c6dPVaqa5M6lHQr_E1152bZsAPawQIAAAC4UgAAAANoAQcKABxpX910ldBUGEp3rLG7tWvau_JVEjvdJGiRieGNmQL8VYpVVpIJKI1rhghb9eq5QReAhrWTs0q3SSDxcav7kNyhGAODLsjBfjuV61-k3YlEjMvhDISXMJ9d2htPKXgJynxDVMKkCnjcUcSufICvWQSD8t6rxF9U15RR84VavIBqZg0wSoCgFUX0czIFwaUfEtv2L7DjUbch_llKljo71P1ZIOLN-1WlKwSlUVojr9oAsyZc0zkdZbtMn1Or9Y_kMDKu7tkzretlfYw0Aw5lomOPX6vZtxImYvjpox0N4kp8E7azHw_8vnIYrC_x_BQxgaMnwdQdj-0EKyxlGv2yxdOxaZuNoIjTM4CAt3hvNhlPYMw1BcqqmVr38eX0JccszBwMzFC3Y8YASYqqBTWjsw4D81mxdSrYs7ucbt8n3yLP0eQbRz4sD_tPoNHvmox85wka6Td23zT85TvZRL3N2X7xr5V9IwgAaX971BfWIDDT8jKqXJfrL0jZfIhhMfas4yjxoW0-axi2SGVtH6uV8yvxo8N5cyVQQAu8k4RqKja9KeIlgk6TB2Iksm9NXwqFQ4nb6JiXOv66ApC_cLlrpf434hQ5fPIPWROLDk-nJR-DJx4FRsr9BRMtbjPZwgTm0ThBaId3tkemaMCStWP-snYnXVtQc7LY-FroiJFOC1EP7RCGUveteUUR3O97bCvk7IQrpuydlO6fnItkIT5r8DiFiQ-hH6F9BZZPdgqrUTuKp0UxnOs2pYOlpls3_65LK3Wv6rbDZTtY46oZP7bDiy-xEfDsImkUsnYiBInr5ZaOp3oRue6Kvw3jkjOeks73_GrzxiKmoKfMN6QOPM0-TYbgQAsjuB9CJJXyZ-8aHZeNsmSto-0ATL3B2nwVKN1Tm2sISo5QEjZes7NTxRTB1COsNTmsaRuXNp5N0nQwfBU1PBPxSyLx7019yPv64Av1ZgRSyzuUoOpqsL0Nf0hgVG3RWup-AnstmYa7vi9NhDQcR883gvo52BembEfnsNqCAGdzlS6uzwK6_Z9cNEJb-eqCmO6wP0IHY5W4BDw
Requested by
Host: www.hereofamily.com
URL: https://www.hereofamily.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C1B4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.hereofamily.com
URL: https://www.hereofamily.com/
Protocol
H3
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Redirect headers

date
Mon, 28 Nov 2022 10:12:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
createjs.min.js
code.createjs.com/1.0.0/ Frame 52AB
236 KB
63 KB
Script
General
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7993156538493491812/jj437394_mrec_Garmin_Epix_DV360/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
42.99.140.152 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-152.pacnet.net
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:10 GMT
content-encoding
gzip
server
Apache
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=900
x-n
S
accept-ranges
bytes
expires
Mon, 28 Nov 2022 10:27:10 GMT
index.js
s0.2mdn.net/sadbundle/7993156538493491812/jj437394_mrec_Garmin_Epix_DV360/ Frame 52AB
24 KB
6 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/7993156538493491812/jj437394_mrec_Garmin_Epix_DV360/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7993156538493491812/jj437394_mrec_Garmin_Epix_DV360/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
18dc7bca78223b6cea7aa29f99ce4e38e62b49d61f722c19ee1edd8a2eacd9bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7993156538493491812/jj437394_mrec_Garmin_Epix_DV360/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 22 Jul 2022 06:25:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 10:12:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CBA
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4sKPeImEY7HZFdDErQHT4pWQBgAAAAA4AeAEAg&bg=!Li2lLWnNAAbvMpMzzzI7ACkAdvg8WpREueMPlGup5EhnlYye6JiADeseJ2ccdQoic6uhyKhn2rBEsQIAAADZUgAAAANoAQcKAIrlAjHiKGX0CKpZIiAY7BhRPFyGQo21ksUEhJsgy-C87Pbu-CObHlqbpgD9Pxrj0-GDxzBB7Vqd2rkYxvxPw7z6kZHtG-f2QkTRBOoWyEgpoFeUrlUVIs6AqSaHG9CKKnA-GxWOcwjd6aLjF-bq0KEH6bl2U5kFUvnYWw4le1iGxDTmQ5f9W_Q0WRmZAu82iWXMxgnmOl1Rutz5a08_0knz_i4yrPP3KHuHIRyr7jhObyBZIy7wBwgHWFlXDoecziKSQiOrlB0xgWEJWk23W4U_8s4e0mIHpoLB0iPK1Bz0qZQ8WNUlgeEwGiwZFaOEVgInumKlEQzC9ZmuYVIGP8m6f_-RMt1P4OQFL6nJRV_oGx9UjWmSKwMFc8xLjeS8RELVne7E-03VvgtOGzuu5kwro8D2VIpLlngLOaKKXuKRD_HL3PGIAdH__POS5osXXO0eSmp6GFUsU8yhFsvtdMI6IbQSk2-BuprsXN8c5A2zPguECybl8gBOyjYN0nMksYHFYedXqeHydjKwCVleT9cjw4qumFWUr7h25eyTZ5syjsZGEdkZrZHUQg6rfPh-e8DN8C1zS-VFIXesV97-0opLfdGeLBYQ-zytjidSs6vMP5n10C8Xh3YtkIhEPPpCb7IQM0Lu4GGQBlkOH0qKimiLoFFRqRpl2gchpOS826cEKxhQp0c_1tsrRBSTgEMel4t2emtzzXH3EWVTrqiNKLjOwJMNpkg358B36ZK8j-RH2hcsQnRuyYKqm8HhdHGr-l1v6lTSNG5JmLv9M6BSu93mitRpG_8c_XNwyCBqVjrwLV6SnQaA8eJ2MQ8f-d0pt2FNhZ1Bl4G1qGBxuxlscHpAOzNEgpuE1REnqTgMSLvX4zugrJZ9UfJCTWFJUq3-UF9kYzUj5gJEK3zNDDq_GgfpjHoEeWefYtWzOArPzjKaBH8wly8qh_UM8oUd_NvrSdhbsYxEOtLeAP2s1Q675bcHeZUyzFTeQG4V3xCsr0fcyeVqDznFf5NGQ9sJieoeYXCHwY-w-4XjHGgevLUsSu6DuSAHROU4ZXcIm47KMsYDpwAAMVUT8FYvQt-goUxha--SKd0lbJCwrl01DWU5R2YkmFZb_FKp1E3ZJyrkOsS6_iSzPheKe0FXDZRDuezcdWwl6F-DKLbISEN784hoi6vYtH2MqYewMOD9AuHy
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2A0F
42 B
108 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNcalUfrIzg09e0e8AM8FYdqX3Ku2vp-tZjJ05dGTp6SlKlZVH1UKriZzbDTbEtuPyCVavv-UlmCFGsB44ZpTZNxHxakPnbDSJQfq5B8dyvungGPzICm7vUV-f4ts5p87256g&sai=AMfl-YSqi_B1GFSsCRw_PptVoKiuKOds0TuipRREYflpghbVDQZm02yefyb4Z4E2Sk5RHmluVwrPjhMdpYB6lsQ&sig=Cg0ArKJSzIj7lbWSOeXaEAE&cid=CAQSGwDq26N9kpDrFqV2gs-IZwOE38R0Vs5FPORKHRgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1000&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1186351040&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669630325741&rpt=3328&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0F13
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:07:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
475462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:07:48 GMT
truncated
/ Frame 0F13
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ec5ae51d9209f889c53132fdf0787aec3be1cf7b22ba0a32cd555c0eaec7063

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/2524699322072382308/ Frame 628F
6 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
970a957ddfcb9b74c102f493b8af41d718d9a0f94f817c072f79a03e9d361698
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2168
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:10 GMT
expires
Tue, 28 Nov 2023 10:12:10 GMT
last-modified
Thu, 13 Oct 2022 03:34:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0F13
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssilOPjvDJJEcskHCywfNXlJlfaN2yDIGyXXEvTInqEBfoA9v-MlmDZUqSLU53KRthJ-mDR6mHmAeauulHxp5gBCqgaQtWnWtOIbuXx10SdRAxXALBcQYk7izrTqf4iQ3n2mNVcPjdShEXqS3ov_ZDDxoeoHhEsRS6aWVEpf8k7beXKmi8y1DN7J7em3Lk7AVbmk0m6eG3MvxM6T61zeHsZy--hFWoblW8Z8hQbZhupNDGF2BqbeaLZwvmY-wiFXqXdP2WEOkqILOKPqqibzHqIJo00sdQpVJTSGVcKif-p2nvbEmzNaO8gGZfN3CaIEs1ZP8851Gf7VWGlpZyXH-3zPe1hswgMIbo6qc4xZ0e1gzzfjaPofRZLSv8nqENPey2Z77Uz1RL9UZMnKReRvTt1BoLGD8j4cdoTpqMlDuW0Cfm8cl-EKRTWYIrjNw-pezVGgLb3Z0TneIhHo7oT1VFkBg7Mc7p0CK3BWnWEUMYlLsuKnT8keG05cE_LALPR_4x4e4SsVu1PHoR6F7vhQWVWcRwOwXcz-kE65wBKIdXBAwLgnZd6Fo2ZW3S0gSIeJ5Mj7mX9YfpgrKu56Qjm_5wjrKfW45LcPWi9AK0x0vRSW1ibScYsHLvQ1FRYZD6q6OMrcq9kLA3H_4JaF9X4e---QRlGflDoTg9h80ib03aXTcfYeL6c3dEE9ZNtsPLmAP7-U0SRvxi8Sw3FpOHSICx0fDKoueaL6bSShd2UHk0J0l0CtCv_0uMG0QKW7VFwCRnw6vCSwlq9wUab0P_0mvFuQnr_PMUU-78BlrIgwwxAvbsLDzXCIYRHQkjYhE6rJXqK5tmRPxX0eCsL3p8bXjLQtnYjf09A7j9rh827ddF4wX6WB9EpaecpHU7cg1ry2VM3BjLUyBXpn1yhjYROcoOohP5QA672fzVrbgtoU4pe4q77Rh6XLSrQGEoYoNm95LT_3P4Zz3wzjs8ZDnwnWhCFA-zIWegUjlKW_J3VygwFNTgXRoqvX5U5qweUGumdkUz6AJ7-zy_M0waughVYzJhLHZNFXYnR96zc9jxt3Y05tbUErdF96x8lkTH8SzbbWB9YsO5EmVMz-t09B8ij-oDF3RjHq20XpSHRqh7oD6h0kL7VL8ki89oDj6bWIYH-VnGBL_Q4_E5278oCHJOZ7zKxbpe1WIvLhLpLHf2FwcFImiIEKB9WtdAEnrlUOXq0dVP1LZchCrtAmPp9ux_NIFmFiX9KmkSw9vhIetZGU3DyDxc6dQ&sai=AMfl-YTEc4ZKb_EO_1zJDphCyOiWacTbakxJHmXy5GB6S99G1ApaZqs4aRWQY1PwWFE3ISAdUqYlPAeA5OX5J_fNQx9RIL42X4nMvFoQAQQljyhFAUveB0nbhOZhf0I65M3GKFVzACcwSbYwDhcWdGvT_wrX_LBtwN50VGXuxzhXHCxtxfy_tCV_DXZeuMqklmgVYgxiVLQ9F_-KD44gGaPgY4g9ONOpNaX26NpHetRqpx8cY-s0TZphO21b_vRR-TECDmT3AHASBddc4mfLP3hCWwlRvcw2-UZsoretL-tz_Q&sig=Cg0ArKJSzMvt48jehjBHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=403&cbvp=1&cstd=402&cisv=r20221110.64004&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Nov 2022 10:12:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 28 Nov 2022 10:12:10 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B195
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
469923
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 22 Nov 2022 23:40:07 GMT
expires
Wed, 22 Nov 2023 23:40:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 3D13
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 03:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
456472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 03:24:18 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 628F
186 KB
48 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 28 Nov 2022 10:12:10 GMT
index.js
s0.2mdn.net/sadbundle/2524699322072382308/ Frame 628F
122 KB
24 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/2524699322072382308/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
d6ac5df364c79bf8d9b66d80d3251f67cba439ed4add451d9332600a01cc98ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 03:34:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 10:12:10 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame B195
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 03:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
456472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 03:24:18 GMT
main.19.8.366.js
static.adsafeprotected.com/ Frame 0F13
196 KB
61 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.366.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1210565/66379768/skeleton.js?ias_dspID=3&ias_campId=1009254204&ias_pubId=pub-2205121062140812&ias_chanId=1&ias_placementId=18536756356&bidurl=https://www.hereofamily.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h_tWyapaXOaABKjZxwUeqb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-11.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 21 Nov 2022 21:37:52 GMT
x-amz-version-id
DTz7DAGx5H1oATkuvwxjIs9w8gvuFjKB
content-encoding
gzip
via
1.1 f6d06657c3cf81ebd927805f386acb54.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P3
age
563660
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 21 Nov 2022 19:50:49 GMT
server
AmazonS3
etag
W/"ca4194ffbaa3712186a83d16b497895d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
KHAH84kYNhr2qvgNdTbHIQF-iMZcaHSYduGC83XubXLTjPpt5oVTFQ==
activeview
pagead2.googlesyndication.com/pcs/ Frame C1B4
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsska0unHxkSNg1DitJxPxVLP-bKe4ZU3P-C06oo7SKbqLIooRXN0ZieiV-0Wc8GNjSlbQz-_lvtsjYDHilTKD1GuemJUDYuvsO7_lqYYlYpMUGsx5irJzOIg39HJp2VPojoIkA&sai=AMfl-YTipr0oCcH9vdInBfImTCxTYXYnlrHdq2ygwMbfse4Ywi5Lu9Bi7qPwuzdxtcnY37SeFNitJbjafpewinGjfVmcj_DiMQODqHPqiRUTEBppExPcrEPRnWFi948PLjWJVV8A2U7nB9NgZ_QuoEOA&sig=Cg0ArKJSzE3-djgiVed_EAE&cid=CAQSTADq26N9zswik1vQa8AzRX2nanfKbfDDpy6kJuDt1RJ8aGnXsEb151o6vJiIU-K3lkNp4S4cMm1UsboS6_4NaUQDlohOeZlUTMvFN-gYASAT&id=ampim&o=632,358&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1011&mtos=0,0,1011,1011,1011&tos=0,0,1011,0,0&tfs=791&tls=1802&g=100&h=100&tt=1802&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.hereofamily.com
URL: https://www.hereofamily.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B195
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZqX1eYmEY_n4KMamrtoP8Zya4AgAAAAAOAHgBAI&bg=!2tml2Z3NAAbvMpMzzzI7ACkAdvg8Wr7QyfmEf47BAEUACuTolSqZgz3ylh4VfI5SHyeyRUcDbzuCsgIAAABcUgAAAAJoAQeZAzgMSX90d7GtTgSnmFRXxLoLxAi6k3ClcCM9BDrgr_qzWc6mT8tp7efHsnordU89n7GkcNWlSmX-0hMo4QFxNkLe_r6gIn-_yEvDBMgnYmmZyVmw22hvlBPOvvR7Tl-5DmT0N4m2eyi4cw8aBz0lvLRRDZvC5_v4oE2b5Noz08yHJG5Pvc4tWtHrJRosErdANAXp23WsUlWvabOcLZy-_dZbOScK32-p2FLxoY7lyNw41PU-JofuaQrB8tI2718PB_iE05JstidDnbefcOzQe4cG0-SQunvPcVVwa35yWCCb_STbpFKWbfyrGWMD64zC7EtdFtPJV0oojNukKdVuitvesQqVntaFpuVX90bsGOm72TjLuC_OuaZITpdCEAzDFYMX1zDoFUx0f3EpFk_REPAQKSexTqSqaPCgudY909pYAp8y914tRQBorMXW3ggLRxo1mJYyK0GeM7DzXE9VXs3ZBN3bwZMogrTjTIosu8uQdVB5EqodP9SUEhh6rPYconS8r05n9IluVckIQ4EFoSY7ihotGyZzCKXIMP5APLt78rH1bnf6kz_br3JgSA58RTZYEnMr5-RF-RHY-aLMQ_8UhOC05W25DNIHnp0xy-hlcKBczmZZMtWxReeZmstEYR4-1XNAldrJGu-kqUa88fKoL_Eu3VcaurrkYRmpQ35i2vaWy7Eg5JPZqsW7ETGU-DcPaoyv1NTl6OYIX4BOMHXyGQuWnLmjLUE24HWCTf5LOhdNRgVsCb1esflBi-hZ6WkHQdcHTOt-EAfbLHZXPE_lrLwYhSNptBgctHt4rCLzxNbpaLVtAV3mntyo7PeQ0iE7qo4oN0zc0azzNQm-wLA6DKCQl0Kmh0e4CyjHuY7NhtByaGFVoMcDvDfxgD8OQ9v-_XcGE9VvjmnOEseERImhvDzi31VLFqJwhdMGEif8N1J7AP3inX8bXxgyTW-MsJqHxSOi1t1j5cTVP3KYSMvw2E7SmER3MUarf1yMr2QGhnUUi4dv7enQ901ZQheLx95I37uEaZAw1NB0j9PM2gR7S-yZd74W5BGGbH28_Lx_YnQLRwODN1WoyR0xcJUhZ8kTBTLMl-ZHXg
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0F13
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNlSzjR7vfmKxyDKSeNVCXZOwknpRE0WH6DmrBaorQ_lXcV3MqIZSgl3yQkdC-2GaJjQf7ScRF4m68qPk0XuW8AhWWp4fKO8Y1Bz3lDzWmfaDquTvK83YcvcUoqGBZSP3qBuw&sai=AMfl-YRI1S4MpTsCdRW_uI8hF58VI_mA7LF_XoH_uTYZ8VziAUDyrTMyQQ5QkKEhok4cn9A6NngYEN5OUkQuIEUnKR3Vn9T40o6vj_VCKGmCjSc49ZxkgKknrjYyh9tpGEgH0nuWpn3WphBAz2kmJG0_&sig=Cg0ArKJSzHQuleCeTOf6EAE&cid=CAQSTADq26N9zswik1vQa8AzRX2nanfKbfDDpy6kJuDt1RJ8aGnXsEb151o6vJiIU-K3lkNp4S4cMm1UsboS6_4NaUQDlohOeZlUTMvFN-gYASAT&id=lidar2&mcvt=1000&p=1111,298,1201,1026&mtos=988,1000,1000,1000,1000&tos=988,12,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=613163195&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669630329532&rpt=733&isd=0&lsd=0&met=ce&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
button.png
s0.2mdn.net/sadbundle/2524699322072382308/images/ Frame 628F
545 B
571 B
Image
General
Full URL
https://s0.2mdn.net/sadbundle/2524699322072382308/images/button.png
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
61aaafcfdb1ca2a966aedc5e6812fc1e147b05c3b08b64903f5beb9c245457c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:11 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
545
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 03:34:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 10:12:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0F13
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssilOPjvDJJEcskHCywfNXlJlfaN2yDIGyXXEvTInqEBfoA9v-MlmDZUqSLU53KRthJ-mDR6mHmAeauulHxp5gBCqgaQtWnWtOIbuXx10SdRAxXALBcQYk7izrTqf4iQ3n2mNVcPjdShEXqS3ov_ZDDxoeoHhEsRS6aWVEpf8k7beXKmi8y1DN7J7em3Lk7AVbmk0m6eG3MvxM6T61zeHsZy--hFWoblW8Z8hQbZhupNDGF2BqbeaLZwvmY-wiFXqXdP2WEOkqILOKPqqibzHqIJo00sdQpVJTSGVcKif-p2nvbEmzNaO8gGZfN3CaIEs1ZP8851Gf7VWGlpZyXH-3zPe1hswgMIbo6qc4xZ0e1gzzfjaPofRZLSv8nqENPey2Z77Uz1RL9UZMnKReRvTt1BoLGD8j4cdoTpqMlDuW0Cfm8cl-EKRTWYIrjNw-pezVGgLb3Z0TneIhHo7oT1VFkBg7Mc7p0CK3BWnWEUMYlLsuKnT8keG05cE_LALPR_4x4e4SsVu1PHoR6F7vhQWVWcRwOwXcz-kE65wBKIdXBAwLgnZd6Fo2ZW3S0gSIeJ5Mj7mX9YfpgrKu56Qjm_5wjrKfW45LcPWi9AK0x0vRSW1ibScYsHLvQ1FRYZD6q6OMrcq9kLA3H_4JaF9X4e---QRlGflDoTg9h80ib03aXTcfYeL6c3dEE9ZNtsPLmAP7-U0SRvxi8Sw3FpOHSICx0fDKoueaL6bSShd2UHk0J0l0CtCv_0uMG0QKW7VFwCRnw6vCSwlq9wUab0P_0mvFuQnr_PMUU-78BlrIgwwxAvbsLDzXCIYRHQkjYhE6rJXqK5tmRPxX0eCsL3p8bXjLQtnYjf09A7j9rh827ddF4wX6WB9EpaecpHU7cg1ry2VM3BjLUyBXpn1yhjYROcoOohP5QA672fzVrbgtoU4pe4q77Rh6XLSrQGEoYoNm95LT_3P4Zz3wzjs8ZDnwnWhCFA-zIWegUjlKW_J3VygwFNTgXRoqvX5U5qweUGumdkUz6AJ7-zy_M0waughVYzJhLHZNFXYnR96zc9jxt3Y05tbUErdF96x8lkTH8SzbbWB9YsO5EmVMz-t09B8ij-oDF3RjHq20XpSHRqh7oD6h0kL7VL8ki89oDj6bWIYH-VnGBL_Q4_E5278oCHJOZ7zKxbpe1WIvLhLpLHf2FwcFImiIEKB9WtdAEnrlUOXq0dVP1LZchCrtAmPp9ux_NIFmFiX9KmkSw9vhIetZGU3DyDxc6dQ&sai=AMfl-YTEc4ZKb_EO_1zJDphCyOiWacTbakxJHmXy5GB6S99G1ApaZqs4aRWQY1PwWFE3ISAdUqYlPAeA5OX5J_fNQx9RIL42X4nMvFoQAQQljyhFAUveB0nbhOZhf0I65M3GKFVzACcwSbYwDhcWdGvT_wrX_LBtwN50VGXuxzhXHCxtxfy_tCV_DXZeuMqklmgVYgxiVLQ9F_-KD44gGaPgY4g9ONOpNaX26NpHetRqpx8cY-s0TZphO21b_vRR-TECDmT3AHASBddc4mfLP3hCWwlRvcw2-UZsoretL-tz_Q&sig=Cg0ArKJSzMvt48jehjBHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1371&vt=11&dtpt=968&dett=3&cstd=402&cisv=r20221110.64004&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 28 Nov 2022 10:12:11 GMT
index_atlas_P_1.png
s0.2mdn.net/sadbundle/7993156538493491812/jj437394_mrec_Garmin_Epix_DV360/images/ Frame 52AB
99 KB
99 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/7993156538493491812/jj437394_mrec_Garmin_Epix_DV360/images/index_atlas_P_1.png
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
affd851f7f95e578430409f93f9305a34aef83ba829bd17eb2581d34f4c8fb66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7993156538493491812/jj437394_mrec_Garmin_Epix_DV360/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:11 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101785
x-xss-protection
0
last-modified
Fri, 22 Jul 2022 06:25:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 10:12:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8CC8
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvcRohEr_5npkVkMnL3FjAZ8BjDYneBZ9AtTUA-E_coYutsVZInhayCzC0hi_v6ToR6ijRYItUeVHTm3whsS4HfcDggMSFA33aqNbgGzJqAhIbZP8Pb3hct-pI4WioHdTHwhWmdTKAdeSSKlv2iGmyLOjsVOVvTgy7U5Up3XqXHaanTPsG9MRpyovozftfrEtW7abOVAoQdxOFAbjJUsobeL6CzpcR8afXWbsxDdKczQy2yQu6DImHO_oXe2GJS1_d18OlKc32dpEi2qcw1zKTqmQts9apdNMm9gEGHl39CTzG1hoScIiVugU35Wdv_a_E9MtkiS7mV8M73QopAst2cilUk0wzdlvL2W58k_Y6El0VZYO0g4kEsTFqkMBeBmipsqTJeisfKx4g8teIGP1n4l9hb4WSXGXl3WtZYnfnhBNEdz28IAS2OixEfZNVtxgllHQNe3tRknr3YGt6Yvl3xo5i2gGd81ikTjbstg32SfnoepXLsleUW1qpdWN4uG2eXsarXRkgYYLJ0gn_nOkevF_S0pMYYG-4deCLNqDblLm6TstJJyrODEz15o5MCMWLMm4yBEu8-hpr7vQmzz1bhJNcty8FnSNrcHbhsFZ_8gcbXT59WM63uxQJ3mUl9juQljQ3y8-7e26j30rPzgRzk7MmvWmKNt2htG3coHLQCQBzMNZfhEZVV3-zgIvkdM8nLZVoxdT4TbVaZC6gfmJmRof5ZE87_xr3ZGLb5v_QOyNhX0qw2LOpmSmwE6qMB-F9-6G4922tx5Z0EKFgJLdSu3Ej-NcPOR7O_837nBTl4Uq8r0M23V6skwPgawuoE7fgRUMkqun89bBtPgWExBGrTsfhQvbPvweOFlBz7AspDuvpzBLiMdju6rG5CEYkX_1KwrMG1HRwRGMIPvYX_j5hmXJm3D44fRqgCivu_D8Ba6MYyU3gGTPeJDz5BvFI7QMEA9ilrtWceNssFfUdQXyIGbcnDjo03ehUF2ERo--MsWWNVnUf16POW7OFJE_CgNVnRn2b51Jjcm-KlnQhX6fxBhFDtc54N0QjyCG9_SkwMWutcB_F2ddqOj7UzDJDh1bwbJYpC3GcpasicQsFh5680B2kMn5Zr_8VqILxa3bOhIW374h18xQEr7gZPjXHDji6WHtAwbxlS3AhIP3wA9eRDTY_qX9N-nYIeiZYTVTRqBBcKlTPta6JW0QDcgQBBQYRIdoITV0upA7m8qqmzm2o7IQy6yAIm7_4AoqUKkQ&sai=AMfl-YTKMHGKPyY5H4rdGv_EMoTZst5x3WIUPn2UnUwLHy_2cray2OENqvX2SKwl1yGAK3In3_rms0z7_hXzw0w-cTNTY_gNXO0h9L2NUTH50cfHEog3bLHIzH6LMf1v8Cwhj2T6crSwmAXRZycfNw2qhKRBgPiYo4EEZOq4_V7IUrfSSKhkoaTaMxHkWud7OtGiqgFKtwWTUtrhbGOErCmzUEoUnoGP1yVnGQnETf66qFNv9EoJJVZtcMasqrihIE3rcvXAsav7rIMZEeXgA6xFRKWS6gaNSxLbrDjRANo&sig=Cg0ArKJSzKMul0sQTNJ6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2856&vt=11&dtpt=1771&dett=3&cstd=1082&cisv=r20221110.86569&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 28 Nov 2022 10:12:11 GMT
clearhead.png
s0.2mdn.net/sadbundle/2524699322072382308/images/ Frame 628F
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/2524699322072382308/images/clearhead.png
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
35f8f9e61cdff8f12b2659561cab15be6361afe26506696b5bd3d55137962c16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:11 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1591
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 03:34:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 10:12:11 GMT
dirt.png
s0.2mdn.net/sadbundle/2524699322072382308/images/ Frame 628F
3 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/2524699322072382308/images/dirt.png
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
0de6b480c61b796b6d14e10729152bd719b1a54033b70dabe0caa39b5f399b3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:12 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2680
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 03:34:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 10:12:12 GMT
drakworldpurple.jpg
s0.2mdn.net/sadbundle/2524699322072382308/images/ Frame 628F
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/2524699322072382308/images/drakworldpurple.jpg
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
112e9a60d65ac1cf9c74cf4795afa211d80c08137d70a457076b3b23d3c45e4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:12 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1227
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 03:34:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 10:12:12 GMT
G5.jpg
s0.2mdn.net/sadbundle/2524699322072382308/images/ Frame 628F
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/2524699322072382308/images/G5.jpg
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
251804731f3d870d5a79f0879863ea79d1e01deeba199488784f13f419128e34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:12 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4522
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 03:34:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 10:12:12 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
20214caae38847a4eb32ddbc3e594cc688e9092450e8573b79c645ec8cf927d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12646
x-xss-protection
0
custom
upskittyan.com/
39 B
328 B
Fetch
General
Full URL
https://upskittyan.com/custom
Requested by
Host: t.co
URL: https://t.co/je2Jgu5dXz
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hereofamily.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
0263719da47623bade0fb1455d87496a
date
Mon, 28 Nov 2022 10:12:13 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hereofamily.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
39
custom
upskittyan.com/ Frame
0
0
Preflight
General
Full URL
https://upskittyan.com/custom
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.197.251 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hereofamily.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hereofamily.com
access-control-max-age
86400
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 28 Nov 2022 10:12:13 GMT
server
nginx
skeleton.js
static.adsafeprotected.com/ Frame 0F13
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1210565/66379768/skeleton.js?ias_dspID=3&ias_campId=1009254204&ias_pubId=pub-2205121062140812&ias_chanId=1&ias_placementId=18536756356&bidurl=https://www.hereo...
  • https://static.adsafeprotected.com/skeleton.js
17 B
465 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js
Protocol
H2
Server
18.161.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-11.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 03:50:24 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 f6d06657c3cf81ebd927805f386acb54.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P3
age
5984510
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
tgPeRTKzuOhSi5bb3JZWbfgzzC5NZ8qZEcxAPPLAohaXwKjiL7sGwg==

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:12 GMT
server
nginx
x-server-name
app03.sg.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 161F
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
URL: https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.97.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-97-11.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 f6d06657c3cf81ebd927805f386acb54.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P3
age
5855757
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
XXIy4mF1OxcBWAVQKiS-lPfCS4B-kmLZzPhLZGTZ-DCsaHyLedwb5Q==
dt
dt.adsafeprotected.com/ Frame 0F13
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1210565&asId=1cc75f96-8484-058d-1679-e815d9f73f93&tv=%7Bc:vfU69B,pingTime:-3,time:1945,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1920%7D,%7Bpiv:0,vs:o,r:l,t:1944%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1945,n:1943,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1920,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~1,0~0%5D,as:%5B37~728.90%5D%7D%7D,%7Bsl:o,t:1943,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:totwIqm+11%7C12%7C13%7C141%7C15%7C1611%7C1612%7C171%7C172%7C173%7C181%7C182%7C191*.1210565-66379768%7C1911%7C1912%7C1913%7C1a11%7C1b,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:1922%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.74.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:13 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0F13
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1210565&asId=1cc75f96-8484-058d-1679-e815d9f73f93&tv=%7Bc:vfU69C,pingTime:-6,time:1946,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1946,n:1943,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1920,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~1,0~0%5D,as:%5B37~728.90%5D%7D%7D,%7Bsl:o,t:1943,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:totwIqm+11%7C12%7C13%7C141%7C15%7C1611%7C1612%7C171%7C172%7C173%7C181%7C182%7C191*.1210565-66379768%7C1911%7C1912%7C1913%7C1a11%7C1b,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:1922%7D&tpiLookup=ao:www.hereofamily.com*%2Ce1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com*&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.74.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:13 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0F13
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1210565&asId=1cc75f96-8484-058d-1679-e815d9f73f93&tv=%7Bc:vfU69M,pingTime:-2,time:1956,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1383,beZ:1384,mfA:3287,cmA:3288,inA:3288,inZ:3292,prA:3292,prZ:3298,si:3304,poA:3305,poZ:3320,cmZ:3320,mfZ:3320,loA:3329,loZ:3334,ltA:3338,ltZ:3338,mdA:1385,mdZ:3271%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1920%7D,%7Bpiv:0,vs:o,r:l,t:1944%7D,%7Bpiv:100,vs:i,r:,t:1954%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:2,o:1954,n:1943,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1920,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~1,0~0%5D,as:%5B37~728.90%5D%7D%7D,%7Bsl:o,t:1943,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B10~0%5D,as:%5B10~728.90%5D%7D%7D,%7Bsl:i,t:1954,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:totwIqm+11%7C12%7C13%7C141%7C15%7C1611%7C1612%7C171%7C172%7C173%7C181%7C182%7C191*.1210565-66379768%7C1911%7C1912%7C1913%7C1a11%7C1b,idMap:191*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:1922,sinceFw:32,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.74.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:13 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
G5cleanerhead.png
s0.2mdn.net/sadbundle/2524699322072382308/images/ Frame 628F
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/2524699322072382308/images/G5cleanerhead.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
90e8fd31335e81b69d7b37b5daaffbe75ff7a150a979dec7112d3a8592ede447
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:13 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1122
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 03:34:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 10:12:13 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.hereofamily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Nov 2022 10:12:13 GMT
pic.jpg
s0.2mdn.net/sadbundle/2524699322072382308/images/ Frame 628F
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/2524699322072382308/images/pic.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
064f4032a29283ddb7b8cff25f0761f11303392e10afe6c18d02bcba93e69843
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:13 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6880
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 03:34:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 10:12:13 GMT
scene1.jpg
s0.2mdn.net/sadbundle/2524699322072382308/images/ Frame 628F
10 KB
10 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/2524699322072382308/images/scene1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
5d5921e3d4035b1882a8d3b13bf1d9dd0e9b5e6695f316b66644f6a9c7648b8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:13 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10074
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 03:34:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 10:12:13 GMT
dt
dt.adsafeprotected.com/ Frame 0F13
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1210565&asId=1cc75f96-8484-058d-1679-e815d9f73f93&tv=%7Bc:vfU6mc,pingTime:-10,time:2726,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMjEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000022202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1669630333639%7C%7C4f2d0d3789f1d05cf7b33f8834e8cc0b%7C%7C6663fc817094191839d96ef6de7d9494%7C%7Ce8aec74ed3cfdcd3a6fd7e88ca26918f%7C%7Cbd4534a277e47e2c1e2a9c1a18b8c53e%7C%7C35d4ca0417768056b52452e162129800%7C%7C5442c11650c455dfc46853dc9af74957%7C%7C5ada7ec3c5e2b77dc015e36bde1fa761%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.74.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:13 GMT
server
nginx
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0F13
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1210565&asId=1cc75f96-8484-058d-1679-e815d9f73f93&tv=%7Bc:vfU6pT,pingTime:1,time:2955,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1920%7D,%7Bpiv:0,vs:o,r:l,t:1944%7D,%7Bpiv:100,vs:i,r:,t:1954%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1954,n:1943,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1920,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~1,0~0%5D,as:%5B37~728.90%5D%7D%7D,%7Bsl:o,t:1943,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B10~0%5D,as:%5B10~728.90%5D%7D%7D,%7Bsl:i,t:1954,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:totwIqm+11%7C12%7C13%7C141%7C15%7C1611%7C1612%7C171%7C172%7C173%7C181%7C182%7C191*.1210565-66379768%7C1911%7C1912%7C1913%7C1a11%7C1b,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:1922,sis:2603%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.74.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:14 GMT
server
nginx
x-server-name
dt34.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0F13
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1210565&asId=1cc75f96-8484-058d-1679-e815d9f73f93&tv=%7Bc:vfU6pU,pingTime:1,time:2956,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:1920%7D,%7Bpiv:0,vs:o,r:l,t:1944%7D,%7Bpiv:100,vs:i,r:,t:1954%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1954,n:1943,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:1920,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B37~1,0~0%5D,as:%5B37~728.90%5D%7D%7D,%7Bsl:o,t:1943,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B10~0%5D,as:%5B10~728.90%5D%7D%7D,%7Bsl:i,t:1954,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:totwIqm+11%7C12%7C13%7C141%7C15%7C1611%7C1612%7C171%7C172%7C173%7C181%7C182%7C191*.1210565-66379768%7C1911%7C1912%7C1913%7C1a11%7C1b,idMap:191*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:1922,sis:2603%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.216.74.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 10:12:14 GMT
server
nginx
x-server-name
dt35.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
scene2.jpg
s0.2mdn.net/sadbundle/2524699322072382308/images/ Frame 628F
6 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/2524699322072382308/images/scene2.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f148.1e100.net
Software
sffe /
Resource Hash
9b15c7d294782becff920402993ad55c415d04fb3049dcea66d096a604da0806
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2524699322072382308/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:14 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6653
x-xss-protection
0
last-modified
Thu, 13 Oct 2022 03:34:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 10:12:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9F11
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hereofamily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
11880
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 06:54:14 GMT
expires
Tue, 28 Nov 2023 06:54:14 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8C91
783 B
972 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f106.1e100.net
Software
GSE /
Resource Hash
694fad131593a7c370e00ed54235a697272dad1bf014f7755fe60dbd77169b23
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-w3ZXXX33TJ91QzSCQiWl-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hereofamily.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-w3ZXXX33TJ91QzSCQiWl-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 10:12:14 GMT
expires
Mon, 28 Nov 2022 10:12:14 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 9F11
36 KB
16 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 03:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
456476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 03:24:18 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8C91
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=4424423428132875&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 9F11
0
12 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?I8Wk1A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 10:12:14 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 function| gtag object| dataLayer object| googletag object| adsbygoogle string| k object| ca string| psc string| c object| s number| count number| counter function| timer object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| amb_sC function| amb_gC function| amb_rI function| amb_sH function| close_baolink1s object| google_tag_manager string| GoogleAnalyticsObject function| ga object| googleToken object| googleIMState function| processGoogleToken object| gaGlobal function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| zfgformats object| gaplugins object| gaData object| sdk boolean| installOnFly boolean| zfgloadedpush boolean| zfgloadedpushopt boolean| zfgloadedpushcode object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| GoogleGcLKhOms

27 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: e0f426d5-f1f0-4dfd-9096-7a918fc3e5b9
.t.co/ Name: muc_ads
Value: e0f426d5-f1f0-4dfd-9096-7a918fc3e5b9
link1s.com/ Name: SPSI
Value: dd2bce9393c11de26b7a39020f35661c
link1s.com/ Name: SPSE
Value: i+hCpcIQdmkb7N4/5MEL4t/3i7LYf993Q/ijEg3svJ29eDCwZqPm3vDgf0znz+DBIEpulgfh8EhgIX4ouQRgRw==
link1s.com/ Name: spcsrf
Value: 1dbaf963159327773ba5f5a8681938a1
link1s.com/ Name: UTGv2
Value: D-h41dbec3e0fe1b1df6306afecb86e04d4d76
link1s.com/ Name: lang
Value: en_US
link1s.com/ Name: AppSession
Value: 8g6sp7v7uqkjtpm5bn2ctk6hk3
link1s.com/ Name: csrfToken
Value: d11c02d06b93619bda43bbe0b77c69f3387e360ee7e3f0e297f86e35a5bc1c664dcef327f79e243b1975f9845ba6c7135dfb8c86272cb1cefeb36aa239dcfc8c
link1s.com/ Name: app_visitor
Value: Q2FrZQ%3D%3D.NDJjOTA3ZDVmYjIxMDRiZDk1NzAzZjhkN2RkMzQxN2I4ZmFhNWQzMzQ5NTY5OTkxMDMwNTczZDhiZDBmNzJmMljgfBnVona21K6h3hEJ3qcpZhM%2BwzU%2FWpchF6k%2F38BYvxKvqBnKW2q2UOUnXWg3r%2Fih%2Bv7RmdXuhyxNqL86qTspXVH%2BkHVfxs7iRs4PZFuw
www.hereofamily.com/ Name: JSON_fetchlv4
Value: DeRq8KI
.hereofamily.com/ Name: _ga
Value: GA1.2.1450316800.1669630326
.hereofamily.com/ Name: _gid
Value: GA1.2.1159447286.1669630326
.hereofamily.com/ Name: _gat_gtag_UA_224687701_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUk2lpOASAX92qUn0fQqDYmC_PpEPAh8RQBsxltF7CiZwb4Cbi78vhJQwmVpJrw
.adnxs.com/ Name: uuid2
Value: 2689451894397233384
.casalemedia.com/ Name: CMPS
Value: 4712
my.rtmark.net/ Name: ID
Value: 90940c1be91c45cc88e7befb8a506189
.casalemedia.com/ Name: CMID
Value: Y4SJeIQEwDknK.WO5M11vAAA
.casalemedia.com/ Name: CMPRO
Value: 5321
.hereofamily.com/ Name: __gads
Value: ID=d1af09dafaebebd1:T=1669630325:S=ALNI_MaJ20-8oKErwoAmABoz8OUVgkuIwA
.hereofamily.com/ Name: __gpi
Value: UID=00000b8566caca05:T=1669630325:RT=1669630325:S=ALNI_MazA-EfBkqjDpJYEKCNAZIthlGMCA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Il^q(r(P!]tc98i_iqf!oN/@E'zz<*Z0QX?rPMBfRXwfV%7J2:^XebaOp#X9/]ZT>#SdTD._*PlZ[C[-kX-C1u+M
.casalemedia.com/ Name: CMTS
Value: 5321
.openx.net/ Name: i
Value: aa507977-117d-406f-8a86-cb24fb0877d3|1669630330
.teads.tv/ Name: tt_viewer
Value: 64a4ce16-7c3f-4205-8307-8ab396afef22
.doubleclick.net/ Name: DSID
Value: NO_DATA

5 Console Messages

Source Level URL
Text
security error URL: https://t.co/je2Jgu5dXz
Message:
Unrecognized Content-Security-Policy directive 'referrer'.
security error URL: https://www.hereofamily.com/
Message:
Refused to execute script from 'https://offfurreton.com/400/5112623' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.nz
adservice.google.com
cdn.ampproject.org
cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e1cd7dc2a1ca17e786a0472a45029735.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hereofamily.com
ib.adnxs.com
link1s.com
my.rtmark.net
offfurreton.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssp.web1s.com
stackpath.bootstrapcdn.com
static.adsafeprotected.com
sync.teads.tv
t.co
tpc.googlesyndication.com
ugroocuw.net
upskittyan.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hereofamily.com
104.128.237.116
104.18.10.207
104.244.42.197
139.45.195.8
139.45.197.237
139.45.197.239
139.45.197.251
139.5.84.243
142.250.4.148
142.250.4.155
142.250.4.157
142.250.4.94
142.250.4.97
142.251.10.132
142.251.10.157
142.251.12.155
151.139.128.10
172.217.194.157
172.253.118.156
172.253.118.95
18.161.97.11
216.239.38.178
23.53.160.138
3.216.74.39
35.244.159.8
42.99.140.152
54.251.115.154
68.67.179.155
74.125.130.132
74.125.200.132
74.125.24.106
74.125.24.154
74.125.24.155
74.125.24.94
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
02acaea89ef93de8e97f91ac41f7e4cb241b05d527ebcd62956e3e02168d5b24
03366bed9e3d06c37c4f2b180c05937e1436837b2f32b1a938cc6c218d99fed2
03d35c1ff8a01dabf5d312f47b641d0dc6ad96b102f0b095e6af937881901757
0421e4c0ca3f8ebd03d04f457b27510274a4011356f080a025e3182dc4a49a80
046be0f27be3f78b2f58cf4563d531f22b21e7803fbd8a3b6d66087f07054509
064f4032a29283ddb7b8cff25f0761f11303392e10afe6c18d02bcba93e69843
075331d621e991fed988ec0a7b58fa404c4a9a2804849a731deacb53310ce3aa
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0de6b480c61b796b6d14e10729152bd719b1a54033b70dabe0caa39b5f399b3f
112e9a60d65ac1cf9c74cf4795afa211d80c08137d70a457076b3b23d3c45e4d
11f5cb43d7f0dd4ea7f299cd25c1b64aa631b6ab098c500278cfa9b364c6ac01
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1457cd0f9f509a2452e9f1ab9f0f4b5fad2f27d7d91003f122367dac9b1b8fe5
18dc7bca78223b6cea7aa29f99ce4e38e62b49d61f722c19ee1edd8a2eacd9bd
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
20214caae38847a4eb32ddbc3e594cc688e9092450e8573b79c645ec8cf927d1
251804731f3d870d5a79f0879863ea79d1e01deeba199488784f13f419128e34
2789661e67642847c0582652469996d40ea33e2750544195743cf7e2532e4836
28bcfede36b1079f8b1c4ef1141e715f057d4d7c600720e8751aec0b23aa404f
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2ca4d28ab2c14f13d6f0a8ea5175a4bfe3773cae9c502545a97b396737c974ef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35f8f9e61cdff8f12b2659561cab15be6361afe26506696b5bd3d55137962c16
3a884fabfe8b946af11849f676a46317ac57b22440eca1535ffc26880d6ecca7
3ec4d61ecd7dd13a591b35b6f7c77367e0ce7940be27c5898e6870f9d252bb53
40b509024b7508d5ac324b400725d0801ac0ea8ec27e9ea2a79f9b4c46012eb7
41f7d3948029176ebbe86146c954f2aae2c829444b6a208aa1d3d2bd59cb41d7
43a3cac264277769d8afce651785c82002f5d3653c65b68adb7b1eb20a909e3c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46fe2dd08d5fda9675d8ca1f7c432e46a70501af228dc30d6774ffca359cf072
482ca1be7978847c7273988f985f286c8af913ef6c117015af20c302b832344c
497cabc89b2902d851fda0c03e470b94764f82d12c885cf2734e222a6a298a63
4a1f3b1fb59c26931fcc86dec7c4aef5ba00eb05da5a8d057e0453e005a02c16
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dbeff1fe06e0c33dd7d3d4811eae2c80ce6785e5d9e3ab291631face82a820e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
537d8b9cf77c7c5c817fde89fe3a31b33311d482f7dcf7120af7b41e0363fcd8
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
578d39c8cc926851f5be1195f339d26cbbf239f2f7cac8b55b349276514b85fe
5c31b009aa21b8afde1a668a7b1cb0b1585611d984f3f7d90fe39fe026c18ba4
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d0cf341738f84c9be24784521c049ecb2b3eaf5fdb9575a439b7e5386964a26
5d5921e3d4035b1882a8d3b13bf1d9dd0e9b5e6695f316b66644f6a9c7648b8d
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61aaafcfdb1ca2a966aedc5e6812fc1e147b05c3b08b64903f5beb9c245457c9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6890869ef2b2071a7078d7c9b5308ee44bf6bdf3dd779fba205911568927bc5a
68dbb8671823fd0754d0a6a3804dba64b41917fbe66ec16b400f4f27eb7b84dd
694fad131593a7c370e00ed54235a697272dad1bf014f7755fe60dbd77169b23
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7108f85755fc266ca60e49fc06bb323ca06044549c99318db79d3fab5b8d10bf
7572bf4643dc6c9e225117a1e4bfb86d288c55e08eb29569a53ce18de65688d8
758425f217a349649d120914a929b0c8081deabcdcbcfe2e6b1ffe8c33b6a63e
774247fca311ae186c1ca26c0fc7ba8ec2eff55806b23159f81b38b78ea90b7a
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
79e86049a33a4706f4e46501c1268f61536aa9ed3943113c308076b2403c53f4
7cf98085dfe888e5931c1657f252184e2b2d4695ba4663374f60ae15abd4ed01
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
894f06d0eda23bd65a7335664877815ab2fd747f738cab889a9749cf6647442b
8ec5ae51d9209f889c53132fdf0787aec3be1cf7b22ba0a32cd555c0eaec7063
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
90e8fd31335e81b69d7b37b5daaffbe75ff7a150a979dec7112d3a8592ede447
970a957ddfcb9b74c102f493b8af41d718d9a0f94f817c072f79a03e9d361698
9b15c7d294782becff920402993ad55c415d04fb3049dcea66d096a604da0806
9d05e4d10d9057f323a1044c0034e64fc16a7159488346749cdd73e9851a3aee
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
9ff56e76b310d2751228a8d71d1d91f8554d4d3969d55c0f62cc0de9a3610c62
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a1e2b0dcdc48527c85aa69b5f00854c11cb4b4554544098f2473119428c38017
a2cef147f59ba3c90ea2d5a2d4897f9c126b5d71b472d5625cd484fa232ef0c1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
affd851f7f95e578430409f93f9305a34aef83ba829bd17eb2581d34f4c8fb66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3003c3ab4f9e4ac15d2f96fe35686dfd975147278ef23f3ef3270679c54038d
b4142ebe166e185cfcab474050cedc9b94bdbdb18224822507a8c6be152c98ac
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6c65abf4622ac20b00f52f2858705eb164cde651fa3d4fbc71c1e02a69754e8
b7054618d6d88e0ec7d1065f8dcc60911c9ad2cdb1ab832f3a2d4602a9dc5a34
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bffaae4a7e0ee2e8bf22d461e92af69be2bce24d50caf85be1f883259c8dfca7
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c45f78c4881d06fc759734a21b8bd569aa4db541448439044ccae5c0744c0d39
cf3290697245ecd5f002e564a73aaceb9a0057406c554078e282558fc06033e6
cfd07ec4774cb35702d68c67fcd418417ebdd6c0d10d88883fd5af45814cbfcd
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3abb75bb587fbd07a07d246d092462dbd1ff0e87cda244d7b9233c111ced89b
d5a4d6644586e39100d9faf9e7d4576c76f2c8dda86ad5d89b63261e65c7feb5
d6ac5df364c79bf8d9b66d80d3251f67cba439ed4add451d9332600a01cc98ce
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e29129691fbab1127591b9b596238af536d447dd5292a7e0b8f00a0fdaab4f81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
ea8ad008ab4dd58162e9fdfb1b32302f46ca780168984413c2e5a868c04f22f7
eb6cb0bc1769b5545101b7c78affadfff0dfcd0157d2a2b3c71eb4b129942699
eccbf80f730f6ec51a77b9fd627ad910052aad293387812ff1f2c08e0f600598
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1be83d06199a80a371b4ae1c539c472c9ac7c18cccd3fa82d8bb73b99b24342
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f779500d96f2b86cf0e6d2985e48fe09875da070c986d00c3cb9c31da8edcebf
fb9ca2e75c00641e3d36a3c5b8d296f218e2bed05e639c72a46c17f32f78d6ed
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
ffc0bf586e39dea6e7b0bc3703e733a56ca0aae30a31b49f0e7f6aed22568858